Dateline: Moscow and Kyiv. Botnet takedown.
Ukraine at D+161: Botnet taken down. (CyberWire) Ukraine continues to use Western-supplied systems to effect as its counteroffensive continues. In the information wars, a large Russian botnet is taken down.
Russia-Ukraine war: explosions reported across Mykolaiv and occupied Donetsk – live (the Guardian) Two districts of Mykolaiv, which has been targeted frequently in recent weeks, are reported to have been shelled
Situation at huge Ukraine nuclear plant ‘out of control’, warns UN amid disaster fears (The Telegraph) Russian ammunition stored close to highly combustible materials at Zaporizhzhia and could trigger catastrophe on scale of Chernobyl
Russia 'deliberately covering up' high casualty rate of Himars (The Telegraph) Ukraine accuse Russia of transporting wounded troops in civilian cars and misreporting victim counts to press
Russia-Ukraine war: Commander who 'boasted' of killing civilians becomes Kremlin's first female officer to die (The Telegraph) A female Russian commander who “boasted of how she enjoyed killing Ukrainians” has become the country’s first senior woman officer to die.
Did Russia mess up its cyberwar with Ukraine before it even invaded? (Washington Post) Ukrainian officials say Russia jumped the gun in cyberspace
Ukraine takes down 1,000,000 bots used for disinformation (BleepingComputer) The Ukrainian cyber police (SSU) has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks.
Nozomi cyber-attacker 'traps' show impact of Russia/Ukraine war (Voxy) The latest Operational Technology (OT)/IoT security report from Nozomi Networks Labs finds wiper malware, IoT botnet activity, and the Russia/Ukraine war impacted the threat landscape in the first half of 2022.
Kremlin lists Anonymous collective on the top 4 active hacking groups defending Ukraine including Squad303, American Ghostclan (USA), the IT Army of Ukraine, and Georgian GNG (The Tech Outlook) On Wednesday, The Anonymous Collective claims that Kremlin has listed Squad303 along with other three hacking groups on the top 4 most active hacking groups defending Ukraine.
Ukrainian activists use torrents to spread news censored in Russia (My Broadband) Torrents of Truth is a simple but potentially effective means of informing the Russian public of the atrocities happening in Ukraine.
UN to investigate prison attack that killed dozens of Ukrainian prisoners of war (Guardian) Next challenge is to get Russia and Ukraine to agree on terms of reference to investigate atrocity, says UN secretary general
US says Russia aims to fabricate evidence in prison deaths (AP NEWS) U.S. officials believe Russia is working to fabricate evidence concerning last week's deadly strike on prison housing prisoners of war in a separatist region of eastern Ukraine. U.S.
Casualties of war: the impact on speciality (re)insurance lines (The Actuary) As well as its appalling human cost, the conflict in Ukraine has had a massive impact on speciality (re)insurance lines. Rajeshwarie VS takes stock
Foreign minister: Estonia, US firm in face of Russian aggression in Ukraine (ERR) The United States remains a firm ally of Estonia, and the two countries are committed in their support for Ukraine and the defense of all of Europe in the wake of the ongoing war, prosecuted by the Russian Federation, foreign minister Urmas Reinsalu (Isamaa) says.
US Senate ratifies Sweden, Finland NATO membership (Breaking Defense) "Enlarging NATO is exactly the opposite of what Putin envisioned when he ordered his tanks to invade Ukraine," Sen. Bob Menendez, D-N.J., chairman of the Senate Foreign Relations Committee, said ahead of the vote.
Serbia Is Playing With Matches Again (Foreign Policy) Brinkmanship over Kosovo, footsie with Moscow, and friction with Brussels are par for the course for Belgrade.
Europe: Russian authorities extend flight restrictions at airports close to Ukraine, including in Russian-annexed Crimea, until at least Aug. 11 /update 74 (Crisis24) Russia extends flight restrictions at 10 southwestern airports and one airport in Russian-annexed Crimea until at least Aug. 11.
Russian pilots told to 'brake less' as spare parts run out (The Telegraph) Western sanctions are forcing airlines to minimise wear and tear to planes
Attacks, Threats, and Vulnerabilities
FEMA warns emergency alert systems could be hacked to transmit fake messages unless software is updated (CNN) Vulnerabilities in software that TV and radio networks around the country use to transmit emergency alerts could allow a hacker to broadcast fake messages over the alert system, a Federal Emergency Management Agency official tells CNN.
New Entries in the CFR Cyber Operations Tracker: Q2 2022 (Council on Foreign Relations) An update of the Council on Foreign Relations' Cyber Operations Tracker for the period between March and June 2022.
