The CyberWire Daily Podcast 3.24.23
Ep 1787 | 3.24.23

Tools, alerts, and advisories from CISA. Reply phishing scams. Cl0p goes everywhere with GoAnywhere. EW in the hybrid war, and shields stay up.

Show Notes

A CISA tool helps secure Microsoft clouds.JCDC and pre-ransomware notification. CISA releases six ICS advisories. Reply phishing. Cl0p goes everywhere exploiting GoAnywhere. Russian electronic warfare units show the ability to locate Starlink terminals. Betsy Carmelite from Booz Allen Hamilton on the DoD's zero trust journey. Analysis of the National Cybersecurity strategy from our special guests, Adam Isles, Principal at the Chertoff Group and Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology with the National Security Council.

Selected reading.

JCDC Cultivates Pre-Ransomware Notification Capability (Cybersecurity and Infrastructure Security Agency CISA)

US cyber officials make urgent push to warn businesses about vulnerabilities to hackers (CNN)

Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments | CISA (Cybersecurity and Infrastructure Security Agency CISA)

New CISA tool detects hacking activity in Microsoft cloud services (BleepingComputer)

CISA Releases Six Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA)

The Microsoft Reply Attack (Avanan)

More victims emerge from Fortra GoAnywhere zero-day attacks (Security | 

More Clop GoAnywhere attack victims emerge (SC Media) 

Mass-Ransomware Attack on GoAnywhere File Transfer Tool Exposes Companies Worldwide (Medium) 

City of Toronto confirms data theft, Clop claims responsibility (BleepingComputer) 

Canadian movie chain Cineplex among the victims of GoAnywhere MFT hack (Financial Post) 

Personal data of Rio Tinto's Aussie staff may have been hacked - memo (Reuters) 

Another GoAnywhere Attack Affects Japanese Giant Hitachi Energy (Heimdal Security Blog) 

Using Starlink Paints a Target on Ukrainian Troops (Defense One)

As CISA chief notes lack of Russian cyberattacks against US, experts focus on enhancing nuclear reactor security (Utility Dive)

Using Deception to Learn About Russian Threat Actors (Security Boulevard)