The CyberWire Daily Podcast 8.8.23
Ep 1880 | 8.8.23

Challenges to intelligence-sharing. The complexity of supply-chain security. Ransomware developments. Notes on Russia’s hybrid war, including possible sensor data manipulation.

Show Notes

Reports on a 2020 Chinese penetration of Japan's defense networks. MOVEit-connected supply chain issues aren't over. Akamai looks at the current state of ransomware. Mallox ransomware continues its evolution. Machine identities and shadow access. Ukrainian hacktivist auxiliaries hit Russian websites. Joe Carrigan unpacks statistics recently released by CISA. Our guest is Jeffrey Wheatman from Black Kite discussing the market shift from SRS to cyber risk intelligence. And radiation sensor reports from Chernobyl may have been manipulated.

Selected reading.

China hacked Japan’s sensitive defense networks, officials say (Washington Post) 

Japan says cannot confirm leakage after report says China hacked defence networks (Reuters)

MOVEit hack spawned around 600 breaches but isn't done yet - cyber analysts (Reuters)

Mallox Ransomware Group Revamps Malware Variants, Evasion Tactics (Dark Reading)

TargetCompany Ransomware Abuses FUD Obfuscator Packers (Trend Micro)

New IAM Research by Stack Identity Finds Machine Identities Dominate Shadow Access in the Cloud, Revealing Easy Attack Vector for Hackers (Business Wire)

Ukraine-Linked Group Claims It Hacked Website Of Moscow Property Registration Bureau (RadioFreeEurope/RadioLiberty)

Ukraine-linked group claims it hacked Moscow property registration bureau website – RFE/RL (Euromaidan Press)

Pro-Ukrainian hackers breach Moscow engineering service website (New Voice of Ukraine)

Ukrainian state agencies targeted with open-source malware MerlinAgent (Record)

The Mystery of Chernobyl’s Post-Invasion Radiation Spikes (WIRED)