The CyberWire Daily Podcast 4.27.23
Ep 1811 | 4.27.23

Waging lawfare against criminal infrastructure. Notes from the cyber underworld. Hybrid war, and cyber ops across the spectrum of conflict. And what do the bots want? (Hint: kicks.)

Show Notes

Google targets CryptBot malware infrastructure. FIN7 attacked Veeam servers to steal credentials. Ransomware-as-a-service offering threatens Linux systems. Evasive Panda targets NGOs in China. Anonymous Sudan is active against targets in Israel. Russian ransomware operations aim at disrupting supply chains into Ukraine. Our guest is Stuart McClure, CEO of Qwiet AI. Microsoft’s Ann Johnson stops by with her take on the RSA conference. And bots want new kicks.

Selected reading.

Continuing our work to hold cybercriminal ecosystems accountable (Google)

Google Disrupts Massive CryptBot Malware Operation (Decipher)

Google disrupts malware that steals sensitive data from Chrome users (TechCrunch) 

FIN7 Hackers Caught Exploiting Recent Veeam Vulnerability (SecurityWeek)

RTM Locker Ransomware as a Service (RaaS) Now on Linux (Uptycs) 

Evasive Panda APT group delivers malware via updates for popular Chinese software (WeLiveSecurity) 

NSA sees 'significant' Russian intel gathering on European, U.S. supply chain entities (CyberScoop) 

Ukraine at D+427: Russian cyberattacks and disinformation before Ukraine's spring offensive. (CyberWire)

Releasing leak suspect a national security risk, feds say (AP NEWS)

Pentagon leak suspect may still have access to classified info, court filings allege (the Guardian) 

Netacea Quarterly Index: Top 5 Scalper Bot Targets of Q1 2023 (Netacea)