Dateline Moscow, Kyiv, and Minsk: Ukraine's counteroffensive, and cybercriminals act for Russia.
Ukraine at D+196: Counteroffensives, and cyber privateering. (CyberWire) Ukraine's counteroffensive gains ground in the north, around Kharkiv, and in the south, near Kherson. Belarus holds military exercises. Conti remnants continue to operate against Ukrainian targets, and their infrastructure comes in for some virtual counterfire.
Russia-Ukraine war: Kharkiv success helps entire frontline, Zelenskiy says; US secretary of state makes surprise visit to Kyiv – live (the Guardian) Zelenskiy praises advances of Ukrainian forces; Antony Blinken arrives in Kyiv as more US aid announced
Belarus starts military exercises near border regions -defmin (Reuters) Belarus has started military exercises by the city of Brest near the Polish border, its capital Minsk and the northeast region of Vitebsk, the defence ministry said on Thursday.
Russia-Ukraine war: List of key events, day 197 (Al Jazeera) As the Russia-Ukraine war enters its 197th day, we take a look at the main developments.
Russia-Ukraine latest news: Ukraine seizes 400sq km in Kharkiv with 'opportunistic' counter-offensive (The Telegraph) Ukraine has seized around 400sq km in Kharkiv thanks to an "opportunistic" counter-offensive.
Ukraine seizes two villages in surprise Kharkiv attack (The Telegraph) Unofficial Russian and Ukrainian Telegram channels confirm significant overnight advances that have broken Moscow's frontlines
Ukraine makes gains in southern counteroffensive against Russia (CNN) One week into a new counteroffensive, Ukrainian forces are making gains in the south, with the ambitious goal of taking back most of the Russian-occupied region of Kherson by the end of the year, senior US officials and Ukrainian officials tell CNN.
Ukraine military chief claims responsibility for strikes in Crimea (Reuters) Ukraine's top military chief claimed responsibility on Wednesday for a series of strikes on Russian air bases on the annexed peninsula of Crimea, including one that caused devastation at the Saky military facility last month.
Ukraine calls for evacuation of Zaporizhzhia nuclear plant town (NBC News) The exiled mayor of Enerhodar, the main town serving the plant, said that it was under fire from Russian forces and that it had no electrical supply.
Ukraine military chief says ‘limited’ nuclear war cannot be ruled out (Washington Post) Ukraine’s top military chief warned Wednesday that a “limited” nuclear war between Russia and the West cannot be discounted, a scenario with grave global implications.
Putin, in defiant speech, threatens Western gas and grain supplies (Washington Post) Russian President Vladimir Putin on Wednesday called Western sanctions “stupid” and threatened to halt all energy sales to Russia’s critics if they move forward with a cap on oil prices proposed by the Group of Seven industrialized economic powers.
Vladimir Putin insists Russia ‘has lost nothing’ from Ukraine war (Telegraph) President threatens to walk away from key deal to release grain from Black Sea ports, as he sets up meeting with China’s Xi Jinping
Russians back war in Ukraine, but report finds notable opposition (Washington Post) Most Russians are still sure they are not the bad guys in the war against Ukraine
Russian Soldier Tells Wife Putin’s Troops Bombed Their Own People, Ukrainian Intel Says (The Daily Beast) “We talked to the bosses and they said that’s how it is.”
US: Hundreds of thousands of Ukrainians forced to Russia (AP) The U.S. said Wednesday it has evidence that “hundreds of thousands” of Ukrainian citizens have been interrogated, detained and forcibly deported to Russia in “a series of horrors” overseen by officials from Russia’s presidency
US Trained Ukrainian Missileers Who Sunk Russian Warship, Pentagon Official Says (Defense One) Bill LaPlante also praised the quick “innovation” that delivered truck-mounted Harpoon missiles to Ukraine.
Ukraine’s Supporters Aim to Create Long-Term Aid Mechanisms (Defense One) Leaders from NATO, the U.S., and others will gather to discuss ideas on Thursday.
What weapons could North Korea give to Russia? (Defense News) We have the answers to that and more, including what the North could get in return.
