Dateline Moscow and Kyiv: Annexation and infrastructure threats.
Ukraine at D+118: Annexation, disinformation, and infrastructure attacks. (CyberWire) President Putin, in the face of international condemnation, announces the annexation of four Ukrainian provinces. Ukraine's counteroffensive continues to make progress in the Donbas, as long-range Russian missiles resume strikes against civilian targets. The Nord Stream incident is now generally regarded as sabotage, and European concerns about attacks against energy infrastructure rise.
Russian attack kills 25 in civilian convoy in Ukraine: Kyiv (Al Jazeera) Targeted convoy of civilians planned to travel into occupied territory to pick up relatives, Ukrainian official says.
Russia's Putin opens signing event to annex parts of Ukraine (AP NEWS) Russian President Vladimir Putin opened a Kremlin ceremony Friday to start the process of absorbing parts of Ukraine into Russia by saying he would sign laws to annex them despite international condemnation and protect the newly incorporated regions using “all available means.”
Russia-Ukraine war live: Putin gives address to Russia before announcing annexation of four occupied Ukraine territories (the Guardian) Russian leader to preside over signing ceremony with Russian-installed heads of Kherson, Zaporizhzhia, Donetsk and Luhansk
Ukraine Advance Near Key Donbas Town Tests Putin’s Land Grab (Bloomberg) Lyman ‘pocket’ in danger of encirclement by Ukrainian troops. Stop being afraid of Russians, says Ukraine’s defense minister.
Corrupt and repressive Russians tried to give us passports but now they’ve gone we want fireworks (The Telegraph) When Moscow took the Ukrainian city of Kupyansk, it had little regard for the territory it spilled so much blood to conquer
Evening Update: Russian rockets kill family of four in Dnipro ahead of annexation (The Globe and Mail) Also: For one residential school survivor, making drums honours Kamloops’s lost children
Russia’s military isn’t ready for an escalation. Ukraine and its partners can exploit that. (Atlantic Council) Russia’s current policies will inevitably lead to tensions within the country and problems with force quality.
Russian men break arms and legs to avoid being sent to Ukraine frontline (The Telegraph) Images posted online show those eligible for mass mobilisation mutilating each other in desperate bid to skip the draft
Putin to host ceremony annexing occupied Ukrainian territories on Friday, Kremlin says | CNN (CNN) Russia will on Friday begin formally annexing up to 18% of Ukrainian territory, with President Vladimir Putin expected to host a ceremony in the Kremlin to declare four occupied Ukrainian territories part of Russia.
Putin to formally annex Russian-occupied Ukraine in hawkish speech lashing out at West (The Telegraph) Russian support for war continues to decline following 'sham' referendums in Donetsk, Luhansk, Kherson and Zaporizhzhia regions
Russia to annex four occupied regions of Ukraine on Friday (Axios) The expected annexation will dramatically raise the stakes in the war.
Statement by the Members of the European Council (European Council) EU leaders condemn the illegal annexation by Russia.
Biden says U.S. will never recognize Russian claims on Ukraine (Reuters) President Joe Biden pledged on Thursday the United States will never recognize Russia's claims on Ukraine's sovereign territory as the United States prepared new sanctions to impose once Moscow annexes new areas of Ukraine.
Escalation of Ukraine War Effort Raises Risks to Russia’s Putin at Home and Abroad (Wall Street Journal) As the Russian president grasps for a breakthrough in the war, he runs the risk of overreaching, say analysts.
Vladimir Putin's rule book makes it impossible to hand land back (The Telegraph) The Russian leader publicly nails his colours to the mast of the leaking and increasingly top-heavy ship, the ‘Special Military Operation’
Why Russia’s Annexation of Ukrainian Territory Matters (Time) In the absence of military victories, Russia is annexing Ukrainian territory to try and undermine Western support for Ukraine
Ukraine Latest: Biden Condemns Annexation Referendum as ‘Sham’ (Bloomberg) President Joe Biden denounced Russian efforts to absorb occupied regions of Ukraine as “a flagrant, flagrant violation of the UN Charter and the basic principles of sovereignty and territorial integrity.”
