Dateline
Ukraine at D+195: Nuclear accident risk. (CyberWire) Kinetic operations and fear of a nuclear accident at Zaporizhzhya eclipse the cyber phases of Russia's hybrid war. Sanctions grow more complicated.
Russia-Ukraine war: List of key events, day 196 (Al Jazeera) As the Russia-Ukraine war enters its 196th day, we take a look at the main developments.
Ukraine-Russia war: Ukrainian forces launch surprise attack in Kharkiv region (The Telegraph) Ukrainian forces have launched a surprise offensive southeast of Kharkiv, unconfirmed reports in Russian and Ukrainian sources have said.
IAEA report on Ukraine says situation at Zaporizhzhia 'not sustainable' (Reuters) The U.N. nuclear watchdog, the International Atomic Energy Agency (IAEA), on Tuesday issued a report on the situation in Ukraine including at the Russian-held Zaporizhzhia nuclear power plant (ZNPP) where it has established a presence.
Zaporizhzhia: UN nuclear agency calls for Ukraine plant safety zone (BBC News) After visiting the Zaporizhzhia plant, the UN agency says Russian military equipment risks safety.
UN inspectors ‘gravely concerned’ by damage at Ukraine nuclear plant (The Telegraph) IAEA calls for security zone to prevent radioactive disaster amid shelling around Zaporizhzhia station
What will NATO do if radiation from Zaporizhzhia reaches its members? (The Hill) Nuclear radiation — like cyber — knows no borders, and it is clear that large swathes of Europe’s population could be in harm’s way.
Opinion | A potential new snag for Putin: The retreat of Jack Frost (Washington Post) Winter has been Russia’s great strategic asset in past wars. This year, long-range forecasts could mean a change of fortune.
An interview with Ukrainian hacker 'Herm1t' on countering pro-Kremlin attacks (The Record by Recorded Future) Andrey Baranovich, who is known online as "Herm1t," spent much of the '90s and '00s chronicling the history of malware development on a site known in the hacking community as VX Heaven.
After cyberattacks, Finland to award companies cybersecurity grants (Security Magazine) After a cyberattack on the Parliament of Finland, the country will provide cybersecurity funding to businesses to improve cyber defense programs.
Rigged Russian referendums: Putin's plan to annex occupied Ukraine (Atlantic Council) Western leaders must clearly signal to the Kremlin that any attempt to stage fake referendums and annex Russian-occupied regions of Ukraine will result in increased sanctions, writes Olga Aivazovska.
"Harry Potter" symbol adorns Russian tanks near Mariupol: Ukraine official (Newsweek) The triangular sign from the fantasy novel and film series represents the three powerful artifacts needed to create the "Master of Death."
Congress wants more details on latest Ukraine aid request (Defense News) Multiple senators on Tuesday said that they want reports and briefings on Joe Biden’s new $13.7 billion funding request for Ukraine.
Training Key To Ukrainian Advantages In Defending Nation, Says Pentagon (Eurasia Review) By Jim Garamone Military capabilities are important, but new capabilities mean little if the troops fielding those weapons don’t know how or when to use them. The United States, NATO allies a…
Russia’s self-defeating invasion: Why Vladimir Putin has lost Ukraine forever (Atlantic Council) The Russian invasion of Ukraine aimed to extinguish Ukrainian statehood and return the country to the Kremlin orbit. Instead, the war unleashed by Putin has sparked an unprecedented wave of de-Russification.
West reluctant to put Putin on trial, say Ukrainian officials (the Guardian) Country is seeking an international tribunal but fears its allies are still focused on future relations with Russia
The War for Ukraine’s Schools (The National Interest) Russia has destroyed 286 schools and damaged more than 2,400 since it invaded Ukraine in late February.
Ukraine’s millionaires vow to fight ‘for the existence of our nation’ (The Globe and Mail) Wealthy Ukrainian Vsevolod Kozhemiako started his own battalion of volunteer soldiers and is among hundreds of the country’s businessmen assisting in the war effort
Leaked papers reveal what the Kremlin really thinks will happen to its economy (The Telegraph) Documents envisage a far deeper and longer recession than the regime publicly admits
Russia hunting for microchips made by Welsh factory owner (The Telegraph) Putin wants components made by China-owned Nexperia in order to replenish armaments
Russia questions U.N.-brokered grain, fertilizer export deal (Reuters) Russia on Tuesday questioned a U.N.-brokered deal with Ukraine to boost grain and fertilizer exports by both countries, accusing Western states of failing to honor pledges to help facilitate Moscow's shipments.
