The CyberWire Daily Podcast 9.19.23
Ep 1909 | 9.19.23

Ransomware in Colombia. An accidental data exposure. Cyberespionage hits unpatched systems. An attack on IT systems disrupts industrial production. Bots and bad actors.

Show Notes

Colombia continues its recovery from last week's cyberattacks. AI training data is accidentally published to GitHub. The cyberespionage techniques of Earth Lusca. Clorox blames product shortages on a cyber attack. Cybersecurity incidents in industrial environments. Where the wild bots are. Joe Carrigan looks at top level domain name exploitation. Our guest is Kristen Bell from GuidePoint Security with a look at vulnerability vs. exploitability. And there’s talk of potential Russia-DPRK cooperation in cyberspace.

Selected reading.

More than 50 Colombian state, private entities hit by cyberattack -Petro (Reuters) 

Colombia Mulls Legal Action Against US Firm Targeted In Cyber Attack (Barron's)

Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token (Microsoft Security Response Center)

Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages (SecurityWeek)

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement (Trend Micro) 

Chinese hackers have unleashed a never-before-seen Linux backdoor (Ars Technica)

The Clorox Company FORM 8-K (US Securities and Exchange Commission) 

Clorox Warns of Product Shortages Following Cyberattack (Wall Street Journal)

Clorox warns of product shortages, profit hit from August cyberattack (The Street) 

Can't find the right Clorox product? A recent cyberattack is causing some shortages (USA Today) 

Clorox warns of product shortages after cyberattack (Fox Business) 

As flu season looms, hackers force a shortage of Clorox products (Fortune)

New Research Finds Cyberattacks Against Critical Infrastructure on the Rise, State-affiliated Groups Responsible for Nearly 60% (Business Wire)

Death By a Billion Bots (Netacea)

Russian and North Korea artillery deal paves the way for dangerous cyberwar alliance (EconoTimes)