The CyberWire Daily Podcast 8.17.22
Ep 1643 | 8.17.22

Cyber incidents and lessons from Russia's hybrid war. Zimbra vulnerabilities exploited. New Lazarus Group activity reported. ICS security advisories .Insider trading charges from 2017 Equifax breach.

Show Notes

A DDoS attack against a Ukrainian nuclear power provider. The US Army draws some lessons from the cyber phases of Russia's hybrid war. Vulnerabilities in Zimbra are undergoing widespread exploitation.Reports of new Lazarus Group activity. CISA releases eight ICS security advisories. Carole Theriault looks at scammers and cryptocurrencies. Our guest is Jennifer Reed from Aviatrix on the changing landscape of cloud security. And the SEC charges three with insider trading during the 2017 Equifax breach.

Selected reading.

Ukrainian Nuclear Operator Accuses Russians Hackers Of Attacking Its Website (RadioFreeEurope/RadioLiberty)

Ukraine nuclear power company says Russia attacked website (Al Jazeera)

Ukraine Nuclear Operator Reports Cyberattack on Its Website (The Defense Post)

How electronic warfare is reshaping the war between Russia and Ukraine (The Record by Recorded Future)

Army lesson from Ukraine war: cyber, EW capabilities not decisive on their own (FedScoop)

Learning from Ukraine, Army cyber schoolhouse focuses on electromagnetic spectrum (Breaking Defense)

Cyber and full-spectrum operations push the Great Power conflict left of boom (Breaking Defense)

Microsoft Exchange alternative Zimbra is getting widely exploited, 1000s hit (The Stack)

CISA Alert AA22-228A – Threat actors exploiting multiple CVEs against Zimbra Collaboration suit (CyberWire)

Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite (CISA)

A signed Mac executable… (ESET)

Yokogawa CENTUM Controller FCS (CISA)


Delta Industrial Automation DRAS (CISA)

Softing Secure Integration Server (CISA)

B&R Industrial Automation Automation Studio 4 (CISA)

Emerson Proficy Machine Edition (CISA)

Sequi PortBloque S (CISA)

Siemens Industrial Products with OPC UA (CISA)

U.S. SEC charges 3 people with insider trading tied to Equifax hack (Reuters) 

SEC Charges Three Chicago-Area Residents with Insider Trading Around Equifax Data Breach Announcement (US Securities and Exchange Commission)