Dateline Moscow, Kyiv, and Fort Meade: Cyber phases of Russia's hybrid war.
Ukraine at D+102: Ukraine's SSSCIP on cyber war. (The CyberWire) Ukraine begins offensives to retake ground in the Donbas. We speak with the deputy head of Ukraine's SSSCIP for Kyiv's perspective on the cyber phases of this hybrid war.
Ukraine morning briefing: Russia loses ground in strategic city of Severodonetsk (The Telegraph) Plus: Russia strikes Kyiv for first time in weeks and Volodymyr Zelensky visits the front lines
Russia-Ukraine war: List of key events, day 103 (Al Jazeera) As the Russia-Ukraine war enters its 103rd day, we take a look at the main developments.
Russia-Ukraine war: what we know on day 102 of the invasion (the Guardian) Ukrainian forces push back in Sievierodonetsk and Kyiv rebukes Emmanuel Macron for saying Russia must not be humiliated
Ukraine morning briefing: Russia's invasion plan has failed, says UK on 100th day of war (The Telegraph) Plus: Britain to send rocket systems, Putin 'controls one-fifth of Ukraine' and US wants Russia held accountable for war crimes
Imperial myths and genocidal realities: 100 days of Putin’s Ukraine War (Atlantic Council) Putin’s Ukraine war relies on a series of propaganda myths that reflect modern Russia’s failure to break with its imperialistic past. If Europe wants to achieve a lasting peace, it must work toward a post-imperial Russia.
Russia may be in Ukraine to stay after 100 days of war (AP NEWS) When Vladimir Putin sent troops into Ukraine in late February, the Russian president vowed his forces would not occupy the country. But as the invasion reached its 100th day Friday, Moscow seemed increasingly unwilling to relinquish the territory it has taken in the war.
Ukraine morning briefing: Russian attacks leave entire cities without power (The Telegraph) Plus: Ukraine claws back industrial centre of Severodonetsk and Russia warns of 'stringent measures' against US news outlets
Ukraine fighting back in Sievierodonetsk, according to Luhansk governor (the Guardian) Serhiy Haidai says counterattack has recaptured a fifth of frontline city from Russian invaders
Russia-Ukraine latest news: Civilians evacuate as 'fiercest' fighting intensifies in Severodonetsk (The Telegraph) Ukrainian civilians are evacuating from the Ukrainian-controlled Donetsk region at an increasing rate as casualties are occurring "almost every day", the top regional official said on Monday.
‘I believe in our army’: life in Donbas as the frontline creeps closer (the Guardian) Living conditions getting steadily worse as Moscow continues to concentrate its firepower on Ukraine’s east
Britain pledges to send first long-range missiles to Ukraine (The Telegraph) Similar US promise on Sunday led Vladimir Putin to threaten to strike new targets
Russia hits Kyiv with missiles; Putin warns West on arms (AP NEWS) Russia took aim Sunday at Western military supplies for Ukraine, launching airstrikes on Kyiv that it claimed destroyed tanks donated from abroad, as Vladimir Putin warned that any Western deliveries of longer-range rocket systems would prompt Moscow to hit “objects that we haven't yet struck.”
Putin warns that Moscow will hit new targets if the west supplies Ukraine with long-range missiles – as it happened (the Guardian) This live blog is now closed, you can find our latest coverage of the Russia-Ukraine war here
Putin threatens 'new targets' if West supplies long-range weapons
(The Telegraph) President Vladimir Putin has warned the West that Russia would strike new targets if the United States started supplying Ukraine with longer-range missiles.
Russia claims to have targeted western-supplied tanks in Kyiv airstrikes (the Guardian) Putin warns of more strikes if deliveries continue, as Ukrainian railways chief says ‘no such tanks’ were at targeted plant
Russia bets on "medieval attrition approach" as Ukraine losses mount (Newsweek) Ukrainian President Volodymyr Zelensky said his military is losing 60-100 soldiers per day as Russia focuses its offensive in the eastern part of the country.
