Dateline Moscow and Kyiv: Rear area combat operations, and a history of Russia's cyber campaign.
Ukraine at D+175: Rear-area threats, and an overview of Russian cyber ops. (CyberWire) Ukraine continues to demonstrate the ability to strike Russian rear areas, and Russia resumes the shelling of civilian residential areas. Wiper malware and cyberespionage as defining aspects of Russia's cyber campaign.
Russia-Ukraine war: List of key events, day 176 (Al Jazeera) As the Russia-Ukraine war enters its 176th day, we take a look at the main developments.
Ukraine war: Russia kills seven in fresh strikes on Kharkiv (The Telegraph) One person has died and 18 were wounded in pre-dawn shelling of a residential area in the eastern city of Kharkiv, Oleh Synehubov, the regional governor said.
Russia-Ukraine war latest: what we know on day 176 of the invasion (the Guardian) Russia replaces commander of Crimea-based Black Sea fleet; at least seven dead and 16 wounded in strike on Kharkiv, Ukrainian officials say
Behind Enemy Lines, Ukrainians Tell Russians ‘You Are Never Safe’ (New York Times) Clandestine resistance cells are spotting targets, sabotaging rail lines and killing those deemed collaborators as they seek to unnerve Russian forces.
Russia-Ukraine war: Zelenskiy adviser says war in deadlock; fatalities reported in attacks on Kharkiv and Mykolaiv – live (the Guardian) Russian forces have made only minimal advances, Oleksiy Arestovych claims; at least one person killed in Kharkiv and another in Mykolaiv
Russian shakes up Black Sea fleet command after series of blows in Crimea - state agency (Reuters) Russia's Black Sea fleet based in annexed Crimea has installed a new commander, RIA news agency cited sources as saying on Wednesday, after Russian military bases on the peninsula were rocked by explosions in the past nine days.
Did Putin fire Black Sea commander after massive losses? What we know (Newsweek) The Russian state-owned news agency Ria Novosti reported the news of the new commander, citing unnamed sources in the Black Sea Fleet.
‘I don’t see justice in this war’: Russian soldier exposes rot at core of Ukraine invasion (the Guardian) Exclusive: Pavel Filatyev has fled his homeland after publishing a 141-page account detailing his experiences on the frontline
‘They turned us into savages’: Russian soldier describes start of Ukraine invasion (the Guardian) In this extract from former paratrooper Pavel Filatyev’s memoir, he recalls wild looting after soldiers entered Kherson
Stop ‘cancelling’ Russians and get them on our side instead, says top Zelensky advisor (The Telegraph) Oleksiy Arestovych blames Russophobia for losing Ukraine ‘hundreds of thousands of supporters’ among disaffected citizens
Overview of the Cyber Weapons Used in the Ukraine - Russia War (Trustwave SpiderLabs) Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy.
Russia-Ukraine cyberwar creates new malware threats (VentureBeat) Fortinet research reveals that the Russia-Ukraine cyberwar has created new wiper malware and ransomware threats.
Fortinet: Use of wipers expanding beyond Ukraine to 24 countries (The Record by Recorded Future) The use of wiper malware has expanded beyond the Ukraine conflict to 24 countries, according to research from Fortinet.
How Unmoderated Platforms Became the Frontline for Russian Propaganda (Lawfare) An overfocus on covert networks on Facebook and Twitter misses the full expanse of the propaganda strategies that often reach more users through different communication media.
Ukraine ‘testing ground’ shaping US network, electronic warfare effort (C4ISRNet) Oleksii Reznikov described Ukraine as “a testing ground,” where “many weapons are now getting tested in the field, in the real conditions of battle.”
Will They Fight? Washington Wants to Know. (Foreign Policy) The United States thought Afghans would fight and Ukrainians would fold. Reality is forcing a reassessment.
Attacks, Threats, and Vulnerabilities
Suspected Iranian Actor Targeting Israeli Shipping, Healthcare, Government and Energy Sectors | Mandiant (Mandiant) New research on a suspected Iranian threat actor that's targeting Israeli shipping, government, energy, and healthcare organizations.
Iran-linked hacking group is targeting Israeli shipping, US cybersecurity firm says (Times of Israel) Attackers began threatening maritime commerce in 2020 as the Israel-Iran shadow war increasingly spilled into the sea, according to leading security company Mandiant
Iranian Group Targeting Israeli Shipping and Other Key Sectors (SecurityWeek) Mandiant has been tracking an activity cluster that it believes to be from a single Iranian threat group that has been targeting Israeli interests, especially the shipping industry.
