Dateline Moscow, Kyiv, Riga, Tallinn: Assassination in wartime.
Ukraine at D+179: An assassination in Russia. (CyberWire) Russian forces remain stalled, and Ukrainian special operators continue to strike rear areas. Ukraine will be receiving advanced targeting systems from the US. A strongly nationalist supporter of President Putin's war was assassinated Saturday outside Moscow, and the FSB has blamed Ukraine. A Russian diplomat says he's been willfully misunderstood by abnormal people: he wasn't calling for genocide, but rather expressing his concern for the Ukrainian people.
Russia-Ukraine war latest: what we know on day 180 of the invasion (the Guardian) Large gatherings banned in Kyiv ahead of independence day over fears of attacks; Nikopol, near Zaporizhzhia nuclear plant, repeatedly shelled
Russia-Ukraine war: List of key events, day 180 (Al Jazeera) As the Russia-Ukraine war enters its 180th day, we take a look at the main developments.
Russia steps up campaign to seize key Ukraine city as war nears six-month mark (CBS News) Bakhmut has for weeks been a key target of Moscow's eastern offensive as the Russian military tries to complete a monthslong campaign.
Six months of hell in Ukraine: how Putin’s crazy war reached deadlock (the Guardian) This week Kyiv will celebrate independence day, and mark half a year of fighting, with a display of wrecked Russian tanks on its main street. The Russian president’s hopes of a swift victory have come to nothing. Peace talks have stalled. Where do we go from here?
After six months of bloody and terrible war, what exactly does Putin want from Ukraine? (the Guardian) Russia is trying to demonstrate that Nato is powerless to stop it, says author and former foreign correspondent Philip Short
The Story of Russia by Orlando Figes review – Vladimir Putin and the power of myth-making (the Guardian) The historian’s latest work on Russia is a lucid chronological journey that ably illustrates how narratives from the nation’s past have been used to shape its autocratic present
'Time stopped': Ukrainians long to go home as war drags on (AP NEWS) On March 8, nearly two weeks after Russia invaded Ukraine, Taisiia Mokrozub took her infant son, parted from her husband and joined an exodus to safety in Poland. She believed the war would end quickly and she would be home by May.
Blasts hit Crimea, Russian missile wounds 12 near nuclear plant in southern Ukraine (Reuters) The strike at the Pivdennoukrainsk nuclear station and fresh shelling near the Zaporizhzhia station, Europe's largest such facility, prompted new fears of a nuclear accident during the war, Ukrainian officials said.
Drone ‘strike’ hits Russia’s navy HQ in Crimea as attacks behind enemy lines mount (The Telegraph) Russian soldiers erect roadblocks around Sevastopol, the largest city in Crimea, as a search for saboteurs gains momentum
Ukraine strikes psychological blows in drone warfare over Crimea (the Guardian) Analysis: Widely shared footage of drone attacks shows attempt to bring conflict closer to Russian people
Car blast kills daughter of Russian known as 'Putin's brain' (AP NEWS) The daughter of an influential Russian political theorist often referred to as “Putin’s brain” was killed in a car bombing on the outskirts of Moscow, authorities said Sunday. The Moscow branch of the Russian Investigative Committee said preliminary information indicated 29-year-old TV commentator Daria Dugina was killed by an explosive planted in the SUV she was driving Saturday night.
Car bomb kills daughter of ‘spiritual guide’ to Putin’s Ukraine invasion - Russian media (CNN) Russian authorities said Sunday they had opened a murder investigation after the daughter of influential, ultra-nationalist philosopher Alexander Dugin was killed by a car bomb on the outskirts of Moscow.
A Putin ally’s daughter was killed near Russia’s capital: What to know (Washington Post) The daughter of Alexander Dugin, a Russian nationalist and self-styled philosopher whose ideas helped shape the Kremlin’s narrative about Ukraine, was killed in a car explosion near Moscow on Saturday night, in what Russian investigative authorities said looked like a “murder for hire.”
