The CyberWire Daily Podcast 8.1.23
Ep 1875 | 8.1.23

Cyberespionage tradecraft, including shopping in the C2C market. Seeking satcom resilience. Sanctions against disinformation. A quick look at current OT threats.

Show Notes

C2-as-a-service with APTs as the customers. Cyberespionage activity by Indian APTs. Gamers under attack. StarLink limits Ukrainian access to its systems. The EU levies new sanctions against “digital information manipulation.” Ukraine's Security Service takes down money-laundering exchanges. Ben Yelin unpacks fediverse security risks. Our guests are Mike Marty, CEO of The Retired Investigators Guild, & Tom Brennan, executive director of CREST, discussing their efforts on cybercrime investigation and cold case resolution. And Nozomi's OT IoT security report, sees a lot of opportunistic, low-grade whacking at industrial organizations.

Selected reading.

Cloudzy with a Chance of Ransomware: Unmasking Command-and-Control Providers (C2Ps) (Halcyon) 

APT Bahamut Targets Individuals with Android Malware Using Spear Messaging - CYFIRMA (CYFIRMA) 

Hackers steal Signal, WhatsApp user data with fake Android chat app (BleepingComputer)

Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor (The Hacker News)

Hackers exploit BleedingPipe RCE to target Minecraft servers, players (BleepingComputer) 

Call of Duty Self-Spreading Worm Takes Aim at Player Lobbies (Dark Reading) 

Call of Duty worm malware used to hack players exploits years-old bug  (TechCrunch) 

Elon Musk 'refuses to turn on Starlink' for Crimea drone attack (The Telegraph)

How Elon Musk Was Able to Exert Control in Ukraine War (The Street)

EU strikes Russia again as digital infowar rages on (Cybernews) 

Ukraine Cracks Down on Illicit Financing Network (Gov Info Security) 

Unpacking the OT & IoT Threat Landscape with Unique Telemetry Data (Nozomi Networks) 

China's Volt Typhoon APT Burrows Deeper Into US Critical Infrastructure (Dark Reading)