Taking steps to stop a Chinese APT. Implementing the US National Cybersecurity Strategy. LokiBot is back. Malware masquerading as a proof-of-concept. Swapping cyber ops in a hybrid war.

CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign. Training code turns out to be malicious in a new proof-of-concept attack discovered on GitHub. Russia resumes its pursuit of a "sovereign Internet." The GRU's offensive cyber tactics. Chris Novak from Verizon discusses business email compromise and the 2023 DBIR. Our guest is Joy Beland of Summit 7 on the role of Managed Service Providers in the supply chain to the Defense Industrial Base. And a probable Ukrainian false-flag operation.

Selected reading.

CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online (Cybersecurity and Infrastructure Security Agency CISA)

Enhanced Monitoring to Detect APT Activity Targeting Outlook Online (Cybersecurity and Infrastructure Security Agency CISA)

How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom (WIRED)

Chinese hackers breached U.S. and European government email through Microsoft bug (Record)

FACT SHEET: Biden-Harris Administration Publishes the National Cybersecurity Strategy Implementation Plan | The White House (The White House)

National Cybersecurity Strategy Implementation Plan (White House)

LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros (Fortinet Blog)

New PoC Exploit Found: Fake Proof of Concept with Backdoor Malware (Uptycs)

Russia Is Trying to Leave the Internet and Build Its Own (Scientific American)

The GRU's Disruptive Playbook (Mandiant) 

Hack Blamed on Wagner Group Had Another Culprit, Experts Say (Bloomberg)