The CyberWire Daily Podcast 6.27.22
Ep 1607 | 6.27.22

Notes from the cyber phases of the hybrid war against Ukraine. Conti retires its brand, and LockBit 2.0 is now tops in ransomware. Extortion skips the encryption. Cyber exercise in the financial sector.

Show Notes

Lithuania sustains a major DDoS attack. Lessons from NotPetya. Conti's brand appears to have gone into hiding. Online extortion now tends to skip the ransomware proper. Josh Ray from Accenture on how social engineering is evolving for underground threat actors. Rick Howard looks at Chaos Engineering. US financial institutions conduct a coordinated cybersecurity exercise.

Selected reading.

Russia's Killnet hacker group says it attacked Lithuania (Reuters)

The hacker group KillNet has published an ultimatum to the Lithuanian authorities (TDPel Media) 

5 years after NotPetya: Lessons learned (CSO Online) 

The cyber security impact of Operation Russia by Anonymous (ComputerWeekly)

Conti ransomware finally shuts down data leak, negotiation sites (BleepingComputer)

The Conti Enterprise: ransomware gang that published data belonging to 850 companies (Group-IB)

Fake copyright infringement emails install LockBit ransomware (BleepingComputer)

NCC Group Monthly Threat Pulse – May 2022 (NCC Group)

We're now truly in the era of ransomware as pure extortion without the encryption (Register)

Wall Street Banks Quietly Test Cyber Defenses at Treasury’s Direction (Bloomberg)