The CyberWire Daily Podcast 10.10.23
Ep 1923 | 10.10.23

The cyber phases of two wars show signs of intersecting. Developments in cyberespionage and cybercrime.

Show Notes

Disinformation and Hacktivism in the war between Hamas and Israel. KillNet and the IT Army of Ukraine say they'll follow ICRC guidelines. The current state of DPRK cyber operations. The Grayling cyberespionage group is active against Taiwan. A Magecart campaign abuses 404 pages. 23andMe suffers abreach. Voter records in Washington, DC, have been compromised. In our Solution Spotlight, Simone Petrella speaks with Raytheon’s Jon Check about supporting and shaping the next generation of the cyber workforce. Grady Summers from SailPoint outlines the importance of organizations managing and protecting access to critical data. And a look at CISOs willingness to pay ransom. 

Selected reading.

The Israel-Hamas War Is Drowning X in Disinformation (WIRED) 

As false war information spreads on X, Musk promotes unvetted accounts (Washington Post) 

Elon Musk’s X Cut Disinformation-Fighting Tool Ahead of Israel-Hamas Conflict (The Information) 

US opinion divided amid battle for narrative over Hamas attack on Israel (the Guardian) Zelensky Compares Assault by Hamas on Israel to Moscow’s Invasion of Ukraine (New York Times) 

Russia cites ‘concern’ but does not condemn Hamas attack on Israel (Washington Post) 

The Israel–Hamas Conflict: Implications for the Cyber Threat Landscape (ReliaQuest) 

Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App 

Hacktivism erupts in Middle East as Israel declares war (Register) 

The Israel-Hamas War Erupts in Digital Chaos (WIRED) 

Hacktivists in Palestine and Israel after SCADA and other industrial control systems (Cybernews) 

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  (SecurityWeek)

Israel’s government, media websites hit with cyberattacks (Cybernews) 

Website of Jerusalem Post crashes after multiple cyberattacks (OpIndia) 

Ukraine cyber-conflict: Hacking gangs vow to de-escalate (BBC News) 

North Korea Suspected in Massive Hack of DeFi Project Mixin (OODA Loop) 

Assessed Cyber Structure and Alignments of North Korea in 2023 (Mandiant) 

Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan (Symantec)

The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages (Akamai) 

Hacker Claims to Have Data of 7 Million 23andMe Users from DNA Service (Hack Read) 

23andMe user data breached in credential-stuffing attack (Engadget) 

‘Your DNA is for sale on the black market’: 23andMe data breach exposes customers (The Daily Dot) 

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews (WIRED) 

23andMe data breach affects a million users with Jewish heritage (Dataconomy)

D.C. voter records for sale in cybercrime forum (CyberScoop) 

Hackers access voter information in DC Board of Elections data breach (WTOP News) 

DC Board of Elections investigates voter data breach (NBC4 Washington) 

The CISO Report (Splunk)

October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty (Help Net Security)