ROM-COM Remote Access Trojan - The Cuba Ransomware Group

US Department of Justice unseals three indictments in PRC spying cases. CERT-UA warns of Cuba ransomware group phishing campaign. Varonis discovers two Windows vulnerabilities. Mr Security Answer Person John Pescatore on security through obscurity. Ben Yelin on the DOJ’s spying cases against China. CISA expands its Known Exploited Vulnerabilities Catalog with six new entries.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/11/205

Selected reading.

Two Arrested and 13 Charged in Three Separate Cases for Alleged Participation in Malign Schemes in the United States on Behalf of the Government of the People’s Republic of China (US Department of Justice)

U.S. Justice Department Fires Warning Shot at Chinese Spies (Foreign Policy)

Chinese spies charged with trying to thwart Huawei investigation (Quartz)

DOJ Charges 13 Over Chinese Interference In US Affairs (Law360) 

U.S. Says Chinese Tried to Obstruct Huawei Prosecution (Wall Street Journal)

U.S. charges Chinese nationals with schemes to steal info, punish critics and recruit spies (CBS News)

Cuba ransomware affiliate targets Ukrainian govt agencies (BleepingComputer)

Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries (BlackBerry)

The Logging Dead: Two Event Log Vulnerabilities Haunting Windows (Varonis) 

CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA)

Learn more about your ad choices. Visit megaphone.fm/adchoices