An overview of the cyber phase of Russia’s hybrid war. Smartphones as sources of targeting information. Lilith enters the ransomware game. ChromeLoader makes a fresh appearance. Honda acknowledges that Rolling-PWN is real (but says it’s not as serious as some think). Part two of Carole Theriault’s conversation with Jen Caltrider from Mozilla’s Privacy Not Included initiative. Our guest is Josh Yavor of Tessian to discuss Accidental Data Loss Over Email. A  guilty verdict in the Vault 7 case.

Selected reading.

Ukraine’s Cyber Agency Reports Q2 Cyber-Attack Surge (Infosecurity Magazine)

2022 Q2 (SSSCIP)

The weaponizing of smartphone location data on the battlefield (Help Net Security) 

New Lilith ransomware emerges with extortion site, lists first victim (BleepingComputer) A new ransomware operation has been launched under the name ‘Lilith,’ and it has already posted its first victim on a data leak site created to support double-extortion attacks.

New Ransomware Groups on the Rise (Cyble) Cyble analyzes new ransomware families spotted in the wild led by notable examples such as LILITH, RedAlert, and 0Mega.

New Lilith ransomware emerges with extortion site, lists first victim (BleepingComputer)

New Ransomware Groups on the Rise (Cyble)

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware (The Hacker News)

ChromeLoader: New Stubborn Malware Campaign (Unit 42) 

Honda Admits Hackers Could Unlock Car Doors, Start Engines (SecurityWeek) Honda redesigning latest vehicles to address key fob vulnerabilities (The Record by Recorded Future) 

Statement Of U.S. Attorney Damian Williams On The Espionage Conviction Of Ex-CIA Programmer Joshua Adam Schulte (US Department of Justice) 

Ex-C.I.A. Engineer Convicted in Biggest Theft Ever of Agency Secrets (New York Times)

Former CIA Staffer Convicted For Massive Data Breach To WikiLeaks (Forbes)