BlackByte ransomware gang is back with new extortion tactics (BleepingComputer) The BlackByte ransomware is back with version 2.0 of their operation, including a new data leak site utilizing new extortion techniques borrowed from LockBit.
Overlooked DarkTortilla crypter is a long-term cyberthreat (Register) .NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says
'DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections (Dark Reading) The stealthy crypter, active since 2015, has been used to deliver a wide range of information stealers and RATs at a rapid, widespread clip.
Hackers Build Phishing Pages Using AWS Apps (Avanan) Hackers are building phishing pages by using AWS apps.
How a Third-Party SMS Service Was Used to Take Over Signal Accounts (Vice) Unknown attackers targeted Signal users after they broke into the systems of communications services company Twilio.
Worldwide crypto & NFT rug pulls and scams tracker (Comparitech) The crypto world is reported to be worth over $3 trillion with over 300 million people worldwide owning some form of crypto.
Period and pregnancy tracking apps have bad privacy protections, report finds (The Verge) Wearables have better policies.
Investigation continues in library data breach (Cascadia Daily) The Whatcom County Library System (WCLS) continues to investigate a data-security breach that compromised the personal information of an undisclosed number of library users.
Some form of malware was initially suspected in a June 27 security breach of the county libraries’ computers. The county library system informed the Bellingham Public Library on July 11 that some patrons’ personal data had been downloaded from county library computers. The names, birthdates, library card numbers and PINs of 735 Bellingham library cardholders were exposed in the breach, the city said.
Medical billing vendor data breach affects more than 942,000 patients (Becker's Hospital Review) More than 942,000 patients from 28 hospitals and physician offices were affected by a data breach involving medical billing vendor Practice Resources, according to an Aug. 4 submission to the HHS Office of Civil Rights.
Security Patches, Mitigations, and Software Updates
Chrome browser gets 11 security fixes with 1 zero-day – update now! (Naked Security) Don’t delay – patch today.
Amazon quietly fixes Ring Android app bug that exposed data, camera recordings (The Record by Recorded Future) Amazon resolved a vulnerability in May that exposed the data and camera recordings of Ring app users on Android devices.
Amazon Quickly Fixed a Vulnerability in Ring Android App That Could Expose Users’ Camera Recordings (Checkmarx.com) Researchers at Checkmarx found that the Ring Android app could have allowed a malicious application installed on the user’s phone to expose their personal data, geolocation, and camera recordings.
Trends
Global Threat Landscape Report: A Semiannual Report by FortiGuard Labs (Fortinet) Another half-year through unprecedented times has passed. But as unique as these times may feel, we continue to see familiar exploits, names, and attacks taking up space. To help you and your business feel confident in your ability to protect yourself against the threats that continue to come our way, this report looks back on the cyber threat landscape of the first half of 2022 using our global array of sensors monitored by FortiGuard Labs.
Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High (Security Intelligence) The 2022 Cost of a Data Breach Report revealed the healthcare industry as the sector experiencing the costliest data breaches — more than $10 million in average breach costs.
Sifting Through Digital Exhaust - Cyber Physical Threats (Constella Intelligence) How Your Life Events Invite Cyber & Physical Threats
Sifting Through Digital Exhaust Part 2: Remove Exposed Data (Constella Intelligence) Part 2: How to remove much of your exposed data from the web, opt-out of tracking, keep tabs on your PII, and how this data can be used against you.
2022 State of the API Report (Postman) The 2022 State of the API report covers the largest and most comprehensive survey on APIs, ever. More than 37,000 developers and API professionals shared their thoughts.
The UK Regions Most And Least Impacted By Cybercrime In 2022 |… (Hicomply) Hicomply is a software platform that gives you the tools to build your information security management system as well as protect your business data.
Marketplace
Wavenet Acquires Cyber Security Vendor OGL (UC Today) UC Today reports on the latest technology news from around the globe. Read similar Unified Communications news to 'Wavenet Acquires Cyber Security Vendor OGL' here
Malwarebytes Cuts 125 Employees as per Strategic Reorganization Plan (TechDator) Malwarebytes, 0ne of the well-known device security makers, confirmed laying off about 14% of its global workforce, about 125 employees.
