The CyberWire Daily Podcast 6.2.23
Ep 1836 | 6.2.23

Hackers like to move it, move it. Skimmers observed targeting Americas and Europe. Hybrid war activity.

Show Notes

MOVEit Transfer software sees exploitation. A website skimmer has been employed against targets in the Americas and Europe. A look into XeGroup's recent criminal activity. Apple denies the FSB’s allegations of collusion with NSA. Kaspersky investigates compromised devices. Johannes Ullrich from SANS describes phony YouTube "live streams". Our guest is Sherry Huang from William and Flora Hewlett Foundation to discuss their grants funding cyber policy studies. And the US Department of Defense provides Starlink services to Ukraine.

Selected reading.

MOVEit Transfer Critical Vulnerability (May 2023) (Progress Software)

Rapid7 Observed Exploitation of Critical MOVEit Transfer Vulnerability (Rapid7)

New MOVEit Transfer zero-day mass-exploited in data theft attacks (BleepingComputer)

Hackers use flaw in popular file transfer tool to steal data, researchers say (Reuters)

New Magecart-Style Campaign Abusing Legitimate Websites to Attack Others (Akamai)

Not your average Joe: An analysis of the XeGroup’s attack techniques (Menlo Security)

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin (The Hacker News)

Apple denies surveillance claims made by Russia's FSB (Reuters)

FSB uncovers US intelligence operation via malware on Apple mobile phones (TASS)

Kaspersky Says New Zero-Day Malware Hit iPhones—Including Its Own (WIRED)

Operation Triangulation: iOS devices targeted with previously unknown malware (Kaspersky)

Lithuania becomes first to designate Russia as terrorist state (CSCE)

Pentagon confirms SpaceX deal for Ukraine Starlink services (C4ISRNET)