Decline in hacktivism, growth in cybercrime (BCS) New data compiled by Paolo Passeri, Cyber Intelligence Principle, Netskope EMEA shows the wave of cyber attacks surrounding the Russian invasion of Ukraine has tailed off.
Ukraine’s largest telecom stands against Russian cyberattacks (POLITICO) Ukrainian mobile operator Kyivstar, which provides service to almost 26 million people, is fighting a barrage of Russian cyberattacks.
Initial access broker repurposing techniques in targeted attacks against Ukraine (Google) Describing activities of a crime group attacking Ukraine.
Google says former Conti ransomware members now attack Ukraine (BleepingComputer) Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs).
Google Details Recent Ukraine Cyberattacks (SecurityWeek) Between April and August 2022, a threat actor tracked as UAC-0098 has launched at least five different campaigns targeting Ukraine.
Ukraine is under attack by hacking tools repurposed from Conti cybercrime group (Ars Technica) Researchers from Google and IBM see unprecedented blurring of lines.
Cobalt Strike servers linked to former Conti gang members attacked (SC Media) The DDoS attacks by an unknown group were riddled with anti-Russian messages, prompting security researchers to connect the incident to the Russia-Ukraine war.
Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages (BleepingComputer) Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.
Attacks, Threats, and Vulnerabilities
Albania cuts diplomatic ties with Iran over July cyberattack (Washington Post) Albania cut diplomatic ties with Iran and expelled the country’s embassy staff over a major cyberattack nearly two months ago that was allegedly carried out by Tehran on Albanian government websites, the prime minister said Wednesday.
APT42: Crooked Charms, Cons, and Compromises (Mandiant) APT42 is an Iranian state-sponsored cyber espionage group.
Mandiant links APT42 to Iranian 'terrorist org' (Register) 'It's hard to imagine a more dangerous scenario,' Mandiant Intel VP told The Reg
Iranian Hacker Group Posed as Journalists to Hunt Dissidents (Defense One) Group spent weeks trying to fool specific targets with intricate appeals—including U.S campaign staff.
Profiling DEV-0270: PHOSPHORUS’ ransomware operations (Microsoft Security Threat Intelligence) Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS.
Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group (The Hacker News) Microsoft warns of a subgroup of the Iranian threat actor Phosphorus that has been conducting ransomware attacks as a "form of moonlighting."
Ares Banking Trojan adds the departed Qakbot DGA | Zscaler (Zscaler) Zscaler ThreatLabz observed that the Ares banking trojan introduced a DGA, similar to Qakbot's. Find out more about it!
DEADBOLT ransomware rears its head again, attacks QNAP devices (Naked Security) NAS devices make it easy for anyone to add high-capacity file servers to their network. Guess why cybercrooks love NAS devices too…
Illegal sports streams riddled with threats that even the smartest users might miss (TechRadar) Streaming sports on illegal sites isn't worth it
Rachel Dillon’s fitness app Move With Us hit by data breach (New York Post) An influencer’s fitness app has been involved in a major data breach that potentially exposed customers’ personal information and revealing photos.
Holiday Inn hotels hit by cyber-attack (BBC News) The chain, run by Intercontinental Hotel Group, said its online services were facing disruptions.
InterContinental Hotels Confirms Cyber-Attack After Two-Day Outage (Infosecurity Magazine) IHG is assessing the nature, extent and impact of the incident and implementing response plans
Most IT leaders think partners, customers make their business a ransomware target (Help Net Security) Trend Micro found that 79% of global IT leaders believe their partners and customers are making their own organisation a ransomware target.
The Cost of a Data Breach for Government Agencies (Security Intelligence) Government data breaches can cost $2 million on average. See how agencies can put defenses in place before an attack actually happens.
Calling Women to Join the Cybersecurity Field (CSO Online) Cybersecurity is a necessity across every industry, including healthcare, government, transportation, banking, and retail. This offers women the opportunity to work within many industries and diversify their resumes.
