Dateline Moscow, Kyiv, Tallinn, London: Car bombing as a pretext for escalation.
Ukraine at D-180; Bracing for escalation. (CyberWire) The FSB blames Ukraine for the assassination of Daria Dugina, (with an assist from Estonia and the UK), although outsiders are so far largely unconvinced by the attribution. Ukraine expects a spasm of Russian strikes against cities in response to the car bombing outside Moscow, especially as tomorrow marks Ukraine's Independence Day.
Russia-Ukraine war: List of key events, day 181 (Al Jazeera) As the Russia-Ukraine war enters its 181st day, we take a look at the main developments.
Six months after Russia invaded Ukraine, the world is on a knife edge (Washington Post) This week marks six months since the start of Russia’s latest invasion of Ukraine. The resulting war has dominated international headlines, disrupted global supply chains and galvanized a new spirit of solidarity in the West. For many Europeans, the moment marked a “turning point in history” — as German Chancellor Olaf Scholz declared in the early weeks of the conflict.
Ukraine war: Russia accuses Kyiv special forces of car-bomb killing in Moscow (The Telegraph) Russia's FSB intelligence agency has accused Ukrainian special forces of assassinating Daria Dugina in a car explosion on the outskirts of Moscow, before fleeing to EU member Estonia.
Ukrainian cities ban independence day events as Zelensky warns of 'particularly ugly' attacks (CNN) Events to mark Ukraine's Independence Day on Wednesday have been banned in the country's capital, Kyiv, and second-largest city, Kharkiv, as Ukrainian President Volodymyr Zelensky and other officials warn that Russia may carry out missile strikes.
Crimea, Once a Bastion of Russian Power, Now Reveals Its Weakness (Wall Street Journal) The strikes deep inside the Russian-occupied territory have disrupted Moscow’s plans to drive further into southern Ukraine and potentially forced a rethink of its broader strategy, military analysts and officials said.
Russia-Ukraine war: civilians ‘fleeing Kyiv amid fears of attack’; explosions reported across Dnipro – live (the Guardian) Advisor to Zelenskiy says civilians fear Kyiv will be attacked on independence day; mayor of Dnipro confirms rocket attacks
Russia-Ukraine war: Ukraine strikes separatists' headquarters in Donetsk with Himars rockets (The Telegraph) Three people were killed after Ukrainian forces shelled a separatist government building in Donetsk with US-supplied Himars rocket systems, local officials told Russian news agency TASS.
Russia blames Ukraine for car explosion that killed Putin ally’s daughter (Washington Post) Russia blamed Ukraine for a car explosion that killed the daughter of Alexander Dugin, a Russian nationalist and fervent ideological ally of President Vladimir Putin, prompting Dugin to issue a statement calling for military “victory” as vengeance — an exhortation that could lead to an escalation in the war.
Daria Dugina: Moscow claims female ‘Azov fighter’ behind car bomb escaped to Estonia in Mini Cooper (The Telegraph) Russian officials say Natalya Vovk brought her 12-year-old daughter to Moscow to help her stake out Daria Dugina, who died on Saturday
Paranoid Putin is losing the battle of wills against the Ukrainians (The Telegraph) Although it is too soon to know who killed Darya Durgina, the assumption among Russian officials that it was Kyiv reveals their unease
After six months of bloody and terrible war, what exactly does Putin want from Ukraine? (the Guardian) Russia is trying to demonstrate that Nato is powerless to stop it, says author and former foreign correspondent Philip Short
Almost 9,000 Ukrainian military killed in war with Russia -armed forces chief (Reuters) Nearly 9,000 Ukrainian military personnel have been killed in the war with Russia, the head of Ukraine's armed forces said on Monday.
Six months on, Ukraine fights war, faces painful aftermath (AP NEWS) Danyk Rak enjoys riding his bike, playing soccer and quiet moments with the family’s short-legged dog and two white cats, Pushuna and Lizun. But at age 12, his childhood has been abruptly cut short.
