The CyberWire Daily Podcast 11.18.22
Ep 1707 | 11.18.22

Government security advisories, and the difficulty of recovering from ransomware attacks. Authority for offensive cyber under deliberation. Google wins Glupteba suit.

Show Notes

CISA and its partners issue a Joint Advisory on the Hive ransomware-as-a-service operation. Ransomware continues to trouble governments, internationally and at all levels. The US Defense Department may see enhanced authority to conduct offensive cyber operations. Russian attacks on Ukrainian infrastructure remain kinetic, as missiles show up, but cyberattacks don’t. Kevin Magee from Microsoft about leveraging cybersecurity apprentices. Our guest is Paul Giorgi from XM Cyber describing creative attack path in enterprise networks.And, hey, glupost’ [GLUE-post]–don’t mess with Google’s lawyers.

Selected reading.

CISA Alert AA22-321A – #StopRansomware: Hive Ransomware. (CyberWire)

#StopRansomware: Hive Ransomware (CISA)

Vanuatu: Hackers strand Pacific island government for over a week (BBC News)

Ransom attack cripples Vanuatu government systems, forces staff to use pen and paper (The Sydney Morning Herald)

Ransomware incidents now make up majority of British government’s crisis management COBRA meetings (The Record by Recorded Future)

Suffolk County, N.Y., Hack Shows Ransomware Threat to Municipalities (Wall Street Journal) 

Biden set to approve expansive authorities for Pentagon to carry out cyber operations (CyberScoop)

Red Lion Crimson (CISA)

Cradlepoint IBR600 (CISA)

A ruling in our legal case against the Glupteba botnet (Google)