Daughter of Putin ally Alexander Dugin killed in car bomb in Moscow (the Guardian) Russian hawks without evidence blame Kyiv for death of Darya Dugina and demand Kremlin response
A Putin ally’s daughter was killed near Russia’s capital: What to know (Washington Post) The daughter of Alexander Dugin, a Russian nationalist and self-styled philosopher whose ideas helped shape the Kremlin’s narrative about Ukraine, was killed in a car explosion near Moscow on Saturday night, in what Russian investigative authorities said looked like a “murder for hire.”
Russia Opens Murder Investigation After Blast Kills Daughter of Putin Ally (New York Times) Daria Dugina was the daughter of an ultranationalist who has urged the Kremlin to escalate its assault on Ukraine. The rare attack on a member of the pro-Kremlin elite could upend President Putin’s efforts to maintain a sense of normalcy.
Russia blames Kyiv for killing daughter of ‘Putin’s Rasputin’, but the truth may be closer to home (The Telegraph) Car bomb attack in Moscow most likely to be a false flag attack to whip up public support and escalate war against Ukraine
Alexander Dugin's daughter killed by anti-war Russians: Former state deputy (Newsweek) "Putin will be deposed and destroyed by us!" the group's manifesto states.
Russians vow to strike Ukraine after daughter of Vladimir Putin's ally dies in car bomb (The Telegraph) Officials in Kyiv deny any links to the murder of Darya Durgina, but have warned of increased Russian attacks in the days ahead
Brazen Attack Near Moscow Rattles Russians (New York Times) The daughter of a prominent ultranationalist, herself a hawkish commentator, was killed by a car bomb deep in Russian territory.
Russia-Ukraine war: Russia blames Ukraine for car bomb death of Darya Dugina; Moscow rules out peace deal to end war – live (the Guardian) Russian security service accuses Ukraine special services of killing daughter of Putin ally; Russia’s UN envoy rules out talks between Putin and Zelenskiy
Russia, Ukraine spar over fighting near nuclear facility (AP NEWS) A fire at a munitions depot inside Russia forced the evacuation of two villages near the border with Ukraine, an official said Friday, while two civilians were reported wounded by Russian shelling near the Zaporizhzhia nuclear power plant as both sides traded accusations about fighting near the facility in southern Ukraine.
Ukrainians Brace for the Worst Around Zaporizhzhia (Foreign Policy) Fears are rising that Russia could stage a catastrophic accident at Europe’s biggest nuclear power plant.
‘Crazy things are happening’: life in occupied Ukrainian nuclear city (the Guardian) Olexander lives in Enerhodar – a satellite city for the Zaporizhzhia power station – where an accident or artillery attack are constant fears
Ukraine war: Russia accuses Kyiv special forces of car-bomb killing in Moscow (The Telegraph) Russia's FSB intelligence agency has accused Ukrainian special forces of assassinating Daria Dugina in a car explosion on the outskirts of Moscow, before fleeing to EU member Estonia.
Ukraine’s Crimea fightback and how saboteurs are exploiting enemy blunders (The Telegraph) Special report: Careless Russian soldiers are dumping powerful weaponry at makeshift sites on the peninsula - and Kyiv is taking advantage
Russia's 'Oculus' to use AI to scan sites for banned information (BleepingComputer) Russia's internet watchdog Roskomnadzor is developing a neural network that will use artificial intelligence to scan websites for prohibited information.
