Consensus on the Viasat hack: Russia did it. Kaspersky remains under investigation. The Nerbian RAT is out. NPM dependencies exploited, but to what end? Advisories from CISA and its partners.

CyberWire Daily

N2K Networks, Inc.

Technology, Daily News, News, Tech News

4.8 • 1.1K Ratings

🗓️ 11 May 2022

⏱️ 25 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

There’s international consensus on the cyberattack against Viasat. Kaspersky remains under investigation. The Nerbian RAT is out. NPM dependencies are exploited, but to what end? Caleb Barlow examines Russia’s future on the internet. Our guest is Deepen Desai from Zscaler with the latest phishing research. And new advisories from CISA and its partners. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/91 Selected reading. Nerbian RAT Using COVID-19 Themes Features Sophisticated Evasion Techniques (Proofpoint) NPM dependency confusion hacks target German firms (ReversingLabs) npm Supply Chain Attack Targeting Germany-Based Companies (JFrog) Adminer in Industrial Products (CISA) Eaton Intelligent Power Protector (CISA) Eaton Intelligent Power Manager Infrastructure (CISA) Eaton Intelligent Power Manager (CISA) AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere (CISA) Mitsubishi Electric MELSOFT GT OPC UA (CISA) CISA Adds One Known Exploited Vulnerability to Catalog (CISA) Alert (AA22-131A) Protecting Against Cyber Threats to Managed Service Providers and their Customers (CISA) Protecting Against Cyber Threats to Managed Service Providers and their Customers (CISA) Russia downed satellite internet in Ukraine -Western officials (Reuters) US and its allies say Russia waged cyberattack that took out satellite network (Ars Technica) Western powers blame Russia for Ukraine satellite hack (The Record by Recorded Future) Russian cyber operations against Ukraine: Declaration by the High Representative on behalf of the European Union (European Council) Attribution of Russia’s Malicious Cyber Activity Against Ukraine - United States Department of State (United States Department of State) U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors (CISA) Russia behind cyber-attack with Europe-wide impact an hour before Ukraine invasion (GOV.UK) Estonia joins the statement of attribution on cyberattacks against Ukraine (Ministry of Foreign Affairs, Republic of Estonia) Statement on Russia’s malicious cyber activity affecting Europe and Ukraine (Canada.ca) Attribution to Russia for malicious cyber activity against European networks (Australian Government Department of Foreign Affairs and Trade) Russia hacked an American satellite company one hour before the Ukraine invasion (MIT Technology Review) NSA Probing Reach of Software From Russia’s Kaspersky in US Systems (Bloomberg) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. And now a word from our sponsor, Six Cents.
1:23.2	Six Cents provides award-winning cloud-based automated endpoint and vulnerability management solutions
1:29.5	to streamline IT and security operations. With its advanced platform, businesses gain complete visibility and control over their infrastructure, reducing IT and security risks, and optimizing operational efficiency.
1:43.0	With 6 cents, you'll get real-time alerts,
1:46.0	risk-based vulnerability prioritization and remediations,
1:49.0	and an intuitive automation and orchestration engine
1:52.0	so you can focus on your core business goals
1:55.0	confident in the knowledge that your enterprise is secure,
1:58.0	compliant and running smoothly.
2:00.0	Visit 6Cence.com
2:02.0	to learn why enterprises choose them. There's international consensus on the cyber attack against Viasat.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.