Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).
Software supply chain risk. Cyber risk across sectors. CISA releases Stakeholder Specific Vulnerability Categorization (SSVC). Sandworm is back in Russia's hybrid war. Another wiper campaign from a Russian cyber auxiliary. Malek Ben Salem from Accenture shares thoughts on future-proofing cloud security. Rick Howard previews the latest CSO Perspectives show. And the Australian Federal Police say they know who hacked Medibank. (and the AFP says they have a good track record getting international criminals).
Russian Sandworm hackers deployed malware in Ukraine and Poland (Washington Post)
Microsoft attributes ‘Prestige’ ransomware attacks on Ukraine and Poland to Russian group (The Record by Recorded Future)
Russian military hackers linked to ransomware attacks in Ukraine (BleepingComputer)
Ukraine says Russian hacktivists use new Somnia ransomware (BleepingComputer)
Russian hacktivists hit Ukrainian orgs with ransomware - but no ransom demands (Help Net Security)
Australian Federal Police say cybercriminals in Russia behind Medibank hack (The Record by Recorded Future)