Dateline Moscow and Kyiv: Lessons from the hybrid war.
Ukraine at D+174: Cyber and EW in combined arms operations. (CyberWire) Ukraine shows its long-range attack capability, and in so doing demonstrates a determination to take back territory occupied by Russia. That includes Crimea, which Russia had regarded as secure and uncontested. Nuisance-level Russian cyber action continues, but meaningful contributions in the fifth domain seem to come only when cyber is integrated with long-range fires.
Russia-Ukraine war: List of key events, day 175 (Al Jazeera) As the Russia-Ukraine war enters its 175th day, we take a look at the main developments.
Russia-Ukraine war: at least 12 Russians killed in strike on Nova Kakhovka base, says Ukraine – live (the Guardian) Footage on Telegram showed numerous burnt out trucks, collapsed buildings, and debris
Explosions rock Crimea in suspected Ukrainian attack (AP NEWS) Explosions and fires ripped through an ammunition depot in Russian-occupied Crimea on Tuesday in the second suspected Ukrainian attack on the peninsula in just over a week, forcing the evacuation of more than 3,000 people.
‘Act of sabotage’ as Ukraine hints at secret bombings behind enemy lines in Crimea (The Telegraph) Elite special forces reported to be behind fireball blast at ammunition dump in Russian occupied territory
Ukrainian special forces 'could launch more attacks in coming days' on occupied Crimea (The Telegraph) Ukraine could launch more attacks on occupied Crimea in the coming days, Volodymyr Zelensky’s military adviser said, as it emerged a special forces unit carried out the explosive raid on the Russian airbase in the area.
With new explosions, Crimea gets caught up in the war (Le Monde) After the August 9 attack on a military airfield, new violent explosions rocked a Russian base on Tuesday. President Volodymyr Zelensky has declared the region's 'liberation' is a military goal.
Blasts in Crimea underscore Russian forces' vulnerability (AP NEWS) A spate of explosions and fires has turned Russian-occupied Crimea from a secure rear base into a new battleground in the war, demonstrating both the Russians' vulnerability and the Ukrainians' capacity to strike deep behind enemy lines.
‘A question of time’: Ukrainians determined to win back the south (the Guardian) War against Russia is entering a decisive phase, but on the frontline a big push still feels some way off
Russian troops in south Ukraine squeezed as Kyiv ramps up strikes on bridges, ammo depots (CNN) Russian forces in the occupied Kherson region in southern Ukraine are finding it increasingly difficult to maintain the flow of ammunition, armor and fuel to front-line units, according to Ukrainian officials and Western analysts, thanks to a concerted Ukrainian campaign to cut off river and rail supply lines as well as target ammunition depots.
Ukraine Defies Russia With Attacks on Crimea, a ‘Holy Land’ to Putin (New York Times) A senior Ukrainian official said that an elite military unit was responsible for the attack on an ammunition storage site, the latest to directly target the peninsula that holds special meaning for Russian President Vladimir Putin.
‘A question of time’: Ukrainians determined to win back the south (the Guardian) War against Russia is entering a decisive phase, but on the frontline a big push still feels some way off
How Kyiv's special forces may have triggered a new phase in the war (The Telegraph) Recent attacks on the illegally-annexed peninsula might suggest that Kyiv is entering the latest phase in the war against Russia
Playing With Fire in Ukraine (Foreign Affairs) The underappreciated risks of catastrophic escalation.
Threat to Ukraine Nuclear Plant Increases as Fighting Rages (New York Times) Russia, trying to pin down Ukraine’s forces to blunt a counteroffensive in Kherson, has been firing shells from near a nuclear plants it occupies.
An interview with Ukrainian President Volodymyr Zelensky (Washington Post) Over the past six months, Ukrainian President Volodymyr Zelensky has become an inspiring wartime leader and champion of his country.
Ukrainian Nuclear Operator Accuses Russians Hackers Of Attacking Its Website (RadioFreeEurope/RadioLiberty) Ukrainian state nuclear operator Energoatom said on August 16 that Russian-based hackers unleashed an hours-long attack on its website but said major problems had been avoided.
Ukraine nuclear power company says Russia attacked website (Al Jazeera) Ukraine’s state nuclear power company Energoatom says Russian-based hackers launched major attack on its website.
Ukraine Nuclear Operator Reports Cyberattack on Its Website (The Defense Post) Ukraine's nuclear operator Energoatom reported what it called an "unprecedented" cyberattack on its website.
