Dateline Moscow, Kyiv, Podgorica, Sophia, and Tirana: Hybrid war in an outside the theater of operations.
Ukraine at D+186: Cyberattacks against vulnerable targets in Southeastern Europe. (CyberWire) Russia works to fill its depleted ranks without using soldiers the important people are likely to care about. Russian cyberattacks his Southeastern European countries sympathetic to Ukraine.
Russia-Ukraine war: List of key events, day 187 (Al Jazeera) As the Russia-Ukraine war enters its 187th day, we take a look at the main developments.
Russia Moves to Reinforce Its Stalled Assault on Ukraine (Wall Street Journal) A series of volunteer battalions formed in recent weeks across Russia is preparing to deploy to Ukraine, officials and military analysts say, including a major new ground-forces formation called the 3rd Army Corps.
What is Russia's 3rd Army Corps? New unit moving to front lines: Intel (Newsweek) Members of this unit weren't required to have prior military experience, nor any high education.
Reports EU set to suspend visa travel agreement with Russia – as it happened (the Guardian) Plan to freeze 2007 deal will make it harder and more expensive for Russians to get Schengen-area documents, FT reports
Russia 'will fail to recruit 137,000 extra troops without declaring all-out war' (The Telegraph) Vladimir Putin has ordered the army to bolster numbers to replace the estimated 75,000 killed in Ukraine conflict
AP PHOTOS: Documenting Russia's invasion of Ukraine (AP NEWS) During six months of war in Ukraine, Associated Press photographers have captured images that are both succinct and eloquent. The click of a shutter is brief, but the stories they tell are deep. Sometimes they show a life that ended in a moment — the body of a Russian soldier lying face down in the snow near a ruined tank.
Ukraine risks heavy losses if counter-attack is launched before major firepower is in place (The Telegraph) Military leaders say they need more artillery before launching eagerly anticipated Kherson counter-offensive
Russian missile strike hits central Kharkiv (Euromaidan) In the night of 27 August, Russian missiles struck roads in central Kharkiv (Kyivskyi, Osnovianskyi districts), damaging buildings, Oblast Head Oleh Syniehubov reported. No casualties were reported. However, a man died from Russian shelling of a field in the Kharkiv Oblast (Bohodukhivskyi district).
Ukrainian missiles destroy building in occupied Melitopol in attempt to thwart pro-Russian referendum (The Telegraph) Vladimir Putin has finalised plans to hold referendums by mid-September in all areas of Ukraine that his armies have captured
Russia, Ukraine trade claims of nuclear plant attacks (AP NEWS) Russia and Ukraine traded claims of rocket and artillery strikes at or near Europe's largest nuclear power plant on Sunday, intensifying fears that the fighting could cause a massive radiation leak.
Cities near Ukrainian nuclear plant shelled (POLITICO) Fears persisted that fighting in the vicinity could damage the plant and cause a radiation leak.
Fears of a radiation leak mount near Ukrainian nuclear plant (AP NEWS) Authorities began distributing iodine tablets to residents near Ukraine's Zaporizhzhia nuclear power plant Friday in case of a radiation leak, amid mounting fears that the fighting around the complex could trigger a catastrophe.
UN agency to inspect Ukraine nuclear plant amid safety fears (AP NEWS) A team from the U.N. nuclear watchdog on Monday started its journey to the Zaporizhzhia atomic power plant at the heart of fighting in Ukraine, a long-awaited mission to inspect crucial safety systems that the world hopes will help avoid a catastrophe.
Satellites Show the Alarming Extent of Russian Detention Camps (WIRED) Images have identified 21 facilities that are forcibly detaining thousands of Ukrainians, as well as possible mass grave sites.
America is Gifting Ukraine a New Air Defense Network to Stop Russia's Strikes (19FortyFive) Ukraine is getting six NASAMS air defense batteries to supplement two already donated to Kyiv. An expert explains why that matters.
Ukrainian forces poised to be first to operate the L3Harris VAMPIRE (Janes) L3Harris Technologies has not yet received a contract from the US government to produce and deliver its new Vehicle-Agnostic Modular Palletized ISR Rocket Equipment...
