The CyberWire Daily Podcast 4.10.23
Ep 1798 | 4.10.23

A look at Iran’s MERCURY APT. Updates on Russia's hybrid war, including some apparent leaks and some apparent doxing. And notes on cloud security trends.

Show Notes

An Iranian APT MERCURY exploits known vulnerabilities. The US investigates apparent leaks of classified information about Russia's war against Ukraine. KillNet claims it has paralyzed NATO websites. More apparent doxing of the GRU. Britta Glade and Monica Koshgarian of RSA Conference talking about content curation. Grayson Milbourne from OpenText Cybersecurity hopes to remove shame from cyber attacks. And, finally, some notes on cloud security trends.

Selected reading.

MERCURY and DEV-1084: Destructive attack on hybrid environment (Microsoft Threat Intelligence)

Leaked US battlefield intelligence on Ukraine is fake, says Kyiv (The Telegraph) 

Russia Claims Leaked Pentagon Intelligence on Ukraine is U.S. Disinformation (US News and World Report) 

Leaked US secret NATO-Ukraine war docs likely altered, say experts (SC Media) 

Ukraine’s air defences could soon run out of missiles, apparent Pentagon leak suggests (the Guardian) 

Russia nearly shot down British spy plane near Ukraine, leaked document says (Washington Post) 

Justice Dept. will investigate leak of classified Pentagon documents (Washington Post) 

US investigating whether Ukraine war documents were leaked (Military Times)

U.S. Reviewing Online Appearance Of Sensitive Documents Related To Ukraine, Pentagon Says (RadioFreeEurope/RadioLiberty) 

WSJ News Exclusive | Pentagon Investigates More Social-Media Posts Purporting to Include Secret U.S. Documents (Wall Street Journal) 

New Details on Intelligence Leak Show It Circulated for Weeks Before Raising Alarm (Wall Street Journal) 

Intelligence leak exposes U.S. spying on adversaries and allies (Washington Post) 

Secret US Documents on Ukraine War Plan Spill Onto Internet: Report (SecurityWeek) 

US hit by ‘worst leak of secret documents since Edward Snowden’ (The Telegraph)

Ukraine at D+410: Static, sanguinary lines. (CyberWire)

Report Finds 90% of IT Professionals Have Experienced a Cybersecurity Breach (Skyhigh Security)