The CyberWire Daily Podcast 9.8.23
Ep 1902 | 9.8.23

Apple issues an emergency patch. Aerospace sector under attack. DPRK spearsphishes security researchers. Notes from the hybrid war, including Starlink’s judgments on jus in bello.

Show Notes

Apple issues emergency patches. "Multiple nation-state actors" target the aerospace sector. The DPRK targets security researchers. SpaceX interrupted service to block a Ukrainian attack against Russian naval units last year. The International Criminal Court will prosecute cyber war crimes. Operation KleptoCapture extends to professional service providers. Malek Ben Salem of Accenture ponders the long-term reliability of LLM-powered applications. Our guest is Elliott Champion from CSC on how cybercriminals are taking advantage of the Threads platform. And congratulations to the SINET 16.

Selected reading.

BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild (The Citizen Lab) 

Apple issues software updates after spyware discoveries (Washington Post)

Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061) (Help Net Security)

CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 | CISA (Cybersecurity and Infrastructure Security Agency CISA)

Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 (Cybersecurity and Infrastructure Security Agency CISA) 

AA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 (Tenable®) 

CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities (The Hacker News)

Active North Korean campaign targeting security researchers (Google)

Rigged Software and Zero-Days: North Korean APT Caught Hacking Security Researchers (SecurityWeek)

Musk 'switched off Starlink in Ukraine over nuclear fears' (Computing)

CNN Exclusive: 'How am I in this war?': New Musk biography offers fresh details about the billionaire's Ukraine dilemma | CNN Politics (CNN) 

Ukraine, US Intelligence Suggest Russia Cyber Efforts Evolving, Growing (Voice of America)

The International Criminal Court Will Now Prosecute Cyberwar Crimes (WIRED)

Technology Will Not Exceed Our Humanity (Digital Front Lines) 

Justice Department’s Oligarch Hunters Widen Scope to Include Facilitators (Wall Street Journal) 

Apple issues emergency patches. APTs target aerospace sector. DPRK targets security researchers. New BEC phishing kit. Notes from the hybrid war. ICC will prosecute cyber war crimes. SINET 16 announced. (CyberWire)