The CyberWire Daily Podcast 10.19.22
Ep 1686 | 10.19.22

Dispatches from the hybrid war, as auxiliaries on both sides skirmish in cyberspace. An Azure vulnerability patched. Trends in ransomware. And Social Security phishbait.

Show Notes

Killnet explains its actions against Bulgaria's government. The National Republican Army claims successful attacks on Russian companies. The Director of Germany's BSI is out. A vulnerability in Azure, disclosed and patched. Trends in ransomware. Carole Theriault has a fresh look at the ransomware question - to pay or not to pay? Tim Eades from Cyber Mentor Fund considers cyber insurance for the small and medium sized businesses. Social Security phishing.

Selected reading.

Cyberattack disrupts Bulgarian government websites over ‘betrayal to Russia’ (The Record by Recorded Future) 

Russians Against Putin: NRA Claims Massive Hack of Russian Government Contractors’ Computers - Kyiv Post - Ukraine's Global Voice (Kyiv Post)

Germany fires cybersecurity chief after reports of possible Russia ties (Reuters) 

German Cybersecurity Chief Sacked Over Alleged Russia Ties (SecurityWeek)

German cyber chief suspended following allegation he associated with Russian intelligence (The Record by Recorded Future) 

FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer (Orca Security) 

Ransomware In Q3 2022 (Digital Shadows)

Fresh Phish: A New Social Security Phishing Scam Preys Upon Our Biggest Worries (INKY)