‘They’re in hell’: Hail of Russian artillery tests Ukrainian morale (Washington Post) First came the distant bang of Russian artillery firing.
Deadly secret: Electronic warfare shapes Russia-Ukraine war (AP NEWS) On Ukraine’s battlefields , the simple act of powering up a cellphone can beckon a rain of deathly skyfall. Artillery radar and remote controls for unmanned aerial vehicles may also invite fiery shrapnel showers.
Russian brigades almost wiped out after being sent to battle with wet toilet paper, shoe polish and Soviet-era field telephones (The Telegraph) Transcript of soldier’s comments reveals Russian formations were not given spades to dig trenches or modern electronic radio systems
Russians turn to crowdfunding for ill-equipped soldiers in Ukraine (The Telegraph) Everything from rifle scopes to boots have been sent to troops, paid for by ‘patriots’ through fundraising initiatives
Russian War Report: Signs of renewed Belarusian troop movements towards Ukrainian border (Atlantic Council) Belarusian troops seem to be on the move again toward their border with Ukraine while the Kremlin spreads claims of killed NATO officers and blames the West for global food shortages.
Putin's state-run media admits Russian-speaking Ukrainians fighting back (Newsweek) A Russian journalist on state-run television said that the development was "a very interesting paradox."
‘A difficult and painful question’: Ukraine ponders how to punish collaborators (the Guardian) More than 1,400 cases of treason and collaboration with the Russian army have been brought against citizens
Enemy tongue: eastern Ukrainians reject their Russian birth language (the Guardian) In towns near Russia’s border, Moscow’s influence was strong and Ukrainian was rarely spoken. The war has changed that
‘We need the truth’: the campaign to ‘de-Russify’ Odesa (the Guardian) Peter Obukhov has drawn up a list of historical figures who have given their names to streets in the Ukrainian city, a Russian-speaking port
Putin skirts talk of "special operation" as Ukraine war takes toll—report (Newsweek) News outlet Agentstvo reported the Russian president has not made any unprompted reference to the war.
Why Vladimir Putin’s future looks increasingly uncertain (The Telegraph) Military reversals in Ukraine, political uncertainties at home and questions about his health have weakened the Russian strongman
As war drags on, weary Russians yearn for a return to normal life (Washington Post) They feel frustrated, depressed and no more able to change their bleak situation than change the weather.
Putin Thinks His Biggest Ally in Ukraine Is Time (Bloomberg) Risks rise for both Ukraine and Russia, from arms to economics. Military balance may shift again for Kyiv in months ahead.
After 100 days, is the war in Ukraine finally turning in Putin's favor? (Newsweek) "After securing the Donbas, phase three of the war will focus on the liberation of Mykolaiv and Odesa," Russian military analyst says.
Ukraine’s volunteer ‘Kraken’ unit takes the fight to the Russians (Washington Post) The closest Andrii “Belyi” Maleev ever came to having a weapon in his hands was the hammer he used as a construction worker.
‘The occupier should never feel safe’: rise in partisan attacks in Ukraine (the Guardian) Underground efforts appearing to spread, say analysts, after reports of explosions and attacks on Russian border guards
As Ukraine loses troops, how long can it keep up the fight? (AP NEWS) As soon as they had finished burying a veteran colonel killed by Russian shelling, the cemetery workers readied the next hole. Inevitably, given how quickly death is felling Ukrainian troops on the front lines, the empty grave won't stay that way for long.
As war drags on, Ukrainians start to ask: could we have prepared better? (the Guardian) Some are looking back at weeks before invasion and asking if more could have been done
As Battles Rage, Ukraine Rejects Macron Plea Not to ‘Humiliate’ Russia (New York Times) Amid reports of battlefield gains by Ukraine, an official angrily rejected Mr. Macron’s advice, saying it “can only humiliate France.”
Ukraine's children endure levels of suffering "not seen since" WWII: UNICEF (Newsweek) An average of more than two children are killed and four injured each day in the war with Russia, according to the U.N.
