Dateline Moscow, Kyiv, and Minsk: Explosions in Russian communications zone; Russian cyber ops against Ukraine.
Ukraine at D+168: Offensive cyber ops are difficult. (CyberWire) Russia is struggling to replace both personnel and matériel lost in its invasion of Ukraine. Ukraine demonstrates an ability to hit Russian rear areas (including, possibly, some staging areas in Belarus). KillMilk is talking large about hacking Lockheed Martin, but evidence is scanty. ESET offers a post mortem of Industroyer2.
Russia-Ukraine war: List of key events, day 169 (Al Jazeera) As the Russia-Ukraine war enters its 169th day, we take a look at the main developments.
As Ukraine Holds the Line in Donbas, Russian Fire Shatters Cities in Moscow’s Path (Wall Street Journal) Bakhmut, a once elegant Ukrainian town famous for its sparkling wines, is now the focus of fighting in Donbas as cluster munitions maim civilians and the infrastructure gets slowly destroyed.
Russia-Ukraine war: 'Explosions heard at Belarus airbase' near Ukrainian border
(The Telegraph) Unexplained explosions were heard in the early hours on Thursday at a military airbase in Belarus near the Ukrainian border, that Russia has been using as one of the launchpads for the invasion.
New satellite images reveal massive damage at Russian air base in Crimea (The Telegraph) Images appear to show at least three large craters and 20 destroyed aircraft in damage far worse than the Kremlin has publicly admitted
Russian warplanes destroyed in Crimea airbase attack, satellite images show (the Guardian) Multiple aircraft at Saky base in Crimea blown up, with the new evidence suggesting possibility of targeted attack
Crimea airfield blast was work of Ukrainian special forces, official says (Washington Post) A powerful attack on a Russian air base in occupied Crimea was the work of Ukrainian special forces, a Ukrainian government official told The Washington Post on Wednesday, suggesting an increasingly important role for covert forces operating deep behind enemy lines as the country expands efforts to expel Russian troops.
Ukraine says 9 Russian warplanes destroyed in Crimea blasts (AP NEWS) Ukraine said Wednesday that nine Russian warplanes were destroyed in a deadly string of explosions at an air base in Crimea that appeared to be the result of a Ukrainian attack, which would represent a significant escalation in the war .
Contradicting Kremlin’s Account, Crimean Officials Detail Explosions’ Extent (New York Times) Blasts at an air base in the Russian-occupied territory damaged 62 apartment buildings and forced hundreds into shelters. Satellite imagery showed destroyed fighter jets.
Russia-Ukraine war: Ukrainian special forces 'carried out daring Crimea airbase attack' behind enemy lines (The Telegraph) Ukrainian special forces were behind the daring attack on a Russian airbase 125 miles into occupied Crimea, according to a Kyiv official.
Ukraine accuses Russia of shelling near nuclear plant, killing 13 civilians (the Guardian) Russia blamed for targeting the town of Marhanets calculating it would be risky to return fire
G7 urges Russia to return control of nuclear plant to Ukraine (Al Jazeera) The Zaporizhzhia plant, Europe’s largest, has been shelled several times, raising fears of a nuclear incident.
Russia struggles to replenish its troops in Ukraine (AP NEWS) The prisoners at the penal colony in St. Petersburg were expecting a visit by officials, thinking it would be some sort of inspection. Instead, men in uniform arrived and offered them amnesty — if they agreed to fight alongside the Russian army in Ukraine.
Massive leak reveals Russian soldiers tricked into fighting in Ukraine (The Telegraph) A 21-year-old man says he is in a ‘very depressed state’ having been sent to fight against his wishes as parents file complaints to watchdog
Russian surveillance aircraft entered Alaska defense zone, NORAD says (The Hill) Russian surveillance aircraft flew into the Alaskan Air Defense Identification Zone twice in the past two days, the North American Aerospace Defense Command (NORAD) revealed late Tuesday. The…
Britain to double rocket launcher shipments to Ukraine ahead of Crimea fightback (The Telegraph) Ben Wallace announces boost in Kyiv’s firepower as it gears up for a major counteroffensive in Russian-annexed region
Industroyer2: How Ukraine avoided another blackout attack (SearchSecurity) At Black Hat USA 2022 Wednesday, ESET researchers and a Ukrainian government official discussed the Industroyer2 malware attack and how it was thwarted.
