BROADCASTS.com

A VMConnect supply chain attack is connected to the DPRK.\xa0Reports of an aledgedly "fully undetectable information stealer." DB#JAMMER brute forces exposed MSSQL databases. A Cyberattack on a Canadian utility. The state of DevSecOps. A look at hacktivism, today and beyond. Betsy Carmelite from Booz Allen on threat intelligence as part of a third-party risk management program. Our guest is Adam Marr\xe9 from Arctic Wolf Networks, with an analysis of Chinese cyber tactics. And a free decryptor is released for Key Group ransomware.\n\nFor links to all of today's stories check out our CyberWire daily news briefing:\nhttps://thecyberwire.com/newsletters/daily-briefing/12/168\n\nSelected reading.\nVMConnect supply chain attack continues, evidence points to North Korea (ReversingLabs)\xa0\nSecuronix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware (Securonix)\nMontreal electricity organization latest victim in LockBit ransomware spree (Record)\nLockBit ransomware gang targets electrical infrastructure organization in Montreal (teiss)\n[Analyst Report] SANS 2023 DevSecOps Survey (Synopsys)\nSANS 2023 DevSecOps Survey (Application Security Blog)\nGovernment Agencies Report New Russian Malware Targets Ukrainian Military (National Security Agency/Central Security Service)\nRussian military hackers take aim at Ukrainian soldiers' battle plans, US and allies say (CNN)\nUkraine: The First Cyber Lessons (AFCEA International)\nThe Return of Hacktivism: A Temporary Reprise or Here for Good? (ReliaQuest)\nDecrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang (EclecticIQ)\nLearn more about your ad choices. Visit megaphone.fm/adchoices