Dateline Moscow, Kyiv, and Podgorica: Russian cyberattacks out-of-theater as Ukraine takes the offensive.
Ukraine at D+187: Ukrainian counteroffensive against Kherson. (CyberWire) Ukraine announces its long-anticipated counteroffensive against occupied Kherson with a warning that urges Russian troops to flee. (Russia maintains that all is still going according to plan, but at this point "keep calm and keep on" sounds like a rhetorical exercise in unlikely insistence.) Montenegro works to recover from a major Russian cyberattack against its infrastructure, more consequential than most other cyber action during the present hybrid war.
Ukraine wages counterattack to reclaim Russia-occupied Kherson (Al Jazeera) Ukraine’s president urges Moscow’s troops, who seized the southern region early on in the war, to flee.
Ukraine launches counter-offensive to retake Kherson from Russia (The Telegraph) Sound of air raid sirens and explosions filled the skies as the operation to recapture the strategically important city begun
Russia-Ukraine war: Kremlin insists invasion going to plan despite counterattacks; first grain ship docks in Africa – live (the Guardian) Moscow says operation is continuing ‘methodically’ after Ukraine launches counterattacks; first shipment of grain arrives in Djibouti
Ukraine war: Intense fighting rages as Kyiv 'breaks through' Russian defences in Kherson (The Telegraph) "Heavy fighting" has broken out across nearly all of the southern Kherson region, after Ukrainian forces broke Russian defences in their long-awaited counter-offensive to retake the territory.
‘Traitor’ Ukrainian MP who supported Russian invasion is ‘assassinated’ (The Telegraph) Alexei Kovalev, former deputy head of agriculture in Kherson, was reportedly shot dead at home by partisans
How Ukraine Is Remaking War (Foreign Affairs) Technological advancements are helping Kyiv Succeed.
Russia Is Acting Irresponsibly in Northern Europe, say Nordic Defense Ministers (High North News) "The increased military presence and activity in northern Europe underlines the importance of avoiding incidents. At several occasions, we have seen irresponsible and unprofessional Russian behavior," said Finland's, Norway's, and Sweden's Minister of Defense in a joint statement.
Vladimir Putin sidelines Sergei Shoigu, the defence minister ridiculed by his own soldiers (The Telegraph) Russian president reportedly ordered generals to bypass Sergei Shoigu, who he blames for the stalled invasion
Russia ships air defence missiles out of Syria, satellites show (Al Jazeera) Transfer of missiles from Syria indicates a significant move by Russia to boost air defences for its war in Ukraine.
Pentagon: Russian military ‘unlikely to succeed’ at recruitment target (The Hill) The U.S. government doesn’t think Russian President Vladimir Putin’s recent effort to increase the size of his military by more than 130,000 troops will succeed, a senior U.S. Defense official said…
Belarus claims nuclear weapons mods are completed on its warplanes (Defense News) The plan is for Russia to upgrade Minsk's Su-25 aircraft, but some Western analysts have doubts about the feasibility.
Montenegro says Russian cyberattacks threaten key state functions (BleepingComputer) Members of the government in Montenegro are stating that the country is being hit with sophisticated and persistent cyberattacks that threaten the country's essential infrastructure.
Montenegro struggles to recover from cyberattack that officials blame on Russia (The Record by Recorded Future) Montenegro’s government is struggling to deal with a wide-ranging cyberattack targeting several ministries and agencies.
Leading Russian streaming platform suffers data leak allegedly impacting 44 million users (The Record by Recorded Future) Russian streaming giant START said on Sunday that the personal information of its customers was leaked during a cyberattack.
Who Killed Dasha Dugina? (Puck) The fire from the car bomb targeting Putin’s arch-propagandist hadn’t been extinguished before the speculation began: who could’ve come for Dugina? The Ukrainians? The F.S.B.? And, more importantly, why?
