Dateline
Ukraine at D+115: Growing unrest over mobilization, and warnings of cyberattack. (CyberWire) If only President Putin knew, state propagandists say, of the mess regional authorities were making of partial mobilization, the errors would cease. Ukrainian military intelligence warns of a coming wave of Russian cyberattacks against critical infrastructure, especially the power grid.
Russia-Ukraine war: List of key events, day 216 (Al Jazeera) As the Russia-Ukraine war enters its 216th day, we take a look at the main developments.
Putin massing fresh forces on Kharkiv border ahead of possible renewed offensive (The Telegraph) Russia is regularly firing shells and sending drones across the border since withdrawing last month, a Ukrainian defence official has said
Putin's call-up fuels Russians' anger, protests and violence (AP NEWS) Long lines of cars on roads snaking to Russia’s border crossings with Georgia, Kazakhstan and Mongolia, and similar queues at airports. Angry demonstrations — not just in Moscow and St.
Russia Admits to Draft Problems as Anger Flares Into Violence (New York Times) The Kremlin’s spokesman tried to shift blame for errors in the call-up to regional agencies on Monday, the same day a gunman attacked a draft office in Siberia.
Putin’s Top Cheerleaders Panic Over Russian Army ‘Mutiny’ (The Daily Beast) Two of Putin’s most strident supporters are freaking out about the disastrous mass mobilization efforts, which they fear could lead to a major revolt against the war in Ukraine.
Russia says no decision to seal borders amid mass exodus of men (Al Jazeera) Thousands are fleeing the country to avoid call to fight in Ukraine after Russia ordered first mobilisation since WW II.
Zelensky thanks US for advanced air defense systems, calls for more help (The Hill) CORRECTION: Ukraine has not yet received the National Advanced Surface-to-Air Missile Systems (NASAMS). A previous version of this story contained incorrect information on the delivery of…
Blinken: Conversation about supplying weapons to Ukraine ‘ongoing’ (Washington Post) Secretary of State Antony Blinken said a conversation with Ukraine over the supply of U.S. weapons to aid the country’s war effort is “ongoing,” notably regarding a request from Kyiv for Army Tactical Missile Systems, or ATACMS, as the surface-to-surface missiles are commonly known.
Invaders Preparing Mass Cyberattacks on Facilities of Critical Infrastructure of Ukraine and Its Allies (Defence Intelligence of the Ministry of Defence of Ukraine) The kremlin is planning to carry out massive cyberattacks on the critical infrastructure facilities of Ukrainian enterprises and critical infrastructure institutions of Ukraine’s allies. First of all, attacks will be aimed at enterprises of energy sector. The experience of cyberattacks on Ukraine's energy systems in 2015 and 2016 will be used when conducting operations.
Ukraine Says Russia Planning 'Massive Cyberattacks' on Critical Infrastructure (SecurityWeek) The Ukrainian government is proactively warning that Russia is planning “massive cyberattacks” against critical infrastructure targets in the energy sector.
Ukraine warns of Russian cyber attacks targeting critical infrastructure (Computing) The next wave of attacks will likely focus on disrupting facilities and institutions related to the energy sector.
Russia plans “massive cyberattacks” on critical infrastructure, Ukraine warns (Ars Technica) Distributed denial-of-service attacks are also likely to increase, advisory says.
Ukraine warns allies: Russia plans 'massive cyberattacks' (Register) Will those be before or after the nuke strikes Putin keeps banging on about?
Hackers Working With Russia to Coordinate Cyberattacks, Google Says - Tech News Briefing - WSJ Podcasts (Wall Street Journal) The Russian military may be coordinating with hackers and online activists in cyberattacks, according to a new report from Google researchers. WSJ cybersecurity reporter Robert McMillan joins host Zoe Thomas to discuss how the coordination is said to work, and why it is raising so much concern in the West.
Viasat Hack "Did Not" Have Huge Impact on Ukrainian Military Communications, Official Says (Zero Day) Contrary to initial reports that it resulted in a "really huge loss in communications in the very beginning of war," the hack did not have a huge impact on ability to coordinate military operations.
Soviet Monuments Become Latest Target of Backlash Against War in Ukraine (New York Times) Across Eastern and Central Europe, statues honoring Soviet troops for their role in defeating the Nazis in World War II have in recent weeks come down or been slated for demolition.