Cybersecurity M&A Roundup: 41 Deals Announced in August 2022 (SecurityWeek) Forty-one cybersecurity-related M&A deals were announced in August 2022.
Open Raven Raises $20M in Series B from Pelion Ventures, Kleiner Perkins, and Upfront Ventures (Business Wire) Open Raven – the data security posture management company helping enterprises prevent leaks, breaches, and compliance incidents – announced it raised
Darktrace Shares Drop 33% After Takeover Talks Collapse (Bloomberg) Thoma Bravo failed to agree on final terms of the offer. Darktrace uses AI to check for hacks and suspicious data leaks.
‘Toxic’: Darktrace’s future clouded by concerns over culture and fraud case (the Guardian) Analysts have also criticised the cybersecurity firm’s business model but a US private equity fund is still pondering a takeover
Cyderes Announces First Half Growth Rate of Over 63% (PR Newswire) Robert Herjavec, CEO of Cyderes and co-star of the hit Emmy award-winning show Shark Tank, today announced half year financial performance for...
Anomali Named Leader and Outperformer in 2022 GigaOm Radar Report for Threat Intelligence Solutions (Business Wire) Anomali, the leader in intelligence-driven cybersecurity solutions, announced that the company has been recognized as a Leader in the 2022 GigaOm Rada
Illumio Joins the Cloud Security Alliance (GlobeNewswire News Room) Alliance to Help Organizations Accelerate Zero Trust Segmentation Across the Hybrid Attack Surface...
Tanium BrandVoice: How To Win The Cyber Talent Race (Forbes) Passion, problem-solving, and diverse perspectives can address the widening labor shortage in cybersecurity.
Omada Expands Global Team and Board to Support Growth (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), today announced four significant hires as the business...
Mandiant CEO Kevin Mandia Joins Cohesity Board of Directors and Newly Formed Cohesity Security Advisory Council (Cohesity) Cohesity Security Advisory Council Brings Together Visionaries With Deep Security Expertise from Mandiant, Netflix, and the NSA to Advise on Emerging Cyber Threats
Open Systems Hires iboss, Cylance Vet as New CMO, New Partner Program Coming (Channel Futures) The new CMO said the market opportunity for Open Systems is enormous.
Products, Services, and Solutions
Onapsis Launches Threat Intel Center to Enhance Business-Critical Application Security (Onapsis) Leading provider of business-critical application security links Onapsis Research Labs’ strategic intel with platform data to simplify threat intelligence for security teams
Code42 Instructor Uses Security Education to Scale Effective Response to Data Exfiltration Events with Incydr (Code42) Code42 Software, Inc.®, the Insider Risk Management (IRM) leader, today launched a new integration between its two leading IRM solutions – Instructor and Incydr – to accelerate and scale in-the-moment response to risky employee behaviors. The new capability allows security, compliance and education teams to immediately send corrective lessons triggered by employee actions that create […]
Financial Compliance Platform Kompliant Selects authID’s Biometric Authentication for Secure Merchant Onboarding (GlobeNewswire News Room) Adding best-in-class identity fraud and account takeover prevention, while offering a secure, frictionless onboarding experience
Delinea Server Suite Increases Privileged Security for the Largest and Newest Linux Distributions and Improves Integration with Windows Active Directory (PR Newswire) Delinea, a leading provider of privileged access management (PAM) solutions for seamless security, today announced the latest release of Server...
Datadobi's Latest StorageMAP Update Enables IT Leaders to Significantly Reduce Liability and Risk (Datadobi) Datadobi announces enhancements to StorageMAP with the introduction of capabilities to discover and remediate orphaned data.
Palo Alto Networks, Wipro Launch Managed Secure Access Service Edge (SASE), Network Defense Solutions (MSSP Alert) Palo Alto Networks, Wipro announce security solutions to help organizations "simplify, orchestrate and accelerate their cloud journey."
Shinshu University Selects TOYO Corporation’s Portable Security Solution to Enable Secured DX for the Academic Network (Business Wire) Shinshu University selects TOYO Corporation’s NetEyez Security Portable to Enable Secured DX for the Academic Network.