How Britain is helping Ukraine clear Russian sea mines from Odesa (The Telegraph) Black Sea grain exports have been hampered by explosives, with devastating consequences for the world’s poorest people as food prices rise
Their Photos Were Posted Online. Then They Were Bombed (WIRED) An attack on Russian mercenaries shows how militaries are increasingly using open source data—with sometimes deadly consequences.
Cyber Element in the Russia-Ukraine War & its Global Implications (Modern Diplomacy) Cyber has become a focal point in the conduct of both civil and military operations. Given its emerging destructive potential, it was now become an independent ‘domain’ like land, sea, air, or space in the national military strategy of the United States (US). Besides being a new battle space, this domain serves as a force […]
Swiss secret service worried about Russian cyber operations (SWI swissinfo.ch) The Federal Intelligence Service (FIS) is worried that Russia could use Swiss servers in its campaigns to destabilise western democracies.
Russia blamed for wave of hacker attacks in Southeast Europe (BNE) Widespread attacks on Montenegrin state institutions and Bulgaria's opposition Gerb party follow shutdown of Albanian government services.
Montenegro declares it is in 'hybrid war' with Russia after massive cyber attack (Metro) The Balkan country, which has pressed for closer ties to the West like Ukraine, has accused the Kremlin of launching a digital assault.
Montenegro reports massive Russian cyberattack against govt (ABC News) Montenegro’s security agency has warned that Russian hackers have launched a massive and coordinated cyberattack against the small state’s government and its services
Montenegro Reports Massive Russian Cyberattack Against Govt (AP via SecurityWeek) Montenegro’s security agency warned that hackers from Russia launched a massive, coordinated cyberattack against the small nation’s government and its services.
Montenegro's state infrastructure hit by cyber attack -officials (Reuters) Government digital infrastructure in Montenegro has been hit by an "unprecedented" cyber attack and timely measures have been taken to mitigate its impact, authorities said on Friday.
How a retired MI6 boss, his Brexiteer friends and a celebrity Marxist became targets in Russia’s war on Ukraine (POLITICO) ‘We’ve seen the Russian playbook enough times to know what it looks like — and this is it.’
Odesa’s new culture war sees Ukrainians targeting Russian monuments (The Telegraph) Statues, sculptures and street names with links to the city’s Russian heritage are in the crosshairs of Ukrainian nationalists
Putin’s New Martyr for the Russian Cause (Foreign Policy) The Kremlin has turned a dead propagandist into a symbol of the war—and a call to kill more Ukrainians.
Moscow anti-war protester torches car of Russian general in charge of military censorship (The Telegraph) One of the most violent protests yet against Ukraine conflict follows an assassination in the capital, where anxiety is increasing
FBI says 'very likely' Russian official will defect and work with Western intelligence on Ukraine (The Telegraph) FBI assistant director in New York says there is 'significant conflict' in Russia over Vladimir Putin's invasion of Ukraine
‘Tavriya TV will promote happiness and love’: Russia opens station in occupied Kherson (the Guardian) As Moscow gears up to annex Kherson in a ‘referendum’, Tavriya shows Russia as liberator, saving citizens from Ukrainian Nazis
Pentagon expands use of seas to send weapons to Ukraine (Washington Post) The Pentagon has expanded its use of maritime shipping to deliver weapons for the war in Ukraine, U.S. defense officials said, after relying heavily on aircraft early in Russia’s invasion to get arms to Kyiv as quickly as possible.
Boycotting Russian Scientists Is a Hollow Victory (WIRED) Science agencies around the world halted partnerships with Russia after it invaded Ukraine. But such actions are shortsighted and do more harm than good.
Mystery over Russia burning $10m of gas a day in huge flare close to Nord Stream 1 (The Telegraph) Supplies through the pipeline have been curtailed since mid-July in what Germany says is a political move
Dell ceases all Russian operations after August offices closure (Reuters) Dell Technologies Inc. said on Saturday it had ceased all Russian operations after closing its offices in mid-August, the latest in a growing list of Western firms to exit Russia.
