DPRK cyberespionage update. New cybercriminal TTPs. The state of DevSecOps. Hacktivism and the nation-state. Cyberwar lessons learned. A free decryptor for Key Group ransomware.

A VMConnect supply chain attack is connected to the DPRK. Reports of an aledgedly "fully undetectable information stealer." DB#JAMMER brute forces exposed MSSQL databases. A Cyberattack on a Canadian utility. The state of DevSecOps. A look at hacktivism, today and beyond. Betsy Carmelite from Booz Allen on threat intelligence as part of a third-party risk management program. Our guest is Adam Marré from Arctic Wolf Networks, with an analysis of Chinese cyber tactics. And a free decryptor is released for Key Group ransomware. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/168 Selected reading. VMConnect supply chain attack continues, evidence points to North Korea (ReversingLabs)  Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware (Securonix) Montreal electricity organization latest victim in LockBit ransomware spree (Record) LockBit ransomware gang targets electrical infrastructure organization in Montreal (teiss) [Analyst Report] SANS 2023 DevSecOps Survey (Synopsys) SANS 2023 DevSecOps Survey (Application Security Blog) Government Agencies Report New Russian Malware Targets Ukrainian Military (National Security Agency/Central Security Service) Russian military hackers take aim at Ukrainian soldiers' battle plans, US and allies say (CNN) Ukraine: The First Cyber Lessons (AFCEA International) The Return of Hacktivism: A Temporary Reprise or Here for Good? (ReliaQuest) Decrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang (EclecticIQ)