The CyberWire Daily Podcast 9.16.22
Ep 1664 | 9.16.22

Uber sustains a major data breach. Notes on the underworld. A large DDoS attack is stopped in Eastern Europe. An FBI alert and a brace of CISA advisories. Congress deliberates cyber policy.

Show Notes

Uber suffers a data breach. Social media executives testify before Congress. A Large DDoS attack is thwarted in Eastern Europe. The FBI warns of increased cyberattacks against healthcare payment processors. Policy makers consider new OT security incentives. Malek Ben Salem from Accenture on future-proof cloud security. Our guest Diana Kelley from Cybrize discusses the need for innovation and entrepreneurship in cybersecurity. And if you’ve been hoping for a LockerGoga decryptor,  you’re in luck.

Selected reading.

Uber hacked, internal systems breached and vulnerability reports stolen (BleepingComputer) 

Uber suffers computer system breach, alerts authorities (Washington Post)

Uber Investigating Data Breach After Hacker Claims Extensive Compromise (SecurityWeek) 

Uber Investigating Breach of Its Computer Systems (New York Times)

Uber investigating "total compromise" of its internal systems (Computing) 

There’s No Honor Among Thieves: Carding Forum Staff Defraud Users in an ESCROW Scam (Digital Shadows) 

Social media hearings highlight lack of trust, transparency in sector (The Record by Recorded Future) 

Breaking the Boycott (Cybersixgill)

Record-Breaking DDoS Attack in Europe (Akamai)

Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses (FBI)

Siemens Mobility CoreShield OWG Software (CISA)

Siemens Simcenter Femap and Parasolid (CISA)

Siemens RUGGEDCOM ROS (CISA) 

Siemens Mendix SAML Module (CISA)

Siemens SINEC INS (CISA)

Siemens RUGGEDCOM ROS (Update A) (CISA)

Simcenter Femap and Parasolid (CISA) 

Siemens Industrial Products Intel CPUs (Update A) (CISA)

Siemens OpenSSL Affected Industrial Products (CISA) 

Siemens OpenSSL Vulnerability in Industrial Products (Update E) (CISA)

Siemens SCALANCE (CISA) 

CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA)

Building on our Baseline: Securing Industrial Control Systems Against Cyberattacks (House Committee on Homeland Security) 

Bitdefender Releases Universal LockerGoga Decryptor in Cooperation with Law Enforcement (Bitdefender Labs)