The CyberWire Daily Podcast 11.10.22
Ep 1702 | 11.10.22

US midterms conclude without cyber interference. NATO on cyber defense. New APT41 activity identified. Russia’s FSB and SVR continue cyberespionage. Trends in phishing and API risks.

Show Notes

There’s no sign that cyberattacks affected US vote counts. NATO meets to discuss the Atlantic Alliance’s Cyber Defense Pledge. A new APT41 subgroup has been identified. FSB phishing impersonates Ukraine's SSCIP. A look at Cozy Bear's use of credential roaming. Caleb Barlow shares tips on removing implicit bias from your hiring process. Our guests are Valerie Abend and Lisa O'Connor from Accenture with a look at the difference in how women and men pursue the top cyber leadership roles. And an update on Phishing trends and API threats.

Selected reading.

Statement from CISA Director Easterly on the Security of the 2022 Elections (Cybersecurity and Infrastructure Security Agency):

No ‘Specific or Credible’ Cyber Threats Affected Integrity of Midterms, CISA Says (Nextgov.com)

U.S. vote counting unaffected by cyberattacks, officials say (PBS NewsHour) 

What's 'Putin's chef' cooking up with talk on US meddling? (AP NEWS)

NATO’s 2022 Cyber Defense Pledge Conference - United States Department of State (United States Department of State)

Japan joins NATO cyber defense centre (Telecoms Tech News)

China casts wary eye as Japan signs up for Nato cybersecurity platform (South China Morning Post) 

Hack the Real Box: APT41’s New Subgroup Earth Longzhi (Trend Micro)

New hacking group uses custom 'Symatic' Cobalt Strike loaders (BleepingComputer)

They See Me Roaming: Following APT29 by Taking a Deeper Look at Windows Credential Roaming (Mandiant)

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network (The Hacker News)

CAUTION‼️ russian hackers are sending emails with malicious links from the SSSCIP (State Service of Special Communications and Information Protection of Ukraine) 

Russian hackers send out emails under the name of Ukraine's State Service of Special Communications and Information Protection (Yahoo)

Research Report | The State of Email Security 2022 (Tessian) 

DevOps Tools & Infrastructure Under Attack (Wallarm)