The CyberWire Daily Podcast 4.25.23
Ep 1809 | 4.25.23

BlackCat follows Cl0p to GoAnywhere. Mirai gets an upgrade. Deterring cyber war. Homeland Secrity’s cyber priorities. Action against DPRK cryptocrooks. What KillNet’s up to.

Show Notes

BlackCat (ALPHV) follows Cl0p, exploiting the GoAnywhere MFA vulnerability. The Mirai botnet exploits a vulnerability disclosed at Pwn2Own. An RSAC presentation describes US response to Russian prewar and wartime cyber operations. The US Department of Homeland Security outlines cyber priorities. Andrea Little Limbago from Interos shares insights from her RSAC 2023 panels. US indicts, sanctions DPRK operators in crypto-laundering campaign. Our guest is Marc van Zadelhoff, CEO of Devo, with insights from the conference. And the latest on KillNet.

Selected reading.

BlackCat Ransomware Group Exploits GoAnywhere Vulnerability (At-Bay) 

Zero Day Initiative — TP-Link WAN-side Vulnerability CVE-2023-1389 Added to the Mirai Botnet Arsenal (Zero Day Initiative)

Years after discovery of SolarWinds breach, Russian hackers could be struggling (Washington Post) 

U.S. deploys more cyber forces abroad to help fight hackers (Reuters)

DHS Outlines Cyber Priorities in Release of Delayed Review ( 

US sanctions supporters of North Korean hackers, Iranian cyberspace head (Record) 

North Korean Foreign Trade Bank Rep Charged for Role in Two Crypto Laundering Conspiracies (Department of Justice. U.S. Attorney's Office District of Columbia) 

Treasury Targets Actors Facilitating Illicit DPRK Financial Activity in Support of Weapons Programs (U.S. Department of the Treasury)