The Impact of Slow Patching on Cybersecurity

The Five Eyes warn against top exploited vulnerabilities. The Rilide info stealer in the wild. Malicious PyPI packages. Valerie Abend, Global Cyber Strategy Lead from Accenture, unpacks the Securities and Exchange Commission’s recently announced cyber regulations. In our Solution spotlight: Our own Simone Patrella speaks with Microsoft’s Ann Johnson on how Microsoft is attracting and retaining top cyber talent. And cyber attacks continue to gutter on both sides of Russia's war against Ukraine.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/148

Selected reading.

CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 | CISA (Cybersecurity and Infrastructure Security Agency CISA)

CISA, NSA, FBI and International Partners Issue Advisory on the Top Routinely Exploited Vu (National Security Agency/Central Security Service)

New Rilide Stealer Version Targets Banking Data and Works Around Google Chrome Manifest V3 (Trustwave)

Tunnel Vision: CloudflareD AbuseD in the WilD (GuidePoint Security) 

VMConnect: Malicious PyPI packages imitate popular open source modules (ReversingLabs) 

Bilyana Lilly on how cybersecurity assistance to Ukraine has helped thwart Russian cyberattacks (CyberScoop)

Microsoft says Russia-linked hackers behind dozens of Teams phishing attacks (Reuters)

Ukraine's invisible battle to jam Russian weapons (BBC News)

How Ukraine’s cyberwarriors are upending everyday life in Russia (Times)

Learn more about your ad choices. Visit megaphone.fm/adchoices