U.S., allies to increase pressure on Russia following annexation (Washington Post) On the eve of Russian President Vladimir Putin’s intention to formally annex four Ukrainian regions, the United States and its allies put the finishing touches on their plans to respond with measures designed to significantly increase the military, diplomatic and economic pressure they believe will eventually box Putin into an intolerable position.
Finland closing border to Russian tourists starting Friday (Axios) Finland was one of several countries that announced plans to close its borders to Russian tourists last week.
Fourth Nord Stream Leak Spotted, NATO Sees 'Sabotage' - The Moscow Times (The Moscow Times) Swedish authorities said Thursday a fourth leak was detected on undersea pipelines linking Russia to Europe following what NATO described as an act of sabotage.
Russian spy chief: West was behind sabotage of Nord Stream (Reuters) Russia's top spy said on Friday that Moscow had intelligence indicating that the West was behind what he said was a "terrorist act" against the Nord Stream gas pipelines under the Baltic Sea.
NATO Formally Blames Sabotage for Nord Stream Pipeline Damage (Wall Street Journal) The military alliance said it would be prepared to defend its infrastructure from attacks, in a ratcheting up of tensions between Russia and the West
NATO: Nord Stream pipeline leaks result of "sabotage" (Axios) The North Atlantic Council plans to take "a united and determined response" on the attack.
Pentagon chief: Too soon to say who might be behind Nord Stream pipeline attack (www.euractiv.com) US Defense Secretary Lloyd Austin said on Thursday (29 September) it was still too soon to speculate who might have been behind the Nord Stream pipeline ruptures.
First on CNN: European security officials observed Russian Navy ships in vicinity of Nord Stream pipeline leaks (CNN) European security officials on Monday and Tuesday observed Russian Navy support ships in the vicinity of leaks in the Nord Stream pipelines likely caused by underwater explosions, according two Western intelligence officials and one other source familiar with the matter.
Mysterious Blasts and Gas Leaks: What We Know About the Pipeline Breaks in Europe (New York Times) The leaks, which may amount to as much as a third of Denmark’s annual carbon emissions, expose the vulnerability of critical infrastructure as the war in Ukraine continues.
Nord Stream spill could be biggest methane leak ever but not catastrophic (Washington Post) The two explosions in the Nord Stream 1 and 2 pipelines in the Baltic Sea resulted in what could amount to the largest-ever single release of methane gas into the atmosphere, but it may not be enough to have a major effect on climate change, experts say.
Nord Stream Gas Leaks May Be a New Disaster for the Climate (Bloomberg) Germany estimates 300,000 metric tons of methane escapes. Scientists speculate it could be one of the worst leaks ever.
NATO issues 'sabotage' warning after gas pipeline explosions (NBC News) “Any deliberate attack against allies’ critical infrastructure would be met with a united and determined response,” the military alliance said after the Nord Stream explosions.
Russia’s Purported Sabotage Of The Nord Stream Pipeline Marks A Point Of No Return (Forbes) This is not the first time the Russians have transparently lied about energy infrastructure damage to weaponize their energy resources or geographical position as a transit country.
Nach Angriff auf Nord Stream 1 und 2: Ist Deutschland vor russischen Hackern sicher? (WirtschaftsWoche) Nach den Attacken auf die Gaspipelines in der Ostsee rückt die Bedrohung der deutschen IT in den Fokus. Experten warnen vor naiven Unternehmen und schlecht koordinierten Behörden.
