The CyberWire Daily Podcast 8.28.23
Ep 1894 | 8.28.23

DPRK's Lazarus Group exploits ManageEngine issues. SIM swapping as a threat to organizations. Ransomware hits a cloud provider. Spawn of LockBit. Train whistling. Influence laundering.

Show Notes

The DPRK's Lazarus Group exploits ManageEngine issues. A Data breach at Kroll is traced to SIM swapping. Unusually destructive ransomware hits CloudNordic. Spawn of LockBit. Polish trains are disrupted by hacktivists. Rick Howard looks at the MITRE attack framework. Our guests are Andrew Hammond and Erin Dietrick from the International Spy Museum. And Influence laundering as a long-term disinformation tactic.

Selected reading.

North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw (SecurityWeek)

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure (Help Net Security)

Cyber scams keep North Korean missiles flying (Radio Free Asia)

Claimant Data Breached in Genesis, FTX and BlockFi Bankruptcy Cases (Wall Street Journal)

Kroll data breach exposes info of FTX, BlockFi, Genesis creditors (BleepingComputer)

Crypto investor data exposed by a SIM swapping attack against a Kroll employee (Security Affairs)

Kroll Employee SIM-Swapped for Crypto Investor Data (KrebsOnSecurity)

Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack (The Hacker News)

FTX bankruptcy handler Kroll discloses data breach (The Stack)

CloudNordic Faces Severe Data Loss After Ransomware Attack (Hackread) 

CloudNordic loses most customer data after ransomware attack | TechTarget (Security) 

Lockbit leak, research opportunities on tools leaked from TAs (SecureList)

LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants (The Hacker News)

Poland investigates cyber-attack on rail network (BBC News)

Poland investigates hacking attack on state railway network (Reuters)

Hackers bring down Poland’s train network in massive cyber attack (Ticker News) 

The Cheap Radio Hack That Disrupted Poland's Railway System (WIRED)

Russia Pushes Long-Term Influence Operations Aimed at the U.S. and Europe (New York Times)

Newly declassified US intel claims Russia is laundering propaganda through unwitting Westerners (CNN Politics)