Pleasure Trips from Moscow: How Putin's Daughter Traveled Unnoticed to Germany (Spiegel) Over the course of several years, Katerina Tikhonova made numerous trips to Bavaria together with an entourage of bodyguards. DER SPIEGEL reporting has revealed that the German authorities knew nothing of the excursions.
Attacks, Threats, and Vulnerabilities
China and Russia Step Up Cyber Presence in Latin America (Diálogo Américas) China and Russia have stepped up their cyber presence in Latin America, while employing cyber tools, including disinformation, cybercrime, and electoral interference to pursue their goals in the region, experts said. Disinformation campaigns through state-owned Spanish-language social media platforms, cyberattacks, such as those the Russian Conti ransomware group perpetrated against Costa Rican and Peruvian government agencies in recent months, and the transfer of cybersecurity know-how and infrastructure, are some examples of their increasing cyber operations.
Dominican Republic refuses to pay ransom after attack on agrarian institute (The Record by Recorded Future) The government of the Dominican Republic has said it will not pay a ransomware group that has crippled the IT services of an agrarian institute.
China-Linked Bots Attacking Rare Earths Producer ‘Every Day’ (Bloomberg) Campaign aimed at Lynas’ environmental record in Malaysia. US push for critical minerals industry behind attacks: experts.
Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists (CBS News) Bill Whitaker reports that a coordinated attack on a relatively small number of critical substations could plunge the U.S. into darkness.
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations (The Hacker News) Iranian state-sponsored actors are leveraging unpatched Log4j systems to target Israeli entities.
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations (Microsoft Threat Intelligence Center) In recent weeks, the Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team detected Iran-based threat actor MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations all located in Israel. MSTIC assesses with high confidence that MERCURY’s observed activity was affiliated with Iran’s Ministry of Intelligence and Security (MOIS).
Iran exploiting Log4j 2 weakness to attack Israel, says Microsoft (Israel Defense) As Israel races to prevent a nuclear agreement new report reveals that threat group MERCURY has exploited vulnerable SysAid servers
Revealing Europe's NSO (Lighthouse Reports) Confidential data and sources uncover major surveillance outfit operating from within the European Union
How 'Kimsuky' hackers ensure their malware only reach valid targets (BleepingComputer) The North Korean 'Kimsuky' threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers.
CSW's Threat Intelligence - August 22, 2022 - August 26, 2022 (Cyber Security Works) We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Ransomware Operator Abuses Anti-Cheat Driver to Disable Antiviruses (SecurityWeek) A vulnerable anti-cheat driver for the Genshin Impact video game has been abused in ransomware attacks to disable antivirus programs.
Hackers Are Using Anti-Cheat in 'Genshin Impact' to Ransom Victims (Vice) The game’s anti-cheat system has well-known vulnerabilities that hackers are now abusing to get access to sensitive parts of victims’ operating systems and deploy ransomware.
Fake 'Cthulhu World' P2E project used to push info-stealing malware (BleepingComputer) Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting victims.
Researchers say Cisco firewall software remains vulnerable to attack despite patch (Cybersecurity Dive) Rapid7 researchers also warn only a very small percentage of users have applied updates.
Phishing PyPI users: Attackers compromise legitimate projects to push malware (Help Net Security) PyPI is warning about a phishing campaign targeting its users; the attackers have compromised some legitimate projects to push malware.
A third of PyPi software packages contains flaw to execute code when downloaded (SC Media) The findings, discovered by Checkmarx and published Friday, underscore how open source software repositories like PyPi are increasingly being targeted and leveraged by malicious actors.
An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware' (The Record by Recorded Future) Wazawaka talked to Recorded Future analyst and product manager Dmitry Smilyanets about his interaction with other hackers, details about ransomware attacks he's been involved in, and how he settled on the name Babuk.
New Hampshire Lottery website experiences cyberattack (WMUR) New Hampshire Lottery officials warned of a cyberattack on its website on Friday.
DoorDash Discloses Data Breach Related to Attack That Hit Twilio, Others (SecurityWeek) DoorDash says hackers may have obtained customer and employee data as a result of the Twilio breach.