Five ways the war in Ukraine has reshaped the world (The Telegraph) Europe has been reconfigured, Nato has been given a new lease of life and China has been left looking weaker
Putin thinks West will blink first in war of attrition, Russian elites say (Washington Post) The Kremlin is seeking to ramp up economic pressure to erode foreign support for Ukraine
Volodymyr Zelensky on War, Technology, and the Future of Ukraine (Wired) In a one-on-one interview with WIRED, the embattled president expresses clarity amidst the chaos.
Britain to send M270 rocket launchers to Ukraine (Reuters) Britain will supply Ukraine with multiple-launch rocket systems that can strike targets up to 80 km (50 miles) away, it said on Monday, in a move that was coordinated with the United States in response to Russia's invasion.
U.S. general calls on West to send fighter jets to Ukraine ‘as soon as possible' (POLITICO) He added that sending Soviet-era MiG fighters to Ukraine in the near term is the best “immediate solution.”
Ukrainian fighter calls US soldier for help fixing Javelin missile launcher (Task & Purpose) The Ukrainian soldier reportedly called back 30 minutes later to say he'd taken out a Russian military vehicle.
Milley visits Sweden in show of support for NATO bid (Washington Post) The United States prepared Saturday to launch a sprawling naval exercise in the Baltic Sea with Sweden, Finland and 13 NATO allies, a visible sign of an expanding partnership as Stockholm and Helsinki apply to join the military alliance following Russia’s invasion of Ukraine.
Finnish President: Putin Took NATO Application News ‘Very, Very Calmly’ (Foreign Policy) Sauli Niinisto tells FP about his country’s decision to join the alliance—and the Russian president’s response.
Estonia’s Prime Minister: ‘We Need to Help Ukraine Win’ (Foreign Policy) Kaja Kallas talks about the threat from Russia, the future of the war, and what should come next for NATO in the Baltics.
Estonian government collapses amid fears of Russian security threat (The Telegraph) The country hosts a key Nato deployment of British troops
American spy agencies review their misses on Ukraine, Russia (AP NEWS) The question was posed in a private briefing to U.S. intelligence officials weeks before Russia launched its invasion in late February: Was Ukraine’s leader, Volodymyr Zelenskyy , made in the mold of Britain’s Winston Churchill or Afghanistan’s Ashraf Ghani ?
US Military Hackers Conduct Offensive Cyber Operations for Ukraine (The Defense Post) The US Cyber Command has announced that it successfully conducted offensive cyber operations to support war-torn Ukraine.
Ukraine Benefitted From Offensive U.S. Cyber Operations Against Russia (19FortyFive) The head of the U.S. Cyber Command and the National Security Agency (NSA) said that the United States has conducted offensive cyber operations supporting Ukraine’s fight against Russia’s invasion.
A digital conflict between Russia and Ukraine rages on behind the scenes of war (NPR.org) In an interview, Tom Burt, Microsoft's head of customer security and trust, discusses the company's insights about the cyberwar between Russia and Ukraine.
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies (Security Affairs) Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”. Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups, they’re leveraging current geopolitical tensions between the Ukraine and Russia to perform cyber-attacks. Following the attacks of the Killnet Collective, the group responsible […]
Russian ministry website appears hacked; RIA reports users data protected (Reuters) The website of Russia's Ministry of Construction, Housing and Utilities appeared to have been hacked, with an internet search for the site leading to a "Glory to Ukraine" sign in Ukrainian.