Researchers Look Inside Russian Malware Targeting Ukrainian Power Grid (PCMAG) ESET security researchers share findings on the Industroyer2 malware designed to cause a mass blackout in Ukraine. One official calls it 'the biggest challenge for the world since World War II.'
Russian hacking group claims attack on Lockheed Martin (SiliconANGLE) Russian hacking group claims attack on Lockheed Martin - SiliconANGLE
HIMARS-Maker Lockheed Martin "confident" against Russian hackers (Newsweek) Pro-Russia hacking group Killnet has threatened more cyberattacks against the American manufacturer.
Finland’s parliament hit with cyberattack following US move to admit the country to NATO (The Hill) Finland’s parliament website was temporarily down on Tuesday following a cyberattack that coincided with President Biden’s move to admit the Nordic country to NATO. The Finnish parliament said in a…
Russia, Armenia To Sign Defense Pact (RadioFreeEurope/RadioLiberty) Armenia and Russia have signed a deal extending Russia's military presence in Armenia in exchange for security guarantees.
Putin scrambling for support from "outcasts" shows his weakness: Expert (Newsweek) CEPA fellow Kurt Volker said that any countries that are economically and politically capable on their own "want to keep a distance" from Russia.
Putin's girlfriend rumors "spread by the Kremlin"—Russian businessman (Newsweek) Former Russian MP Ilya Ponomarev made the claim during an interview with Ukrainian journalist Dmitry Gordon.
Grain Is Starting To Ship From Ukrainian Ports, But It Might Be Too Late For Starving Millions (Forbes) As people go hungry in the Middle East and Africa, the exported grain has likely gotten moldy from sitting too long. Then there’s the problem of ships navigating mine-filled ports.
Russia starts stripping aircraft for parts as sanctions bite (The Telegraph) Aeroflot forced to cannibalise planes to keep flying
Attacks, Threats, and Vulnerabilities
Maui ransomware linked to North Korean group Andariel (Register) Attack origins point to April 2021 first strike on Japanese target
Hacker uses new RAT malware in Cuba Ransomware attacks (BleepingComputer) A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool.
Conti extortion gangs behind surge of BazarCall phishing attacks (BleepingComputer) At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network.
Risky Business: Enterprises Can’t Shake Log4j (Cycognito) Despite eradication efforts, Log4j continues to haunt large corporations eight months after the critical vulnerability was discovered.
PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero (Sonatype) Sonatype identified a 'secretslib' PyPI package that covertly installs cryptominers on Linux systems.
Multiple Vulnerabilities in the Device42 Asset Management Appliance (Bitdefender) While investigating the Device42 platform, we found multiple severe security issues exploitable by attackers with any level of access within the host network.
Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack (Sophos News) After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point.
Best Buy Spoof Uses Google Storage to Launch Phishing Attack (Avanan) A phishing email that spoofs Best Buy uses a Google Storage page.
New dark web markets claim association with criminal cartels (BleepingComputer) Several new marketplaces have appeared on the dark web, claiming to be the dedicated online portals for notorious criminal cartels from Mexico.
The Business of Hackers-for-Hire Threat Actors (The Hacker News) Hackers-for-hire are secret cyber experts or groups who specialize in infiltrating organizations to acquire intelligence in one way or another.
The Hacking of Starlink Terminals Has Begun (Wired) It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.
One of 5G’s Biggest Features Is a Security Minefield (Wired) New research found troubling vulnerabilities in the 5G platforms carriers offer to wrangle embedded device data.
CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems (The Hacker News) CISA added a recently disclosed security flaw in UnRAR to its Known Exploited Vulnerabilities Catalog after receiving evidence of active attacks.
