A Ransomware report highlights targeting and classification. Phishing remains a major threat. Cisco addresses an expired certificate issue. LockBit and Medusa hit school districts with ransomware. US and Canadian cyber units wrap up a hunt-forward mission in Latvia. Ben Yelin on NYPD surveillance. Our CyberWire producer Liz Irvin interviews Damien Lewke, a graduate student at MIT. And an unknown threat actor is collecting against both Russia and Ukraine.

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/91

Selected reading.
GRIT Ransomware Report: April 2023 (GuidePoint Security)
DNSFilter State of Internet Security - Q1 2023 (DNSFilter)
Identify vEdge Certificate Expired on May 9th 2023 (Cisco)
The State of Ransomware Attacks in Education 2023: Trends and Solutions (Veriti)
US Cyber Command 'Hunts Forward' in Latvia (Voice of America)
US cyber team unearths malware during ‘hunt-forward’ mission in Latvia (C4ISRNET)
Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020 (Malwarebytes)
Bad magic: new APT found in the area of Russo-Ukrainian conflict (Kaspersky)