How Russian-Ukraine war changed the cyber threat landscape: ESET Threat Report (CRN - India) ESET released its T1 2022 Threat Report, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research. The latest issue of the ESET Threat Report recounts the various cyberattacks connected to the ongoing war in Ukraine that ESET researchers analyzed or helped to mitigate. This includes the resurrection of the […]
Sandvine Pulls Back From Russia as US, EU Tighten Control on Technology It Sells (Bloomberg) Deep packet inspection equipment can be used to monitor internet traffic — and censor specific websites
Online censorship: US company Sandvine equips Russia with deep packet inspection (Positively Scottish) Sandvine, a Canadian-American company owned by Silicon Valley investment firm Francisco Partners, has been providing deep packet inspection (DPI) systems to Russian telecommunications operators for years. According to critics, the network technology, also known as “Internet naked scanners”, deeply infringes on users’ basic rights and can be used for censorship. Sandvine investor also joins Israeli […]
EU sanctions Yandex CEO Arkady Volozh, prompting resignation (Register) Russia's top tech CEO accused of material support to Moscow
Now is the right time to launch a Digital Marshall Plan for Ukraine (Atlantic Council) As the world explores the challenges of rebuilding Ukraine, one smart option may be to initiate a Digital Marshall Plan that will play to Ukraine's existing tech strengths while securing the country's modernization.
Putin’s Black Sea blackmail sets stage for Belarus “deal with the devil” (Atlantic Council) Western leaders are desperate to resolve a global food crisis sparked by Russia's Black Sea blockade of Ukrainian grain exports but sending shipments via Belarus would mean rewarding Putin's only ally Alyaksandr Lukashenka.
Russia Seeks Buyers for Plundered Ukraine Grain, U.S. Warns (New York Times) American diplomats have alerted 14 countries, most in Africa, that Russian ships filled with stolen Ukrainian grain could be headed their way, posing a dilemma to countries facing dire food shortages.
Buying cheap Russian oil, China and India help Putin blunt west's sanctions (Newsweek) China and India pursue "their own advantage," allowing "Russia to continue earning revenues from energy exports amid EU extending embargoes," expert says.
Putin’s Coffers Are Swelling Despite Sanctions (Bloomberg) As the war in Ukraine approaches its 100th day, sanctions are failing to stop Russia’s public finances from swelling.
Ukraine accuses NATO's Turkey over stolen grain before Lavrov visit (Newsweek) Kyiv has said that Russia has stolen large quantities of grain since its forces invaded Ukraine.
How Russia sanctions helped kill 15-minute delivery in New York (Washington Post) Days after the invasion of Ukraine, ultrafast delivery startup Buyk declared bankruptcy and laid off all of its 900 American employees
Attacks, Threats, and Vulnerabilities
Attackers are leveraging Follina. What can you do? (Help Net Security) As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka "Follina", attackers around the world are exploiting it.
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S (The Hacker News) Researchers discover a new state-sponsored attack that exploits the "Follina" vulnerability in Microsoft Office to target governments in Europe, U.S.
Click Studios revokes digital cert used by 'Follina' dropped malware (iTnews) Does not know how credential was obtained.
An Actively Exploited Microsoft Zero-Day Flaw Still Has No Patch (Wired) The company continues to downplay the severity of the Follina vulnerability, which remains present in all supported versions of Windows.
Yuga Labs Confirms Discord Server Hack; 200 ETH Worth of NFTs Stolen (CoinDesk) The company behind the Bored Apes NFTs made the disclosure 11 hours after word of the exploit surfaced on Twitter.
Reports show scammers cashing in on crypto craze (Federal Trade Commission) From Super Bowl ads to Bitcoin ATMs, cryptocurrency seems to be everywhere lately.
The Hacker Gold Rush That's Poised to Eclipse Ransomware (Wired) As governments crack down on ransomware, cybercriminals may soon shift to business email compromise—already the world's most profitable type of scam.
Critical U-Boot Vulnerability Allows Rooting of Embedded Systems (SecurityWeek) A critical vulnerability in the U-Boot boot loader could be exploited to write arbitrary data, which can allow an attacker to root Linux-based embedded systems
Truth in Malvertising? (Splunk-Blogs) The Splunk SURGe team tests the veracity of the findings from LockBit's February 2021 study on ransomware encryption speeds.
SMSFactory Android malware sneakily subscribes to premium services (BleepingComputer) Security researchers are warning of an Android malware named SMSFactory that adds unwanted costs to the phone bill by subscribing victims to premium services.