Emmanuel Macron’s call with Vladimir Putin aimed at ‘averting nuclear disaster’ (The Telegraph) The French leader’s officials claim talks between the two resumed because of safety concerns over the Zaporizhzhia power plant
Estonia Repels Biggest Cyber-Attack Since 2007 (Infosecurity Magazine) Tiny Baltic nation riles Russia by removing monuments
5 things you need to know about Russia’s intelligence failures ahead of the invasion of Ukraine (Washington Post) A months-long examination by The Washington Post of the intelligence war in Ukraine draws on a trove of sensitive materials including intercepted communications involving Russian intelligence operatives, as well as in-depth interviews with senior Ukrainian, U.S. and European officials. Here are some key findings:
Russian Intelligence Services Lied To Putin Before Invading Ukraine - Disinformation Countering Center (Ukrainian News) The Center for Countering Disinformation at the National Security and Defense Council (NSDC) of Ukraine said that the special services of the Russian Federation deliberately misinformed Russian President Vladimir Putin regarding real sentiments in Ukraine, so Putin was confident that he could "take Kyiv in 3 days."
On Russian invasion, US intel got it right — but policymakers stumbled (Responsible Statecraft) The Washington Post has launched a history-shaping exercise, but it fails to ask the right questions and omits Biden's most serious mistakes.
Estonia's Battle Against a Deluge of DDoS Attacks (Infosecurity Magazine) The European nation has seen a spike in DDoS attacks throughout August
Latvia Starts Removing Soviet Monument in Challenge to Russia (Bloomberg) Latvian authorities began work to dismantle a towering Soviet-era World War II monument, the latest potential flashpoint between the Baltic region and Russia.
"No Mercy To The Ukrainian Population," Russian Ambassador Wrote And Then Deleted Tweet (Ukrainian News) The Russian ambassador to international organizations in Vienna Mikhail Ulyanov wrote on his Twitter microblog page: "No mercy to the Ukrainian population!" in response to a tweet by President of Ukraine Volodymyr Zelenskyy thanking U.S. President Joseph Biden for another military aid package for Ukraine.
President's Office on Russian envoy urging genocide of Ukrainians (KyivPost) It is time for the world to realize that the Russian Federation is a fascist vertical of millions of people.
Ukraine's Foreign Ministry calls on Austria to declare Russia's permanent representative in Vienna persona non grata (Interfax-Ukraine) The Ministry of Foreign Affairs of Ukraine calls on the entire diplomatic community in Vienna to boycott the Permanent Representative of the Russian Federation in Vienna, and Austria to declare him persona non grata because of his statement about the destruction of the Ukrainian nation, Ukrainian Foreign Ministry spokesman Oleh Nikolenko has said.
Podoliak concerning call of Russia's ambassador in Vienna to genocide of Ukrainians: time to understand Russia is a fascist vertical of millions of people (Interfax-Ukraine) Russia's Permanent Representative to Austria Mikhail Ulyanov declares the need for a "final solution to the Ukrainian issue" and calls for genocide, it's time to understand that Russia is a fascist vertical of millions of people, Mykhailo Podoliak, adviser to the head of the President's Office, has said.
Finland, Sweden offer NATO an edge as rivalry warms up north (AP NEWS) The first surprise, for the Finnish conscripts and officers taking part in a NATO-hosted military exercise in the Arctic this spring: the sudden roar of a U.S. Marine helicopter assault force, touching down in a field right next to the Finns' well-hidden command post.
Suspected Kremlin spies arrested after raid on Albanian arms factory (The Telegraph) Two Russians and a Ukrainian were detained at the Gramsh weapons plant 50 miles from Tirana after guards noticed a person taking photographs
Putin humiliated after Russian spies caught red handed trying to enter weapons factory (Express) VLADIMIR PUTIN has suffered further humiliation after three Russian spies were caught red handed trying to enter an Albanian arms factory.
RP Sees 'Gramshi Incident' as Putin's Attempt for Tension in Balkans (ALBANIA DAILY NEWS) The head of the Republican Party (RP), Fatmir Mediu, emphasized that Russian President Vladimir Putin aims to create other conflict and tension in the Balkan region after the invasion of Ukraine.
