CosmicEnergy: OT and ICS malware from Russia, maybe for red teaming. Updates on Volt Typhoon. Legion malware upgraded for the cloud. Natural-disaster-themed online fraud.
CosmicEnergy is OT and ICS malware from Russia, maybe for red teaming, maybe for attack. Updates on Volt Typhoon, China’s battlespace preparation in Guam and elsewhere. In the criminal underworld, Legion malware has been upgraded for the cloud. Johannes Ullrich from SANS examines time gaps in logging. Our guest is Kevin Kirkwood from LogRhythm with a look at extortion attempts and ransomware. And Atlantic hurricane season officially opens next week: time to batten down those digital hatches.
CISA Warns of Hurricane/Typhoon-Related Scams (Cybersecurity and Infrastructure Security Agency CISA)