The Telegram-Powered News Outlet Waging Guerrilla War on Russia (WIRED) Anti-Putin media network February Morning has become a central player in the underground fight against the Kremlin.
Italy's GSE says gas purchases guaranteed despite cyber attack (Reuters) Italy's state-owned energy services firm GSE said on Monday its gas purchases were guaranteed despite a hacking attack on its IT systems that happened overnight.
During a War, Cyber Intel Firm Opens Ukraine Office (Bank Info Security) Alex Holden, CISO and founder of the cyber intelligence company Hold Security, was preparing to open an office in Ukraine when Russian invaded in February. He went
Why Wars Are Easy to Start and Hard to End (Foreign Policy) Misperception, sunk costs, escalation, and internationalization all make conflicts last longer than planned.
Another Russia Is Possible (Foreign Affairs) The Kremlin will eventually tire of its reliance on China.
Why Russian Liberalism Has to Change (Foreign Policy) Imperialist sentiments are powerful even among the educated elite.
Russia-Ukraine War: Cyberattack and Kinetic Warfare Timeline (MSSP Alert) Russia's invasion of Ukraine features alleged cyberattacks. Follow this Russia-Ukraine conflict timeline for cyber & kinetic warfare updates, and guidance for MSSPs worldwide.
Attacks, Threats, and Vulnerabilities
Rising Tide: Chasing the Currents of Espionage in the South China Sea (Proofpoint) Proofpoint’s Threat Research Team details a recent cyber espionage campaign targeting entities globally and conducted by a threat actor publicly which was attributed in 2021 by multiple governments and was the focus of a 2021 indictment by the US Department of Justice.
LockBit ransomware mulls triple extortion following DDoS attack (SC Media) Triple extortion techniques are on the cards for the LockBit ransomware group, which has been seeking to bolster its defenses following a distributed denial-of-service attack allegedly conducted on behalf of digital security firm Entrust, which it had hacked in June, reports BleepingComputer.
Turkish malware used to infect machines in 11 countries through fake Google Translate links (The Record by Recorded Future) Turkish speaking hackers are spreading cryptomining malware through free software download sites, including one offering a fake Google Translate desktop app.
Why the Twilio Breach Cuts So Deep (WIRED) The phishing attack on the SMS giant exposes the dangers of B2B companies to the entire tech ecosystem.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms (Threatpost) Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Hackers used Twilio breach to intercept Okta onetime passwords (SiliconANGLE) Hackers behind a phishing attack that compromised accounts on cloud communications provider Twilio Inc. used their access to intercept onetime passwords issued by Okta Inc.
Okta Impersonation Technique Could be Utilized by Attackers (SecurityWeek) Okta has a standard process that can be misused by an attacker to impersonate another existing user.
Experts warn of the first known phishing attack against PyPI (Security Affairs) The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The Python Package Index, PyPI, this week warned of an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to the packages in the repository. “Today we received reports of a phishing […]
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency (BleepingComputer) The U.S. Federal Bureau of Investigation (FBI) is warning investors that cyber criminals increasingly exploiting security vulnerabilities in Decentralized Finance (DeFi) platforms to steal cryptocurrency.
Email Threat Review July 2022 (Hornetsecurity) Hornetsecurity Security Lab presents an overview of the email-based threats observed in July 2022.
AlphaBay Turns 1—Again: Analyzing the Impact of AlphaBay Market (Flashpoint) One year into its reemergence, AlphaBay has become one of the largest illicit marketplaces on the darknet—and has plans to innovate. We track AlphaBay Market's rise, fall, and reemergence.
Akasa Air suffers data breach, warns affected users about possible phishing attacks (DNA India) A temporary technical configuration error related to its login and sign-up service was reported on August 25, the company said.
Nelnet Servicing breach exposes data of 2.5M student loan accounts (BleepingComputer) Nelnet Serving, a Nebraska-based student loan technology services provider, has been breached by unauthorized network intruders who exploited a vulnerability in its systems.
