The CyberWire Daily Podcast 6.12.23
Ep 1842 | 6.12.23

Unpatched instances and vulnerabilities rear their ugly heads. Russian telecom provider targeted in an act of “cyber anarchy.” Alleged crypto heist conspirators face charges.

Show Notes

Attacks against unpatched versions of Visual Studio and win32k continue. Progress Software patches two MOVEit vulnerabilities. The Cyber Anarchy Squad claims to have taken down a Russian telecommunications provider's infrastructure. RomCom resumes its activity in the Russian interest. Deepen Desai of Zscaler describes Nevada ransomware. Our guest is Clarke Rodgers from Amazon Web services with insights on what CISOs say to each other when no one else is listening?. And the Mt. Gox hacking indictment has been unsealed.

Selected reading.

Online muggers make serious moves on unpatched Microsoft bugs (The Register)

Analysis of CVE-2023-29336 Win32k Privilege Escalation Vulnerability (with POC) (Numen)

MOVEit Transfer and MOVEit Cloud Vulnerability (Progress Software)

MDE Affected by Global Data Breach (Minnesota Department of Education)

Hackers Use Stolen Student Data Against Minneapolis Schools in Brazen New Threat (The 74)

Ofcom statement on MOVEit cyber attack (Ofcom)

Ukrainian hackers take down service provider for Russian banks (BleepingComputer)

Pro-Ukraine hackers claim to take down Russian internet provider (The Record)

Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC (Security Affairs)

RomCom Resurfaces: Targeting Politicians in Ukraine and U.S.-Based Healthcare Providing Aid to Refugees from Ukraine (BlackBerry)

Mt. Gox's Hackers Are 2 Russian Nationals, U.S. DOJ Alleges in Indictment (CoinDesk)

Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e (The Record)

Russian Nationals Charged With Hacking One Cryptocurrency Exchange and Illicitly Operating Another (US Department of Justice)