A VMConnect supply chain attack is connected to the DPRK. Reports of an aledgedly "fully undetectable information stealer." DB#JAMMER brute forces exposed MSSQL databases. A Cyberattack on a Canadian utility. The state of DevSecOps. A look at hacktivism, today and beyond. Betsy Carmelite from Booz Allen on threat intelligence as part of a third-party risk management program. Our guest is Adam Marré from Arctic Wolf Networks, with an analysis of Chinese cyber tactics. And a free decryptor is released for Key Group ransomware.

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/168

Selected reading.
VMConnect supply chain attack continues, evidence points to North Korea (ReversingLabs) 
Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware (Securonix)
Montreal electricity organization latest victim in LockBit ransomware spree (Record)
LockBit ransomware gang targets electrical infrastructure organization in Montreal (teiss)
[Analyst Report] SANS 2023 DevSecOps Survey (Synopsys)
SANS 2023 DevSecOps Survey (Application Security Blog)
Government Agencies Report New Russian Malware Targets Ukrainian Military (National Security Agency/Central Security Service)
Russian military hackers take aim at Ukrainian soldiers' battle plans, US and allies say (CNN)
Ukraine: The First Cyber Lessons (AFCEA International)
The Return of Hacktivism: A Temporary Reprise or Here for Good? (ReliaQuest)
Decrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang (EclecticIQ)
Learn more about your ad choices. Visit megaphone.fm/adchoices