Novartis says no sensitive data was compromised in cyberattack (BleepingComputer) Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang.
Hackers offer Novartis stolen data on darknet market place (SWI swissinfo.ch) The company says no sensitive data was stolen.
Louisiana authorities investigating ransomware attack on city of Alexandria (The Record by Recorded Future) Louisiana state officials are investigating a ransomware attack affecting the city of Alexandria.
Cape Cod Regional Transit Authority hit by ransomware attack (Cape Cod Times) The Cape Cod Regional Transit Authority was hit by a Memorial Day weekend ransomware attack.
UnionBank warns against phishing scheme through text messages (Philstar.com) "UnionBank will not ask you to click on links nor ask you to provide these information via call, email or SMS," it also said.
Breach at Turkey's Pegasus Airlines Exposes 6.5TB of Data (Bank Info Security) A data breach at Turkish firm Pegasus Airlines has put more than 6.5TB of sensitive electronic flight bag data at risk, including sensitive flight details, source
CISA Releases Security Advisory on Dominion Voting Systems Democracy Suite ImageCast X (CISA) CISA has released an Industrial Controls Systems Advisory (ICSA) detailing vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot.
Security Patches, Mitigations, and Software Updates
Confluence Security Advisory 2022-06-02 (Atlassian) Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability
Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134 (CISA) Atlassian has released new Confluence Server and Data Center versions to address remote code execution vulnerability CVE-2022-26134 affecting these products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known exploitation of tmhis vulnerability..
Patch released for exploited Atlassian zero-day vulnerability (The Record by Recorded Future) Atlassian has released a patch for a critical vulnerability - CVE-2022-26134 - affecting Confluence Data Center and Server products.
Atlassian: Unpatched critical Confluence flaw under attack (Register) One suggested option: Turn the thing off until it can be fixed
Vulnerabilities Affecting Dominion Voting Systems ImageCast X (CISA) 1. SUMMARY This advisory identifies vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. The ImageCast X can be configured to allow a voter to produce a paper record or to record votes electronically. While these vulnerabilities present risks that should be mitigated as soon as possible, CISA has no evidence that these vulnerabilities have been exploited in any elections.
Activists say cyber agency weakens voting tech advisory (Longview Daily News) The nation’s leading cybersecurity agency has released a final version of an advisory it previously sent state officials on voting machine vulnerabilities in Georgia and other states that voting integrity
GitLab Patches Critical Account Takeover Flaw (Decipher) The critical flaw (CVE-2022-1680) can allow for account takeover in impacted installations that have not been upgraded.
Trends
The Pivot to Web3 Is Going to Get People Hurt (Vice) It can feel as if the entire world is bolting on crypto tokens and NFTs. Many in the industry worry the gold rush is akin to a “collective Theranos” that is warping the economy to the benefit of professional investors.
Feeling highly stressed about your job? You must be a CISO (Register) 'The attack surface has expanded exponentially' during the work-from-home pandemic, says one
Marketplace
AppOmni Raises $70 Million in a Series C Funding Round Led by Thoma Bravo to Scale Market-Leading SaaS Security Solution (Business Wire) AppOmni, the leading provider of SaaS security, has raised $70 million in a Series C funding round to advance product development, fuel international
Perimeter 81 Secures $100 Million Series C Funding Led By B Capital, Leading to $1 Billion Valuation (Business Wire) Perimeter 81 secures $100 million Series C funding led by B Capital, leading to a $1 billion valuation.
Out with the unicorns, in with the centaurs? A new tech milestone takes shape (Times of Israel) Leading investment firm BVP says global tech and VC community should look to a horse of a different color to measure promising ventures
Cybersecurity spending isn't recession-proof. But it's pretty close. (Protocol) Due to regulatory forces and intensifying cyberthreats, experts say that security budgets are more likely than other tech segments to be preserved during a slowdown.
XDR Alliance Welcomes New Member VMware (Business Wire) The XDR Alliance™ today welcomed VMware as a new member.