Ukraine war: Putin threatens to rip up grain deal as he accuses West of 'scamming' poor nations (The Telegraph) Vladimir Putin has threatened to "limit" grain deliveries to the West as he accused rich countries of "brazen deception" of the developing world .
Europe can win Putin’s gas war but must learn Nord Stream lessons (Atlantic Council) With Russia now dropping all pretense and openly declaring that it will not renew gas deliveries to the EU until sanctions are scrapped, it is vital to learn the lessons from Europe’s earlier refusal to recognize the Kremlin’s weaponization of energy exports.
How the Russian Oil Price Cap Will Work (Foreign Policy) Ignore the naysayers—the long-prepared plan is a smart way to slash the Kremlin’s profits.
The Last String of Russian Greatness Is About to Snap (Foreign Policy) A great classical music tradition might die because of the Ukraine invasion.
In Russia, America’s Last Man Standing Stands Down (Foreign Policy) John Sullivan had a front-row seat to a historic low point in U.S.-Russia relations, and he did it with a skeleton crew of diplomats.
Attacks, Threats, and Vulnerabilities
Albania cuts Iran ties over cyberattack, U.S. vows further action (Reuters) Albania severed diplomatic relations with Iran on Wednesday and kicked out its diplomats after a cyberattack in July it blamed on the Islamic Republic, a move Washington supported as it vowed to take action in response to the attack on its NATO ally.
Statement by NSC Spokesperson Adrienne Watson on Iran’s Cyberattack against Albania - The White House (The White House) The United States strongly condemns Iran’s cyberattack against our NATO Ally, Albania. We join in Prime Minister Rama’s call for Iran to be held
#StopRansomware: Vice Society (CISA) Actions to take today to mitigate cyber threats from ransomware: • Prioritize and remediate known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication.
FBI, CISA Ransomware Alert Warns of Vice Society Targeting Education Orgs (Campus Technology) A joint Cybersecurity Advisory released by the FBI, Cybersecurity and Infrastructure Security Agency, and Multi-State Information Sharing and Analysis Center warns that Vice Society threat actors are disproportionately targeting the education sector as recently as this month.
New Linux malware evades detection using multi-stage deployment (BleepingComputer) A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads.
QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign (The Record by Recorded Future) QNAP warned customers this weekend that the DeadBolt ransomware group is using a recently-patched zero-day vulnerability in its latest campaign.
Samsung denies Social Security numbers involved in latest breach (The Record by Recorded Future) Samsung denied that hackers stole customer data sets that included Social Security Numbers after announcing a breach last Friday.
TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users' Information (The Hacker News) TikTok has denied reports of a data breach after a hacker group claimed to have gained access to information on two billion of its users.
TikTok Data Breach Exposing 2B Records And Source Code May Not Have Happened After All (HotHardware) Data allegedly stolen from TikTok seems to have come from somewhere else.
FBI, DHS join probe into massive LAUSD cyberattack as school goes on (Los Angeles Times) Disruptions and technical delays at L.A. Unified schools are expected. The FBI and the Department of Homeland Security are helping investigate.
Los Angeles school district warns of disruption as it battles ongoing ransomware attack (TechCrunch) The second-largest U.S. school district serves over 600,000 students across more than 1,000 schools.
Second largest U.S. school district LAUSD hit by ransomware (BleepingComputer) Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend.
Los Angeles Unified School District targeted by 'ransomware attack' (Fox News) The Los Angeles Unified School District says schools are open Tuesday after a “ransomware attack” that caused a “significant disruption to our system’s infrastructure.”
Following ransomware attack, LAUSD requiring passwords to be reset — in person (KTLA) After the Los Angeles Unified School District was hit by a massive ransomware attack that caused a service blackout over the weekend, the school district is now requiring all students and district …
Ransomware Hackers Hit Los Angeles School District (Bloomberg) Classes expected to open on schedule, despite weekend breach. The incident was ‘likely criminal in nature,’ officials say.
Go-Ahead cyberattack might derail UK public transport services (Help Net Security) One of the UK’s largest public transport operators with bus and rail networks, Go-Ahead Group, has fallen victim to a cyberattack.
