Attacks on industrial systems in Europe and Africa. LolekHosted arrests. Notes from the hybrid war. The CSRB will investigate the cyberespionage campaign that exploited Microsoft Exchange.
An African power generator has been targeted by ransomware. The APT31 group is believed to be responsible for attacks on industrial systems in Eastern Europe. There have been arrests related to the takedown of LolekHosted. Ukraine's SBU has alleged that Russia's GRU is using specialized malware to attack Starlink. Microsoft has decided not to extend licenses for its products in Russia. Rick Howard opens his toolbox on DDOS. In our Solution Spotlight: Simone Petrella and Camille Stewart Gloster discuss the White House release of its cybersecurity workforce and education strategy. And the Cyber Safety Review Board will be investigating cases of cyberespionage against Exchange.
Watch the full video of Simone and Camille here: Solution Spotlight: Simone Petrella and Camille Stewart Gloster
DroxiDat-Cobalt Strike Duo Targets Power Generator Network (Infosecurity Magazine)
New SystemBC Malware Variant Targets Southern African Power Company (The Hacker News)
Power Generator in South Africa hit with DroxiDat and Cobalt Strike (Security Affairs)
Common TTPs of attacks against industrial organizations. Implants for uploading data (Kaspersky ICS CERT)
APT31 Linked to Recent Industrial Attacks in Eastern Europe (Infosecurity Magazine)
LOLEKHosted admin arrested for aiding Netwalker ransomware gang (BleepingComputer)
Russia Bans iPhones And iPads For Official Use: Report (BW Businessworld)
Microsoft Suspends Extending Licenses For Companies in Russia (RadioFreeEurope/RadioLiberty)
Department of Homeland Security’s Cyber Safety Review Board to Conduct Review on Cloud Security (US Department of Homeland Security)