The CyberWire Daily Podcast 2.14.23
Ep 1760 | 2.14.23

Blender is back, but now DBA Sinbad (still working for the Lazarus Group). Cyberespionage notes. Hacktivism. ICS threats. Valentine’s Day scams.

Show Notes

"Blender" reappears as "Sinbad." A Tonto Team cyberespionage attempt against Group-IB is thwarted. DarkBit claims responsibility for a ransomware attack on Technion University. An overview of ICS and OT security. Ben Yelin looks at surveillance oversight at the state level. Ann Johnson from Afternoon Cyber Tea speaks with Marene Allison about the CISO transformation. And it’s Valentine's Day, that annual holiday of love, chocolate, flowers, and online scams.

Selected reading.

Has a Sanctioned Bitcoin Mixer Been Resurrected to Aid North Korea’s Lazarus Group? (Elliptic Connect)

Nice Try Tonto Team (Group-IB)

Hackers attack Israel’s Technion University, demand over $1.7 million in ransom (ARN)

Israel's top tech university postpones exams after ransomware attack (The Record from Recorded Future News)

Russian hackers ‘disrupt Turkey-Syria earthquake aid’ in cyber attack on Nato (The Independent) 

Killnet DDoS attacks disrupt Nato websites (

Russian Hackers Disrupt NATO Earthquake Relief Operations (Dark Reading)

What Happened to #OpRussia? (Dark Reading)

Russian-linked malware was close to putting U.S. electric, gas facilities ‘offline’ last year (POLITICO)

2022 ICS/OT Cybersecurity Year in Review Executive Summary (Dragos)

What’s love got to do with it? 4 in 5 Valentine’s Day-themed spam emails are scams, Bitdefender Antispam Lab warns (Hot for Security)