How the C2C market sustains ransomware gangs. In Russia’s war, intelligence services deploy wipers, and hacktivist auxiliaries handle the DDoS. And a look into other corners of the cyber underworld.
Microsoft tallies more than a hundred ransomware gangs. Sandworm's NikoWiper hits Ukraine's energy sector. Mobilizing cybercriminals in a hybrid war. Firebrick Ostrich and business email compromise. Telegram is used for sharing stolen data and selling malware. Crypto scams find their way into app stores. Bryan Vorndran of the FBI Cyber Division outlines the services the FBI provides during an incident response. Ann Johnson from Afternoon Cyber Tea speaks with actor producer Tim Murck about the intersection of cyber awareness and storytelling. And we are shocked - shocked! - that there are fraudulent cyber professional credentials circulating online.
Selected reading.
Microsoft: Over 100 threat actors deploy ransomware in attacks (BleepingComputer)
SocGholish: A Tale of FakeUpdates (Reliaquest)
ESET APT Activity Report T3 2022 (WeLiveSecurity)
Pro-Russian DDoS attacks raise alarm in Denmark, U.S. (The Record from Recorded Future News)
ChristianaCare's website restored after attack; pro-Russia 'hacktivist' group takes credit (Delaware News Journal)
Univ. of Iowa Hospitals website possibly hit by cyberattack (KCRG)
Cyber attack causes problems with UM Health websites (The Detroit News)
How the war in Ukraine has strengthened the Kremlin's ties with cybercriminals (The Record from Recorded Future News)
Dark Covenant 2.0: Cybercrime, the Russian State, and War in Ukraine (Recored Future)
Russia’s cyberwar against Ukraine offers vital lessons for the West (Atlantic Council)
BEC Group Uses Secondary Personas & Lookalike Domains in Third-Party… (Abnormal Intelligence)
Telegram's place in the cyber underworld. (CyberWire)
Crypto scams found in the App Store. (CyberWire)
Exposure to third-party risk. (CyberWire)
Cyber certification deceit. (CyberWire)