Turkey sends 50 mine-resistant vehicles to Ukraine, with more expected (Defense News) The delivery of the Kirpi vehicles was the result of a government agreement, rather than a deal between Ukraine and BMC, which makes the Kirpi.
New weapons for Ukraine suggest preparation for closer combat (Washington Post) The Pentagon is sending new weapons and equipment to Ukraine that will better prepare its military to fight Russian troops at closer ranges, potentially signaling that Kyiv and its backers see an opportunity to retake lost ground after weeks of grinding artillery duels along the front lines.
Speedo-wearing Russian tourists leak defence secrets on Twitter (The Telegraph) Holidaymakers avoid occupied Crimea due to successful Ukrainian attacks, but security fears are not being helped by those who do visit
The Ministry of Digital Transformation, State Service of Special Communication and Information Protection and the Council of Ministers of the Republic of Poland signed Memorandum of understanding in the cybersecurity field. (State Service of Special Communication and Information Protection) The Ministry of Digital Transformation, State Service of Special Communication and Information Protection and the Council of Ministers of the Republic of Poland signed Memorandum of understanding in the cybersecurity field.
Polish-Ukrainian agreement on cooperation in the field of cybersecurity. What does it assume? (Poland Posten) Representatives of the Polish and Ukrainian departments of digitization signed an agreement in Kiev regarding cooperation in the field of cybersecurity.
Greek natural gas operator suffers ransomware-related data breach (BleepingComputer) Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack.
Greek gas operator refuses to negotiate with ransomware group after attack (The Record by Recorded Future) Greece’s national natural gas system operator confirmed this weekend that it was hit with a cyberattack but said it will not negotiate with the group behind the incident.
Announcement | (DESF) DESFA suffered a cyberattack on part of its IT infrastructure by cybercriminals that have tried to gain illegal access to electronic data, with a confirmed impact on the availability of some systems and possible leakage of a number of directories and files.
Source Code of Digital Ruble To Be Released at 0400 Kyiv Time 23 AUG 2022 (Inside Cyber Warfare) The source code for fast payment systems and 3-D Secure banking systems will be included in the release
Who’s Winning the Sanctions War? (Foreign Policy) The West has inflicted damage on the Russian economy, but Putin has so far contained those costs.
Attacks, Threats, and Vulnerabilities
New Iranian APT data extraction tool (Google) As part of TAG's mission to counter serious threats to Google and our users, we've analyzed a range of persistent threats including APT35 and Charming Kitten, an Iranian government-backed group that regularly targets high risk users. For years, we have been countering this group’s efforts to hijack accounts, deploy malware, and their use of novel techniques to conduct espionage aligned with the interests of the Iranian government. Now, we’re shining light on a new tool of theirs.
Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite (CISA) Actions for ZCS administrators to take today to mitigate malicious cyber activity: • Patch all systems and prioritize patching known exploited vulnerabilities. • Deploy detection signatures and hunt for indicators of compromise (IOCs). • If ZCS was compromised, remediate malicious activity.
US government really hopes you've patched your Zimbra server (Register) Here's how to detect an intrusion via vulnerable email systems
New 'BianLian' Ransomware Variant on the Rise (Dark Reading) Novel ransomware was created with the Go open source programming language, demonstrating how malware authors increasingly are opting to employ the flexible coding language.
Chinese espionage group APT41 hacked at least 13 victims in 2021 (teiss) As part of four distinct campaigns in 2021, prolific Chinese state-sponsored espionage group APT41—also known as Barium, Bronze Atlas, Double Dragon, and Wicked Panda—targeted at least 13 organizations in the US, Taiwan, India, Vietnam, and China.
LockBit gang hit by DDoS attack after Entrust leaks (Register) Prolific group pummeled days after claiming to be file thief behind attack on cybersecurity vendor
LockBit ransomware gang knocked offline after publishing stolen Entrust data (SiliconANGLE) LockBit ransomware gang knocked offline after publishing stolen Entrust data - SiliconANGLE
LockBit ransomware blames Entrust for DDoS attacks on leak sites (BleepingComputer) The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data.
