Notes on patches. Dark Pink industrial cyberespionage campaign in Asia. Kinsing cryptojacking. Hacktivist DDoS against Iran. Healthcare cyber risk management. Pokémon NFTs.
Patch Tuesday. CISA releases two ICS Advisories and makes some additions to its Known Exploited Vulnerabilities Catalog. Dark Pink APT is active against Asian targets. Kinsing cryptojacking targets Kubernetes instances. Ukrainian hacktivists conduct DDoS against Iranian sites. Risk exposure and a hospital's experience with ransomware. The Health3PT initiative seeks to manage 3rd-party risk. Tim Starks from the Washington Post’s Cyber 202 on cyber rising to the level of war crime. Our guest is Connie Stack, CEO of Next DLP, on the path to leadership within cyber for women. And phishing with Pokémon NFTs.
The Daily 202 (Latest Cybersecurity 202)
Black Box KVM (CISA)
Dark Pink (Group-IB)
New Dark Pink APT group targets govt and military with custom malware (BleepingComputer)
Kinsing cryptojacking. (CyberWire)
Ukraine at D+321: "Difficult in places." (CyberWire)
Pokémon NFTs used as malware vectors. (CyberWire)