The CyberWire Daily Podcast 3.16.23
Ep 1781 | 3.16.23

CISA warns of Telerik vulnerability exploitation. Cloud storage re-up attacks. Phishing tackle so convincing it will deceive the many. Cyber developments in Russia's hybrid war.

Show Notes

Telerik exploited, for carding (probably) and other purposes. Cloud storage re-up attacks. Cybercriminals use new measures to avoid detection of phishing campaigns. "Winter Vivern" seems aligned with Russian objectives. Microsoft warns of a possible surge in Russian cyber operations. Boss Sandworm. Johannes Ullrich from SANS talking about malware spread through Google Ads. Our guest is David Anteliz from Skybox Security with thoughts on federal government cybersecurity directives. And don't fear the Reaper.

Selected reading.

Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server (Cybersecurity and Infrastructure Security Agency CISA)

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA (Cybersecurity and Infrastructure Security Agency CISA)

CISA: Federal civilian agency hacked by nation-state and criminal hacking groups (CyberScoop) 

US govt web server attacked by 'multiple' criminal gangs (Register)

The Cloud Storage Re-Up Attack (Avanan)

Threat Spotlight: 3 novel phishing tactics (Barracuda)

Winter Vivern | Uncovering a Wave of Global Espionage (SentinelOne)

Is Russia regrouping for renewed cyberwar? (Microsoft On the Issues) 

A year of Russian hybrid warfare in Ukraine (Microsoft Threat Intelligence)

Russian hackers preparing new cyber assault against Ukraine - Microsoft report (Reuters)

Microsoft Warns Russia May Plan More Ransomware Attacks Beyond Ukraine (Bloomberg)

This Is the New Leader of Russia's Infamous Sandworm Hacking Unit (WIRED) 

What's known and not about US drone-Russian jet encounter (AP NEWS)

Russia tries to retrieve downed US drone in Black Sea (The Telegraph)

Downed U.S. drone points to cyber vulnerabilities (Washington Post)