The CyberWire Daily Podcast 11.14.22
Ep 1703 | 11.14.22

Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

Show Notes

Software supply chain risk. Cyber risk across sectors. CISA releases Stakeholder Specific Vulnerability Categorization (SSVC). Sandworm is back in Russia's hybrid war. Another wiper campaign from a Russian cyber auxiliary. Malek Ben Salem from Accenture shares thoughts on future-proofing cloud security. Rick Howard previews the latest CSO Perspectives show. And the Australian Federal Police say they know who hacked Medibank. (and the AFP says they have a good track record getting international criminals).

Selected reading.

Exclusive: Russian software disguised as American finds its way into U.S. Army, CDC apps (Reuters) 

Industries boost cyber defenses against growing number of attacks (Moodys) 

CISA Releases SSVC Methodology to Prioritize Vulnerabilities (CISA)

Transforming the Vulnerability Management Landscape (CISA)

Russian Sandworm hackers deployed malware in Ukraine and Poland (Washington Post)

New “Prestige” ransomware impacts organizations in Ukraine and Poland (Microsoft)

Microsoft links Russia’s military to cyberattacks in Poland and Ukraine (Ars Technica)

Microsoft attributes ‘Prestige’ ransomware attacks on Ukraine and Poland to Russian group (The Record by Recorded Future)

Wipe it or exfiltrate? How Russia exploits edge infrastructure to disrupt and spy during wartime (SC Media)

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless (WIRED)

Russian military hackers linked to ransomware attacks in Ukraine (BleepingComputer) 

Information on cyberattacks of the group UAC-0118 (FRwL) using the Somnia malware (CERT-UA#5185) (CERT-UA)

Ukraine says Russian hacktivists use new Somnia ransomware (BleepingComputer) 

Russian hacktivists hit Ukrainian orgs with ransomware - but no ransom demands (Help Net Security)

Development of the Ukrainian Cyber Counter-Offensive (Trustwave) 

Australian Federal Police say cybercriminals in Russia behind Medibank hack (The Record by Recorded Future)

Australia tells Medibank hackers: 'We know who you are' (TechCrunch)