The CyberWire Daily Podcast 6.23.23
Ep 1850 | 6.23.23

Two sets of China-linked cyberespionage activities. Mirai’s new vectors. A Cozy Bear sighting. Anonymous Sudan gets less anonymous.

Show Notes

An update on Barracuda ESG exploitation. Camaro Dragon’s current cyberespionage tools spread through infected USB drives. The Mirai botnet is spreading through new vectors. Midnight Blizzard is out and about . Ukraine is experiencing a "wave" of cyberattacks during its counteroffensive. Karen Worstell from VMware shares her experience with technical debt. Rick Howard speaks with CJ Moses, CISO of Amazon Web Services. And Anonymous Sudan turns out to be no more anonymous or Sudanese than your Uncle Louie.

Selected reading.

Barracuda ESG exploitation (Proofpoint)

Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives (Check Point Research)

Chinese malware accidentally infects networked storage (Register)

Akamai SIRT Security Advisory: CVE-2023-26801 Exploited to Spread Mirai Botnet Malware (Akamai).

Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices (BleepingComputer) 

Neuberger: Ukraine experiencing a ‘surge’ in cyberattacks as it executes counteroffensive (Record) 

Microsoft warns of rising NOBELIUM credential attacks on defense sector (HackRead).

Anonymous Sudan: neither anonymous nor Sudanese (Cybernews)