The CyberWire Daily Podcast 6.28.22
Ep 1608 | 6.28.22

DDoS threat to Lithuania continues. Hacktivists hit Iranian steel mill. Bumblebee loader takes C2C markteshare. CISA adds Known Exploited Vulnerabilities. Music piracy. Where do spies go?

Show Notes

Distributed denial-of-service attacks against Lithuania. Dark Crystal RAT described. Iranian steel mill suspends production due to cyberattack. Bumblebee rising. CISA adds to its Known Exploited Vulnerabilities Catalog. Music pirate sites brought down by US and Brazilian authorities. Joe Carrigan looks at Apple’s private access tokens. Mister Security Answer Person John Pescatore drops some sboms. And where do Russian intelligence officers go after they’ve been PNGed?

Selected reading.

Lithuania targeted by massive Russian cyberattack over transit blockade (Newsweek)

Russia's Killnet hacker group says it attacked Lithuania (Reuters)

Killnet, Kaliningrad, and Lithuania’s Transport Standoff With Russia (Flashpoint)

Ukraine Targeted by Dark Crystal RAT (DCRat) | FortiGuard Labs (Fortinet Blog)

Cyberattack Forces Iran Steel Company to Halt Production (SecurityWeek)

Iran’s steel industry halted by cyberattack (Jerusalem Post)

Bumblebee: New Loader Rapidly Assuming Central Position in Cyber-crime Ecosystem (Broadcom Software Blogs)

CISA Adds Eight Known Exploited Vulnerabilities to Catalog (CISA) 

US, Brazil seize 272 websites used to illegally download music (BleepingComputer) 

Swiss intel service: Watch out for redeployed Russian spies (AP News)