Diplomacy Is Still (Just About) Possible in Ukraine (Foreign Policy) The Black Sea agreement offers a model for off-ramps to escalation.
Tunisia’s Perfect Economic Storm (Foreign Policy) Crises at home and abroad have touched off food shortages across the country.
Attacks, Threats, and Vulnerabilities
Caught in the crossfire of cyber conflict (Observer Research Foundation) The recent cyberattack on Albania by Iran highlights the intensification of conflict within cyberspace.
Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto (SentinelOne) First Coinbase, now Crypto.com. Lazarus campaign targets more crypto exchange platform job seekers with multi-stage malware.
Elon Musk's Starlink is now active in Iran amid widespread internet outages, academic says after speaking to Musk (Business Insider) Disruption to Iran's internet began after protests started over a young woman dying in police custody. Elon Musk said SpaceX was activating Starlink.
Why Elon Musk’s Starlink will not affect protests in Iran (Al Jazeera) So far the only effect of Starlink’s ‘activation’ has been indirectly helping spread malware on Iranian devices.
Adware on Google Play and Apple Store installed 13 million times (BleepingComputer) Security researchers have discovered 75 applications on Google Play and another ten on Apple's App Store engaged in ad fraud. Collectively, they add to 13 million installations.
Who’s next in Lapsus$’ crosshairs? (Digital Shadows) You've probably read that our favorite mischievous friends at the Lapsus$ group have been up to their old tricks. This time, compromising the networks of Uber, Rockstar Games, and even Cisco. While we all wondered what had happened to Lapsus$ since their noisy introduction into the threat landscape in late 2021, the group has returned
Report: Sift Uncovers New Cashout Scam Targeting Forgotten Crypto Accounts (GlobeNewswire News Room) Sift’s Q3 2022 Digital Trust & Safety Index also reveals account takeover attacks surged 131% in H1 2022 compared to H1 2021...
Hackers Leak French Hospital Patient Data in Ransom Fight (SecurityWeek) Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed.
US arm of Israeli defense giant Elbit Systems says it was hacked (TechCrunch) Elbit Systems of America, the U.S. arm of Israeli defense contractor Elbit, says its network was compromised in early June and personal information of employees was stolen.
Optus hacker releases 10,000 customers' details and issues new threat (Sky News) The hacker behind the Optus data breach has released 10,000 customer records and is threatening to continue leaking private information of other account holders with the telecommunications giant if it does not pay a six-figure ransom.
‘Last thing I need’: Optus customer scrambles to protect himself (Australian Financial Review) “It’s pretty concerning,” says David McShane, who has been an Optus customer for five years.
An alleged hacker has offered their 'deepest apologies' to Optus. Here's the latest on the data breach (ABC) What we know after a forum user claiming to have the details of Optus customers threatened to release 10,000 records unless a ransom is paid, only to then claim "we don't care anymore".
Singtel's Optus under further fire for cyber breach; purported hackers claim data deleted (The Straits Times) Alleged hackers also withdraw $1.4m ransom demand
Read more at straitstimes.com.
‘Not feasible’ to crack properly encrypted data (Australian Financial Review) Even the most standard, modern encryption simply can’t be broken, suggesting the Optus data may not have been encrypted in any meaningful way, an encryption expert says.
Optus hack not 'sophisticated' as claims 10,000 customers have data publicly released (9News) A high school student could have pulled off the Optus cyberattack, a security expert claims, as the telco g...
Everything Happening in This Optus Cyberattack Shitstorm, I Promise (Vice) Here is where we’re at, in a way we hope is at least some part digestible.
Microsoft Dismantles Spam Campaign Abusing OAuth Applications (SecurityWeek) Microsoft has dismantled a malicious campaign in which OAuth applications deployed on compromised cloud tenants were used to distribute spam messages.
Microsoft SQL Server targeted by ransomware (Computing) FARGO ransomware, also known as Mallox and TargetCompany, disables database protections then encrypts records within
FARGO Ransomware Attacks MS-SQL Servers To Encrypt Internet Services (Cyber Security News) Cybersecurity experts at the ASEC (AhnLab Security Emergency Response Center) analysis team have recently warned that Microsoft SQL servers that are vulnerable to attacks have been targeted by the ransomware called FARGO in a new wave of attacks. An MS-SQL server is a system that is used for storing and managing data related to internet […]
Hacktivist Attacks Show Ease of Hacking Industrial Control Systems (SecurityWeek) Hacktivists might not know a lot about ICS, but they’re well aware of the potential implications of hacking these devices, and some groups have been targeting ICS to draw attention to their cause.