Iceye to Dedicate Satellite for Ukrainian Government Use (Via Satellite) Iceye is providing the government of Ukraine with its synthetic aperture radar (SAR) satellite imaging capabilities, signing a contract with the Serhiy
Defense & National Security — Another $775M in weapons for Ukraine (The Hill) The United States will send another $775 million in missiles, drones, vehicles and mine clearing equipment to Ukraine to help in its war with Russia as the conflict enters a near standstill. …
‘Seek and destroy’: New US aid to Ukraine targets Russian artillery (Defense News) A new $775 million military aid package for Ukraine marks the first time the U.S. is sending ScanEagle drones for targeting artillery to the country.
France's Macron assails Putin's 'brutal attack' on Ukraine (AP NEWS) Hours after talking with Vladimir Putin, French President Emmanuel Macron on Friday accused the Russian leader of launching a “brutal attack” on Ukraine in an imperialist, revanchist violation of international law.
Belarus’s opposition is growing stronger (The Strategist) As the war in Ukraine rages on, the stability of neighbouring Belarus, which has been backing the Russian invasion, appears to be fracturing. Has Russian President Vladimir Putin’s war of aggression opened a Pandora’s box ...
The War in Ukraine Supports Guterres' Case for Multilateralism (World Politics Review) When U.N. Secretary-General Antonio Guterres first released “Our Common Agenda,” his 2021 report on the future of multilateralism, many diplomats were skeptical of how it would apply to peace and security. But parts of the report actually look more, rather than less, relevant after Russia’s invasion of Ukraine.
Russia's war at 6 months: A global economy in growing danger (AP NEWS) Martin Kopf needs natural gas to run his family's company, Zinkpower GmbH, which rustproofs steel components in western Germany. Zinkpower's facility outside Bonn uses gas to keep 600 tons of zinc worth 2.5 million euros ($2.5 million) in a molten state every day.
Don’t believe Putin – the Russian economy is suffering a catastrophic shock (The Telegraph) The Kremlin is manipulating statistics to disguise the damage being done by sanctions
Moscow accused of blackmail after announcing temporary closure of Nord Stream 1 (The Telegraph) The move sparked renewed fears that Russia could completely cut Europe off from its gas supplies
Russia’s Gazprom trolls Siemens Energy over ‘lonely’ turbine that has been the centre of conflict over Nordstream 1 supplies to Europe (Op India) While Germany accuses Gazprom and Russia of not taking the turbine back, Gazprom and Russia blame Siemens (and Germany) for not repairing the machines and causing delay, indirectly insisting that Germany has itself to blame for the reduced supply of energy via the Nordstream pipeline.
Ripples of War (Wilson Quarterly) The world has shifted dramatically since Russia invaded Ukraine on February 24, 2022. As the world now sits on the hinge of history, the summer 2022 Wilson Quarterly examines the Ripples of War.
Russia-Ukraine: five lessons from the 19th-century Crimean war (the Guardian) A century and a half ago, Russia lost a war it might have expected to win. The consequences reached far and wide
Attacks, Threats, and Vulnerabilities
Data-tampering attacks are a 'nightmare' threat that's hard to detect (Protocol) Attacks involving manipulation of data could pose an even more severe threat than data theft or ransomware in some cases, but are not top of mind for most businesses, experts told Protocol.
China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload (Dark Reading) The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.
China-backed APT41 Group Hacked at Least 13 Victims in 2021 (Infosecurity Magazine) The majority of the attacks spotted relied primarily on SQL injections on targeted domains
China's Winnti Group Hacked at Least 13 Organizations in 2021: Security Firm (SecurityWeek) Chinese state-sponsored threat group Winnti compromised at least 13 organizations globally in 2021, spanning across multiple sectors
TikTok’s In-App Browser Includes Code That Can Monitor Your Keystrokes, Researcher Says (Forbes) The researcher also examined in-app browsers for other apps like Instagram and Facebook Messenger, which don’t appear to track as much as TikTok.
TikTok's in-app browser has code that could be used to track data like passwords and credit card numbers — and Apple should ramp up security to prevent it, a researcher says (Business Insider) A researcher says he found code in TikTok that allows it to access sensitive user data. He is calling on Apple to be more strict about its app store review process.