DoorDash hit by data breach linked to Twilio hackers (TechCrunch) Hackers accessed DoorDash customer information and some partial payment data.
N.H. lottery website returns after facing cyber attack (Boston.com) The New Hampshire lottery website is back in service after the agency faced a cyber attack this weekend. Read more on Boston.com.
Mark Zuckerberg admits to Joe Rogan that a simple hack to Meta's smart glasses could allow the user to secretly film others (Business Insider) Joe Rogan asked Meta CEO Mark Zuckerberg whether Meta's smart glasses are a concern if "some creep" can covertly take photos while wearing them.
Security Patches, Mitigations, and Software Updates
Firefox 104 is out – no critical bugs, but update anyway (Naked Security) Two trust-spoofing bugs were the main culprits this month – but neither one was a zero-day.
Apple says 95% of iCloud users already have 2FA enabled ahead of Passkeys launch (9to5Mac) With its next round of software updates coming this fall, including iOS 16 and macOS Ventura, Apple will launch integrated support for the passkeys standard. The passkey standard is described as unique digital keys designed to replace the need for passwords altogether with streamlined sign-in across your devices, websites, and apps. When Passkeys is launched […]
Gambling sites are losing significant amounts of revenue due to raising DDoS attacks (Help Net Security) This Help Net Security video uncovers how DDoS attacks on gambling sites lead to lost revenue and consumer trust.
The Rise of the Cybersavvy Corporate Treasurer (Tanium) Treasurers hold the purse strings. That makes them attractive targets for cyberthieves. Here’s how to outsmart the bad guys.
Growing Urgency for Increased Cybersecurity in Healthcare (CyberTheory) Investments toward bolstering cybersecurity of all these health-related institutions under potential cyberattack need to be considered urgent
Why Okta Could Soon Be the Last Man Standing in Identity (The Motley Fool) The industry leader could recover from a data breach and come out stronger.
Google to launch pan-India online safety campaign, plans to upskill 100k developers (The Indian Express) Google is launching a new pan-India online safety campaign with plans of upskilling 100,000 developers and IT professionals on the latest cybersecurity norms and safety tools.
Army Cyber & Technology Careers (Go Army) Join the ranks of skilled cyberwarriors in the U.S. Army and defend the nation with technology.
Inside ‘crypto Woodstock’ where technologists plot a utopian future (Washington Post) Founders of the online Friends With Benefits social club hope to change the way people use the blockchain
Pindrop Welcomes Marc Diouane as President and Chief Operating Officer (Business Wire) Pindrop, a global leader in voice technology, today announced the appointment of Marc Diouane to the role of President and Chief Operating Officer. Di
Products, Services, and Solutions
NAVEX Launches RiskRate® Enhancements to Further Streamline Third-Party Risk Management Experience (Business Wire) NAVEX, the leader in integrated risk and compliance management software, today announced significant updates to RiskRate, its third-party risk screeni
NHS Informatics Merseyside Selects Tanium to Boost Cyber Hygiene across Its IT Estate (Chronicle-Tribune) Tanium, the industry's only provider of converged endpoint management (XEM)...
Technologies, Techniques, and Standards
Don’t be a target: Phishing and smishing on the rise (Sixteenth Air Force (Air Forces Cyber)) JOINT BASE SAN ANTONIO-LACKLAND, Texas. You did it, you almost clicked a text, a link, or responded to an email that looked legitimate and potentially gave away personal information to scammers. You
The Crypto World Can’t Wait for ‘the Merge’ (NYTimes) A long-awaited upgrade to Ethereum, the most popular crypto platform, may make the technology more environmentally sustainable. But it comes with risks.
Critical infrastructures cannot be secure when critical equipment isn’t (Control Loop) I spoke at a podcast for Marsh’s Marc Schein July 19, 2022 on control system cyber security to be broadcast later (TBD). Because of the Marc Schein interview, I received a call from an insurance specialty insurer who had received an Operational Technology (OT) Supplemental Application from a global control system supplier to the aerospace industry, industrial operations, and the US Department of Defense.