How electronic warfare is reshaping the war between Russia and Ukraine (The Record by Recorded Future) Drones have played an outsized role in Ukraine’s efforts to locate troops and plan out attacks in its war with Russia. But the devices are increasingly thwarted by an invisible enemy: Russia’s electronic warfare arsenal.
Army lesson from Ukraine war: cyber, EW capabilities not decisive on their own (FedScoop) One of the key observations the U.S. Army is taking from the war in Ukraine is that non-kinetic capabilities such as cyber and electronic warfare must be combined with other weapons in order to achieve their full potential on the battlefield. “The conflict also reveals an important aspect of both EW and cyber: neither […]
Learning from Ukraine, Army cyber schoolhouse focuses on electromagnetic spectrum (Breaking Defense) Gen. Paul Stanton told reporters during a media roundtable at the AFCEA TechNet Augusta conference that the Army is studying the invasion "pretty carefully" to make sure that it knows how to find its enemies and how not to be found itself.
Cyber and full-spectrum operations push the Great Power conflict left of boom (Breaking Defense) Unlike a weapon that can be tested, validated, and put on a shelf knowing that it will work when needed, deployed information warfare and cyber capabilities have to be continually tuned and optimized in order to be relevant to the warfighter.
Russia-linked Gamaredon APT continues to target Ukraine (Security Affairs) Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed the ongoing cyber espionage campaign. Symantec and TrendMicro first discovered the Gamaredon […]
Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium (Infosecurity Magazine) APT group focused on classic data theft via email accounts
Microsoft warns of Russian 'Seaborgium' phishing, reconnaissance activities (Computing) The company says it has blocked a number of accounts used by the threat actors
Microsoft Disrupts Russian Group's Multiyear Cyber-Espionage Campaign (Dark Reading) "Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says.
How Russia’s nuclear double cross of Ukraine teaches dangerous lessons (Breaking Defense) After Moscow’s invasion, nuclear aspirants like Iran or nuclear powers like China may have learned dangerous strategies.
U.N. chief to meet Zelenskiy, Erdogan in Ukraine on Thursday (Reuters) U.N. Secretary-General Antonio Guterres will meet Ukrainian President Volodymyr Zelenskiy and Turkish President Tayyip Erdogan in Ukraine on Thursday, a U.N. spokesman said, and on Friday visit the Black Sea port of Odesa, where grain exports have resumed under a U.N.-brokered deal.
Will the United States designate Russia a state sponsor of terrorism? (Atlantic Council) As Vladimir Putin's invasion of Ukraine approaches the six-month mark amid growing evidence of war crimes, pressure is mounting on the Biden Administration to designate Russia a state sponsor of terrorism.
Putin blasts US 'hegemony,' predicts end to 'unipolar' world (AP NEWS) Russian President Vladimir Putin accused the United States of trying to encourage extended hostilities in Ukraine as part of what he described Tuesday as Washington's alleged efforts to maintain its global hegemony.
Could Russia's Vladimir Putin face a Nuremberg-style tribunal over the Ukraine war? (CBS News) As prosecutors gather evidence of Russian troops' alleged war crimes, some are calling for a special tribunal to hold Russia's leaders to account.
Donetsk self-proclaimed leader pledges ‘bilateral cooperation’ with North Korea (the Guardian) Russian-backed self-appointed leader writes Kim Jong-un a letter, shortly after Vladimir Putin said Moscow and Pyongyang would expand relations
Russia’s invasion has highlighted Ukraine’s nation-building progress (Atlantic Council) Ukraine's remarkably resilient response to Russia’s February 2022 invasion has highlighted the impressive nation-building progress made by the country since the chaotic early years of the post-Soviet era.
Report: Sanctions Devastating Russian Economy (The Record by Recorded Future) We first spoke with Russian business owner Stanislav back in early March, shortly after Russia’s invasion of Ukraine. Almost six months later, we check back in with him to see how he’s doing, and look at a new report that suggests the Russian economy is cratering. Plus, inside a massive breach affecting a police database in Shanghai.
Attacks, Threats, and Vulnerabilities
Microsoft Exchange alternative Zimbra is getting widely exploited, 1000s hit (The Stack) A “Secure Private Business Email & Collaboration” suite from provider Zimbra has been getting widely exploited in the wild by a range of threat actors using vulnerabilities that give full remote code authentication with no authentication needed (pre-auth RCE). Over 30,000 instances are believed to be publicly exposed.