VPN service providers Surfshark, Windscribe, and NordVPN may follow ExpressVPN in moving servers out of India (Moneycontrol) Last week ExpressVPN removed its Indian servers citing that the CERT-In directions are 'incompatible with purpose of VPNs'
Octagon Networks is the first cybersecurity firm to convert its entire balance sheet to Bitcoin (Finbold) Octagon Networks is among the growing number of companies taking the leap and integrating cryptocurrencies into their business operations.
Fortinet expands presence in Malaysia, plans to hire in sales & marketing roles, compliance, and more (Human Resources Online) Fortinet will be building dedicated training spaces for upskilling and reskilling workers and potential cybersecurity professionals to address the "cyber talent shortage in the country".
Why Sheryl Sandberg Quit Facebook’s Meta (Wall Street Journal) One of the world’s most powerful executives became increasingly burned out and disconnected from the mega-business she was instrumental in building. That dovetailed with a company investigation into her activities.
Products, Services, and Solutions
Talon Cyber Security Announces Integration with CrowdStrike to Extend Endpoint Protection to Unmanaged Devices (Talon Cyber Security) Joint Customers Benefit from Enhanced Protection for Devices Used by Employees, Contractors and Other Third Parties
Forgepoint Capital Builds First-Ever CISO Security Priorities Model (Forgepoint Capital) To better understand CISOs’ top cybersecurity concerns and priorities, Forgepoint Capital surveyed more than 100 CISOs from large enterprises and SMBs across the financial services, software, healthcare, and professional services industries. The survey focused on answering three key questions: What are your organization’s top security-related priorities in 2022? Which controls along the National Institute of Standards and Technology (NIST) cybersecurity framework are you working on in 2022? Which areas of control are you focused on in 2022
Incident Response Service On-Demand (ConnectWise) The Incident Response Service provides 24/7 access to a team of cybersecurity experts that assess, contain and resolve threats. Now available on-demand.
Kasada Fortifies Anti-Bot Platform to Disrupt “Solver Service” Supply Chain, Defending Organizations Against the Latest and Stealthiest Automated Threats (Business Wire) Kasada’s new enhanced product disrupts the growing supply chain of these Solver Services.
Apiiro Launches Partner Program to Help Customers Fix Cloud-Native Application Risks Faster (Apiiro | Cloud-Native Application Security) Apiiro will equip its partners with technical, sales, and marketing support to help security teams and developers fix AppSec risks faster.
Google Cloud Security Launches OEM Partner Program; Cybereason and Tanium Plug In (MSSP Alert) Google Cloud & Chronicle teams build multiple security partner programs to engage software companies, MSSPs, MSPs & other security ecosystems.
SnapAttack partners with Mandiant to protect organizations against cyber threats (Help Net Security) SnapAttack and Mandiant announced a strategic partnership to protect global organizations against cyber threats.
Legit Security Brings a Needed Layer of Protection to the SDLC Pipeline (Digital Journal) Austin, Texas, 5th June 2022, ZEXPRWIRE, Cybercrime has appeared more frequently in the news cycle over the past five years. Malicious software and
Mandiant and Interos join forces to advance supply chain cyber risk management (Express Computer) Mandiant, Inc. and Interos, an operational resilience company, has announced a strategic partnership to provide advanced insights and analysis to help enterprises defend against cyber attacks and other threats to their operational resilience. The collaborative partnership is designed to bring to market new intelligence based on insights gleaned from the Interos Resilience Lab, as well as […]
HackerOne OpenASM enables customers to leverage scan data from multiple vendors (Help Net Security) HackerOne announced OpenASM, an initiative that combines scan data from customers’ ASM tools with security testing efforts.
OpenText expands its suite of security solutions to strengthen cyber resilience posture for enterprises (Help Net Security) OpenText announced an expanded suite of security solutions to address the heightened state of cyber security in today's vulnerable world.
