The CyberWire Daily Podcast 2.15.23
Ep 1761 | 2.15.23

A look at the SideWinder APT. GoAnywhere vulnerability exploited in the wild. Ransomware rampant. Hacktivism in Russia’s hybrid war. Patch Tuesday notes.

Show Notes

SideWinder is an APT with possible origins in India. MortalKombat ransomware debuts. The GoAnywhere zero day was exploited in a data breach. Belarusian Cyber-Partisans release Russian data. Betsy Carmelite from Booz Allen Hamilton shares an overview of cyber deception. Our guest is Ashley Allocca from Flashpoint with a look at the Breaches and Malware Threat Landscape. And notes on Patch Tuesday.

Selected reading.

Molted skin: APT SideWinder 2021 campaign that targeted over 60 companies in the Asia-Pacific (Group-IB)

New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign (Cisco Talos Blog)

Tonga is the latest Pacific Island nation hit with ransomware (The Record from Recorded Future News) 

LockBit demanded £66mn from Royal Mail (Computing) 

City of Oakland declares state of emergency after ransomware attack (BleepingComputer) 

City of Oakland Targeted by Ransomware Attack, Work Continues to Secure and Restore Services Safely (City of Oakland)

Huge data dump from Russia’s censorship agency posted online (Cybersecurity Connect)

Russian system to scan internet for undesired content and dissent (Reuters)

Patch Tuesday: Three zero-days and nine 'Critical' RCE flaws fixed (Computing) 

Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws (BleepingComputer)

Apple Releases Security Updates for Multiple Products (CISA) 

SAP Security Patch Day for February 2023 (Onapsis) 

Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops (CISA)

Adobe Releases Security Updates for Multiple Products (CISA)

The first national cyber director's last day is today (Washington Post)