The CyberWire Daily Podcast 11.9.23
Ep 1945 | 11.9.23

Shields Ready for attacks against critical infrastructure. These may be indiscriminate, and they may be opportunistic.

Show Notes

CISA, FEMA, and Shields Ready. Ransomware operators exploit 3rd-party tools. A Bittrex bankruptcy phishing campaign. Spammers abuse Google Forms quizzes. Imperial Kitten in action against Israeli targets. Iranian cyberattacks against Israel are called "reactive and opportunistic." In our sponsored Industry Voices segment, Adam Bateman from Push Security outlines how attackers are targeting cloud identities. Luke Vander Linden from RH-ISAC speaks with Target's Ryan Miller and Leah Schwartzman about the evolving fraud landscape retailers are facing with the holidays approaching. And Sandworm and Ukraine's power grid: 2022 attacks may foreshadow the winter of 2023 and 2024.

Selected reading.

Shields Ready | CISA (Cybersecurity and Infrastructure Security Agency CISA) 

DHS Unveils New Shields Ready Campaign to Promote Critical Infrastructure Security and Resilience (FEMA) 

US Urges Critical Infrastructure Firms to Get “Shields Ready” (Infosecurity Magazine) 

US launches “Shields Ready” campaign to secure critical infrastructure (CSO Online) 

DHS Launches New Critical Infrastructure Security and Resilience Campaign (SecurityWeek) 

Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools (FBI) 

Phishing Attack Driven by Bittrex Bankruptcy (Abnormal) 

Spammers abuse Google Forms’ quiz to deliver scams (Cisco Talos Blog)

IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations (CrowdStrike)

Microsoft shares threat intelligence at CYBERWARCON 2023 (Microsoft Security)

Iran and Hamas showed no signs of cyber coordination in run-up to war, researchers say (Washington Post) 

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology (Mandiant)

Russian spies behind cyber attack on Ukraine power grid in 2022 - researchers (Reuters) 

Hackers Linked To Russian Intelligence Blamed For 2022 Ukraine Grid Disruption (RadioFreeEurope/RadioLiberty) 

Ukraine updates: Russia hacked Kyiv's power grid — report – DW – 11/09/2023 (Deutsche Welle) 

Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes (SecurityWeek) 

Energy security at forefront of NATO-Ukraine Council meeting (NATO)