Australian state contracts Unisys to deploy iris and face biometrics in prisons for $12.8M (Biometric Update) The new system will replace existing touch devices with multimodal contactless scanners able to capture and process iris and face biometrics simultaneously.
Clarks Consolidates End-to-End Cybersecurity Estate with Check Point Software Technologies (GlobeNewswire News Room) Check Point’s cloud, network and endpoint solutions provide simplified management, best threat prevention and visibility, while improving cost efficiencies...
Resecurity Broadens Alliance with Cloud Seguro in Colombia (PR Newswire) Resecurity, Inc., a U.S. cybersecurity and intelligence company, announced its deepened partnership with Cloud Seguro to expand Resecurity's...
Resecurity showcased Cyber Threat Intelligence and Dark Web Monitoring at Defense & Security 2022 (PR Newswire) Resecurity, a cybersecurity and intelligence company, recently showcased its dark web monitoring and cyber threat intelligence solutions at the...
Akamai customizes Zero Trust solutions to each customer’s needs including micro-segmentation, restricting application access, securing internet access, and multi-factor authentication – PART 1 (Telecom Reseller) Zero Trust, as a required technology for enterprise, has been accelerating for the last several years based on the restructuring of corporate workplace to include remote working policies which highlighted the vulnerabilities in company networks.
Kaspersky launches Security Operations and Threat Hunting course for infosec experts (Hypertext) Education is a core aspect of cybersecurity and Kaspersky has launched a new course with the intention of helping business establish or enhance security operations centres (SOC).
Cisco partners with Radiflow for its OT security expertise (VentureBeat) Cybersecurity company Radiflow today announced a technology partnership with Cisco to provide IDS for Cisco's OT facilities.
Keeper Security Launches Upgraded MSP Platform (PR Newswire) Keeper Security, the leading provider of zero-trust, zero-knowledge and FedRAMP Authorized cybersecurity software, today released an upgraded...
Technologies, Techniques, and Standards
NSA Releases Future Quantum-Resistant (QR) Algorithm Requirements for National Security Sy (National Security Agency/Central Security Service) The National Security Agency (NSA) released the “Announcing Commercial National Security Algorithm Suite 2.0” (CNSA 2.0) Cybersecurity Advisory (CSA) today to notify National Security Systems (NSS)
NSA sets 2035 deadline for adoption of post-quantum cryptography across national security systems (FedScoop) The National Security Agency in new guidance Wednesday said it expects the owners and operators of national security systems to start using post-quantum algorithms by 2035. In an advisory note, the intelligence agency recommended that vendors start preparing for the new technology requirements but acknowledged that some quantum-resistant algorithms have yet to be approved for […]
Fighting Ransomware Takes an Army: Our Public & Private Sector Soldiers Join Forces (Dark Reading) Continued collaboration will help win the fight as cybersecurity remains a national priority. International and public-private cooperation is helping stem the damage from ransomware threats and cyberattacks.
Yeshiva University cybersecurity program rockets up in national rankings (Cleveland Jewish News) It’s also drawing applicants outside the school’s traditional base, including more women and students from outside the country.The post Yeshiva University cybersecurity program rockets up in national rankings appeared first
Legislation, Policy, and Regulation
Inglis: Hundreds of gov’t, business orgs consulted for national cyber strategy (The Record by Recorded Future) More than 300 different organizations within the U.S. government and private sector have been consulted on the new national cybersecurity strategy, according to National Cyber Director Chris Inglis.
NSA official: 'Open society' keeps US ahead on cybersecurity, technology (The Record by Recorded Future) The National Security Agency’s No. 2 official said Wednesday that the U.S. still outpaces foreign adversaries when it comes to cybersecurity and technology thanks to the country’s “open society.”
CISA Director: Tech industry should infuse security at product design stage (Cybersecurity Dive) Agency director Jen Easterly outlined a push for faster incident reporting and closer industry collaboration.
‘Treat us like adults’: CISOs air criticism of U.S. gov’t cyber outreach (The Record by Recorded Future) The CISOs for Yahoo, Netflix and Block criticized the U.S. government’s engagement efforts with the private sector, raising concerns about incident reporting and more.