Russian hackers get headlines, but China might be the bigger threat (Protocol) The Chinese government’s efforts to steal intellectual property requires more attention from targeted businesses.
China's unseen arsenal (Protocol) In recent years, threats from Russia have driven much of the cybersecurity attention among Western businesses, especially after Russia’s invasion of Ukraine in February.But for a number of reasons — not least of which is the current state of U.S.-China tensions — the massive cyber threat posed by th...
Hacktivists Deface Chinese Government Website to Welcome Nancy Pelosi to Taiwan (Vice) Hackers claiming to be affiliated with Anonymous defaced a Chinese government website in support of Taiwan and Speaker of the House Nancy Pelosi’s visit to the country.
Lord Cruddas calls for Tory leadership election to be suspended (The Telegraph) Conservative Party donor wants Boris Johnson to stay as PM as he warns result of contest could be invalidated by a cyber hack
So RapperBot, What Ya Bruting For? (Fortinet Blog) FortiGuard Labs is tracking a rapidly evolving IoT malware family known as RapperBot. Read to learn how this threat infects and persists on a victim’s device.…
Manjusaka, a new attack tool similar to Sliver and Cobalt Strike (Security Affairs) Researchers spotted a Chinese threat actors using a new offensive framework called Manjusaka which is similar to Cobalt Strike. Talos researchers observed a Chinese threat actor using a new offensive framework called Manjusaka (which can be translated to “cow flower” from the Simplified Chinese writing) that is similar to Sliver and Cobalt Strike tools. The […]
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks (Dark Reading) SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
Power Electronics Manufacturer Semikron Targeted in Ransomware Attack (SecurityWeek) German power electronics manufacturer Semikron has been hit by ransomware, with the attackers claiming to have stolen information from the company’s systems.
Semiconductor giant Semikron says hackers encrypted network (TechCrunch) The German manufacturer produces semiconductors for electric vehicles and industrial automation systems.
Hackers Host Phishing Pages on Lucidchart (Avanan) Hackers are embedding phishing links on LucidChart.
Coinbase Attacks Bypass 2FA (Pixm Anti-Phishing) Cryptocurrency exchanges have been the target of sophisticated adversaries since their inception. At PIXM, we’ve been tracking these attacks since 2021, and initially came across them during the daily analysis of detections we perform for our clients. In late 2021, and continuing into 2022, the attacks we’ve detected at PIXM which are targeting the exchange user bases via phishing, have evolved and are using increasingly sophisticated techniques to compromise crypto exchange users’ accounts and drain their wallets.
Thousands of Solana wallets drained in multimillion-dollar exploit (TechCrunch) The Solana attack comes hours after malicious actors abused a security exploit to steal almost $200M in digital assets from cross-chain messaging protocol Nomad
Thousands of Solana Wallets Hacked in Crypto Cyberattack (Wall Street Journal) An attacker targeting the currency’s ecosystem exploited a flaw to drain cryptocurrencies from 8,000 wallets.
Solana, USDC Drained From Wallets in Attack (Decrypt) Twitter has erupted with reports of compromised wallets being drained of Solana and USDC, with no method or attacker yet identified.
Ongoing solana attack targets thousands of crypto wallets, costing users more than $5 million so far (CNBC) Nearly 8,000 digital wallets have been drained of just over $5.2 million in digital coins including solana's sol token and USD Coin, according to Elliptic.
Solana and Slope Confirm Wallet Security Breach (Crypto Briefing) Solana has confirmed a breach that occurred earlier today and provided additional information on the incident.
How Hackers Target Bridges Between Blockchains for Crypto Heists (Wall Street Journal) A $540 million cryptocurrency heist revealed last week marked the latest in a string of eye-popping hacks hitting a technology seen as a linchpin to building a more decentralized internet.
Environmental hacktivists publish 2 terabytes of mining company emails (CyberScoop) The group called Guacamaya posted files from public and private mining companies and public agencies responsible for environmental oversight.
GitHub blighted by “researcher” who created thousands of malicious projects (Naked Security) If you spew projects laced with hidden malware into an open source repository, don’t waste your time telling us “no harm done” afterwards.
Advice firms represent data ‘treasure chest’ for hackers (Money Management) Financial advice firms are 300x more likely to be victims of a cyber attack and should not be complacent, even if they are a small firm, as they are sitting on valuable data and could incur
4 things bankers need to know about phishing (American Banker) In the lead-up to a data breach, phishing is second only to use of stolen credentials in terms of how attackers infiltrate institutions. Here's what else you need to know.