CISA adds UnRAR and Windows flaws to Known Exploited Vulnerabilities Catalog (Security Affairs) US Critical Infrastructure Security Agency (CISA) adds vulnerabilities in the UnRAR utility to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added a recently disclosed security flaw, tracked as CVE-2022-30333 (CVSS score: 7.5), in the UnRAR utility to its Known Exploited Vulnerabilities Catalog. The CVE-2022-30333 flaw is a path traversal […]
Cisco Event Response: Corporate Network Security Incident (Cisco) On May 24, 2022, Cisco identified a security incident targeting Cisco corporate IT infrastructure, and we took immediate action to contain and eradicate the bad actors. In addition, we have taken steps to remediate the impact of the incident and further harden our IT environment. No ransomware has been observed or deployed and Cisco has successfully blocked attempts to access Cisco’s network since discovering the incident.
Cisco Talos shares insights related to recent cyber attack on Cisco (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Cisco confirms May attack by Yanluowang ransomware group (The Record by Recorded Future) Cisco confirmed on Wednesday that it was attack by the Yanluowang ransomware group in May but said it could not find evidence of business impact or sensitive data theft.
Cisco Hit by Cyberattack From Hacker Linked to Lapsus$ Gang (Bloomberg) List of the stolen Cisco files were leaked to the dark web. Company says data obtained by attacker wasn’t sensitive.
Cisco was hacked by the Yanluowang ransomware gang (Security Affairs) Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat […]
Cisco's own network compromised by gang with Lapsus$ links (Register) Voice-phished their way in, but Switchzilla claims no damage done
Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen (BleepingComputer) Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online.
Cisco suffered cyberattack by Lapsus$ and Yanluowang hackers (Computing) Only non-sensitive data was stolen, Cisco says
Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen (BleepingComputer) Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online.
This company didn't spot the flaw in their network. But three ransomware gangs did (ZDNet) Triple-encrypted files are a difficult problem for anyone to solve.
DeathStalker's VileRAT Continues to Target Foreign and Crypto Exchanges (Infosecurity Magazine) The campaign is not only ongoing, the threat actors increased its efforts to compromise targets using VileRAT
Criminals steal $4 million from Solana as theft trend hits its crypto blockchain (SC Magazine) Roughly 9,000 crypto wallets on the Solana blockchain were reportedly robbed of more than $4 million as spate of attacks target cryptocurrency exchanges and bridge sites.
Hackers have stolen $1.4 billion this year using crypto bridges. Here’s why it's happening (CNBC) Crypto bridges, which connect blockchain networks together, have become major targets for cybercriminals.
Why hackers are able to steal billions of dollars worth of cryptocurrency (Washington Post) What's behind a wild stretch of cryptocurrency theft
Crypto criminals laundered $540 million by using a service called RenBridge, new report shows (CNBC) Regulators have their hands full as more crypto tools like RenBridge are being used by criminals to launder money.
Cloudflare: Attacker tried Twilio phishing tactic on us (Register) Attack was foiled by content delivery network's hardware security keys
Phishers who breached Twilio and fooled Cloudflare could easily get you, too (Ars Technica) Unusually resourced threat actor has targeted multiple companies in recent days.
Security firm finds flaws in Indian online insurance broker (AP NEWS) Last month, a cybersecurity startup told a major Indian online insurance brokerage it had found critical vulnerabilities in the company’s internet-facing network that could expose sensitive personal and financial data from at least 11 million customers to malicious hackers.
How hackers are stealing credit cards from classifieds sites (BleepingComputer) A new credit card stealing campaign is underway in Singapore, snatching the payment details of sellers on classifieds sites through an elaborate phishing trick.
Selling something online? Watch out for this clever new scam (Digital Trends) A credit/debit card stealing scheme that was initially discovered in 2020 has now been detected in Singapore.
Microsoft 365 outage triggered by Meraki firewall false positive (BleepingComputer) An ongoing outage affects multiple Microsoft 365 services, blocking users from connecting to Exchange Online, Microsoft Teams, Outlook desktop clients, and OneDrive for Business.
NHS staff told to plan for three weeks of disruption following cyberattack (Computing) The attack on supplier Advanced has raised the possibility of deadly medication errors and misdiagnosis
Major NHS IT outage to last for three weeks (The Independent) Cyberattack has targeted NHS systems used to dispatch ambulances and could last for weeks, NHS staff told
Exclusive: NHS chiefs fear cyber attackers have accessed patient data (Health Service Journal) Criminals have issued 'demands' to an NHS IT supplier targeted by a cyber attack, leading health chiefs to fear they have accessed confidential patient data, HSJ has learned.