Santa Clara-based cybersecurity startup Malwarebytes is cutting 125 jobs (Silicon Valley Business Journal) Malwarebytes Inc. has reportedly cut 125 employees, or about 14% of its global workforce, as it shifts its business strategy.
KKR acquires cybersecurity firm Barracuda for $4bn (Totaltelecom) The deal represents a key indicator of private equity’s growing interest in cybersecurity firms,
KKR snaps up cybersecurity specialist for $4B (Mobile World Live) KKR continued to expand its portfolio of cybersecurity and fibre network assets through acquisition of Barracuda Networks.
Investing in Innovation: 9 Startups That Recently Secured $50M+ (Acceleration Economy) Snapshots of 9 startups that have recently secured $50 million or more in funding to fuel innovation in security, supply chains, and more.
Lloyd’s sets requirements for state-backed cyber attack exclusions (Insurance Day) From March 31 next year, all standalone cyber attack policies must exclude liability for losses arising from any state-backed cyber attack
Privacy protection could be the key to retention in 2023 (HR Morning) There’s a new benefit employers may want to consider offering in 2023 – privacy protection. The reason: Eighty-two percent of breaches have a human element involved, according to Verizon’s 2022 Data Breach Investigations Report. Keeping employees’ privacy safe, means keeping the company’s privacy safe. Dimitri Shelest, founder and CEO at OneRep, a privacy protection company, believes the […]
KnowBe4 Honored as Gold Stevie® Award Winner In 2022 Stevie Awards for Talent Acquisition Team of the Year (GlobeNewswire News Room) KnowBe4 has been named the winner of a Gold Stevie® Award in the Talent Acquisition Team of the Year category in the seventh annual Stevie Awards for Great...
Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award (Business Wire) Radiant Logic selected as inaugural winner of the Cybersecurity Impact Award by the Aite Novarica Group.
1Password Welcomes Security Innovator as Chief Product Officer (PR Newswire) 1Password, the human-centric security leader, today announced Steve Won as Chief Product Officer. Steve brings a wealth of experience from...
Claroty Appoints Joshua Corman as VP Cyber Safety Strategy (Claroty) Former Chief Strategist of CISA’s COVID Task Force and Founder of I Am The Cavalry to lead company’s efforts to protect public safety, human life, and national security
Products, Services, and Solutions
Introducing curated detections in Chronicle SecOps Suite (Google Cloud Blog) Curated detections for Chronicle enables security teams to use Google’s intelligence and expertise in responding to threats and cyberattacks.
Wesfarmers to stand up offensive cyber security capabilities (iTnews) Through new "Cyber Fusion Centre".
Kyndryl, EY team up for digital transformation offering (CRN Australia) Combining cloud, infrastructure expertise with consulting experience.
AttackIQ Becomes First Breach and Attack Simulation Provider to Secure Authority to Operate from the United States Army (Business Wire) AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced it has been granted a three-year Assess Only
Fujifilm Group deploys Verizon Business Group’s Advanced Security Operations Center (Verizon) Verizon Business is supporting Japan’s FUJIFILM Holdings and its subsidiaries strengthen its global cybersecurity monitoring and cyber intelligence capabilities.
Why The DIG Chose Swimlane to Transform Its Phishing Defense (Swimlane) The Digital Investigative Group (DIG) is a Managed Security Services Provider (MSSP) startup that serves local government entities and Managed Service Providers (MSPs) in Montana. As the tech bubble continues to grow there, the DIG helps these smaller businesses enhance their cybersecurity posture…
Contrast Security Adds API Support to Security Platform (DevOps.com) Contrast Security has fully extended its vulnerability scanning and runtime application self-protection (RASP) platform to now include APIs.
ManageEngine Integrates with Sectigo® to Automate Certificate Lifecycle Management (Business Wire) ManageEngine announced the integration between its key and certificate lifecycle management solution, Key Manager Plus, and Sectigo.
Technologies, Techniques, and Standards
Analysis | Mandatory password updates are passe (Washington Post) Regular password changes don't improve security, the latest thinking goes.
Council Post: To Pay Or Not To Pay: Ransomware Negotiation Tactics (Forbes) As ransomware attacks multiply, most organizations tend to respond in either of two ways—by paying the ransom, which can amount to millions of dollars, or not paying and diverting resources to recovery efforts.
