BROADCASTS.com

Gootloader's evolution. Yandex source code leaked (and Yandex blames a rogue insider). New GRU wiper malware is active against Ukraine. Latvia reports cyberattacks by Gamaredon. Russia and the US trade accusations of malign cyber activity. A hacktivist auxiliary's social support system. Deepen Desai from Zscaler describes the Lilithbot malware. Rick Howard looks at chaotic simians. And wannabes can be a nuisance, too: LockBit impersonators are seen operating in northern Europe.\n\nFor links to all of today's stories check out our CyberWire daily news briefing:\nhttps://thecyberwire.com/newsletters/daily-briefing/12/19\n\nSelected reading.\nWelcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations (Mandiant)\xa0\nYandex denies hack, blames source code leak on former employee (BleepingComputer)\xa0\nHackers use new SwiftSlicer wiper to destroy Windows domains (BleepingComputer)\xa0\nSandworm APT targets Ukraine with new SwiftSlicer wiper (Security Affairs)\xa0\nUkraine: Sandworm hackers hit news agency with 5 data wipers (BleepingComputer)\nUkraine Links Media Center Attack to Russian Intelligence (BankInfoSecurity)\xa0\nLatvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group (The Record from Recorded Future News)\xa0\nRussia knows US recruits hackers, trains Ukrainian IT-army \u2014 Deputy Foreign Minister (TASS)\nTaking down the Hive ransomware gang. (CyberWire)\nUS puts a $10m bounty on Hive while Russia shuts down access (Register)\xa0\nExploring Killnet\u2019s Social Circles (Radware)\nCopycat Criminals mimicking Lockbit gang in northern Europe (Security Affairs)\nLearn more about your ad choices. Visit megaphone.fm/adchoices