Kaspersky discovers cybercriminals scam ‘Stranger Things’ fans (Back End News) Kaspersky experts have detected spam emails that also abuse the popularity of “Stranger Things,” a popular Netflix series with Season 4 streamed in early July. Taking advantage of the i…
Security Patches, Mitigations, and Software Updates
VMware Releases Security Updates (CISA) VMware has released security updates to address multiple vulnerabilities in VMware’s Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector, and vRealize Automation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
VMware: Patch this critical vulnerability immediately! (CVE-2022-31656) (Help Net Security) VMware has fixed CVE-2022-31656, an authentication bypassbug affecting VMware Workspace ONE Access, Identity Manager, vRealize Automation.
Trends
Salt Security State of API Security Report Reveals 94% of Companies Experienced Security Incidents in Production APIs in the Past Year (PR Newswire) Salt Security, the leading API security company, today released the Salt Labs State of API Security Report, Q3 2022. In its latest edition, the...
Report shows ransomware attacks taking toll (Menlo Security) Ransomware attacks show no sign of slowing. A recent survey found that a third of organizations experience a ransomware attack at least once a week.
Akamai Research Shows Attacks On Gaming Companies Have More Than Doubled Over Past Year (PR Newswire) Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released a new State of the Internet...
Gaming Respawned (Akamai) The latest State of the Internet (SOTI) report examines the rising number of cyberattacks on the gaming industry— even as the easing of social distancing guidelines is keeping fewer people isolated.
The 471 Cyber Threat Report: 2022-2023 Trends & Predictions (Intel471) Intel 471 has identified a number of cyber threat trends that will likely dominate the landscape in 2023 and beyond.
The Biggest Cryptocurrency Heists of All Time (Comparitech) A look at the biggest cryptocurrency heists, be they from an exchange, smart contract or a business - including amounts, methods, reparations & consequences
Over a third of Canadians want to 'delete themselves' from the internet, survey says (CTVNews) More than a third of Canadians say they would completely wipe out their presence on the internet if they could, according to a new survey.
Marketplace
Cybersecurity M&A Roundup: 39 Deals Announced in July 2022 (SecurityWeek) 39 cybersecurity-related mergers and acquisitions were announced in July 2022.
Cybersecurity Financing Declined in Q2 2022, But Investors Optimistic (SecurityWeek) Cybersecurity financing declined in Q2 2022, but investors are optimistic and some believe the economic downturn can be an opportunity.
Flashpoint Acquires Open Source Intelligence Leader Echosec Systems (Business Wire) Flashpoint acquired Echosec Systems, provider of open-source intelligence & publicly available info for national security, public safety, enterprises.
Keyavi Data Raises $13M Series A to Meet Accelerating Cybersecurity Market Demand for Self-Protecting Data Technology (Business Wire) Keyavi Data Raises $13M Series A to Meet Accelerating Cyber Security Market Demand for Self-Protecting Data Technology
Cyren Successfully Completes Sale of its Legacy Secure Email Gateway Business (AccessWire) Cyren Ltd. (NASDAQ:CYRN), a provider of next-generation email protection and embedded threat detection solutions, today announced that it has completed the previously announced divestment of its legacy secure email gateway business to Content Services Group GmbH for €10,000,000 of gross cash proceeds. The sale will enable Cyren to focus on its core business and strategic growth opportunities to
Cybersecurity firm ZeroFox set to join the NYSE following a $1.3 billion SPAC merger (Renaissance Capital) Cybersecurity firm ZeroFox is set to go public via SPAC merger after the deal was approved on August 2nd, setting up one of the year’s only listings of a software company valued at $1+ billion.
Lockheed Doubles Venture Fund to $400 Million (Manufacturing Business Technology) The company will use the money to accelerate future defense innovation through investment in start-ups.
Google Paid Out $90,000 for Vulnerabilities Patched by Chrome 104 (SecurityWeek) Google has paid out $90,000 for the vulnerabilities patched with the release of Chrome 104.
Rubrik is Named a Leader in the Gartner® 2022 Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions (Rubrik) Rubrik achieved the furthest overall position in Completeness of Vision for third year in a row.
Fastly Appoints Todd Nightingale as CEO (Fastly) Fastly’s edge cloud platform helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences.
GitLab Appoints Former NSA Chief of Critical Networks Defense and Defense Consultant to Federal Advisory Board (HS Today) GitLab Federal, LLC, provider of The One DevOps Platform for the public sector, is excited to announce the appointment of Janelle Romano and Patty Molthen to its Federal Advisory Board.
Former SSA IT Advisor Jarrett Booz Joins Accenture Federal Services; Amy Giovannucci Quoted (Executive Gov) Accenture Federal Services (AFS) announced that Jarrett Booz has joined the company and been named a senior manager as well as its program and project management lead.
