DiscoverCyberWire DailySoftware supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).
Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

Update: 2022-11-14
Share

Description

Software supply chain risk. Cyber risk across sectors. CISA releases Stakeholder Specific Vulnerability Categorization (SSVC). Sandworm is back in Russia's hybrid war. Another wiper campaign from a Russian cyber auxiliary. Malek Ben Salem from Accenture shares thoughts on future-proofing cloud security. Rick Howard previews the latest CSO Perspectives show. And the Australian Federal Police say they know who hacked Medibank. (and the AFP says they have a good track record getting international criminals).


For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/11/218


Selected reading.

Exclusive: Russian software disguised as American finds its way into U.S. Army, CDC apps (Reuters) 

Industries boost cyber defenses against growing number of attacks (Moodys) 

CISA Releases SSVC Methodology to Prioritize Vulnerabilities (CISA)

Transforming the Vulnerability Management Landscape (CISA)

Russian Sandworm hackers deployed malware in Ukraine and Poland (Washington Post)

New “Prestige” ransomware impacts organizations in Ukraine and Poland (Microsoft)

Microsoft links Russia’s military to cyberattacks in Poland and Ukraine (Ars Technica)

Microsoft attributes ‘Prestige’ ransomware attacks on Ukraine and Poland to Russian group (The Record by Recorded Future)

Wipe it or exfiltrate? How Russia exploits edge infrastructure to disrupt and spy during wartime (SC Media)

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless (WIRED)

Russian military hackers linked to ransomware attacks in Ukraine (BleepingComputer) 

Information on cyberattacks of the group UAC-0118 (FRwL) using the Somnia malware (CERT-UA#5185) (CERT-UA)

Ukraine says Russian hacktivists use new Somnia ransomware (BleepingComputer) 

Russian hacktivists hit Ukrainian orgs with ransomware - but no ransom demands (Help Net Security)

Development of the Ukrainian Cyber Counter-Offensive (Trustwave) 

Australian Federal Police say cybercriminals in Russia behind Medibank hack (The Record by Recorded Future)

Australia tells Medibank hackers: 'We know who you are' (TechCrunch)

Comments 
In Channel
loading
Download from Google Play
Download from App Store
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

CyberWire, Inc.