Russian APT29 hackers abuse Azure services to hack Microsoft 365 users (BleepingComputer) The state-backed Russian cyberespionage group Cozy Bear has been particularly prolific in 2022, targeting Microsoft 365 accounts in NATO countries and attempting to access foreign policy information.
CNA Explains: What is Google Chrome's latest bug and how badly can it be exploited? (CNA) Google Chrome users have been urged to immediately install a security patch after reports of a high-severity vulnerability in the browser. How might hackers take advantage of this bug?
241 npm and PyPI packages caught dropping Linux cryptominers (BleepingComputer) More than 200 malicious packages were discovered infiltrating the PyPI and npm open source registries this week. These packages are largely typosquats of widely used libraries and each one of them downloads a Bash script on Linux systems that run cryptominers.
Re-emergence of Carousell phishing scam claims 10 victims, S$17,000 lost since July (The Straits Times/Asia News Network via The Star) At least 10 victims have lost $17,000 since July to a phishing scam variant that has re-emerged on Carousell.
WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware (BleepingComputer) WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan.
Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads (Sucuri Blog) We reveal how hackers have begun leveraging fake DDoS protection pages to trick users into downloading remote access trojans (RATs) onto their computers.
Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware (The Hacker News) Researchers detail DarkTortilla, an evasive crypter used by hackers to spread a broad array of commodity malware and targeted payloads.
Security researcher claims iOS VPN 'broken', Apple says issued a fix (Business Standard) Apple insists it has offered a fix since 2019, while ProtonVPN says that it's only a partial solution, reports 9to5Mac
Spanish Banking Trojan Attacks Various Industry Verticals (Bank Info Security) Researchers uncovered a spear-phishing campaign targeting automotive and chemical manufacturers across the Spanish-speaking nations of Mexico and Spain. The latest
Grandoreiro Malware with New TTPs (Zscaler) Grandoreiro, one of the top banking trojans in Latin America, is using new tactics in a malware campaign that impersonates government officials.
HC3 alerts to social engineering risk, rise in vishing attacks on healthcare (SC Media) Two new HC3 alerts share threat tactics and recommended remediation to combat ongoing social engineering attempts and the rise of vishing attacks on the healthcare sector.
Vishing Attacks on the Rise (HC3: Analyst Note) Voice phishing, also known as vishing, is the practice of eliciting information or attempting to influence action via the telephone. Over the past year, HC3 has noted a marked increase in these attacks across all sectors.
More than 80 health systems hit by cybersecurity breaches in August (Becker's Hospital Review) From Russian hackers targeting hospitals for patient data to third-party vendor data breaches affecting numerous health systems, here are 11 cybersecurity incidents that Becker's has reported on since Aug. 1.
Ransomware Attack at Lamoille Health Partners Impacts 59K (Health IT Security) Vermont-based Lamoille Health Partners suffered a ransomware attack in June that impacted more than 59,000 individuals.
Lee County EMS notifies past customers of security breach (Lehigh Acres Citizen) Lee County Emergency Medical Services reported that on Aug. 4, staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services. Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014. Intermedix hired a law […]
Car Dealership Hit by Major Ransomware Attack (Infosecurity Magazine) Holdcroft Motor Group says most systems back online now
Cyberattack hits North Dakota state agency (Bismarck Tribune) North Dakota's Workforce Safety & Insurance agency was struck by a cyberattack in June that involved personal data.
Cyber-attack on WSI gains access to personal data of North Dakotans (Valley News Live) WSI says there is evidence that the cyber attacker gained access to personal data in the employee’s email through the email attachment that contained malicious code.
Whitworth University Still Recovering from Ransomware Attack (GovTech) After discovering last month that ransomware had infiltrated its information systems, a private Christian university in Washington is still investigating the incident and adding new layers of security.
