The CyberWire Daily Podcast 6.13.23
Ep 1843 | 6.13.23

CISA's new Binding Operational Directive. “CosmicEnergy” tool doesn’t pose a cosmic threat. Hackers’ homage to fromage in attacks against the Swiss government. Industry advice for the White House.

Show Notes

CISA issues a new Binding Operational Directive. An update on CosmicEnergy. Hackers’ homage to fromage in attacks against the Swiss government. Ukraine's Cyber Police shut down a pro-Russian bot farm. Clothing and footwear retailers see impersonation and online fraud. A 2021 ransomware attack contributed to a hospital closing. A proof-of-concept exploit of a patched MOVEit vulnerability. An industry letter calls for a new framework on the White House cybersecurity strategy. Joe Carrigan examines a ChatGPT fueled  phishing scam. Our guest is Neha Rungta, Applied Science Director at AWS Identity discussing Amazon Verified Permissions. And trends in cyber risks for small and medium businesses.

Selected reading.

Binding Operational Directive 23-02 (US Cybersecurity and Infrastructure Security Agency)

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises (Mandiant)

Dragos Analysis Determines COSMICENERGY Is Not an Immediate Threat (Dragos)

More than 4,000 bots to discredit the Defense Forces of Ukraine and spread propaganda in favor of Russia: the police of Vinnytsia eliminated a large-scale bot farm (Ukraine Cyber Police)

Ukraine police raid social media bot farm accused of pro-Russia propaganda (The Record)

Widespread Brand Impersonation Scam Campaign Targeting Hundreds of the Most Popular Apparel Brands (Bolster)

An Illinois hospital is the first health care facility to link its closing to a ransomware attack (NBC News)

Ransomware attack causes Illinois hospital to close (Becker’s Hospital Review)

New BlackFog research: 61% of SMBs were victims of a cyberattack in the last year (BlackFog)

Switzerland warns that a ransomware gang may have accessed government data (The Record)

Swiss government warns of ongoing DDoS attacks, data leak (BleepingComputer)

Swiss Government Targeted by Series of Cyber-Attacks (Infosecurity Magazine)

DDoS attack on Federal Administration: various Federal Administration websites and applications unavailable (The Federal Council of the Swiss Government)