Biden Cybersecurity Executive Order: Ex-US Secret Service Reflects (Trend Micro) President Biden signed Executive Order 14028, “Improving the Nation’s Cybersecurity,” on May 12, 2021 - read Ed Cabrera, former CISO of the US Secret Service, thoughts on the subject.
CISA to Hold Meetings to Flesh Out Cyber-Incident Reporting Rules (Wall Street Journal) The Cybersecurity and Infrastructure Security Agency will launch 11 consultations with critical-infrastructure operators over the coming weeks in an effort to flesh out cybersecurity reporting rules that Congress passed earlier this year.
Technical Cybersecurity Support Plan for Public Water Systems - Report to Congress (US Environmental Protection Agency) The Infrastructure Investment and Jobs Act (Public Law No. 117-58) (hereinafter, Bipartisan Infrastructure Law or BIL) requires the U.S. Environmental Protection Agency (EPA), in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), to develop a Technical Cybersecurity Support Plan (hereinafter, Support Plan).
Technical Cybersecurity Support Plan for Public Water Systems: U.S. Environmental Protection Agency Issues Report to U.S. Congress (JD Supra) The United States Environmental Protection Agency (“EPA”) issued a document related to the drinking water sector titled: Technical...
Cybersecurity Best Practices for the Safety of Modern Vehicles (NHTSA) This document from the National Highway Traffic Safety Administration (NHTSA) updates the Agency’s non-binding and voluntary guidance to the automotive industry for improving motor vehicle cybersecurity. NHTSA encourages vehicle and equipment manufacturers to review this guidance to determine whether and, if so, how to apply this guidance to their unique systems.
NHTSA Updates Vehicle Cybersecurity Guidelines (National Highway Traffic Safety Administration) Connected vehicle technology is on the rise, offering customers a wealth of new features. However, this technology also leaves users more vulnerable to cybersecurity threats, and as such, the National Highway Traffic Safety Administration, or NHTSA, has released updated cybersecurity best practices for new vehicles.
White House Cyber Director Shares Concerns That Keep Him Up at Night (ClearanceJobs) White House Cyber Director, the Honorable Chris Inglis shared key developments, initiatives, and concerns with the Billington Summit audience.
NSA Deputy Chief: Lack of US 'readiness' against adversaries worrying (Al Mayadeen English) When asked what keeps him awake at night, NSA Deputy Director George Barnes said the lack of the United States' readiness to respond to foreign adversaries' actions.
Have the Huawei Bans Achieved the US’ Intended Goals? (International Banker) The last few years have seen the US approve increasingly punitive legislation against Huawei, much of which has been based on perceiving the Chinese telecom giant as a national-security risk. But have the bans been effective? Have they influenced US-China relations? And has the US suffered more than China in the race to 5G supremacy?
Litigation, Investigation, and Law Enforcement
WT1SHOP: Authorities Seize Online Marketplace Selling Stolen Login Credentials and Other PII (Flashpoint) On Tuesday, the DOJ released notice that illicit marketplace WT1SHOP, led by Nicolai Colesnicov, has been seized by authorities.
Elon Musk Allowed to Amend Twitter Countersuit to Add Whistleblower Claims (Wall Street Journal) The judge in the lawsuit over Twitter and Elon Musk’s stalled $44 billion takeover said the billionaire can amend his countersuit to include allegations of mismanagement by the social-media platform’s former head of security.
Material on foreign nation’s nuclear capabilities seized at Trump’s Mar-a-Lago (Washington Post) Some seized documents were so closely held, only the president, a Cabinet-level or near-Cabinet level official could authorize others to know
Opinion The Trump search case judge doesn’t get the national security stakes (Washington Post) Okay, Judge Aileen Cannon, you’ve got me stumped: How can the U.S. government conduct a national-security damage assessment about possibly leaked classified documents if FBI criminal investigators can’t look at the documents or interview witnesses to figure out who might have had access to the material?