CISA Alert AA22-228A – Threat actors exploiting multiple CVEs against Zimbra Collaboration suit (CyberWire) CISA and the Multi-State Information Sharing & Analysis Center, or MS-ISAC are publishing this joint Cybersecurity Advisory in response to active exploitation of multiple Common Vulnerabilities and Exposures against Zimbra Collaboration Suite, an enterprise cloud-hosted collaboration software and email platform.
Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite (CISA) Actions for ZCS administrators to take today to mitigate malicious cyber activity: • Patch all systems and prioritize patching known exploited vulnerabilities. • Deploy detection signatures and hunt for indicators of compromise (IOCs). • If ZCS was compromised, remediate malicious activity.
DarkTortilla Malware Analysis (Secureworks) Learn how Secureworks CTU researchers have identified DarkTortilla samples delivering targeted malicious payloads, benign decoy documents, and executables.
Snyk finds PyPi malware that steals Discord and Roblox credential and payment info (Snyk) Learn about the newly discovered PyPi malware that attempts to steal credential and payment information from Discord and Roblox users.
Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack (SecurityWeek) The Cl0p ransomware group claims to have accessed SCADA systems at a UK water company, but their claims about being able to control chemicals could be overblown.
South Staffs Water is victim of botched Clop attack (ComputerWeekly) South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault.
South Staffordshire Water victim of cyber attack, customers not at risk (Computing) Gang claims to have a policy against harming critical infrastructure
John Deere jailbroken to run Doom at DEF CON (Register) Corn-y demo heralded as right-to-repair win
"Evil PLC Attack" weaponizes PLCs to infect engineering workstations (CSO Online) Researchers demonstrate a proof of concept where hijacked programmable logic controllers can compromise engineering workstations to allow lateral movement.
New MailChimp breach exposed DigitalOcean customer email addresses (BleepingComputer) DigitalOcean is warning customers that a recent MailChimp security breach exposed the email addresses of some customers, with a small number receiving unauthorized password resets.
Impact to DigitalOcean customers resulting from Mailchimp security incident (DigitalOcean) The security of DigitalOcean customers and their data is a responsibility we approach with utmost dedication. When our customers' security is threatened we respond swiftly, communicate with transpa...
USB cyberattacks pose a threat to manufacturing & industrial sector (Security Magazine) The 2022 Honeywell Industrial Cybersecurity USB Threat Report found elevated threat levels regarding USB-borne cyberattacks on the industrial sector.
HONEYWELL CYBERSECURITY RESEARCH REVEALS 52% OF CYBER THREATS TARGETED AT REMOVABLE MEDIA (PR Newswire) According to a report released today by Honeywell (NASDAQ: HON), the threat of USB-borne malware continues to be a serious concern. Data from...
When Efforts to Contain a Data Breach Backfire (KrebsOnSecurity) Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake…
CS:GO trading site hacked to steal $6 million worth of skins (BleepingComputer) CS.MONEY, one of the largest platforms for trading CS:GO skins, has taken its website offline after a cyberattack allowed hackers to loot 20,000 items worth approximately $6,000,000.
Hospital Overpays Employees $2M - Wants Money Back (Nurse.org) Hospital in Bend, Oregon overpays employees $2 million and wants the money paid back.
Vulnerability Summary for the Week of August 8, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
MIT Researchers Warn of Interconnect Security Vulnerabilities, Propose Mitigation Strategies (Enterprise AI) Researchers at MIT have developed new software mitigation techniques for a hardware-level security vulnerability uncovered in on-chip mesh interconnects.
Yokogawa CENTUM Controller FCS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM VP & CS 3000 Controller FCS Vulnerability: Denial of Service 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the affected device, resulting in a denial-of-service condition.
LS ELECTRIC PLC and XG5000 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely Vendor: LS Electric, LS Industrial Systems (LSIS) Co. Ltd Equipment: LS ELEC PLC and XG5000 Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to decrypt credentials and gain full access to the affected programmable logic controller (PLC).
Delta Industrial Automation DRAS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: Delta Robot Automation Studio (DRAS) Vulnerability: Improper Restriction of XML External Entity Reference. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and exfiltrate sensitive information from the affected host machine.
Softing Secure Integration Server (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Softing Equipment: Secure Integration Server Vulnerabilities: Out-of-bounds Read, Uncontrolled Search Path Element, Improper Authentication, Relative Path Traversal, Cleartext Transmission of Sensitive Information, NULL Pointer Dereference, Integer Underflow. 2.