New Army intel unit having big impact on recently established 'triad' (FedScoop) Army Cyber Command’s new intelligence unit blending historical military intelligence activities with commercial data and public information is providing critical insights in a rapid manner to a newly established “triad” between the service’s cyber, missile defense and special operations organizations. Last week, the Army announced this new triad between Army Cyber Command, […]
Army adding more cyber teams (FedScoop) The Army will be building two more cyber mission force teams for U.S. Cyber Command this year, according to a top official. Lt. Gen. Maria Barrett, commander of Army Cyber Command, told an audience at the TechNet Augusta conference Wednesday that the service is dedicated to beefing up the force in support […]
National Cryptologic Museum Rediscovering Artifacts Hidden Away in NSA Warehouse (National Security Agency/Central Security Service) The machine is strikingly taller and wider than nearly all of the other National Cryptologic Museum (NCM) artifacts stored inside NSA’s 281,000-square-foot storage facility, which is located just a
Academia
In Tennessee, Possible Solution to the Cyber Talent Shortage (Wall Street Journal) A partnership between East Tennessee State University and BlueCross BlueShield of Tennessee plans to graduate cyber pros in two years
Legislation, Policy, and Regulation
A high-level guide to UK prosecutorial and enforcement agencies (Lexology) It is now widely accepted that financial crime is not ‘victimless’, but rather is wrongdoing which has a pervasive detrimental effect on legitimate…
Whatever Happens Between China and Taiwan, the U.S. Needs Its Own Chips (The Information) The intentions of the People’s Republic of China toward Taiwan are clear—it intends to take possession of the island and thereby “reunify” China. U.S. House Speaker Nancy Pelosi’s visit to the island, during which she met with political leaders as well as the chair of Taiwan Semiconductor ...
DOE invests $45 million in cyber technology that protects power sector (The Hill) The Department of Energy announced on Wednesday that it is investing $45 million in cyber technology that will protect the power grid sector from cyberattacks. The investment will fund up…
FTC Kicks Off Wide-Ranging Privacy Rulemaking | JD Supra (JD Supra) The Federal Trade Commission (FTC) released an advance notice of proposed rulemaking (ANPRM) on “Commercial Surveillance and Data Security” on August...
US Army forming ‘offensively oriented’ curriculum to spur cyber skills (Defense News) The program is six months to a year from being fully operational, according to U.S. Army Maj. Gen. Paul Stanton.
How a new Army cyber general got George Patton’s stars (Army Times) The new commander of the Cyber Center of Excellence at Fort Gordon received the artifact the night before his promotion.
Litigation, Investigation, and Law Enforcement
Alleged Russian Money Launderer Extradited from the Netherlands to U.S. (U.S. Department of Justice) An alleged cryptocurrency money launderer was extradited this week from the Netherlands to the United States to face charges in the District of Oregon.
Company changes name after SEC charges 18 over pump-and-dump hacking scheme (The Record by Recorded Future) Lotus Bio-Technology Development Corp. announced on Tuesday that it is initiating a name change, following revelations that its stock was manipulated as part of a pump-and-dump scheme that involved the hack of more than 30 brokerage accounts.
Israeli Firm Cellebrite Sold Phone-hacking Tools to Uganda's Brutal Dictatorship (Haaretz) Ruling Uganda since 1986, Museveni's regime is responsible for kidnapping, torturing and murdering rights activists, opposition figures and LGBTQ people. Cellebrite: Strict oversight ensures proper use of our technology.
Rights groups ask Defense Ministry to stop sales of phone hacking tool to Uganda (Times of Israel) Human rights activists urge that Cellebrite be barred from providing its equipment to Kampala regime, claiming it is used to suppress dissidents and LGBT community
Google wins defamation battle as Australia’s high court finds tech giant not a publisher (the Guardian) Judgment rules ‘a hyperlink is merely a tool’ in case between search engine and Melbourne lawyer George Defteros
Complaint (Attorney) – #1 in HADNAGY v. MOSS (E.D. Pa., 2:22-cv-03060) (CourtListener) COMPLAINT against DEF CON COMMUNICATIONS, INC., JEFF MOSS ( Filing fee $ 402 receipt number APAEDC-16086367.), filed by J. HADNAGY CHRISTOPHER. (Attachments: # 1 Civil Cover Sheet, # 2 Case Management Track Form)(ZINGARETTI, ASHLEY) (Entered: 08/03/2022)
FTC threatens to sue firm allegedly revealing abortion clinic visits (Washington Post) A lawsuit against the agency shows how it might defend health data after the Supreme Court left states free to outlaw abortion