The Cyber Resilience Centre for Wales brings Thales on board (Business News Wales) The Cyber Resilience Centre for Wales (WCRC) has announced that global technology leader Thales is the ninth organisation to join its management board.
Eset launches Eset NetProtect (iTWire) Cybersecurity company Eset launches Eset NetProtect, an internet security antivirus suite that provides protection for Windows, macOS, and Android devices. The Eset NetProtect can be offered via mobile networks or fixed network connections to protect customer devices connected to telco and ISP netwo...
Glasswall Launches Plug-in for Palo Alto Networks Firewalls to Close G (PRWeb) Glasswall, a global leader in Content Disarm and Reconstruction (CDR) technology, today announced the availability of a powerful new plug-in that enables its CDR plat
Netskope and Deloitte Announce Strategic Alliance to Help Clients Accelerate SASE Adoption with Leading SSE Technology (PR Newswire) Deloitte has formed a strategic alliance with global Security Service Edge (SSE) and zero trust leader Netskope to help their mutual clients...
Cynet Unveils First XDR Platform to Fully Automate Alert Investigation and Response at No Additional Cost (AP NEWS (press release content)) Cynet Automated Response Playbooks provide 90% reduction in alert investigations and response time for overwhelmed security teams
SaaS Alerts Evolves MSP Cybersecurity Platform to Manage, Report and Respond with Comprehensive Remediation Capabilities (EIN News) Company’s New Respond Module Creates Complete Cybersecurity Defense Against Attacks on Sensitive Software as a Service (SaaS) Data
Noname Security Launches Most Advanced Global API Security Solution on the Market Delivering Greater Scalability and Performance (Noname Security) Noname Security, the most complete, proactive approach to API security, today announced version 3.0 of its API Security Platform.
Virtru Announces New Open Source Project To Enable Universal Standard for Data Control (GlobeNewswire News Room) The OpenTDF project will enable developers to incorporate Zero Trust Data Control into their applications...
Bugcrowd Continues to Redefine Penetration Testing with New Platform-Powered Offerings (PR Newswire) Bugcrowd, the leader in crowdsourced security, today announced a significant expansion of its Penetration Testing as a Service (PTaaS) product...
Technologies, Techniques, and Standards
Initial Summary Analysis of Responses to the Request for Information (RFI) Evaluating and Improving Cybersecurity Resources (National Institute of Standards and Technology (NIST)) The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management
Multi-Factor Authentication (CISA) Multi-factor authentication (MFA) is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like email), you must provide a combination of two or more authenticators to verify your identity before the service grants you access.
CybeReady Research Shows Organizations Can Double Security Training Engagement with Machine Learning (EIN News) Analysis that Takes into Consideration Employee Locale and Tenure Shows These and Other Factors can Directly Impact Behavior Toward Phishing Attacks
Combatting the malicious and unwitting insider threat (TechRadar) The human element of cybersecurity is significant
Private Sector Can Take a Nod from Government in Implementing Employee Monitoring (ClearanceJobs) Employee monitoring is a growing trend as workers go remote and companies look to stay connected with any changes in employee activity that could trigger an insider threat.
IACS adopts Unified Requirements on cyber safety (Hellenic Shipping News) The growing use and reliance on information technology, of data networks, transmissions and connectivity in the daily work within the marine and energy sectors increases exposure to cyber related risks. Ransomware attacks may result in economic loss or costs of rebuilding lost data. The consequential damages to hull, cargo and third-party liabilities from a cyber-attack ...
Defense Department actively working to meet CUI cybersecurity requirements (Government Matters) Defense Department (DoD) computer systems contain vast amounts of sensitive data, and the unclassified information can still be vulnerable to cyber attacks. The Government Accountability Office (GAO) studied how well-protected those Controlled Unclassified Information (CUI) systems are. Jennifer Franks, director of information technology and cybersecurity at GAO, said the DoD has not reached 100% compliance […]
FBI San Francisco Announces Cyber Security Awareness Campaign for Bay Area Companies (Federal Bureau of Investigation) The FBI San Francisco Field Office announced an awareness campaign to warn the private industry of increased malicious cyber intrusions into organizations of all sizes.