B&R Industrial Automation Automation Studio 4 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: B&R Industrial Automation Equipment: Automation Studio 4 Vulnerability: Unrestricted Upload of File with Dangerous Type 2.
Emerson Proficy Machine Edition (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Emerson Equipment: Proficy Machine Edition Vulnerabilities: Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of Cryptographic Signature, Insufficient Verification of Data Authenticity, Path Traversal: ‘\..\filename’ 2.
Sequi PortBloque S (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sequi Equipment: Sequi PortBloque S Vulnerabilities: Improper Authentication, Improper Authorization 2.
Siemens Industrial Products with OPC UA (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET PC, SITOP Manager, TeleControl Server Basic Vulnerability: Null Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device by sending uncertain status code in a response message.
Trends
Is the drop in ransomware numbers an illusion? (Washington Post) Ransomware numbers appear to be falling, but that news might not be as good as it sounds.
Zero Day Initiative seeing an increase in failed patches (SearchSecurity) Trend Micro Zero Day Initiative's Brian Gorenc and Dustin Childs gave their thoughts on bug bounty programs and researcher relations at Black Hat USA 2022.
58% of Organizations Surveyed Report that Third Parties and Suppliers Were the Target of a Cloud-Based Breach in 2021, Cloud Security Alliance and Proofpoint Study Reveals (Proofpoint) Study reveals that lagging cloud governance strategies and legacy infrastructures are hindering organizations’ abilities to adequately protect their people and defend against data loss from cloud and web threats
Cloud and Web Security Challenges in 2022 (Proofpoint) Organizations’ work environments have undergone rapid but lasting changes in the face of the recent health crisis. Working remote became a necessity and many organizations were forced to accelerate their digital transformation as a result.
3 Cyberattacks to Put on Your Naughty List This Holiday Season (PerimeterX) It’s time for e-tailers to prepare for holiday cyberthreats. Here are three types of attacks to look out for.
Hackers really don't let schools enjoy the summer holidays (Technical Ripon) Summer break may still be in full swing, but hackers are not resting — with schools and universities around the world under attack.
Marketplace
ThreatX Raises $30 Million in Series B Funding to Accelerate Growth in Global API Protection Market (Business Wire) ThreatX today announced it has raised $30 million in Series B funding led by Harbert Growth Partners, with participation from Vistara Growth.
Thoma Bravo Completes Acquisition of SailPoint (SailPoint) Austin, TX and San Francisco – August 16, 2022 – SailPoint Technologies Holdings, Inc., the leader in enterprise identity security, today announced the
The Next Chapter (SailPoint) Change. That one small word tends to elicit big reactions. Some say, “Change is good.” Others think change is scary. There’s no limit to the feelings and
Darktrace confirms takeover proposal by US private equity firm Thoma Bravo (Computing) With $114 billion in assets, Chicago-based Thoma Bravo is one of the world's most active investors in cybersecurity firms
Cyber Firm Darktrace Shares Surge on Possible Takeover (SecurityWeek) Darktrace shares surge on news of a possible takeover by private equity firm Thoma Bravo
Google Cloud Hires Former Nutanix, VMware, Pure Storage Exec (CRN) Google Cloud hires Dominic Delfino as global vice president of cybersecurity sales to lead Google’s security strategy, with experience at VMware, Nutanix, Pure Storage and Cisco.
Former U.S. Attorney Tracy Wilkison Joins FTI Consulting's Cybersecurity Practice (Stockhouse) FTI Consulting, Inc. (NYSE: FCN) today announced the appointment of Tracy Wilkison, who most recently was U.S. Attorney for the Central District of California, as a Senior Managing Director in the firm’s Cybersecurity practice, further enhancing its presence on the West Coast. Her appointment will be effective September 12.
Products, Services, and Solutions
Cloudera Launches First All-in-One Data Lakehouse Cloud Service (Cloudera) New SaaS offering is simple, yet powerful, enabling businesses to deliver valuable insights faster
SolCyber Transforms Cyber Insurance for the Mid-Market with Converge (PR Newswire) SolCyber, a Forgepoint Capital company and the first modern MSSP for the midmarket, today announced a partnership with Converge, an emerging...
Acuant Integrates with Ping Identity's DaVinci to Deliver Superior Customizable KYC Solutions (PR Newswire) Acuant, a GBG company and leading identity verification provider, announced a new integration with Ping Identity (NYSE: PING), the intelligent...