'We all have to be worried': War in Ukraine boosts energy cyberattack risks, says Petrobras executive (Upstream Online) The hard work of improving processes and training is crucial to bolstering companies' cybersecurity defences, says Petrobras' chief information security officer
Finnish intelligence warns Russia ‘highly likely’ to turn to cyber in winter (The Record by Recorded Future) The head of the Finnish Security Intelligence Service (Suojelupoliisi or SUPO) says it is “highly likely that Russia will turn to the cyber environment over the winter” for espionage due to challenges impacting its human intelligence work.
Ukraine War Goes Hybrid (Energy Intelligence) All signs point to escalation in Europe's energy war with Russia.
New Warnings from Ukraine About Looming Russian Cyberattacks (VOA) Latest advisory says Moscow could try to exploit software vulnerabilities to take down information systems or alter critical data
Russian Cyber Efforts in Ukraine See Muted Results, Says Panel (USNI News) The Kremlin’s disinformation campaign and massive escalation of cyber attacks on Kyiv’s infrastructure have failed to break the Ukrainians’ will to fight, the author of a recent book on Russian information warfare said Thursday. Speaking at the United States Naval Institute event, Bilyana Lilly, geopolitical risk lead at Krebs Stamos Group, said Moscow increased its …
Ukraine-Russia Conflict: Ukraine Alerts Energy Enterprises to Possible Cyberattack Escalation (Security Boulevard) Cyberattack Warning: The Latest Development as Tensions Between Russia and Ukraine Continue Escalating
Ukraine is Winning the Cyber War (CEPA) Russia’s cyberattacks failed to shut down Ukrainian infrastructure or hurt its military. This success holds important lessons.
Referendum as Violence and Humiliation in Southeastern Ukraine (Wilson Center) Ukrainian citizens in the temporarily occupied areas of Luhansk, Donetsk, Zaporizhzia, and Kherson oblasts have been put into yet another situation of survival and humiliation—this time, by the September 24–27 forced referenda on joining Russia.
Putin blames invasion on collapse of the Soviet Union (The Telegraph) Vladimir Putin has blamed the war in Ukraine on the collapse of the Soviet Union.
In Washington, Everyone Wins if Ukraine Wins (Foreign Policy) How backing Kyiv can bridge the partisan divide and make U.S. foreign policy great again.
How the War in Ukraine Might End (The New Yorker) In recent years, a small group of scholars has focussed on war-termination theory. They see reason to fear the possible outcomes in Ukraine.
Pentagon Plans to Set Up a New Command to Arm Ukraine, Officials Say (New York Times) The mission in Germany would streamline a training and assistance system that the United States and its allies created on the fly after Russia’s invasion, officials said.
Republicans push Biden to use $2.1 billion Ukraine aid set to expire (Defense News) Republicans warn Biden against letting $2.1 billion in Ukraine military aid expire, urging the White House to use it to send Kyiv long-range missiles.
Putin Can Afford at Least Two More Years of War (Wilson Center) Since early in his rule, Vladimir Putin has been a major beneficiary of the 2000s oil price boom. While in 2000 the benchmark Brent crude sold for over $28 a barrel, in 2011 the annual average exceeded $111.
Kennan Cable No. 79: Russia is Looting Ukraine’s Breadbasket…Again (Wilson Center) Ukraine is widely known as Europe and Eurasia’s breadbasket. In recent decades, Ukraine has become granary to the world. But its reputation as a vital world food source also evokes a tragic history. Ukraine’s agricultural wealth has often mixed with blood and tears.
The economic response that can match Putin’s escalation in Ukraine (Atlantic Council) The G7 and the wider West have done a solid job targeting the Russian economy. Now, they need to keep up the pressure.
Tech Rallies to Rescue Ukraine (CEPA) From housing refugees to fighting disinformation and cyberattacks, US tech companies have helped defend Ukraine.
Local cyber firm Recorded Future is helping Ukraine fight Russia (Boston Globe) As the war in Ukraine has continued, Recorded Future chief executive Christopher Ahlberg realized the company could help the country defend itself, while at the same time supporting and growing its tech team there.