Servers Australia discloses "malicious activity" impacting some Sydney services (CRN Australia) Only impacted small number of customers on older servers.
Data breach: KU launches probe; says `analysis going on’ (The Kashmir Monitor) Srinagar, Aug 10: The University of Kashmir has launched a probe into the alleged data leak.
Dentist chain paid cyber criminals €2 million after ransomware attack: report (NL Times) Dentist chain Colosseum Dental paid over 2 million euros in ransom to a criminal group that held its systems hostage, people involved told the Volkskrant. According to the newspaper’s sources, the cyber criminals shut down the dental organization, which has over 130 branches in the Benelux, with ransomware LV.
Newton Falls schools investigate possible security breach (WFMJ) The Newton Falls Exempted Village School district has informed students and parents of a possible security breach impacting several students' social security numbers and potential tax fraud.
120K Priority Health Members Impacted By Third-Party Data Breach (Health IT Security) Michigan-based health plan Priority Health notified approximately 120,000 individuals of a third-party data breach that originated at the law firm Warner Norcross & Judd.
American Wholesale Furniture Company Announces Data Breach (JD Supra) On August 5, 2022, American Wholesale Furniture Company (“AWF”) reported a data breach with a state attorney general’s office. At this early point,...
Marymount Manhattan College Reports Data Breach Following Unauthorized Access to the School’s Network (JD Supra) On August 3, 2022, Marymount Manhattan College reported a data breach with several state attorney generals’ offices. According to MMC, the breach...
Zenith American Solutions, Inc. Announces Data Breach Impacting Sound Health and Wellness Trust (JD Supra) On July 20, 2022, Zenith American Solutions, Inc. reported a data breach with the U.S. Department of Health and Human Services Office for Civil Rights...
Canadian recreational vehicle maker BRP, Ontario Cannabis Store dealing with cyber attacks (IT World Canada) One of the country's biggest manufacturers of recreational vehicles is still struggling with the aftereffects of a cyber attack. Quebec-based BRP Inc., better known as Bombardier Recreational Products, said Monday it had been hit by "malicious cybersecurity activity." This morning Biliana Necheva, the company's senior media relations advisor, said it won't give interviews with more
Cyberattack, supply chain issues impact AGCO’s earnings (World Grain) Net sales for the second quarter were up, but income decreased.
Security Patches, Mitigations, and Software Updates
Microsoft Patch Tuesday, August 2022 Edition (KrebsOnSecurity) Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Redmond…
Palo Alto Networks Releases Security Update for PAN-OS (CISA) Palo Alto Networks has released a security update to address a vulnerability in PAN-OS firewall configurations. A remote attacker could exploit this vulnerability to conduct a reflected denial-of service. CISA encourages users and administrators to review the Palo Alto Networks Security Advisory CVE-2022-0028 and apply the necessary updates or workarounds.
Trends
BrightCloud® Threat Report Mid-Year Update: Reinvention is the Name of the Game (Webroot Blog) facebook linkedin twitter When was the last time you secretly smiled when ransomware gangs had their bitcoin stolen, their malware servers shut down, or were forced to disband? We hang on to these infrequent victories because history tells us that most ransomware collectives don’t go away—they reinvent themselves under a new name, with new rules, …
The State of Ransomware in Financial Services 2022 (Sophos) Findings from an independent, vendor-agnostic survey of 5,600 IT professionals in mid-sized organizations across 31 countries, including 444 respondents from the financial services sector.
New Research from Abnormal Security Shows Rise in Credential Phishing Attacks with 265 Brands Impersonated in First Half of 2022 (Business Wire) Abnormal Security's new H2 2022 Email Threat Report shows rise in credential phishing attacks with 265 brands impersonated in first half of 2022.
Email Threat Report: 265 Brands Impersonated in Phishing Attacks (Abnormal) Download the H2 2022 Email Threat Report for insight into the current email threat landscape and the latest advanced email attack trends.