Safe Security Introduces Free Assessments to Provide Trusted Financial Risk Calculations for Cyber Attacks and Cyber Insurance Discussions (Business Wire) Safe Security announces industry-first Interactive Cost Calculator and Cyberinsurance Assessment, built for data driven decisions about cyber risk.
KnowBe4 Launches Resource Kit to Help Defend Against Surging "Human Layer" Attacks (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today kicked off support activities...
Tanium Expands Collaboration with Microsoft as It Joins the Microsoft Intelligent Security Association (MISA) (Yahoo Finance) KIRKLAND, Wash., August 16, 2022--Tanium, the industry’s first provider of converged endpoint management (XEM), today announced that it has been nominated to join the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers (MSSPs) that have integrated their solutions with Microsoft security technology to help customers better defend themselves against increasingly sophisticated cyber threats.
Acuant Integrates with Ping Identity's DaVinci to Deliver Superior Customizable KYC Solutions (PR Newswire) Acuant, a GBG company and leading identity verification provider, announced a new integration with Ping Identity (NYSE: PING), the intelligent...
Deep Instinct Launches Stratosphere MSSP Program to Enable Partners to Prevent Ransomware (Business Wire) Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today announced the formal launch of its Stratosphere Managed Sec
NetSPI Launches Partner Program to Broaden Delivery of Offensive Security Services (PR Newswire) NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the launch of the NetSPI Partner Program...
CyberArk Drives Channel Partner Program Growth (Business Wire) CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced a series of Channel Partner Program initiatives to enhance collaborat
Technologies, Techniques, and Standards
Lessons Learned from the Cisco Data Breach (Axiad) Cisco’s Talos security intelligence team recently shared details on how an employee’s account was breached and their data was compromised. Once again, the root of the attack centered around stolen credentials and to coerce the employee into approving a push notification to bypass existing MFA mechan
Do you really think you are more secure than Cisco? (SafeBreach) SafeBreach is the first and only breach and attack simulation (BAS) provider with full coverage of the Cisco breach methods ready to test today.
Germany Offers Model for Space-Industry Cybersecurity Standards (Wall Street Journal) Cyber threats to the space sector are growing as the industry expands. European companies and officials want global standards to improve cybersecurity.
Text Messages, Once a Bulwark of Security, Now Seen as Vulnerable (Wall Street Journal) All companies should be using two-factor authentication at least to secure their systems but relying on text messages alone is foolish, cybersecurity experts say.
Lessons From the Cybersecurity Trenches (Dark Reading) Threat hunting not only serves the greater good by helping keep users safe, it rewards practitioners with the thrill of the hunt and solving of complex problems. Tap into your background and learn to follow your instincts.
Can the Open Cybersecurity Scheme Framework improve cybersecurity complications? (Tech Wire Asia) The Open Cybersecurity Schema Framework project will help organizations detect, investigate and stop cyberattacks faster and more effectively
The importance of critical infrastructure protection in the energy sector (Power Engineering) The U.S. electric grid provides electricity to millions of homes and businesses via a complex and vulnerable network of power plants, transmission lines and distribution centers. It is essential to daily life and commerce in America. One of the greatest cybersecurity threats to the electric grid involves ICS or “industrial control systems.” ICS manage electrical processes and physical functions like opening and closing circuit breakers.
Mezmo, ESG Research Finds That Despite Low Adoption, DevSecOps Brings Significant Results (GlobeNewswire News Room) Challenges with data volume, collection, and analysis hinder successful adoption, driving the need for better tooling to generate actionable insights...
RubyGems Requires MFA for Popular Projects (Decipher) RubyGems is now requiring projects with more than 180 million downloads to use MFA, and may extend the requirement to other projects.
How we'll know if the OCSF is a success for cybersecurity (Protocol) Further growth of group membership, more ease of use around querying and a commitment to transparency would be good measures of success, experts say.
Army Cyber Center Aggressively Pushing Zero Trust (AFCEA International) Cyber school bases lessons on zero-trust success.
Agencies Need Deeper Cyber Risk Scanning Efforts, State Dept. Officials Say (Meritalk) Federal agencies need to adjust their cyber threat scanning protocols to ensure they are getting a full-scope analysis of possible risk factors within their networks, and are not just scratching the surface on risks, officials from the State Department said on August 11 at an event organized by Federal News Network.