The Anatomy of Wiper Malware, Part 1: Common Techniques (CrowdStrike) In this first post of our four-part series on wiper malware, CrowdStrike’s Endpoint Protection Content Research Team dives into the various techniques employed by wipers.
The Anatomy of Wiper Malware, Part 2: Third-Party Drivers (CrowdStrike) Learn how wiper families have used legitimate third-party drivers to bypass the visibility and detection capabilities of security mechanisms and solutions.
The Anatomy of Wiper Malware, Part 3: Input/Output Controls (crowdstrike.com) In Part 3 of our series examining wiper malware, our Endpoint Protection Content Research Team covers how input/output controls are used to achieve different goals.
Trends
To encrypt or to destroy? Ransomware affiliates plan to try the latter (Help Net Security) Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims' data.
National Cyber Power Index 2022 (Belfer Center for Science and International Affairs) In his Note to Readers of the 2022 National Cyber Power Index, Eric Rosenbach, Belfer Center Co-Director and former Chief of Staff and Assistant Secretary for the U.S. Department of Defense, writes: "With the challenges in the cyber domain only increasing, it is critical for analytical tools to also be available, presenting the full range of cyber power, and informing critical public debates today. The framework that the NCPI provides is one that allows policymakers to consider a fuller range of challenges and threats from other state actors. The incorporation of both qualitative and quantitative models, with more than 1000 existing sources of data and with 29 indicators to measure a state’s capability, is more comprehensive than any other current measure of cyber power."
Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey (PR Newswire) Nearly a quarter of businesses have suffered a ransomware attack, with a fifth occurring in the past 12 months, according to a latest annual...
4th Annual Penetration Risk Report (Coalfire) Learn how cyber risks have significantly shifted this year in new research report.
Marketplace
M&A Technology Stalwart Goes All in on Cybersecurity (Mergers & Acquisitions) An Interview with Thoma Bravo’s Chip Virnig.
Akamai Turns Up Linode Past 11 (Akamai) First phase to double the scale of Linode global footprint
USTRANSCOM Selects Electrosoft for $21M SISO Support Services Contract (PR Newswire) Electrosoft Services, Inc., an award-winning federal IT and professional services firm specializing in cybersecurity, announced today it has...
Another VPN service leaves India, defies Indian Govt laws: Know why (HT Tech) Proton VPN service leaves India for the same reasons as Nord and Express VPN services. Here are all the details.
VPN Providers Remove Servers From India In Wake Of New Data Collection Laws (Techdirt) VPN providers remain a primary target of governments around the world (authoritarian leaning and otherwise) that don’t much like their citizens chatting privately or avoiding government surve…
CyberGRX Recognized With Frost & Sullivan’s 2022 Market Leadership Award (Business Wire) CyberGRX today announced that Frost & Sullivan named the company the 2022 North America Market Leader in the cyber risk management industry.
Teleport Recognized by Inc. and Great Places to Work for Rapid Growth and Company Culture (PR Newswire) Teleport, the market leader in Identity-native Infrastructure Access, has been recognized for its growth, product and company culture in the...
BedRock Systems Inc. Appoints Sean Plankey as Chief Architect for Energy and Critical Industries (Accesswire) BedRock Systems, the leading software company delivering an unbreakable foundation for secure computing from edge to cloud, today announced the addition of Sean Plankey as Chief Architect for Energy and Critical Industries. A veteran of the US Coast Guard and former Department of Energy Executive with extensive cyber security experience, Plankey will lead efforts to define and deliver
COALFIRE NAMES NEW CFO AND GENERAL COUNSEL (PR Newswire) Coalfire, the largest global cybersecurity firm, recently appointed Merri Chandler as chief financial officer, and Aparna Dasai Williams as...
Traceable AI Taps Richard Bird as Chief Security Officer (PR Newswire) Traceable, the industry's leading API security and observability company, announced the appointment of Richard Bird as Chief Security Officer...
