The CyberWire Daily Podcast 9.30.22
Ep 1674 | 9.30.22

Espionage, both online and in-person. Sabotage, both kinetic and (maybe eventually) cyber. Waterin holes, deepfakes, and the pushing of naughty words.

Show Notes

North Korean operators "weaponize" open-source software. The SolarMarker info-stealer returns. A quick review of Fast Company's WordPress hijacking incident. Deepfakes, and their evolution into an underworld and influence ops tool. Kinetic sabotage in the Baltic raises concerns about threats to infrastructure in cyberspace. Chris Novak from Verizon with a mid-year check in. Our guest is MK Palmore of Google Cloud on why collective cybersecurity ultimately depends on having a diverse, skilled workforce. And the US arrests three in two alleged spying cases.

Selected reading.

ZINC weaponizing open-source software (Microsoft Security Threat Intelligence | LinkedIn Threat Prevention and Defense)

Lazarus Group Affiliate Uses Trojanized Open Source Apps in New Campaigns (Decipher)

North Korea weaponizes open-source software. (CyberWire)

Info-Stealing Malware, SolarMarker, is Using Watering Hole Attacks… (eSentire) 

Fast Company hack causes obscene Apple News notifications. (CyberWire) 

The Future of Deepfakes. (CyberWire)

Fourth Nord Stream Leak Spotted, NATO Sees 'Sabotage' - The Moscow Times (The Moscow Times)

Russian spy chief: West was behind sabotage of Nord Stream (Reuters)

NATO Formally Blames Sabotage for Nord Stream Pipeline Damage (Wall Street Journal) 

NATO: Nord Stream pipeline leaks result of "sabotage" (Axios)

Pentagon chief: Too soon to say who might be behind Nord Stream pipeline attack (www.euractiv.com)

First on CNN: European security officials observed Russian Navy ships in vicinity of Nord Stream pipeline leaks (CNN)

Mysterious Blasts and Gas Leaks: What We Know About the Pipeline Breaks in Europe (New York Times)

NATO issues 'sabotage' warning after gas pipeline explosions (NBC News) 

Russia’s Purported Sabotage Of The Nord Stream Pipeline Marks A Point Of No Return (Forbes)

Nach Angriff auf Nord Stream 1 und 2: Ist Deutschland vor russischen Hackern sicher? (WirtschaftsWoche)

'We all have to be worried': War in Ukraine boosts energy cyberattack risks, says Petrobras executive (Upstream Online)

Finnish intelligence warns Russia ‘highly likely’ to turn to cyber in winter (The Record by Recorded Future)

Ukraine War Goes Hybrid (Energy Intelligence) 

New Warnings from Ukraine About Looming Russian Cyberattacks (VOA)a

Russian Cyber Efforts in Ukraine See Muted Results, Says Panel (USNI News)

Ukraine-Russia Conflict: Ukraine Alerts Energy Enterprises to Possible Cyberattack Escalation (Security Boulevard)

Ukraine is Winning the Cyber War (CEPA)

Hitachi Energy MicroSCADA Pro X SYS600 (CISA)

Hitachi Energy MicroSCADA Pro X SYS600 (CISA)

Baxter Sigma Spectrum Infusion Pump (CISA)

ARC Informatique PcVue (Update A) (CISA)

Delta Electronics DOPSoft (CISA)

Delta Electronics DOPSoft (Update B) (CISA) 

Former NSA Employee Arrested on Espionage-Related Charges (US Department of Justice) 

Major in the United States Army and a Maryland Doctor Facing Federal Indictment for Allegedly Providing Confidential Health Information to a Purported Russian Representative to Assist Russia Related to the Conflict In Ukraine (US Department of Justice)