China's Volt Typhoon snoops into US infrastructure, with special attention to Guam. Is CosmicEnergy just red-teaming, or is it a threat straight out of Red Square? Siemens patches a vulnerability endemic to the energy sector. An update on the Vulkan Papers. A cyberattack leads Suzuki to shut down its Indian production line. BlackBasta conducts ransomware attack against Swiss technology company ABB, and claims responsibility for Rheinmetall attack. Food and Agriculture Information Sharing and Analysis Center stands up.

Control Loop News Brief.China's Volt Typhoon snoops into US infrastructure, with special attention to Guam.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection (Joint Cybersecurity Advisory)

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft)

Chinese hackers spying on US critical infrastructure, Western intelligence says (Reuters)

CosmicEnergy, from Russia.

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises (Mandiant)

This newly-discovered malware could disrupt power generation — and do physical damage (Washington Post)

Siemens patches a vulnerability endemic to the energy sector.

Command Injection Vulnerability in CPCI85 Firmware of SICAM A8000 Devices (Siemens)

An update on Russia’s NTC Vulkan: SIGINT, EW, and cyber ops.

7 takeaways from the Vulkan Files investigation (Washington Post)

Russian Software Programs Threatening Critical Civilian Infrastructure (Dragos)

A cyberattack leads Suzuki to shut down its Indian production line.

Suzuki Motorcycle India plant shut down after cyber attack, production affected (Hindustan Times)

Suzuki motorcycle plant shut down by cyber attack (Bitdefender)

BlackBasta conducts ransomware attack against Swiss technology company ABB.

Multinational tech firm ABB hit by Black Basta ransomware attack (BleepingComputer)

BlackBasta claims responsibility for Rheinmetall attack.

Arms maker Rheinmetall confirms BlackBasta ransomware attack (BleepingComputer)

Food and Agriculture Information Sharing and Analysis Center stands up.

The food and agriculture industry gets a new center to share cybersecurity information (Washington Post)

Control Loop Interview.

The interview is with Gerry Glombicki of Fitch Ratings talking about cyber insurance and his opinions on industrial space.

Control Loop Learning Lab.

On the Learning Lab, Mark Urban is joined by Dragos Principal Adversary Hunter Kyle O’Meara and Dragos Principal Intelligence Technical Account Manager Michael Gardner to continue their discussion on threat hunting. 

Control Loop OT Cybersecurity Briefing.

A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Learn more about your ad choices. Visit megaphone.fm/adchoices