The CyberWire Daily Podcast 4.19.23
Ep 1805 | 4.19.23

Play ransomware's new tools. A look at what the GRU’s been up to. US Air Force opens investigation into alleged leaker's Air National Guard wing. KillNet’s new hacker course: “Dark School.”

Show Notes

Play ransomware's new tools. Fancy Bear is out and about. Updates on Sandworm. Ransomware in Russia's war against Ukraine. The US Air Force opens an investigation into the alleged leaker's Air National Guard wing. The Washington Post’s Tim Starks joins us with insights on the Biden administration's attempts to better secure the water supply. Carole Theriault chats with Cisco Talos' Vanja Svacjer about the threat landscape, now and tomorrow. And KillNet’s in the education business with a new hacker course: “Dark School.” 

Selected reading.

Play Ransomware Group Using New Custom Data-Gathering Tools (Symantec)

NCSC-UK, NSA, and Partners Advise about APT28 Exploitation of Cisco Routers (National Security Agency/Central Security Service)

APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers (NCSC)

State-sponsored campaigns target global network infrastructure (Cisco Talos Blog) 

Ukraine remains Russia’s biggest cyber focus in 2023 (Google)

Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape (Google Threat Analysis Group)

M-Trends 2023: Cybersecurity Insights From the Frontlines (Mandiant)

Faltering against Ukraine, Russian hackers resort to ransomware: Researchers (Breaking Defense) 

Air Force unit in document leaks case loses intel mission (AP NEWS)

Pentagon Details Review of Policies for Handling Classified Information (New York Times) 

Ukraine at D+419: GRU cyber ops scrutinized. (CyberWire)