Podcasts
CyberWire Daily
Ep 1703
The CyberWire Daily Podcast 11.14.22
Ep 1703 | 11.14.22

Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

Show Notes
Transcript

Software supply chain risk. Cyber risk across sectors. CISA releases Stakeholder Specific Vulnerability Categorization (SSVC). Sandworm is back in Russia's hybrid war. Another wiper campaign from a Russian cyber auxiliary. Malek Ben Salem from Accenture shares thoughts on future-proofing cloud security. Rick Howard previews the latest CSO Perspectives show. And the Australian Federal Police say they know who hacked Medibank. (and the AFP says they have a good track record getting international criminals).

Selected reading.

Exclusive: Russian software disguised as American finds its way into U.S. Army, CDC apps (Reuters) 

Industries boost cyber defenses against growing number of attacks (Moodys) 

CISA Releases SSVC Methodology to Prioritize Vulnerabilities (CISA)

Transforming the Vulnerability Management Landscape (CISA)

Russian Sandworm hackers deployed malware in Ukraine and Poland (Washington Post)

New “Prestige” ransomware impacts organizations in Ukraine and Poland (Microsoft)

Microsoft links Russia’s military to cyberattacks in Poland and Ukraine (Ars Technica)

Microsoft attributes ‘Prestige’ ransomware attacks on Ukraine and Poland to Russian group (The Record by Recorded Future)

Wipe it or exfiltrate? How Russia exploits edge infrastructure to disrupt and spy during wartime (SC Media)

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless (WIRED)

Russian military hackers linked to ransomware attacks in Ukraine (BleepingComputer) 

Information on cyberattacks of the group UAC-0118 (FRwL) using the Somnia malware (CERT-UA#5185) (CERT-UA)

Ukraine says Russian hacktivists use new Somnia ransomware (BleepingComputer) 

Russian hacktivists hit Ukrainian orgs with ransomware - but no ransom demands (Help Net Security)

Development of the Ukrainian Cyber Counter-Offensive (Trustwave) 

Australian Federal Police say cybercriminals in Russia behind Medibank hack (The Record by Recorded Future)

Australia tells Medibank hackers: 'We know who you are' (TechCrunch)

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.
CyberWire Daily
ADVERTISEMENT
Sponsored by Kolide
Sponsored by Kolide

Kolide sends employees important, timely, and relevant security recommendations for their Linux, Mac, and Windows devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model. Learn more.

Sponsored by Axonius
Sponsored by Axonius

Axonius is the cybersecurity asset management platform that correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action, giving security and IT teams the confidence to control complexity. Learn more.

Sponsored by Recorded Future
Sponsored by Recorded Future

Get trending information on hackers, exploits, and vulnerabilities every day for FREE with the Recorded Future Cyber Daily. Sign up now.