Update on Chinese cyberespionage incident. ICS vulnerabilities. USB attacks. New KEVs. Updates from Russia's hybrid war, as hacktivists swap DDoS attacks and observers draw lessons learned.
Developments in the case of China's cyberespionage against government Exchange users. Industrial controller vulnerabilities pose a risk to critical infrastructure. USB attacks have risen three-fold in the first half of 2023. CISA adds two vulnerabilities to its Known Exploited Vulnerabilities Catalog. Ghostwriter's continued activity focuses on Poland and Ukraine. Hacktivist auxiliaries swap DDoS attacks. Awais Rashid from University of Bristol shares insights on threat modeling. Our guest is Chris Cochran from Huntress on the challenges small and medium sized businesses face with cyber security. And lessons learned from cyber warfare in Russia's war.
Selected reading.
UK says it's working with Microsoft to understand impact of Chinese email hack (Reuters)
What we know (and don’t know) about the government email breach (Washington Post)
Yet Another MS CVE: Don’t Get Caught In The Storm! (Cynet)
China Hacking Was Undetectable for Some Who Had Less Expensive Microsoft Services (Wall Street Journal)
Security flaws in Honeywell devices could be used to disrupt critical industries (TechCrunch)
APT Exploit Targeting Rockwell Automation Flaws Threatens Critical Infrastructure (SecurityWeek)
Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks (The Hacker News)
USB drive malware attacks spiking again in first half of 2023 (BleepingComputer)
CISA Adds Two Known Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA)
Malicious campaigns target government, military and civilian entities in Ukraine, Poland (Cisco Talos Blog)
Belarus-linked hacks on Ukraine, Poland began at least a year ago, report says (Record)
Crowdsourced Cyber Warfare: Russia and Ukraine Launch Fresh DDoS Offensives (CEPA).