Malicious Chrome extensions. BEC in Kentucky. Dispatches from a hybrid war, including state-directed, partisan, and criminal action. ICS advisories. “Cosplaying” hardware.
Chrome extensions steal browser data. A business email compromise attack is under investigation in Kentucky. Belarusian Cyber Partisans claim to have a complete Belarusian passport database. Organizing a cyber militia. CISA releases twelve ICS security advisories. Our guest is Asaf Kochan of Sentra on overemphasizing “the big one.” Carole Theriault cautions against getting ahead of yourself in the cryptocurrency supply chain. Cosplaying" hardware. And Canada welcomes a new SIGINT boss.
Chrome extensions with 1.4 million installs steal browsing data (BleepingComputer)
Police investigate electronic theft of federal funds (City of Lexington)
FBI, Secret Service join Kentucky investigation into $4 million cybercrime theft (The Record by Recorded Future)
Russian hackers blamed for ongoing Montenegro cyberattack (Tech Monitor)
Inside the IT Army of Ukraine, ‘A Hub for Digital Resistance’ (The Record by Recorded Future)
Ukraine takes down cybercrime group hitting crypto fraud victims (BleepingComputer)
Hitachi Energy MSM Product (CISA).
Hitachi Energy RTU500 series (CISA)
Fuji Electric D300win (CISA)
Honeywell ControlEdge (CISA)
Honeywell Experion LX (CISA)
Omron CX-Programmer (CISA)
PTC Kepware KEPServerEX (CISA)