Notes from the hybrid war: nuisance-level DDoS, cyberespionage, and the possibility of financially motivated hacking. US policy on the software supply chain, and notes from the underworld.
Nuisance-level DDoS and cyberespionage continue to mark Russia's cyber campaign in the hybrid war. There’s a US Presidential memorandum on software supply chain security. Webworm repurposes older RATs. Trends in cyber insurance claims. OriginLogger may be the new Agent Tesla. The SparklingGoblin APT described. Mathieu Gorge of VigiTrust describes cyber vulnerabilities in the hospitality industry. Dinah Davis from Arctic Wolf explains a PayPal phishing attack. And Royal funeral phishbait.
Selected reading.
Pro-Russia hackers claim to have temporarily brought down Japanese govt websites (Asia News Network)
Gamaredon APT targets Ukrainian government agencies in new campaign (Cisco Talos)
Russia-linked Gamaredon APT target Ukraine with a new info-stealer (Security Affairs)
Fears grow of Russian spies turning to industrial espionage (The Record by Recorded Future)
Enhancing the Security of the Software Supply Chain through Secure Software Development Practices (The White House)
Enhancing the Security of the Software Supply Chain to Deliver a Secure Government Experience (The White House)
White House releases post-SolarWinds federal software security requirements (Federal News Network)
Webworm: Espionage Attackers Testing and Using Older Modified RATs (Threat Hunter Team Symantec)
Coalition Releases 2022 Cyber Claims Report: Mid-year Update (GlobeNewswire News Room)
OriginLogger: A Look at Agent Tesla’s Successor (Unit 42)
You never walk alone: The SideWalk backdoor gets a Linux variant (WeLiveSecurity)
[Scam site harvests credentials] (Proofpoint)
Current, former social media execs address national security issues at Senate hearing (Fox Business)
Senators Have Stopped Embarrassing Themselves at Tech Hearings (Slate Magazine)