Products, Services, and Solutions
Versa Networks and Nabiq Partner to Deliver Advanced Private 5G Services in Japan (Business Wire) Versa Networks, the recognized secure access service edge (SASE) leader, and Nabiq of Japan today announced their new partnership to deliver advanced
Cloudflare launches an eSIM to secure mobile devices (TechCrunch) Cloudflare is launching new mobile services, including an eSIM, designed to help businesses better secure employees' smartphones.
Sateliot Works With AWS on 5G IoT Satellite Network (Via Satellite) Satellite IoT company Sateliot announced a partnership with Amazon Web Services (AWS) on Monday to build a cloud-based 5G service for narrowband IoT
Netography Upgrades Platform to Provide Scalable, Continuous Network Security and Visibility Across the Atomized Network (Business Wire) Netography announced further innovation to its Netography Fusion® platform, delivering scalable, continuous network visibility and control.
Owl Cyber Defense and Votiro Partner to Protect Secure Networks From Threats in Files (Owl Cyber Defense) The Combination of Data Diodes, Cross Domain Solutions, and Content Disarm and Reconstruction Offers Unmatched Security to Ensure Network Protection and
GuidePoint Security Launches Industrial Control Systems (ICS) Security Service Offerings (Guidepoint Security) Cybersecurity Solutions Provider Helps Organizations Bridge the IT and OT Security Gap
Keeper Security Lands on GigaOm Radar Report for Password Management (Business Wire) GigaOm names Keeper Enterprise Password Management a Leader
Rite-Solutions Receives $77 Million, Five-Year, Cybersecurity Contract (PRWeb) Rite-Solutions was awarded a $77 million, five-year contract by the Naval Surface Warfare Center Dahlgren Division (NSWCDD) under the Department of the
Votiro Partners With Owl Cyber Defense to Protect Secure Networks from Threats in Files (Business Wire) Votiro announces partnership with Owl Cyber Defense to ensure secure file transfers into isolated government ministry networks.
Cybrary Partners With Carahsoft to Provide Cybersecurity Skill Development to Government Agencies and Customers (PR Newswire) Cybrary, the leading training platform for cybersecurity professionals, today announced a partnership with Carahsoft Technology Corp, the...
Technologies, Techniques, and Standards
MITRE and OUSD unveil 5G FiGHT framework (Intelligence Community News) On September 26, McLean, VA-based MITRE and the Department of Defense (DoD) announced the launch of the FiGHT (5G Hierarchy of Threats) adversarial threat model for 5G systems.
Dragos Receives Numbering Authority Designation for CISA-Sponsored Cybersecurity Catalog (ExecutiveBiz) Looking for the latest Government Contracting News? Check out our story: Dragos Receives Numbering Authority Designation for CISA-Sponsored Cybersecurity
Design and Innovation
Not All Bots Are Bad, and Twitter Knows It (WIRED) Automated accounts are the target of ire and the linchpin of Elon Musk’s attempt to break his deal with the platform. But some are benign—or even helpful.
Academia
IBM expands HBCU cybersecurity center program to 20 schools (The Record by Recorded Future) IBM will be expanding its collaboration with HBCUs, bringing its Cybersecurity Leadership Centers to 14 new schools.
LSU Receives Elite Cyber Designation from the National Security Agency (LSU) NSA’s recognition of excellence in cybersecurity validates and accelerates LSU’s leadership in education and research, laying the foundation for national prominence in cyber talent and technology development.
Legislation, Policy, and Regulation
Trafficking Data: China’s Pursuit of Digital Sovereignty (Diplomat) Insights from Aynne Kokas.
Iran president threatens ‘decisive’ response as protests continue (Washington Post) Protests continued in Tehran and other Iranian cities Sunday for a 10th day, with videos emerging of large demonstrations despite tightening internet restrictions and an expanding clampdown by security forces, monitoring groups said.
Iran’s Internet Shutdown Hides a Deadly Crackdown (WIRED) Amid protests against the killing of Mahsa Amini, authorities have cut off mobile internet, WhatsApp, and Instagram. The death toll continues to rise.
Shutting down the internet is another brutal blow against women by the Iranian regime (the Guardian) Decades of activism led to mass protests against Mahsa Amini’s death. Free access to the web has to be a priority now, says digital transformation expert Azadeh Akbari
The Morning Dispatch: Iran's Protests Grow (Dispatch) As does the regime's violent response.