Lockbit leak sites hit by mysterious DDoS attack after Entrust hack (Security Affairs) LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The Lockbit ransomware […]
CISA is warning of high-severity PAN-OS DDoS flaw used in attacks (BleepingComputer) A recent vulnerability found in Palo Alto Networks' PAN-OS has been added to the catalog of Known Exploitable Vulnerabilities from the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
CISA issues warning on active exploitation of Palo Alto Networks PAN-OS flaw (Computing) Tracked as CVE-2022-0028, this high-severity vulnerability has been assigned a CVSS score of 8.6
CISA Adds One Known Exploited Vulnerabilities to Catalog (CISA) CISA has added a new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.
Hackers Target ATM Maker for Bitcoins (Infosecurity Magazine) General Bytes confirms serious attack last week
U.K. attack spotlights water sector vulnerabilities (Washington Post) A ransomware gang is leaking documents revealing just how deeply they penetrated the systems of a U.K. water treatment plant that serves hundreds of thousands of customers, potentially gaining access to controls of the facility.
Advanced issues status updates on products affected by cyber-attack (Digital Health) Advanced have issued a status update on their products affected by the cyber-attack, including its Adastra software which has affected NHS 111 services.
Misconfigured Meta Pixel exposed healthcare data of 1.3M patients (BleepingComputer) U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script.
FBI warns of residential proxies used in credential stuffing attacks (BleepingComputer) The Federal Bureau of Investigation (FBI) warns of a rising trend of cybercriminals using residential proxies to conduct large-scale credential stuffing attacks without being tracked, flagged, or blocked.
Proxies and Configurations Used for Credential Stuffing Attacks on Online Customer Accounts (FBI) The FBI is highlighting significant details about proxies1 and configurations2 used by cyber criminals to mask and automate credential stuffing attacks on US companies, resulting in financial losses associated with fraudulent purchases, customer notifications, system downtime and remediation, as well as reputational damage.
Friedrich Air Conditioning, LLC Announces Data Breach (JD Supra) On August 4, 2022, Friedrich Air Conditioning, LLC reported a data breach with the Office of the Attorney General of Vermont. According to Friedrich,...
DECLENCHEMENT DU PLAN BLANC DIMANCHE 21 AOUT 2022 | CHSF - Centre Hospitalier Sud Francilien (CHSF - Centre Hospitalier Sud Francilien) Le plan blanc du Centre Hospitalier Sud Francilien (CHSF) a été déclenché dimanche 21 août 2022 en raison d’une attaque informatique sur le réseau du Centre Hospitalier survenue à 1h du matin.
Russian hackers plan to release data stolen from McKinney hospital onto dark web (CBS News) Important financial documents, prescription information, and patient cards are among the 360 gigabytes of data stolen.
Data on California prisons' visitors, staff, inmates exposed (AP NEWS) California corrections officials said Monday that there has been a potential exposure of medical information for employees and visitors who were tested for the coronavirus, although they have not found any improper use despite the data breach.
CDCR Announces Potential Data Breach Impacting Incarcerated Population, External Stakeholders (News Releases) Breach included medical information No current evidence suggests misuse of data Department has sent notices to those impacted SACRAMENTO – The Califo
Vulnerability Summary for the Week of August 15, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Trends
Rise of fraud in popular culture changes consumer outlook on crime (Onfido) Onfido survey finds that portrayals of fraud in popular culture are influencing views on criminal activity
Black Hat USA 2022: Key Highlights (The State of Security) After the seemingly endless pandemic hiatus, the cyber industry had come out in force. Steve Cumings shares his experience of Black Hat 2022.
Should Companies Track Workers With Monitoring Technology? (Wall Street Journal) Employers can know when you’re logged in, what you’re typing and analyze your facial expressions. That raises all sorts of difficult questions.
