The CyberWire Daily Podcast 6.16.23
Ep 1846 | 6.16.23

The Cl0p gang moves its way into US government systems. It’ll take multiple showers to rinse out Shampoo malware. Hybrid war update. Arrests and indictments.

Show Notes

The US Government discloses exploitations of MOVEit vulnerabilities, and the Department of Energy is targeted by the Cl0p gang. CISA releases an updated advisory for Telerik vulnerabilities affecting Government servers. Shampoo malware emerges with multiple persistence mechanisms. How the IT Army of Ukraine can exemplify a cyber auxiliary. Russophone gamers are being targeted with ransomware. An alleged LockBit operator has been arrested. The FBI’s Deputy Assistant Director for cyber Cynthia Kaiser joins us with cybercriminal trends and recent successes. Our guest is Will Markow from Lightcast, speaking with Simone Petrella about data-driven strategic workforce decisions. And a federal grand jury indicts the alleged Discord Papers leaker.

Selected reading.

US government hit by Russia's Clop in MOVEit mass attack (The Register)

Energy Department among ‘several’ federal agencies hit by MOVEit breach (Federal News Network)

Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers (CISA)

CVE-2019-18935 Detail (NIST)

CVE-2017-9248 Detail (NIST)

Cryptographic Weakness (Telerik)

Shampoo: A New ChromeLoader Campaign (HP)

Cyber attacks on Rotterdam and Groningen websites (World Cargo News)

The Dynamics of the Ukrainian IT Army’s Campaign in Russia (Lawfare)

Watch: Why early failures in Ukraine's counter-offensive aren't Russian victories (The Telegraph)

Russian War Report: Anti-Ukrainian counteroffensive narratives fail to go viral (Atlantic Council)

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator (Cyble)

Hackers infect Russian-speaking gamers with fake WannaCry ransomware (The Record)

Russian national arrested in Arizona, charged for alleged role in LockBit ransomware attacks (CyberScoop)

Suspected LockBit ransomware affiliate arrested, charged in US (BleepingComputer)

Russian national arrested in US for deploying LockBit ransomware (The Record)

Guardsman indicted on charges of disclosing classified national defense information (AP News)

Charges Against Alleged Pentagon Leaker Jack Teixeira Explained (Newsweek)

Jack Teixeira, Pentagon leaks suspect, indicted by federal grand jury (The Guardian)