Security Patches, Mitigations, and Software Updates
Apple patches double zero-day in browser and kernel – update now! (Naked Security) Double 0-day exploits – one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
Google and Apple both release patches against zero‑day vulnerabilities – Week in security with Tony Anscombe (WeLiveSecurity) Zero-day vulnerabilities are super active and Google and Apple are acting to patch these vulnerabilities, some of which seen on-the-wild. Watch the video.
Why You Should Consider Google Chrome's Enhanced Safe Browsing Mode (CNET) You'll get more security, but there are some downsides.
Trends
Disk wiping malware knows no borders (Help Net Security) A Fortinet report revealed that ransomware threat continues to adapt with more variants enabled by Ransomware-as-a-Service (RaaS).
Cyber insurers weigh in on latest cybersecurity trends, threats (The Record by Recorded Future) According to the U.S Government Accountability Office, the rate of businesses getting cyber insurance has doubled recently, from 26% in 2016 to 47% in 2020.
Cybersecurity Insights with Contrast CISO David Lindner | 8/19 (Contrast Security) Contrast Security CISO David Lindner provides his top three weekly insights for CISOs, developers, and the security community here.
New Study Reveals Identity Sprawl Plagues Organizations (Radiant Logic) Radiant Logic unveiled its “Identity Data Management: Roadblock or Business Enabler” report, providing deep insights into the identity management challenges organizations are facing. In surveying global IT and information security leaders, it was found that while 58% rated identity management of vital importance, 61% stated that their organization views identity management as too time-intensive and costly to effectively manage.
Sicherheitslücken: Wie Angreifer Smartphones und Co. hacken (ZDFheute) Digitale Spionageangriffe auf Smartphones und Laptops nehmen zu. Unsichere Schnittstellen erleichtern den Hackern die Arbeit.
Marketplace
Cybersecurity M&A Roundup for August 1-15, 2022 (SecurityWeek) Twenty-three cybersecurity-related M&A deals were announced in the first half of August 2022.
Early-Stage Investor of the Year | YL Ventures (SC Media) YL Ventures focuses on seeding Israeli-based companies for success in the U.S. and global markets. Successful unicorns include Axonius and Orca Security.
NightDragon Wins 2022 SC Award for Growth Stage Investor of the Year (NightDragon) NightDragon is thrilled to announce that it has been recognized as an Excellence Award winner in the Growth Stage Investor of the Year category for the 2022 SC Awards. The SC Media industry awards program is cybersecurity’s most prestigious and competitive program, recognizing the solutions, organ
At-Bay Acquires Relay to Accelerate the Future of Specialty Insurance (Business Wire) At-Bay acquires specialty insurance distribution marketplace Relay; the multicarrier platform will remain an independent entity going forward.
Mike Lynch attacks 'vindictive' US authorities over Darktrace takeover (The Telegraph) Plus: Cybersecurity star Darktrace confronts its past as predators circle
How a Former Sequoia Capital Partner Cornered the Israeli Security Startup Market (The Information) Whenever a cybersecurity startup seeks capital from venture capital firms in Israel, whose military trains an outsize number of security software entrepreneurs, the first thing prospective investors usually do is check whether Gili Raanan has invested in it. If he hasn’t, there had better be a ...
Facebook contractors learned they lost work with the company through a video call with anonymous representatives who said an 'algorithm' chose random people to cut, workers say (Business Insider) Facebook appears to be reducing the number of contractors it employs through a staffing deal with Accenture.
Meta Platforms Stock: How The FTC Could Derail Meta's Big Plans (SeekingAlpha) Meta Platforms' core business has turned negative, and now the FTC is trying to block META's acquisition strategy. See what risks remain with META stock.
Meta Platforms Stock: How The FTC Could Derail Meta's Big Plans (SeekingAlpha) Meta Platforms' core business has turned negative, and now the FTC is trying to block META's acquisition strategy. See what risks remain with META stock.
Spyware Firm NSO's Chief Steps Down in Reorganization (Bloomberg) Israeli spyware company NSO Group’s chief executive officer is stepping down as the company restructures to focus on NATO-member countries, it said in a statement.
