The CyberWire Daily Podcast 1.18.23
Ep 1741 | 1.18.23

ICS security–vulnerabilities, mitigations, and threats. A Chinese APT prospects Iranian targets. The persistence of nuisance-level hacktivism. And war takes a toll on the criminal economy.

Show Notes

CISA adds to its Known Exploited Vulnerability Catalog. Attacks against industrial systems. DNV is recovering from ransomware.  Chinese cyberespionage is reported against Iran. The persistence of nuisance-level hacktivism. Robert M. Lee from Dragos outlines pipeline security. Our guest is Yasmin Abdi from Snap on bringing her team up to speed with zero trust. And a side-effect of Russia's war: a drop in paycard fraud.

Selected reading.

Bolster Your Company Defenses With Zero Trust Edge (iBoss)

CISA Adds One Known Exploited Vulnerability to Catalog (CISA)

GE Digital Proficy Historian (CISA)

Mitsubishi Electric MELSEC iQ-F, iQ-R Series (CISA) 

Siemens SINEC INS (CISA)

Contec CONPROSYS HMI System (CHS) Update A (CISA)

Nozomi Networks Researchers Take a Deep Look into the ICS Threat Landscape (Nozomi Networks)

A look at IoT/ICS threats. (CyberWire)

DNV's fleet management software recovering from ransomware attack. (CyberWire)

DNV says up to 1,000 ships affected by ransomware attack (Computing)

Ransomware attack on maritime software impacts 1,000 ships (The Record from Recorded Future News)

Chinese Playful Taurus Activity in Iran (Unit 42)

Playful Taurus: a Chinese APT active against Iran. (CyberWire)

Russian hackers allegedly tried to disrupt a Ukrainian press briefing about cyberattacks (Axios)

Russia's Ukraine War Drives 62% Slump in Stolen Cards (Infosecurity Magazine)

Annual Payment Fraud Intelligence Report: 2022 (Recorded Future)