The CyberWire Daily Podcast 7.28.23
Ep 1873 | 7.28.23

A new joint advisory from the US and Australia. BackConnect evolution. Cl0p counts coup. Ransomware trends. DDoS for influence. It’s “dot-mil,” Nigel.

Show Notes

A joint warning on IDOR vulnerabilities. IcedID’s BackConnect protocol evolves over one year. Cl0p claims to have accessed data from another Big Four accounting firm. Ransomware victims increased significantly in 2023. Cyberattacks support influence operations. Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger joins us to discuss the Biden Administration's recent cyber initiatives. Eric Goldstein, Executive Assistant Director at CISA, looks at cybersecurity performance goals. And spelling counts.

Selected reading.

Preventing Web Application Access Control Abuse (Joint Cybersecurity Advisory: ACSC, NSA, CISA) 

Inside the IcedID BackConnect Protocol (Part 2) (Team Cymru) 

Deloitte denies Cl0p data breach impacted client data in wake of MOVEit attack (ITPro) 

Ransomware Report: Q2 2023 (ReliaQuest)

Kenya ICT minister admits cyber-attack on eCitizen portal, insists data secure (The East African)

Anonymous Sudan: the group behind recent anti-Kenya cyberattacks (TechCabal) 

Kenya President Ruto to skip Russia-Africa Summit (The East African)

UK accidentally sent military emails meant for US to Russian ally (POLITICO)