Bangladesh at highest risk of ransomware Trojan attacks (The Business Standard) Cyber criminals frequently try to attack the banking, finance, and power sectors
Marketplace
Tech companies chop hundreds of Bay Area jobs as layoffs mount (Techxplore) Tech company layoffs are poised to eliminate hundreds of jobs in the Bay Area, an ominous new round of layoffs that might jolt the region's primary economic engine.
Singtel Readies $300 Million Sale of Cyber Security Arm Trustwave, Sources Say (Bloomberg) Singapore firm speaking with advisers for Trustwave sale. Telecom operator has streamlining portfolio to raise cash.
Trustwave for Sale? MSSP, MDR Security Company May Gain New Owner, Report Suggests (MSSP Alert) Trustwave, an MSSP & MDR security services provider, may be up for sale. Owner Singtel may be seeking up to $300 million for Trustwave, report indicates.
Cybersecurity Startup Arctic Wolf in Talks to Raise $300 Million in Convertible Debt (The Information) Arctic Wolf, a 10-year-old cybersecurity startup valued last year at $4.3 billion, is in talks to raise $300 million in convertible debt from investors including direct lender Owl Rock Capital, according to people familiar with the matter. The debt would convert to shares at a premium to the ...
Krit has been acquired by GreyNoise Intelligence (Krit) In June we signed the paperwork to join GreyNoise Intelligence. We’re incredibly excited to be a part of their incredible team and to continue the work we’ve done together!
Lloyd's of London Introduces New War Exclusion Insurance Clauses (SecurityWeek) Insurance giant Lloyds of London will require its underwriters to include such an exclusion based on its definition of cyberwar in future cyber insurance policies.
Lloyd’s to forbid insurers from covering losses due to state-backed hacks (The Record by Recorded Future) Lloyd’s of London will require underwriters to exclude coverage for state-backed cyberattacks linked to war or catastrophic damages, the insurance marketplace announced last week, as the expanding industry continues to adapt to a changing cyber threat landscape.
Companies Are Ditching Cybersecurity Insurance as Premiums Rise, Coverage Shrinks (The Information) Big companies including banking giant JPMorgan Chase have reduced the amount of cybersecurity insurance they buy from major underwriters, according to people with direct knowledge of the situation. The moves came after ransomware and other digital hacks blindsided insurers, triggering payouts to ...
Will spyware maker NSO Group's struggles reduce use of its eavesdropping tech? Critics doubt it. (CyberScoop) The company announced layoffs and a reorganization on Sunday, but spyware researchers doubt that will reduce the use of its technology.
CrowdStrike Named Best Security Company by 2022 SC Awards (CrowdStrike) CrowdStrike has been recognized as a winner in the Best Security Company category for the 2022 SC Awards US. Read to learn more here!
Concentric AI Grows Leadership Team to Meet Accelerating Demand for Data Security Posture Management Solutions (Business Wire) Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management, today announced it has named former
Products, Services, and Solutions
Secure Code Warrior Spotlights the Importance of Developer Security Skills with 2nd Annual Devlympics Competition (Business Wire) Secure Code Warrior Spotlights the Importance of Developer Security Skills with 2nd Annual Devlympics Competition.
NCA Partners with Amazon on PSA Campaign to Educate Consumers about Online Cyber Threats and Best Practices to Protect Themselves (National Cybersecurity Alliance) Since 2004, the National Cybersecurity Alliance (NCA) has been a national advocate for awareness and education efforts surrounding online threats and cybersecurity safety through tentpole initiatives like Cybersecurity Awareness Month and Data Privacy Week. Now, the organization is collaborating with Amazon to amplify that message…
Barracuda recognized for industry-leading email security and data protection solutions (PR Newswire) Barracuda, a trusted partner and leading provider of cloud-first security solutions, announced today that it is recognized as an innovator with...
