The CyberWire Daily Podcast 7.5.23
Ep 1856 | 7.5.23

Cyberespionage, extortion, and DDoS as instruments of state policy. Ransomware continues to trouble a wide range of targets across many sectors.

Show Notes

Chinese cyberespionage campaign against European governments. The Port of Nagoya closes over ransomware attack. BlackCat and SEO poisoning. LockBit seeks to extort a semiconductor manufacturer. Professionals in the cyber underworld. CISA issued a DDoS alert for US companies and government agencies. Microsoft debunks claims of data theft by Anonymous Sudan. Matt O'Neill from the US Secret Service speaks with Dave Bittner about sextortion. Rick Howard sits down with Michael Fuller of AWS to talk about the kill chain. And Avast releases a free decryptor for Akira.

Selected reading.

Chinese Threat Actors Targeting Europe in SmugX Campaign - Check Point Research (Check Point Research)

Hackers target European government entities in SmugX campaign (BleepingComputer)

Chinese hackers target European embassies with HTML smuggling technique (Record)

Japan’s largest port stops operations after ransomware attack (BleepingComputer) 

BlackCat ransomware pushes Cobalt Strike via WinSCP search ads (BleepingComputer)

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising (The Hacker News)

TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant (SecurityWeek)

TSMC confirms data breach after LockBit cyberattack on third-party supplier (TechCrunch)

Taiwan Semiconductor Denies LockBit's $70M Hack Claim (Bank Info Security)

Semiconductor giant says IT supplier was attacked; LockBit makes related claims (Record)

DoS and DDoS Attacks against Multiple Sectors (Cybersecurity and Infrastructure Security Agency CISA)

CISA issues DDoS warning after attacks hit multiple US orgs (BleepingComputer)

Microsoft denies data breach, theft of 30 million customer accounts (BleepingComputer)

Microsoft Denies Major 30 Million Customer-Breach (Infosecurity Magazine)

Decrypted: Akira Ransomware (Avast Threat Labs)