Majority of SMBs lack 24/7 security operations to detect threats (Help Net Security) This Help Net Security video reveals how all businesses, including SMBs, are evolving their cybersecurity operations practices.
SMBs Reach a Cybersecurity Tipping Point as Rising Attacks Boost Reliance on MSPs, According to Research from ConnectWise (GlobeNewswire News Room) State of SMB Cybersecurity Report Findings Present Opportunities for MSP Partners to Better Deliver Right Cybersecurity Solutions to Meet Needs and Address...
[A pessimistic view of Internet safety] (Incogni) #Incogni research reveals that internet safety has not improved over the past two years. 74% of respondents of our survey do not feel safe online and think the internet is no safer now than it was in 2020. Data exposes a glimmer of hope for the next two years.
Marketplace
AppOmni Announces Strategic Investment from Cisco Investments and Expands SaaS Coverage and Developer Platform Capabilities (Business Wire) AppOmni, the leading provider of Software-as-a-Service (SaaS) security, today announced Cisco Investments has made a strategic investment in the compa
Halo Security Emerges From Stealth With Full Attack Surface Management Platform (Dark Reading) The latest startup to enter the space also has a free scanning service to audit the contents of any website.
BlackBerry Cyber Insurance Study Reveals Businesses Hope for Greater Assistance in Paying Ransomware Demands (INN) Eighty-one percent of respondents had a coverage limit under $600,000 below last year's median ransomware demand WATERLOO, ON , Aug. 10, 2022 /PRNewswire/ -- BlackBerry Limited (NYSE: BB) (TSX: BB) and Corvus Insurance today released the BlackBerry Cyber Insurance Coverage study, show...
'Hack DHS' Bug Bounty Program to Begin Second Phase with New Contract Request (Nextgov) The contract is geared toward companies that can conduct crowdsourced events and competitions for vetted security researchers, to help bolster DHS’ cyber resilience.
Intel Names Hardware Security Award Winners (Business Wire) Intel announces the winners of its second annual Hardware Security Academic Award for innovative security research.
US government is understanding hiring security talent (Register) Katie Moussouris tells it like it is
Maryland invests in its cyber pipeline with a new SANS Institute partnership (Technical.ly) In partnership with the SANS Cyber Workforce Academy, the state seeks to bulk up its cyber workforce with a free, six-month training program geared toward technologists of color, women and veterans.
NetWitness Appoints Industry Veteran Ken Naumann as New CEO (NetWitness.com) NetWitness, an RSA® Group Business and globally trusted provider of cybersecurity technologies and incident response services, today welcomes Ken Naumann as the new Chief Executive Officer.
Rick Hanson Joins Delinea as President to Lead Global Go-to-Market Initiatives (PR Newswire) Delinea, a leading provider of privileged access management (PAM) solutions for seamless security, today announced that Rick Hanson has joined...
Products, Services, and Solutions
Halo Security Launches Full Attack Surface Management Platform Led By Veterans of Intel and McAfee (Business Wire) TrustedSite, a leading provider of vulnerability scanning and certification, officially launched Halo Security at Black Hat USA. The company’s attack
ArmorCode Adds Traceable AI Integration, Improving Application Security Posture From Code to Cloud (PR Newswire) ArmorCode, the leader in AppSecOps, today announced an integration with Traceable AI, the industry's leading API security and observability...
Meeting America's Rising Demand For Its Cybersecurity Workforce, Skillsgapp Launches 'Cyber Watchdog' On Google Play And App Store - (Benzinga) In response to nationwide demand for a cybersecurity talent pipeline, Skillionaire Games, a subsidiary of skillsgapp, a company that develops free-to-play mobile gaming apps that help middle and high school-aged+ youth
Cowbell and Swiss Re Partner to Offer First Ever Cyber Insurance Program Dedicated to Cloud Workloads (PR Newswire) Cowbell Cyber, a leading provider of cyber insurance for small and medium-sized enterprises (SMEs), today announced a new partnership with...
OPSWAT Presents New Malware Analysis Capabilities for Operational Technology (OT) at Black Hat USA 2022 (GlobeNewswire News Room) Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers...
