CyberWire Daily

The UK Government's denial of a cyber incident at Sellafield. There’s been a surge in Iranian cyberattacks on US infrastructure. Misuse of Apple's lockdown mode, the mysterious AeroBlade's activities in aerospace, and a clever "Disney+" scam. Plus The latest application security trends, and a new cybersecurity futures study. In our Industry Voices segment, On today’s Industry Voices segment, we welcome Matt Radolec, Vice President of Incident Response and Cloud Operations at Varonis explaining the intersection of AI, cloud and insider threats. And insights on resilience from the UK's Deputy PM.

Sellafield nuclear site hacked by groups linked to Russia and China (The Guardian)

Response to a news report on cyber security at Sellafield (GOV.UK)

Guardian news article (Office of Nuclear Regulation)

Ministers pressed by Labour over cyber-attack at Sellafield by foreign groups (The Guardian)

US warns Iranian terrorist crew broke into 'multiple' US water facilities (The Register)

Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks (The Record)

AeroBlade on the Hunt Targeting the U.S. Aerospace Industry (Blackberry)

Fake Lockdown Mode: A post-exploitation tampering technique (Jamf)

Disney+ Impersonated in Elaborate Multi-Stage Email Attack with Personalized Attachments (Abnormal Security)

Building Security in Maturity Model (BSIMM) report (Synopsis)

Deputy Prime Minister annual Resilience Statement (GOV.UK)