Products, Services, and Solutions
Microsoft’s newest podcast, Uncovering Hidden Risks, launches on the CyberWire network. (CyberWire) The CyberWire announced today the launch of the newest show from the Microsoft Security team, Uncovering Hidden Risks. This new show joins the other well-known Microsoft Security podcasts on CyberWire’s growing network, including Afternoon Cyber Tea with Ann Johnson, Security Unlocked, and CISO Series with Bret Arsenault.
Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission Critical Business Applications at Scale (Business Wire) Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today delivered Deep Instinct Prevention for Applications, an age
Palo Alto Networks Unit 42 Helps Customers Better Address Cybersecurity Threats Through New Managed Detection and Response Service (Palo Alto Networks) New MDR service uniquely combines industry-leading Cortex XDR technology with Unit 42's advanced threat intelligence and threat hunting SANTA CLARA, Calif., Aug. 3, 2022 /PRNewswire/ -- The need...
Salt Security State of API Security Report Reveals 94% of Companies Experienced Security Incidents in Production APIs in the Past Year (PR Newswire) Salt Security, the leading API security company, today released the Salt Labs State of API Security Report, Q3 2022. In its latest edition, the...
Valtix Announces Multi-Cloud Incident Response Enabled By the Industry’s Most Scalable TLS Decryption Engine - Valtix (Valtix) Valtix summer release includes a new decryption capability designed to enable IR to gain much richer cloud security visibility than before.
ReliaQuest Launches GreyMatter Intelligent Analysis (ReliaQuest) ReliaQuest announced the launch of GreyMatter Intelligent Analysis, delivering answers to threats in 20 minutes or less.
Contrast Security Expands Free Developer Tool by Adding Open Source Security and SBOM Creation (PR Newswire) Contrast Security (Contrast), the leader in code security that empowers developers to secure as they code, today announced that software...
Microsoft gives enterprises wider access to its threat intel (Register) Organizations can be more proactive in tracking threats, finding holes in their protection
Canonic Security Launches AppTotal API to Streamline App-Vetting for Security Teams (PR Newswire) Canonic Security, an award-winning cybersecurity startup providing a platform controlling third-party applications and integrations, today...
Technologies, Techniques, and Standards
How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes (Dark Reading) Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
5 best practices for secure collaboration (CSO Online) How successful companies are facing the challenges of securing emerging communication technologies.
Shifting Security to Risk Management (F5) Embracing a risk-based approach to security requires a significant shift in how we think about security and digital assets. But this shift is necessary given the rapid evolution of digital threats and the inability of existing security models to mitigate—let alone keep up with—them.
Legislation, Policy, and Regulation
UK Parliament shuts TikTok account over China concerns (Computing) The account only lasted a week.
India scraps data protection law, promises better successor (Register) Tech giants and digital rights groups didn't like it, but at least it was a law
Portman warns against overlap in government cyber leadership (The Hill) Sen. Rob Portman (R-Ohio) on Wednesday said he was worried there are too many cooks in the kitchen when it comes to leading the federal government’s cyber security efforts. Portman’s remarks …
Cyber Ambassador Pick Wants to Bring 'Coherence' to Tech Diplomacy Efforts (Defense One) Nathaniel Fick, the former Marine and head of Center for a New American Security, also wants more deterrence efforts in cyberspace.
State Department needs more cyber policy muscle, says cyberspace ambassador nominee (CyberScoop) Nate Fick told the Senate Foreign Relations Committee the threat from China is probably "the defining strategic question of my generation."
Corporate lobbying could imperil sweeping data privacy bill (The Hill) Industry lobbying could imperil a comprehensive privacy bill that would fundamentally shift the way companies collect user data online. Since its introduction in June, the American Data Privacy a…
Big Tech Is the West’s Surprise Weapon in Competition With Russia, China (Wall Street Journal) Amazon Web Services, Microsoft, Google and others face criticism at home over their influence in the marketplace and public square, but their role in Ukraine shows how they are becoming an asset in the West’s rivalry with Russia and China.
Litigation, Investigation, and Law Enforcement
Election Officials Plead for More Protection From Threats, Harassment (Wall Street Journal) Lawmakers at a hearing are expected to press Justice Department and Department of Homeland Security officials about their responses.
Robinhood Crypto Penalized $30M for Violating NY Cybersecurity Regulations (SecurityWeek) The cryptocurrency division of Robinhood has been slapped with a $30 million penalty for "significant violations" of New York state's cybersecurity and money laundering regulations.
Ally Bank Customers Lack Standing to Pursue Data Breach Claims (Bloomberg Law) Ally Bank successfully evaded claims over a data breach that compromised customers’ usernames and passwords, after a federal judge in Manhattan ruled that the customers didn’t suffer concrete injuries from the breach and therefore lacked standing.