Silobreaker and PolySwarm strengthen partnership with new integration features - (UK Tech News) Latest enhancements further strengthen ability of enterprises to track threats, vulnerabilities, and malicious actors – including incidents or events of impact affecting industry Silobreaker, a leading security and threat intelligence firm, today announced an expansion to its work with PolySwarm, the first-of-its-kind marketplace for malware intelligence. These latest enhancements provide Silobreaker’s users with access to […]
NetWitness Announces New Threat Detection and Intelligence Capabilities with NetWitness Platform XDR 12 (NetWitness.com) Newest version of cutting-edge XDR technology focuses on critical threat detection
Concentric AI Launches New Security Solution to Protect Sensitive Data Shared Across Popular E-mail and Messaging Platforms (Business Wire) Black Hat USA 2022 Innovation City Booth No. 90 — Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security postu
Gurucul Next-Gen SIEM and XDR Lead Industry with Innovative Poly-Cloud and Multi-Cloud Offering (Business Wire) Black Hat USA--Gurucul, a leader in Next-Gen SIEM, XDR, UEBA, and Identity and Access Analytics, today announced advanced Poly-Cloud architecture supp
CrowdStrike adds AI-powered indicators of attack to Falcon platform (CSO Online) The new feature leverages millions of examples of malicious activity to more accurately identify signs of an attack.
Troverlo and Actility Collaborate on Low-Cost Trackers Compatible with Abeeway LoRaWAN Tags (Actility) Troverlo, Actility, and Abeeway have collaborated to provide a low-cost tracking device that can be read by Abeeway LoRaWAN® trackers.
Dynatrace Extends Cloud Security to Provide Vulnerability Analysis Across All Layers of the Application Stack (Business Wire) Software Intelligence company Dynatrace (NYSE: DT) announced today it has extended its Application Security Module to detect and protect against vulne
Dynatrace Runtime Vulnerability Analysis now covers the entire application stack (Dynatrace news) Dynatrace adds Go vulnerability analysis on top of Java, .NET, Node.js, and PHP vulnerability analysis. Automatic runtime vulnerability detection and AI-powered risk assessment further enable DevSecOps automation.
SentinelOne Partners with Armis for Unparalleled Asset Intelligence (Business Wire) SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced a new integration with Armis, the leading unified asset intellige
Recorded Future Launches National Cyber Defense Intelligence Kit (PR Newswire) Recorded Future, the world's largest intelligence company, today announced the launch of the National Cyber Defense Intelligence Kit for...
New Bishop Fox Emulation Uses Zero Trust Segmentation to Stop Ransomware Attacks in Less Than 10 Minutes (GlobeNewswire News Room) Illumio Core stopped attacks from spreading across hybrid IT 4 times faster than detection and response alone...
Aligned Automation and ColorTokens Partner for Cybersecurity Across End-to-End Solutions and Allowing Faster Time-to-Value (PR Newswire) ColorTokens Inc., a leading innovator of the autonomous Zero Trust cybersecurity solutions, today announced that it has partnered with Aligned...
Technologies, Techniques, and Standards
CISA Releases Toolkit of Free Cybersecurity Resources for Election Community (CISA) WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) released its “Protecting U.S. Elections: A CISA Cybersecurity Toolkit” today, a one-stop catalog of free services and tools available for state and local election officials to improve the cybersecurity and resilience of their infrastructure. As the lead federal agency responsible for election security, CISA regularly works with state and local election officials to secure their systems and offers a number of services, information products, and other resources.
Cybersecurity Toolkit to Protect Elections (CISA) As the lead federal agency responsible for national election security, CISA—through the Joint Cyber Defense Collaborative (JCDC)—has compiled a toolkit of free services and tools intended to help state and local government officials, election officials, and vendors enhance the cybersecurity and cyber resilience of U.S. election infrastructure. This toolkit includes free tools, services, and resources provided by CISA, JCDC members, and others across the cybersecurity community.
Tech, Cyber Companies Launch Security Standard to Monitor Hacking Attempts (Wall Street Journal) Amazon’s AWS, Splunk, IBM and others are cooperating on a format for cyber alerts.