Design and Innovation
Breaking Category Five SPHINCS+ with SHA-256 (IACR) SPHINCS+ is a stateless hash-based signature scheme that has been selected for standardization as part of the NIST post-quantum cryptography (PQC) standardization process. Its security proof relies on the distinct-function multi-target second-preimage resistance (DMSPR) of the underlying keyed hash function
Legislation, Policy, and Regulation
Legitimate hacking activities under UK law proposed by ‘expert consensus’ (The Daily Swig) Contentious edge case activities are no excuse for further delaying of ‘much overdue’ reform, say campaigners
Bipartisan legislation supports state and local cybersecurity (The Hill) Much of it still needs to be pushed across the finish line.
Former US Cyber Command and NSA chief makes the case for a cyber competition strategy (The Strategist) Cyber threats to national security and prosperity are today better understood, better prioritised and far better resourced than in decades past. Cyber as a domain, as a threat and as a key opportunity is now ...
U.S. Approves Nearly All Tech Exports to China, Data Shows (Wall Street Journal) A Commerce Department-led process that reviews U.S. tech exports to the country has overseen an increase in sales of some particularly important technologies, according to an analysis of trade data, even as the U.S. has identified tech competition with China as a top national-security threat.
TikTok pushes back on House official’s warning about use (The Hill) TikTok pushed back on claims that a top House official made last week about security concerns related to the social media platform. The company sent a letter to Chief Administrative Officer o…
Litigation, Investigation, and Law Enforcement
U.S. SEC charges 3 people with insider trading tied to Equifax hack (Reuters) The U.S. Securities and Exchange Commission said on Tuesday it had charged three individuals for illegally tipping and trading in the securities of Equifax Inc before the company announced it had experienced a massive data breach.
Inside the crypto black markets of Argentina (Freethink) Argentina’s black market for cash is embracing crypto — but it's not what crypto proponents expected.
Fed warns banks to check legality of crypto-related activity (American Banker) The move is the latest development in the ongoing political clash over how involved banks should be in crypto markets.
Lawmakers Demand FBI, DHS, and Others Reveal Purchases of Private Data (Gizmodo) In a letter to their directors, seven agencies are asked to provide Congress with records about their purchases of private data.
Wall Street's Record Fines Over WhatsApp Use Were Years in the Making (Bloomberg) SEC, CFTC struggled to access messages, prompting probes. Banks expected to pay $2 billion in US fines for recordkeeping.
DOJ argues Booz Allen acquisition of Everwatch would negatively affect key NSA procurement (FedScoop) The Department of Justice has warned that Booz Allen’s proposed acquisition of EverWatch will negatively affect a major signal intelligence modeling and simulation services procurement run by the National Security Agency. In a court memorandum filed Friday, the department reiterated its challenge to the deal filed last month and cautioned that it “indeed already has, harmed […]
Brazilian police launch investigation targeting Lapsus$ group (The Record by Recorded Future) Brazil’s Federal Police carried out eight search and seizure warrants Tuesday as part of an investigation into attacks claimed by the Lapsus$ Group.
Three Nigerian BEC Fraudsters Extradited From UK to US (SecurityWeek) Three Nigerians were extradited from the UK to the US to face charges in relation to their roles in business email compromise (BEC) fraud schemes.
Why Tornado Cash sanctions are drawing fierce criticism, potential court challenge from crypto group (CyberScoop) Sanctions against the cryptocurrency mixer have ignited concern from industry stakeholders, privacy advocates and legal experts.
FBI thwarts cyberattack at Omaha hospital (Becker's Hospital Review) The FBI was able to thwart a cyberattack at David City, Neb.-based Butler County Health Care Center after notifying them that their hospital was being targeted by a cybergroup, WOWT reported Aug. 10.
$23 million YouTube music royalties heist is a reminder online copyright is deeply flawed (Mashable) The largest YouTube royalties heist in history is just a spotlight on a much larger problem.
$23 Million YouTube Royalties Scam (Schneier on Security) Scammers were able to convince YouTube that other peoples’ music was their own. They successfully stole $23 million before they were caught.
Saudi woman given 34-year prison sentence for using Twitter (the Guardian) Salma al-Shehab, a Leeds University student, was charged with following and retweeting dissidents and activists
Twitch streamers traumatized after four ‘swattings’ in a week (Washington Post) Last Tuesday, Clara “Keffals” Sorrenti, a trans Twitch streamer whose combative style has endeared her to legions of young LGBTQ viewers, posted a video to YouTube. “My life is in danger,” read its title. “I need your help.”