The CyberWire Daily Podcast 8.16.22
Ep 1642 | 8.16.22

Russian cyberespionage and influence op disrupted. RedAlpha versus Chinese minorities and (of course) Taiwan. Evil PLC proof-of-concept. Cl0p takes a poke at a water utility.

Show Notes

Microsoft identifies and disrupts Russian cyberespionage activity. An update on RedAlpha. An evil PLC proof-of-concept shows how programmable logic controllers could be "weaponized." Ben Yelin has an update on right to repair. Our guest is Arthur Lozinski of Oomnitza with a look at attack surface management maturity.  And the Cl0p gang hits an English water utility (but tries to extort the wrong one–stuff happens, y’know?).

Selected reading.

Disrupting SEABORGIUM’s ongoing phishing operations (Microsoft Security

Microsoft disrupts Russian-linked hackers targeting NATO countries (Breaking Defense) 

Microsoft Announces Disruption of Russian Espionage APT (SecurityWeek) 

Microsoft disrupts Russia-linked hacking group targeting defense and intelligence orgs (The Record by Recorded Future) 

Microsoft shuts down accounts linked to Russian spies (Register)

RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations (Recorded Future)

Hackers linked to China have been targeting human rights groups for years (MIT Technology Review) 

Evil PLC Attack: Using a Controller as Predator Rather than Prey (Claroty)

Hackers attack UK water supplier but extort wrong victim (BleepingComputer)

South Staffordshire Water victim of cyber attack, customers not at risk (Computing) 

South Staffordshire Water says it was target of cyber attack as criminals bungle extortion attempt (Sky News)