Joint Statement: U.S. Treasury’s New General License D2 Advances Internet Freedom in Iran (Center for Human Rights in Iran) Now Companies Must Make Tech Products Available and U.S. Government Must Encourage Them September 26, 2022—Today, the Public Affairs Alliance of Iranian Americans (PAAIA) and the Center for Human Rights in Iran (CHRI) welcomed an announcement by the U.S. Department of Treasury of the issuance of Iran General License (GL) D-2, which updates and expands existing exemptions under U.S. sanctions to increase support for Internet freedom in Iran. The new license follows years of advocacy by both organizations. “We welcome with open arms the announcement of General License D-2 by the U.S. Department of Treasury. This new license is an invaluable step in supporting civil society in Iran and ensuring that the
This Vote Could Change the Course of Internet History (WIRED) UN countries are preparing to pick a new head of the International Telecommunications Union. Who wins could shape the open web's future.
ITU Plenipotentiary Conference - Joint policy statement - Human-centric approach at the core of the standardisation and connectivity (EEAS) Delivered by CZ on behalf of the 27 EU Member states and 27 other countries
Banks point to law enforcement for solutions in combating P2P fraud (American Banker) Financial institutions continue to push back against efforts to be held liable when a consumer is tricked into sending a payment that later turns out to be a scam.
Litigation, Investigation, and Law Enforcement
Russia detains Japanese diplomat ‘caught red-handed’ spying (The Telegraph) FSB security service accuses official of trying to buy classified information about another country cooperating with the Kremlin
Japan consul ‘blindfolded and restrained’ during FSB interrogation in Russia (the Guardian) Tokyo demands apology from Moscow after diplomat subjected to ‘coercive interrogation’ in Vladivostok
Putin grants Russian citizenship to U.S. whistleblower Snowden (Reuters) Snowden fled the United States and was given asylum in Russia after leaking secret files in 2013.
Edward Snowden Is Granted Russian Citizenship (New York Times) Mr. Snowden, a former intelligence contractor, left the United States after giving hundreds of highly classified N.S.A. documents to The Guardian and The Washington Post in 2013.
Russia Gives Citizenship to Ex-NSA Contractor Edward Snowden (SecurityWeek) Russian President Vladimir Putin has granted Russian citizenship to former U.S. security contractor Edward Snowden who exposed NSA secrets
U.S. State Department Says Putin Could Send Snowden to War (The Daily Beast) Now that the former NSA contractor is officially Russian, he “may well be conscripted to fight in Russia’s war in Ukraine,” State Department spokesperson Ned Price said Monday.
Australian cybersecurity minister lambasts Optus for ‘unprecedented' hack (The Record by Recorded Future) Australia’s cybersecurity minister criticized the country’s second largest telecommunications company for its response to what she called an “unprecedented theft of consumer information.”
FBI Working With Australian Authorities on Optus Cyberattack (MarketScreener) The FBI is working with Australian authorities to investigate a data breach at Optus, one of the country's largest telecoms companies. Australia's Attorney-General...
Uber and Rockstar – has a LAPSUS$ linchpin just been busted (again)? (Naked Security) Is this the same suspect as before? Is he part of LAPSUS$? Is this the man who hacked Uber and Rockstar? And, if so, who else?
TikTok Seen Moving Toward U.S. Security Deal, but Hurdles Remain (New York Times) A draft agreement with the Biden administration to keep the Chinese-owned video app operating in the United States is under review. That could mean more wrangling.
TikTok Faces Hefty Privacy Fine in UK Children’s Data Probe (Bloomberg) ByteDance Ltd.’s TikTok faces a possible fine of 27 million pounds ($28.9 million) after the UK’s privacy watchdog provisionally found the company may have breached data protection rules by failing to sufficiently protect children’s data.
California, New York and other U.S. states take action against crypto lender Nexo (The Block) California's Department of Financial Protection and Innovation issued a cease and desist against crypto lender Nexo Monday over its crypto interest-bearing accounts.
Twitter, Elon Musk Spar Over Legal Preparations as Trial Date Looms (Wall Street Journal) The Delaware judge presiding over the takeover dispute has begun to set the contours of the October trial.