ForgeRock Announces a Strategic Partnership with Secret Double Octopus to Extend Passwordless and Multi-factor Authentication Capabilities in the Enterprise (Business Wire) ForgeRock (NYSE: FORG) today announced a strategic partnership with Secret Double Octopus (SDO) to extend ForgeRock’s rich passwordless and Multi-fact
Privitar Announces General Availability of Privitar Modern Data Provisioning Platform (Business Wire) Privitar announces GA of the Privitar Modern Data Provisioning Platform, a new data security platform that powers effective, responsible data use
Claroty Wins 2022 SC Awards in Trust for Best SCADA Security Solution (PR Newswire) Claroty, the cyber-physical systems protection company, today announced that the Claroty Platform has won the 2022 SC Award in Trust for Best...
Cellebrite Introduces Streamlined Collection & Review to Investigative Analytics Workflow (GlobeNewswire News Room) Integrating the Collection & Review and Investigative Analytics functions resolves cases faster and accelerates time to justice...
Enable Security Teams to Leverage Machine Learning Technologies (Imperva) As on-premises and cloud-hosted data repositories get larger, they are outstripping the ability of traditional data-crunching methods to efficiently analyze the information. As a result, more enterprises have turned to data science and machine learning platforms to create business value. The benefit of using a platform for big-data analytics is you don’t have to be […]
Coalfire Federal Among the First Authorized to Conduct CMMC Assessments (PR Newswire) Coalfire Federal today announced it has been authorized by the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body (The Cyber...
Axiata partners Versa Networks to deliver SASE technology to Asian enterprises (BERNAMA) Axiata Group Bhd has partnered [with] US-based Versa Networks to deliver SASE technology for rapidly digitalising Asian enterprises.
Laminar Named a Sample Vendor for Data Security Posture Management in 2022 Gartner® Hype Cycle™ for Data Security (Business Wire) Laminar today announced that it has been named by Gartner as a Sample Vendor for DSPM in the Hype Cycle for Data Security, 2022
Hi from SAI! - HiddenLayer | Security for Machine Learning (HiddenLayer) HiddenLayer’s Synaptic Adversarial Intelligence team, SAI, are cyber security experts and data scientists who identify threats to ML and AI.
Technologies, Techniques, and Standards
How cybersecurity vendors are misrepresenting zero trust (VentureBeat) Zero trust is a fast-growing cybersecurity sector, and its double-digit growth rates and market valuation are a magnet for vendor hype.
AUVSI and Fortress Information Security Team to Develop Industry-Wide Cybersecurity Risk-Based Framework for Uncrewed Vehicles (PR Newswire) The Association for Uncrewed Vehicle Systems International (AUVSI) and Fortress Information Security (Fortress) today initiated an...
Interstate cyber command center expands (GCN) Founded by North Dakota, the Joint-Cybersecurity Operations Command Center now includes almost 20% of states and aims to be at 30% by year’s end.
Army Cyber Command selects top team in its first Best Squad Competition (DVIDS) After three days of challenges, Army Cyber Command (ARCYBER) selected its best squad for 2022 in the command’s first Best Squad Competition, at Fort Gordon, Ga., Aug. 18, 2022.
Design and Innovation
NIST Post-Quantum Competition: And the round 3 finalists are… (Security Boulevard) If you’ve been following the NIST Post-Quantum (PQ) Cryptography Competition, then you likely know the round 3 finalist have recently... The post NIST Post-Quantum Competition: And the round 3 finalists are… appeared first on Entrust Blog.
Academia
Purdue honored for counterintelligence contributions (Purdue) In an on-campus ceremony on Tuesday (Aug. 16), the U.S. Defense Counterintelligence and Security Agency (DCSA) recognized Purdue University as one of four recipients of its Excellence in Counterintelligence (CI) Award for fiscal year 2020. Those chosen were among more than 10,000 contractors considered.
Legislation, Policy, and Regulation
Securing Africa's cyberspace will be coordinated from Togo (Quartz) Securing Africa's cyberspace will be coordinated from Togo
USCG: Cyber security continues to be a key focus area (Safety4Sea) The Area Maritime Security Committee (AMSC) published a report showing that AMSCs face significant challenges with a constantly changing threat landscape across physical and cyber domains.