How harm reduction can more effectively reduce employee risky behavior (CSO Online) Black Hat speaker proposes framework to reduce the negative consequences of risky user actions and encourage them to follow security's advice.
New Survey Elevates Site Reliability Engineering (SRE) as the Force Multiplier for Digital Experiences (Sumo Logic) Sumo Logic today unveiled the results of the Global SRE Pulse 2022, a survey of insights from the global IT community, which highlights the growing adoption of SRE as a central operating model to deliver digital services and applications. The survey was conducted by DevOps Institute to establish a…
Global SRE Pulse (DevOps Institute) The Global SRE Pulse will collect input from the global community on SRE practices and thought leadership.
A Cure for the Obscure: JavaScript Deobfuscation | PerimeterX (PerimeterX) PerimeterX and HUMAN have released a new open source JavaScript deobfuscation tool called REstringer. It is also available as an online tool.
Identity is the killer context: 4 ways to stay in control (Help Net Security) In an era when people are working from anywhere they can get an internet connection, identity is often hailed as the new perimeter.
The Security Pros and Cons of Using Email Aliases (KrebsOnSecurity) One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a "+" character after the username portion of your email address -- followed by…
Security Automation Can Save You $3.05M in a Data Breach (Security Intelligence) Companies with fully deployed security AI and automation identify and contain breaches faster. See how it can prepare your business for cyberattacks.
Council Post: Cybersecurity Budgets Are Wasted By An Overabundance Of Tools (Forbes) Even as companies throw more money toward their cybersecurity budgets, businesses aren’t getting the value they expect from their investments.
Air Force Was ‘Hyper Focused’ on Cybersecurity for IT Networks. Now Other Systems Need Protection. (Air Force Magazine) Air Force Life Cycle Management Center leaders discussed the importance of cybersecurity for weapons systems and base facilities.
Design and Innovation
The solution to online abuse? AI needs human intelligence (World Economic Forum) Automated detection and manual moderation of online abuse and threats to internet users are limited in their ability to adapt to complex threats at scale.
A Phone Carrier That Doesn’t Track Your Browsing or Location (Wired) The new Pretty Good Phone Privacy service for Android hides the data linking you to your mobile device.
Intel Introduces First Protections Against Certain Physical Threats (Intel) Intel applies a Tunable Replica Circuit to help protect against certain types of physical fault injection attacks.
Fault-Injection Countermeasures, Deployed at Scale White Paper (Intel) Learn about the design, and calibration for a fault-injection detection circuit that was first productized in Intel 12th gen Intel® Core™ processors.
Research and Development
NIST post-quantum algorithm candidate's future uncertain, with second attack proposed (FedScoop) But that might not be prudent with more research, proposing an alternative attack, moving quickly, says a member of the SIKE team.
Sloppy Use of Machine Learning Is Causing a ‘Reproducibility Crisis’ in Science (Wired) AI hype has researchers in fields from medicine to political science rushing to use techniques that they don’t always understand—causing a wave of spurious results.
Legislation, Policy, and Regulation
Ministry will no longer accept equipment from Chinese firm Hikvision (IT Brief New Zealand) The Ministry of Business, Innovation and Employment (MBIE) says it will no longer accept equipment from a major Chinese surveillance camera maker.
Weak breach data disclosure laws for IP theft leaves vital Australian industries vulnerable (SecurityBrief Australia) Infoblox has seen unprecedented levels of demand for cyber protection from companies outside of the Critical Infrastructure Act who have discovered security events and those who fear falling victim to IP theft.
Sierra Leone internet cut amid anti-government protests (The Record by Recorded Future) The West African nation of Sierra Leone experienced a near-total internet blackout on Wednesday, in the midst of anti-government protests sparked by the rising cost of living.
Taxpayers for U.S. Chips (New York Times) What a $280 billion law signed by President Biden this week might mean for Americans.
China calls out US semiconductor bill as anti-competitive (ZDNet) China's trade and commerce associations say the US Chips and Science Act is not in line with global trade principles and will result in unfair competition with "any country of concern".
