The CyberWire Daily Podcast 9.9.22
Ep 1659 | 9.9.22

Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.

Show Notes

Nation-states are expected to target the US midterm elections. North Korea’s Lazarus Group is targeting energy companies. The Ukraine’s Ministry of Digital Transformation on cyber lessons learned from Russia’s hybrid war against Ukraine. CISA flags twelve known exploited vulnerabilities for attention and remediation. Vulnerable anti-cheat engines used for malicious purposes. Steve Carter from Nucleus Security has thoughts on AI in cybersecurity. Roland Cloutier, former CSO of TikTok, discusses working around the changing career field, needs, and how enterprise executives are developing and finding talent. And a look at top gaming-related malware lures.

Selected reading.

Mandiant ‘highly confident’ foreign cyberspies will target US midterm elections (The Register)

What to Expect When You’re Electing: Preparing for Cyber Threats to the 2022 U.S. Midterm Elections (Mandiant)

North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies (TechCrunch)

Lazarus and the tale of three RATs (Cisco Talos)

How Gaming Cheats Are Cashing in Below the Operating System (Eclypsium)

Good game, well played: an overview of gaming-related cyberthreats in 2022 (Securelist)

Cybercriminals target games popular with kids to distribute malware (The Register)

CISA Adds Twelve Known Exploited Vulnerabilities to Catalog  (CISA)