Litigation, Investigation, and Law Enforcement
Former security chief claims Twitter buried ‘egregious deficiencies’ (Washington Post) An explosive whistleblower complaint from Peiter "Mudge" Zatko alleges that Twitter misled regulators and investors about gaping security holes and efforts to fight spam. Former security chief claims Twitter buried ‘egregious deficiencies’
Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies (CNN) Twitter has major security problems that pose a threat to its own users' personal information, to company shareholders, to national security, and to democracy, according to an explosive whistleblower disclosure obtained exclusively by CNN and The Washington Post.
Twitter’s Ex-Security Head Files Whistleblower Complaint (Wall Street Journal) Peiter Zatko, who says he was fired as Twitter’s head of security earlier this year, claims that he “uncovered extreme, egregious deficiencies by Twitter in every area of his mandate.”
Deception, Bots, and Foreign Agents: The Twitter Whistleblower’s Biggest Allegations (Time) Twitter's former head of security, Peiter “Mudge” Zatko, has disclosed serious allegations about the social-media platform.
Sensitive FBI, Interpol Info Leaked From Israeli Firm Cellebrite, Court Documents Show (Haaretz) Emails, invoices and even contracts from 2015-2017 between Israeli phone-hacking firm and clients, were disclosed to Japanese authorities, unbeknownst to management or clients
After Haaretz Report, Uganda Confirms Buying Israeli Cellebrite’s Phone-hacking Tech (Haaretz) Cellebrite sold its phone-hacking tools despite numerous reports revealing extensive human rights violations in Uganda
Indonesia investigating alleged data breaches at state-owned firms (Reuters) Indonesia is investigating alleged personal data breaches at state-owned telecoms firm PT Telkom Indonesia's internet service IndiHome and state utility PT Perusahaan Listrik Negara (PLN), its communications ministry said on Sunday.
The Low Threshold for Face Recognition in New Delhi (WIRED) Police in India's capital say they only require an 80 percent accuracy rate for matches, raising new alarm bells for civil liberty advocates.
Group-IB CEO will remain in jail – complaint denied (Security Affairs) On August 18, a Russian judge decided that Ilya Sachkov, founder and CEO of the Russian-led Group-IB, will remain in jail. Ilya Sachkov, founder and CEO of the Russian-led Group-IB will remain in jail following the judge’s decision on August 18th after his defense team filed a complaint according to TASS (Russian Media Agency). Starting […]
Oracle sued over ‘worldwide surveillance machine’ by privacy rights activists (CSO Online) A wide-ranging lawsuit aims to curb enterprise technology giant Oracle’s tracking, use and sale of personal data.
SuperCare Escapes One of Several Class Suits Over Data Breach (Bloomberg Law) SuperCare Health Inc. will avoid one of multiple proposed class actions brought over a data breach that allegedly compromised the confidential information of over 300,000 current and former patients, after the suit was voluntarily dismissed according to federal court filings in California.
Trump Papers’ Secrecy Spurs FBI Into Trust-Us Mode on Search (1) (Bloomberg Law) Demand for proof to justify search confronts law enforcement. DOJ, FBI examining records for crimes, national security risks.
Trump Asks Court to Block FBI From Reviewing Documents Seized From Mar-a-lago (VOA) FBI retrieved classified documents from Trump’s Florida home
Trump Had More Than 300 Classified Documents at Mar-a-Lago (New York Times) The National Archives found more than 150 sensitive documents when it got a first batch of material from the former president in January, helping to explain the Justice Department’s urgent response.
Opinion The Department of Homeland Security’s watchdog needs watching (Washington Post) The Department of Homeland Security’s inspector general, charged with guarding against abuse at the agency, might have engaged in wrongdoing instead. Now, Congress must probe not only how Secret Service text messages related to the Jan. 6 insurrection went missing but also whether the official responsible for getting to the bottom of this implausible mishap covered it up.