Israeli spyware company NSO Group CEO steps down (Reuters) Israeli spyware firm NSO Group said on Sunday its Chief Executive Shalev Hulio is stepping down with immediate effect, with Chief Operating Officer Yaron Shohat appointed to oversee a reorganisation of the company before a successor is named.
NSO Group’s Hulio steps down as CEO of spyware firm, 100 employees let go (Times of Israel) Producer of controversial Pegasus phone hacking software undergoes large scale reorganization amid bid to regroup after years of negative publicity, blacklists and lawsuits
Israeli cybersecurity co Tufin lays off 55 (Globes) Ahead of its acquisition by Turn/River Capital for $570 million, the cybersecurity policy management and automation company is laying of 10% of its workforce.
Torq Announces 385% Customer Growth and 360% Revenue Increase (Torq) No-Code Security Automation Leader, Torq, Announces 385% Customer Growth and 360% Revenue Increase, Delivering on Its Promise of Empowering Global Security Teams to Defeat Modern Cyberthreats.
BlastWave expands leadership team with new appointments (Help Net Security) BlastWave has appointed Keao Caindec as CMO and Vince Zappula as CRO to facilitate BlastWave's company vision.
Products, Services, and Solutions
Hitachi ID and HYPR accelerate the path to passwordless with Bravura OneAuth (Business Wire) Credentials are the most popular targets of hackers, who are only growing more sophisticated in their ability to automate attacks that bypass traditio
PlainID, The Authorization Company™, Announces its General Availability Release of PlainID's SaaS enabled Authorization Platform (PR Newswire) PlainID, the Authorization Company™, announces today the general release of its highly anticipated "Authorization-as-a-Service," SaaS-enabled...
TechCrunch launches TheTruthSpy spyware lookup tool (TechCrunch) This tool lets you check to see if your Android device was compromised.
Kaspersky partners with NCSA, enhancing cybersecurity workforce efficiency (Nation Thailand) As cyberattacks become more sophisticated and security solutions require more resources to analyze the huge amount of data, many organizations need advanced security services that deal with this growing complexity in real-time, 24x7.
Okta Identity Governance: A Unified IAM and Governance Solution (Okta) A unified IAM and Governance solution to improve enterprises security posture that helps them mitigate modern security risks and improve efficiency.
Technologies, Techniques, and Standards
CISA and Election Security Partners Hold Tabletop the Vote Exercise in Preparation for 2022 Midterm Elections (CISA) The Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the U.S. Election Assistance Commission, National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED), hosted the nation’s largest annual election security exercise this week. Public and private election security partners from across the country participated in the fifth annual Tabletop the Vote. The exercise, which was not in response to any specific or credible threat, took place August 17 – 19. It included a range of hypothetical scenarios affecting election operations, giving participants the opportunity to share practices around cyber and physical incident planning, preparedness, identification, response, and recovery.
Crypto Privacy Breach: FTX Blocks Accounts Using Aztec Protocol For Transactions (Outlook india) Crypto exchange FTX has blocked accounts which are using ZK Money, a layer 2 Aztec protocol, which is a private transaction platform for sending money, on grounds of privacy breach
Will Ethereum Be Vulnerable to Censorship After the Merge? (Crypto Briefing) Ethereum's upgrade to Proof-of-Stake is being clouded by concerns the transition may make the blockchain vulnerable to censorship.
How the banking and financial industries are gearing up against phishing (BetaNews) Phishing has become a matter of grave concern for banks and financial institutions, as attacks on the industry have increased in recent years. Finance is the most impersonated industry in phishing campaigns. Some 35 percent of fake websites and emails claim to be from financial institutions, according to the American Bankers Association.
Design and Innovation
Erik Prince wants to sell you a “secure” smartphone that’s too good to be true (MIT Technology Review) MIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.
Research and Development
We may never fully know how video games affect our well-being (MIT Technology Review) But researchers have pinpointed the data might help to provide more clues.