Federal Trade Commission Expected to Launch Effort to Expand Online Privacy Protection (Wall Street Journal) Lack of a broad federal law has become a growing concern for advocates as online platforms and others amass troves of consumers’ search data and other information.
Former fed calls for government reorganization, paints grim cybersecurity picture (SC Magazine) Society at large is getting more vulnerable and less capable of safely navigating the complex cybersecurity landscape, said former CISA Director Chris Krebs at the Black Hat hacker conference in Las Vegas.
Cyber Threats Warrant a Government Reorganization, Former CISA Head Says (Nextgov) Inaugural CISA director Chris Krebs said the federal government should do more to respond to cybersecurity and data concerns.
CISA should split from DHS or made part of broader 'Digital Agency': Fmr Director Chris Krebs (The Record by Recorded Future) CISA's former director urged Congress to either separate the agency from DHS or create a new U.S. digital agency.
Former CISA chief wants a new, cross-cutting new agency to lead federal cyber (FCW) Chris Krebs wants to establish a new agency to focus on privacy, data and cyber risks facing the U.S., or to pull the Cybersecurity and Infrastructure Security Agency from under the Department of Homeland Security.
Chris Krebs: Cybersecurity Will be ‘Near-Term Bearish, Long-Term Bullish’ (SDxCentral) Former CISA director Chris Krebs expects the cybersecurity landscape will get worse before getting better.
FTC activism and Ukraine signal a new era for the US defense industrial base (Breaking Defense) "Not only is the government skeptical of ongoing consolidation, it is not happy with the execution of those promises made in the past," writes Bill Greenwalt of AEI.
The Navy Needs a Cyber Course Correction (U.S. Naval Institute) The Navy is also the only military branch without offensive cyber units—without which cyber personnel have limited ability to show their value to the fleet.
Litigation, Investigation, and Law Enforcement
Member of Iran's Islamic Revolutionary Guard Corps (IRGC) Charged with Plot to Murder the Former National Security Advisor (US Department of Justice) An Iranian national and member of Iran’s Islamic Revolutionary Guard Corps (IRGC) was charged by complaint, unsealed today in the District of Columbia, with use of interstate commerce facilities in the commission of murder-for-hire and with providing and attempting to provide material support to a transnational murder plot.
Iranian Operative Charged in Plot to Murder John Bolton (Military.com) The Justice Department says an Iranian operative has been charged in a plot to murder former Trump administration national security adviser John Bolton.
The World Cyber Accountability Alliance Releases a Letter of Concern Regarding Cellebrite’s Activities (Business Wire) The World Cyber Accountability Alliance (WCAA) is an organization that works to provide insights and facilitate cooperation to create a future that va
Letter of Concern Regarding Cellebrite (WCAA) In recent coverage in the Israeli media outlet “Calcalist”, it is suggested that NASDAQ traded cyber company “Cellebrite” (CLBT) allegedly engaged in illegal activities. Following this, The World Cyber Accountability Alliance published an official letter of concern to the global cybersecurity community.
US claims Chinese seller violated export rules for ZTE (Register) Far East Cable acted as a broker in between ZTE and Iranian companies, it's alleged
Europe staves off Facebook blackout — for now (POLITICO) EU regulators at odds over how to block Meta from sending Europeans’ data to the US.
Former Twitter Employee Found Guilty of Spying for Saudi Arabia (The Hacker News) A former Twitter employee has been convicted of spying on the private information of Twitter users for Saudi Arabia.
Iran makes first import order using cryptocurrency - report (Reuters) Iran made its first official import order using cryptocurrency this week, the semi-official Tasnim agency reported on Tuesday, a move that could enable the Islamic Republic to circumvent U.S. sanctions that have crippled the economy.
FTC Probes BitMart Exchange Breach, Marking Agency’s First Crypto Case (Bloomberg) Consumer-protection agency sought details on Dec. 2021 hack. White House has urged FTC to police crypto fraud and abuse.
LendingTree Sued Over Breach That Compromised Info of 200,000 (Bloomberg Law) LendingTree is liable for a February 2022 data breach that compromised the personal identifiable information of over 200,000 customers, according to a proposed class action filed in federal court in North Carolina.