Legislation, Policy, and Regulation
Official calls for advancing cyber civilization progress (China Daily) A senior official has called for strengthening cyber governance to ensure that cyberspace better reflects the trends of advanced culture and the spirit of the times.
Does the United States Need a Cyber Force? (The National Interest) While it might seem prudent to create a new government organization to help manage disinformation, studies demonstrate that government attempts to address disinformation backfire.
DHS looks to cyber self-assessments over CMMC model (FCW) DHS is considering how it might use self-assessments for vendors to measure their cyber hygiene—an approach that would set it apart from the Defense Department’s plans for third-party assessments.
Privacy bill triggers lobbying surge by data brokers (POLITICO) Brokers say a potential privacy bill could hamper their work with law enforcement and overly restrict their industry.
Litigation, Investigation, and Law Enforcement
Nato investigates hacker sale of missile firm data (BBC News) Hackers are selling classified documents online after obtaining data belonging to missile maker MBDA.
FCC launches investigation into mobile carriers’ geolocation data practices (The Record by Recorded Future) Documents show a variety of data practices across carriers.
Most top mobile carriers retain geolocation data for two years on average, FCC findings show (CyberScoop) Ten of the top 15 mobile carriers offer no way for consumers to opt-out of geolocation data collection, according to responses to the agency.
The Twitter Whistleblower Needs You to Trust Him (Time) Inside Peiter 'Mudge' Zatko's messy battle with Twitter
California AG looks ahead to other data privacy violations after $1.2 million Sephora fine (The Record by Recorded Future) California is already looking ahead to the next potential violations of the CCPA after issuing the state’s first fine of $1.2 million to makeup giant Sephora.
California Attorney General Announces $1.2 Million CCPA Settlement With Sephora Amid Ongoing Enforcement Sweep (cyber/data/privacy insights) On August 24, 2022, California Attorney General Rob Bonta announced a $1.2 million settlement with cosmetics retailer Sephora to resolve allegations that it violated the California Consumer Privacy Act (CCPA) and failed to cure those violations within the CCPA’s 30-day cure period.
Facebook Parent Meta Agrees to Settle Cambridge Analytica Lawsuit (Wall Street Journal) Details of the preliminary settlement with Facebook users weren’t provided; the suit was related to the handling of user data.
The Supreme Court on Pegasus: Two Short Steps Away From the Truth (The Wire) Insist on individual affidavits from the home minister, the NSA and other key officials, and allow a review by reputed organisations of the technical committee’s findings.
Malware Found In India Supreme Court Snooping Investigation (Gov Info Security) Justices Say Pegasus Not Confirmed and Government Did Not Cooperate
Femme fatale Russian spy posing as Peruvian jewellery designer 'lured Nato commanders into honeytraps' (The Telegraph) Deep-cover agent fled to Moscow in 2018 after a decade of spying in Europe for the Kremlin
Conservatives call for release of report on massive Afghan immigration data breach (CBC) The Conservative Party has written to Privacy Commissioner Philippe Dufresne asking him to speed up an investigation into a federal government data breach that exposed the identities of hundreds of Afghans seeking Canada's help to escape from the Taliban regime in October 2021.
Twitter insiders reluctantly agree with some of the revelations from whistleblower Peiter Zatko (Business Insider) "Historically, Twitter doesn't really lie, but like all companies, yes, they have skeletons," one employee told Insider.
Apple faces growing likelihood of DOJ antitrust suit (POLITICO) An antitrust lawsuit against Apple would be a dramatic escalation in the administration’s battle against the tech giants.
FBI sought national defense documents at Trump’s Mar-a-Lago, affidavit shows (the Guardian) Extensively redacted affidavit used to justify the search of the ex-president’s Florida resort was unsealed on Friday
Ex-U.S. intel operatives who worked for UAE barred from arms exports, State Dept says (Reuters) Three former U.S. intelligence operatives who worked as cyber spies for the United Arab Emirates and admitted to hacking American networks will be temporarily barred from arms export activities under a deal announced by the State Department on Friday.