Major UK transport company Go-Ahead battles cyber-attack (the Guardian) Firm says software used to schedule bus services hit but Thameslink rail operations not affected
Ransomware attack on leading Georgia art college leads to data leak (The Record by Recorded Future) Savannah College of Art and Design suffered a ransomware attack that lead to a leak of sensitive student data.
InterContinental Hotels hit by cyberattack (Register) Online booking systems and other services knocked offline amid network intrusion
What’s polluting your data lake? (Help Net Security) Grasping the impact of malware pollution on a data lake can be understood by looking at how real-life pollution affects our on-land lakes.
The 1,000 Chinese SpaceX engineers who never existed (MIT Technology Review) LinkedIn users are being scammed of millions of dollars by fake connections posing as graduates of prestigious universities and employees at top tech companies.
Security Patches, Mitigations, and Software Updates
Chrome and Edge fix zero-day security hole – update now! (Naked Security) This time, the crooks got there first – only 1 security hole patched, but it’s a zero-day.
Triangle Microworks Libraries (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Triangle Microworks Equipment: TMW IEC 61850 Software Library and TMW IEC 60870-6 (ICCP/TASE.2) Software Library Vulnerability: Access of Uninitialized Pointer 2.
AVEVA Edge 2020 R2 SP1 and all prior versions (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: AVEVA Edge 2020 R2 SP1 and all prior versions Vulnerabilities: Insufficient UI Warning of Dangerous Operations, Uncontrolled Search Path Element, Deserialization of Untrusted Data, Improper Restriction of XML External Entity Reference 2.
Cognex 3D-A1000 Dimensioning System (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Cognex Equipment: 3D-A1000 Dimensioning System Vulnerabilities: Missing Authentication for Critical Function, Improper Output Neutralization for Logs, Client-side Enforcement of Server-side Security 2.
Hitachi Energy TXpert Hub CoreTec 4 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.0 Vendor: Hitachi Energy Equipment: TXpert Hub CoreTec 4 Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Improper Input Validation, Download of Code Without Integrity Check 2.
Delta Electronics DOPSoft 2 (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft 2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow 2.
Trends
Increasing ransomware attacks are healthcare's new 'pandemic' (Becker's Hospital Review) Ransomware attacks targeting the healthcare industry have increased by 94 percent in the last year as patient data is used by hackers to commit fraud and identity theft, VentureBeat reported Sept. 6.
65% Lack Full Confidence in Their Legacy Backup Solutions, According to HYCU® and ActualTech Media Survey (GlobeNewswire News Room) New Report Examines State of Ransomware Preparedness Across Multiple Industries; Board Involvement Now More Important Than Ever...
Marketplace
Open source password manager Bitwarden raises $100M (TechCrunch) Bitwarden and its ilk make it easier for people to generate hard-to-guess passwords automatically, and store them all in a secure digital vault
Cymulate snaps up $70M to help cybersecurity teams stress test their networks with attack simulations (TechCrunch) Cymulate's platform covers both on-premise and cloud networks, providing breach and attack simulations for endpoints, email and web gateways and more
Special Series Part 4: Crypto And Compliance Help Some Cyber Firms Double Value (Crunchbase News) Cybersecurity firms are still locking in large rounds and valuations. This year cyber has minted 16 new unicorns, some with massive valuation increases.
Lombard Odier Says ‘Shocking’ Cyber Risks Trigger ESG Rethink (Bloomberg) Lombard Odier Investment Managers said the “shocking” results of an analysis into cybersecurity risks lurking in portfolio companies have led it to apply ESG processes far more broadly to protect its funds from losses.
Splunk Appoints Jason Lee as Chief Information Security Officer (Splunk) Splunk Inc. (NASDAQ: SPLK), the data platform leader for security and observability, today announced that Jason Lee has been appointed as the Company’s Chief Information Security Officer (CISO), effective immediately. Lee will oversee all facets of global security to protect Splunk employees and
Mandiant CEO Kevin Mandia Joins Cohesity Board of Directors and Newly Formed Cohesity Security Advisory Council (Business Wire) Cohesity, a leader in next-gen data management, today announced the appointment of Kevin Mandia, CEO of Mandiant, to its board of directors. Mandia, o
Products, Services, and Solutions
GovPilot Moves to Microsoft Cloud, Enhances Cybersecurity for Local Government Customers (GlobeNewswire News Room) Azure adoption brings significant benefits in security, performance, and scalability for GovPilot’s local government customers....