Legislation, Policy, and Regulation
Vietnam orders tech firms to store user data onshore (Reuters) Vietnam's government has ordered technology firms to store their users' data locally and set up local offices, its latest move to tighten cybersecurity rules.
Chinese cyber agency signals support for tech industry (The Record by Recorded Future) CAC officials set a conciliatory tone towards tech Friday, but are still supervising ride-hailing giant’s data work.
Government blocks Chinese purchase of UK electronics firm over security concerns (Computing) Pulsic's software and intellectual property may be used to develop technical or defence capabilities, government says
5G wars: the US plot to make Britain ditch Huawei (Times) Donald Trump’s arrival in Washington in 2017 had quickly united the Five Eyes spy network against the misinformation emerging from the White House. The assuranc
Canada bans Huawei from installing 5G networks: "espionage risk" (Wire Service Canada) Canadian Prime Minister Justin Trudeau's government has decided to ban Huawei technologies for its 5G networks. A spokesman for the Ministry of Public
An Analysis Of The CBN’S Cybersecurity Guidelines To Other Financial Institutions (Nigeria Lawyers) Set to take effect from January 1, 2023, this regulatory guideline is aimed at the Other Financial Institutions (OFIs) (such as microfinance, development banks, etc.), to enhance cybersecurity and strengthen the defense against cyberattacks, targeted at the information and communications system of the financial industry, which is heavily relied upon to operate. It was triggered by the recent spike and sophisticated nature of the cyberattacks, and threats posed by hackers targeted at the finance industry.
TikTok asks House of Representatives to rescind cyber advisory about company (The Record by Recorded Future) Short-form video giant TikTok refuted claims made by the Chief Administrative Officer (CAO) of the U.S. House of Representatives last week and called on her to take down a cyber advisory that urged lawmakers to avoid the platform.
The Pentagon may require vendors certify their software is free of known flaws. Experts are split. (CyberScoop) The debate is over whether the provision is unrealistic or if it's a game changing move to cut down on software vulnerabilities.
OIG Wants More Progress from CISA on Cyber Threat Information Sharing (HSToday) The Office of Inspector General (OIG) says the Cybersecurity and Infrastructure Security Agency (CISA) made limited progress improving the overall quality of threat information but has addressed basic information sharing requirements.
Opinion: Why doctrinal arguments continue to stymie effective cyber policies (CyberScoop) U.S. cyberspace policymakers view military principles with a dangerous disregard of what it actually takes to make American networks secure.
Litigation, Investigation, and Law Enforcement
Russia probe memo wrongly withheld under Barr, court rules (AP NEWS) The Justice Department under Attorney General William Barr improperly withheld portions of an internal memo Barr cited in announcing that then-President Donald Trump had not obstructed justice in the Russia investigation, a federal appeals panel said Friday.
Lawmakers demand data about online threats against law enforcement (Washington Post) House Oversight Committee leaders called on eight social networks, including Meta, Truth Social and Gab, to turn over details about how they’re responding following the FBI search of Mar-a-Lago
'Highly skilled and organised' cyber criminals stole £1.1m from Luton Borough Council account (Computing) The funds were intended for a new school block
4 people arrested for alleged involvement in phishing scams targeting bank customers (The Straits Times) The victims received unsolicited SMS messages stating that their cards had been suspended temporarily.
Read more at straitstimes.com.
Social engineering, computer fraud ruled legally distinct (Register) Two different kinds of fraud, says judge while throwing out lawsuit against insurer
Muncie business facing 2 federal class action lawsuits for a data breach (WTHR) The lawsuits claim a data breach August 2021 exposed personal and financial information for nearly 40,000 people.
Def Con banned a social engineering star — now he’s suing (The Verge) Can a conference ban be defamation?
Star social engineer dubbed the 'human hacker' sues Def Con after receiving permanent ban (Fortune) Christopher Hadnagy refutes any allegations of misconduct that he claims have caused 'irreversible damage' to his reputation.