The CyberWire Daily Podcast 2.3.23
Ep 1753 | 2.3.23

Cyberespionage, and ransomware as misdirection. A new Python-based supply chain attack. Traffic on the Static Expressway. KillNet continues to plague hospitals. And Telegram may be compromised.

Show Notes

CISA has released six ICS Advisories. A look at a North Korean cyberespionage campaign. ChatGPT and its attack potential. A new Python-based supply chain attack. There’s traffic on the Static Expressway: ClickFunnels seen in use for redirection. KillNet continues its campaign against hospitals. Ransomware as misdirection for cyberespionage. Part two of my conversation with Kathleen Smith of ClearedJobs.Net discussing trends in the cleared space. Our guest is Eric Bassier of Quantum talking about the multi-layered approach to ransomware protection. And Russian surveillance extends to Telegram chats.

Selected reading.

Delta Electronics DIAScreen (CISA)

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000 (CISA)

Baicells Nova (CISA) 

Delta Electronics DVW-W02W2-E2 (CISA)

Delta Electronics DX-2100-L1-CN (CISA)

Mitsubishi Electric GT SoftGOT2000 (CISA)

No Pineapple! –DPRK Targeting of Medical Research and Technology Sector (WithSecure)

Hackers linked to North Korea targeted Indian medical org, energy sector (The Record from Recorded Future News)

North Korean hackers stole research data in two-month-long breach (BleepingComputer)

ChatGPT May Already Be Used in Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research (BlackBerry)

Supply Chain Attack by New Malicious Python Package, “web3-essential” ((Frotinet)

Leveraging ClickFunnels to Bypass Security Services (Avanan)

Report: 'KillNet' targeting hospitals in countries helping Ukraine in war efforts (Becker’s Hospital Review)

Intelligence agency says ransomware group with Russian ties poses 'an enduring threat' to Canada (CBC)  

Les ransomwares, couverture des groupes APT pour du cyber-espionnage (Le Monde Informatique)

The Kremlin Has Entered the Chat (WIRED)