The CyberWire Daily Podcast 2.10.23
Ep 1758 | 2.10.23

US, RoK agencies outline DPRK ransomware. Reddit breached. ICS and IIoT issues. It’s almost Valentine’s Day. Have you noticed? (The hoods have.)

Show Notes

US and Republic of Korea agencies outline the DPRK ransomware threat. Reddit is breached. CISA releases six ICS advisories. Flaws are found in IIoT devices. Dinah Davis from Arctic Wolf shares cybersecurity stats every IT professional should know. Our guest is Kayla Williams from Devo autonomous SOCs. And, it’s almost Valentine’s Day. Have you noticed? (The hoods have.)

Selected reading.

#StopRansomware - Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities (CISA)

#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities (CISA) 

U.S., South Korean Agencies Partner to #StopRansomware Threat from DPRK (National Security Agency/Central Security Service)

US and South Korea accuse North Korea of using hospital ransoms to fund more hacking (The Record from Recorded Future News)

North Korea using healthcare ransomware attacks to fund further cybercrime, feds say (SC Media) 

U.S., South Korea Warn of North Korean Ransomware Threats (Bank Info Security) 

r/reddit - We had a security incident. Here’s what we know. (reddit) 

Hackers breach Reddit to steal source code and internal data (BleepingComputer) 

Reddit Breached With Stolen Employee Credentials (Dark Reading) 

Reddit Says It Was Hacked But That You Don't Need to Worry. Probably. (Gizmodo)

Control By Web X-400, X-600M (CISA) 


Johnson Controls System Configuration Tool (SCT) (CISA)

Horner Automation Cscape Envision RV (CISA) 

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (CISA)

ARC Informatique PcVue (CISA)

Industrial Wireless IoT - The direct path to your Level 0 (Otorio)

Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices (The Hacker News)

Romance scammers’ favorite lies exposed (Federal Trade Commission)

New FTC Data Reveals Top Lies Told by Romance Scammers (Federal Trade Commission)

Romance scammers could cause unhappy Valentine’s Day (Washington Post)

Love Bytes (Georgia State News Hub)

As V-Day nears: Romance scams cost victims $1.3B last year (Register)

Michigan AG warns of cybersecurity risks after data breach of gaming sites (mlive)