What is masked email? This new spin on an old practice supercharges your security (PCWorld) This additional privacy measure keeps your email address from leaking into public view—which can help better protect your online accounts.
Academia
VCs, Tech Firms Want to Raise $1 Million for Bay Area Cyber Education (Wall Street Journal) Facing a shortage of digital defense personnel, a consortium is offering to pay one year of studies for would-be cyber pros in the San Francisco area.
Legislation, Policy, and Regulation
Tech firms say India cyber rules risk creating 'environment of fear' (Reuters) Indian cybersecurity rules due to come into force later this month will create an "environment of fear rather than trust", a body representing top tech companies has warned the government, calling for a one-year delay before the rules take effect.
Patel calls on MPs to back ‘vitally important’ changes to espionage laws (Alloa and Hillfoots Advertiser) The plans will be debated in the House of Commons on Monday.
What a ‘domestic operation’ on Facebook reveals about Australia’s misinformation debate (The Sydney Morning Herald) The “operation” was not as serious as it appeared, raising questions about tech giants’ transparency as a new government weighs whether to legislate against misinformation online.
'Shields Up': the new normal in cyberspace (CyberScoop) The director of CISA and the national cyber director co-wrote this op-ed on what comes next for "Shields Up."
The U.S. isn’t getting ahead of the cyber threat, experts say (Washington Post) Our network experts say the U.S. is just as vulnerable – or even more vulnerable – to cyber attacks
Online Privacy Protection Bill Gets Bipartisan Push (Wall Street Journal) A group of House and Senate leaders announced broad agreement on establishing online privacy rights for Americans, in a big step forward for the long-delayed legislation.
House and Senate members unveil stalled data privacy bill (Washington Post) The proposal, considered a step forward, still lacks the support of some key members
Lawmakers are racing to pass tech antitrust reforms before midterms (CNBC) Many advocates believe the bill must pass ahead of the midterms, or at least before House control potentially changes, in order to achieve the tech reforms.
Amazon urges consultant to ‘push’ message from minority groups (POLITICO) It's the latest instance of a tech company arguing that regulation would harm communities of color.
Solarium Commission follow-on report calls for revamp of federal cyber hiring authorities (FedScoop) A follow-on report to the Cyberspace Solarium Commission has called on federal cyber hiring authorities to be revamped and for pay flexibility to be increased in a bid to tackle a widespread shortage of public sector cyber talent. According to the report, which was published Thursday, the Office of the National Cyber Director (NCD) should […]
Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce (CSO Online) The June 2022 report offers recommendations to the private sector, U.S. Congress, and the federal government to build up the nation's cybersecurity talent pool.
One potential job for the national cyber director? Fix the cyber workforce problem (Federal News Network) An influential commission says one of Chris Inglis’s first big jobs could be taking on the shortage of cyber talent.
New York state passes first-ever "right to repair" law for electronics (The Verge) A win for tinkerers everywhere.
FTC Publishes Guidance on New Safeguards Rules (JD Supra) On May 24, 2022, the Federal Trade Commission (FTC) released a new publication aimed at offering financial institutions and their service providers...
OC experts prepare for possibility of massive cyber attack (Orange County, CA Patch) One of your neighbors posted in Crime & Safety. Click through to read what they have to say. (The views expressed in this post are the author’s own.)
Litigation, Investigation, and Law Enforcement
401(k) Providers on Edge as Warning on Crypto Faces Litigation (Bloomberg Law) A lawsuit challenging the US Labor Department’s guidance on including cryptocurrency in 401(k) plans highlights the department’s warning that it will investigate retirement plan sponsors who offer such investments.
Magellan to Face Claims Over Data Breach of Health Information (Bloomberg Law) An Arizona health-care company must face a lawsuit over a data breach that compromised the personal health information of its employees, contractors, and health-care benefit plan participants, after a federal judge allowed some of the plaintiffs’ claims to proceed.