Malicious Chrome extensions. BEC in Kentucky. Dispatches from a hybrid war, including state-directed, partisan, and criminal action. ICS advisories. “Cosplaying” hardware.
Chrome extensions steal browser data. A business email compromise attack is under investigation in Kentucky. Belarusian Cyber Partisans claim to have a complete Belarusian passport database. Organizing a cyber militia. CISA releases twelve ICS security advisories. Our guest is Asaf Kochan of Sentra on overemphasizing “the big one.” Carole Theriault cautions against getting ahead of yourself in the cryptocurrency supply chain. Cosplaying" hardware. And Canada welcomes a new SIGINT boss.
Selected reading.
Chrome extensions with 1.4 million installs steal browsing data (BleepingComputer)
Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users (McAfee Blog)
Police investigate electronic theft of federal funds (City of Lexington)
FBI, Secret Service join Kentucky investigation into $4 million cybercrime theft (The Record by Recorded Future)
Russian hackers blamed for ongoing Montenegro cyberattack (Tech Monitor)
“For the 1st time in human history a #hacktivist collective obtained passport info of the ALL country's citizens.” (Cyber Partisans)
Inside the IT Army of Ukraine, ‘A Hub for Digital Resistance’ (The Record by Recorded Future)
Ukraine takes down cybercrime group hitting crypto fraud victims (BleepingComputer)
Hitachi Energy FACTS Control Platform (FCP) Product (CISA)
Hitachi Energy Gateway Station (GWS) Product (CISA)
Hitachi Energy MSM Product (CISA).
Hitachi Energy RTU500 series (CISA)
Fuji Electric D300win (CISA)
Honeywell ControlEdge (CISA)
Honeywell Experion LX (CISA)
Honeywell Trend Controls Inter-Controller Protocol (CISA)
Omron CX-Programmer (CISA)
PTC Kepware KEPServerEX (CISA)
Sensormatic Electronics iSTAR (CISA)
Mitsubishi Electric GT SoftGOT2000 (CISA)
Walmart Sells Fake 30TB Hard Drive That’s Actually Two Small SD Cards in a Trench Coat (Vice)