New Agile Pentesting from Cobalt Sets Standard for Next Frontier in Pt (PRWeb) SAN FRANCISCO (PRWEB) September 07, 2022
Cobalt, the Pentest as a Service (PtaaS) company that is modernizing the traditional pentesting model, today announced the launch of Agile Pentesting, a n
Booz Allen Hamilton and CyberSaint Partner to Provide a SaaS Solution Delivering Real-Time Cyber Risk Quantification and Executive-level Metrics (Business Wire) Booz Allen Hamilton (NYSE: BAH) and CyberSaint today announced a strategic partnership that aligns Booz Allen’s world-class cybersecurity consulting s
Technologies, Techniques, and Standards
eSIM Interoperability a Key Priority for Re-Elected Chair of Trusted Connectivity Alliance (Trusted Connectivity Alliance) 07 September 2022 – Claus Dietze (Giesecke+Devrient) has been re-elected to serve a third term as Trusted Connectivity Alliance’s (TCA) Chair of the Board, as the organisation focuses on driving forward industry initiatives to promote eSIM interoperability and trust, helping support the growing range of IoT use cases.
Army Updates Cyber Training After Some Graduates Weren’t Ready for Their Jobs (Defense One) New classes and updated curriculum reflect evolving threats and lessons from the Ukraine war.
CIS Zoom Benchmarks (CIS) Download our step-by-step checklist to secure your platform: An objective, consensus-driven security guideline for Zoom.
How one cybersecurity nonprofit is working to keep elections secure (The Record by Recorded Future) The race to secure political campaigns from hackers is about to pick up steam ahead of the upcoming midterm elections.
Academia
Krach Institute for Tech Diplomacy at Purdue adds two new Senior Visiting Fellows (WBIW) WASHINGTON – The Krach Institute for Tech Diplomacy at Purdue announced two new Senior Visiting Fellows, adding new depths of expertise in global supply chains, telecommunications, economic and cyber security, and cryptocurrency to its rapidly expanding cohort of academic and industry leade ...
Legislation, Policy, and Regulation
Biden Administration Releases Plan for $50 Billion Investment in Chips (New York Times) The Commerce Department issued guidelines for companies angling to receive federal funding aimed at bolstering the domestic semiconductor industry.
It’s Time to Get Real About TikTok’s Risks (WIRED) US lawmakers keep warning about the popular app. But until they can explain what makes it uniquely dangerous, it’s difficult to tailor a resolution.
NTSB Only Federal Agency Lacking a CISA-Mandated Vulnerability Disclosure Policy (Nextgov.com) CISA’s 2020 directive required that federal agencies under its authority develop policies allowing researchers to report bugs and flaws in public-facing systems.
Election-Security Efforts Largely Successful, CISA Official Says (Defense One) CISA leader says public-private partnerships, better resource sharing are warding off threats to voting systems.
Washington must act to build capable federal cybersecurity workforce (Federal Times) As technology and adversary techniques advance, so do the technical skills required by the federal workforce at all levels
Litigation, Investigation, and Law Enforcement
As Ex-Uber Executive Heads to Trial, the Security Community Reels (New York Times) Joe Sullivan, Uber’s former chief of security, faces criminal charges for his handling of a 2016 security breach. His trial this week has divided the security industry.
Twitter Whistle-Blower Never Flagged Spam, Company Tells Judge in Buyout Case (Bloomberg) Twitter lawyer accuses Zatko of ‘parroting’ Musk’s allegations. Judge hears arguments on trial date, whistle-blower claims.
Patients impacted by CNY data breach file lawsuit against medical billing company (WSTM) A class action lawsuit has been filed against medical billing company Practice Resources, LLC, after the personal information of 924,138 patients of Syracuse ar
Instagram To Appeal $401M Fine From Irish Privacy Watchdog (Law360) Instagram said Tuesday that it planned to appeal a €405 million ($401 million) fine set to be imposed by Ireland's privacy regulator, which alleges that the social media giant breached European Union privacy rules by mishandling children's data on the platform.
Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million (The National Law Review) On July 26, 2022, the attorneys general of New Jersey, Pennsylvania, Delaware, Maryland, Virginia, Florida and Washington D.C. announced an $8 million multistate settlement with Wawa Inc. that resolve