Major U.S. library service confirms ransomware attack, struggling to restore affected systems (The Record by Recorded Future) Major library supplier Baker & Taylor is struggling to bring systems back online after a ransomware attack last week.
Italian firm accused of running Pegasus-style spyware (Cybernews) A small firm owned by RCS, which was embroiled in a recent phone-hacking scandal, is surveilling people all over the world for its clients, says an NGO.
Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit (Security Affairs) Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. The Vx-undergroud researchers shared some images of several confidential documents that appear to be […]
Pegasus spyware is “reorganizing”: what to expect? (Gearrice) A real problem for security, sovereignty and for the image of NSO Group. The Israeli company promised not to develop this software and to market it only
Security Patches, Mitigations, and Software Updates
Defense in depth: Three new security features to protect your digital HQ (Slack) Offering even more transparency, these enhancements empower teams to feel secure as they embrace the future of work
Trends
How widespread are social engineering attacks? (NordVPN) NordVPN researchers have conducted their own survey to see just how much socially engineered attacks have affected all of us. Here are the results.
The Increasing Danger of 'Doxing' on the Internet (Railly News) Cyber security company ESET has made statements about "doxing", which has recently become a social pressure tool on individuals. What is doxing? How do you avoid exposure to doxing? What should you do when you are exposed to doxing?
Laminar - Laminar Survey Reveals Public Cloud Data Security Blind Spots (Laminar)
Marketplace
Cyber-Insurance Firms Limit Payouts, Risk Obsolescence (Dark Reading) Businesses need to re-evaluate their cyber-insurance policies as firms like Lloyd's of London continue to add restrictions, including excluding losses related to state-backed cyberattackers.
A cyber continuum: Cyber war exclusions — moving towards clarity (Marsh) Fostering and maintaining a sustainable cyber insurance market requires transparency, regardless of a given issue’s complexity. The underwriting process demands much from cyber insurance buyers — including demonstrating resiliency to ever-evolving and sophisticated threats. In return, they expect clarity of coverage, contract certainty, and an understanding of pricing mechanisms in order to make informed decisions about the coverage they are buying and the value derived.
Cyber Security Innovator Coro Continues Record Growth Despite Volatile Economic Conditions (GlobeNewswire News Room) Coro’s success driven by continued investments in core verticals, free lifetime detection for cyber security threats, and steady growth of partner program...
Cybersecurity start-up advised by former GCHQ chief lays off 10pc of staff (The Telegraph) Immersive Labs lets 38 people go as global industry slowdown hits British tech
Radware Launches New Cloud Security Center in Taiwan (GlobeNewswire News Room) Delivers faster mitigation response times and complies with data sovereignty requirements...
Products, Services, and Solutions
Clayton County Public Schools Protects Critical Data From Ransomware Attacks with SaaS Data Isolation and Recovery Offering from Cohesity (Business Wire) Cohesity, a leader in next-gen data management, today announced that Clayton County Public Schools (CCPS) has adopted Cohesity FortKnox, a SaaS data i
Galois Open Sources Tools for Finding Vulnerabilities in C, C++ Code (SecurityWeek) Galois open sources MATE, a suite of tools for finding vulnerabilities in C and C++ code.
Cobalt Iron Compass Named in DCIG Top 5 Report for Large Enterprise AWS Cloud Backup
(WallStreet.com) Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that its Compass® enterprise SaaS backup platform for monitoring, managing, provisioning, and securing the entire enterprise backup landscape has earned a place in the DCIG Top 5 Report for Large Enterprise AWS Cloud Backup.
Folio Photonics Announces Breakthrough Multi-Layer Optical Disc Storage Technology to Enable Industry-Disruptive Cost, Cybersecurity and Sustainability Benefits (Business Wire) Folio Photonics achieves breakthrough in multi-layer optical disc technology to enable unprecedented cost, security and sustainability advantages.
Truecaller Launches 10x Improved iOS App to Help Users Identify Spam Calls and Texts (Business Wire) Phone and text message scams are on the rise, with more than 68 million Americans having lost money in a scam since mid-2021. With election season on
Copado Launches New DevSecOps Training Module to Make Releases Faster and More Secure (PR Newswire) Copado, the global leader in low-code DevOps, today announced it launched a new DevSecOps training module to help make software releases faster...
Technologies, Techniques, and Standards
Why Protecting Tactical Communications is Critical for Military (Salt | Secure Communications) Military leaders are confronted with many difficulties on a daily basis both out on the ground and in HQ but one of the biggest challenges is ensuring effective, structured and secure transmission of communication. Any successful military action has always depended on the efficient sharing of information, but never more so than in modern times […]
Cohesity Research Reveals that a Reliance on Legacy Technology is Undermining How Organizations Respond to Ransomware (Business Wire) New global research commissioned by Cohesity, a leader in next-gen data management, reveals that nearly half of respondents say their company depends
LastPass source code breach – do we still recommend password managers? (Naked Security) What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Design and Innovation
How Google Remapped the World: The Tech Behind (Wall Street Journal) Google Maps has transformed the way that we navigate the world, make decisions, and think about our privacy in the 17 years since its launch. Here’s an inside l
Academia
National Cybersecurity Alliance Launches HBCU Career Program (National Cybersecurity Alliance) NCA, leading HBCUs and top cybersecurity organizations team up to announce new cyber careers awareness program
Legislation, Policy, and Regulation
Businesses call for working group on cybersecurity (BreakingNews.ie) The group would help in the form of training, real-time information on live threats and feedback from businesses on the ground
Ethiopia is fighting cybercrime right from the crypto darkweb (Quartz) INSA has warned crypto players in Ethiopia that failing to register their platforms within 10 days will land them in trouble.
U.S. and Israel Strengthen Cybersecurity Partnership (Nextgov.com) Both countries have pursued a bilateral cybersecurity agreement between their financial agencies since 2021, amid critical infrastructure threats.
Council Post: How The Newly Imposed SEC Cybersecurity Rules Impact Private Funds And Investors (Forbes) Let's look at the current investment landscape through the scenarios of doing business with a prospective client that is amidst being acquired or is actively seeking capital.
How Cybersecurity Policy Has Changed Since the SolarWinds Attack (Security Intelligence) The U.S. government and software industry have taken some major actions in the last few years. What did they learn from the recent cyberattacks?
DHS Pushing Ahead with IG’s Cyber Policy Fixes (Meritalk) The Department of Homeland Security (DHS) appears to be nothing solid progress against a list of ten recommendations from the agency’s inspector general (IG) to make improvements to internal cybersecurity policies and employee training practices, according to an August 22 IGr eport that covers audit results reaching as far back as fiscal year 2019.
Litigation, Investigation, and Law Enforcement
FTC sues data broker for letting people track health clinic visitors (The Verge) The agency promised a crackdown last month.
Cyber expert on Twitter whistleblower: 'If allegations are true,' accounts at-risk (Yahoo Finance) Twitter whistleblower Peiter Zatko recently came out alleging that the company had misled regulators. These allegations could potentially point to risks for Twitter users' account, says cyber threat expert Tony Anscombe.
'Tape or Chewing Gum:' Twitter's Lapses Echo Worldwide (SecurityWeek) A recent report from Twitter’s former head of security alleges that the social media company has been negligently lax on cybersecurity and privacy
Elon Musk Cites Twitter Whistleblower in New Letter Seeking to Scrap Deal (Wall Street Journal) If true, whistleblower Peiter Zatko’s allegations would demonstrate a breach of merger agreement, Musk’s lawyers say
White House: US intel review of Mar-a-Lago docs ‘appropriate’ (The Hill) The White House said Monday it is not involved in the intelligence community’s damage assessment of classified documents recovered from former President Trump’s Mar-a-Lago estate but said such a re…