Recorded Future Partners with Ukraine for Hiring Initiative (PR Newswire) Recorded Future, the world's largest intelligence company, today announced a hiring initiative in Ukraine with the support of the Ministry of...
Russian Billionaire Charged with Violating Sanctions on Economic Activity Inside US | New York Law Journal (New York Law Journal) Attorney General Merrick Garland said the indictment of Deripaska, who has been linked to Russian President Vladimir Putin, is the latest step in the United States’ response to “Russia’s unjust and unprovoked invasion of Ukraine.”
Musk said Russian media had ‘lot of bulls—, but some good points too’ after Ukraine invasion (The Hill) Elon Musk wrote that Russian state-controlled media had “some good points” less than two weeks after the country invaded Ukraine, according to texts revealed in a new court filing. The message was …
Dismantling a Prolific Cybercriminal Empire: REvil Arrests and Reemergence (Trellix) In this blog, we will take you all the way from the steps REvil took to build their cybercriminal enterprise through the missteps that eventually led to their downfall.
Attacks, Threats, and Vulnerabilities
EXCLUSIVE Senior Indonesian officials targeted by spyware last year – sources (Reuters) More than a dozen senior Indonesian government and military officials were targeted last year with spy software designed by an Israeli surveillance firm, according to nine people with knowledge of the matter.
12 senior Indonesian officials targeted by NSO software - report (Jerusalem Post) The officials include Coordinating Minister for Economic Affairs, a senior military official, and two local diplomats.
ZINC weaponizing open-source software (Microsoft Security Threat Intelligence | LinkedIn Threat Prevention and Defense) In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC.
Lazarus Group Affiliate Uses Trojanized Open Source Apps in New Campaigns (Decipher) Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.
North Korea weaponizes open-source software. (CyberWire) Pyongyang is actively exploiting malicious open-source applications to prospect engineers and tech support personnel.
New Royal Ransomware emerges in multi-million dollar attacks (BleepingComputer) A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million.
Never-before-seen malware has infected hundreds of Linux and Windows devices (Ars Technica) Small office routers? FreeBSD machines? Enterprise servers? Chaos infects them all.
Info-Stealing Malware, SolarMarker, is Using Watering Hole Attacks… (eSentire) Read this blog to see how SolarMarker has returned to the hacking scene with a new twist in its tactics and find out how to protect your business.
CVE-2022-37461: Two Reflected XSS Vulnerabilities in Canon Medical’s Vitrea View (Trustwave) During a penetration test, Trustwave Spiderlabs’ researcher, Jordan Hedges, identified two vulnerabilities in third-party software for Canon Medical’s Vitrea View (https://anz.medical.canon/).
New 0-Day Vulnerabilities Found in Microsoft Exchange (Huntress) The Huntress team is currently investigating new 0-day vulnerabilities in Microsoft Exchange servers, piggybacking on ProxyShell and ProxyLogon.
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server (GTSC - Cung cấp các dịch vụ bảo mật toàn diện) Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application.
Mystery Hackers Are ‘Hyperjacking’ Targets for Insidious Spying (WIRED) For decades, security researchers warned about techniques for hijacking virtualization software. Now one group has put them into practice.
Inside a cyberattack method that targets your cellphone (Washington Post) A recent spree of “smishing” attacks points to what some experts anticipate will be a wider threat in the future.
Auth0, an authentication service provider and Okta subsidiary hacked (Information Security Newspaper) Auth0, an authentication service provider and Okta subsidiary hacked - Incidents - Information Security Newspaper | Hacking News
Auth0 Finds No Breach Following Source Code Compromise (SecurityWeek) Auth0 says it has not identified a data breach following a third-party’s claim to possess Auth0 older source code repositories.
A Deep Dive into the 0ktapus Phishing Attacks (Swimlane) Learn how Swimlane’s own SOC team utilized low-code security automation to react to a potential supply chain attack named 0ktapus.
New campaign uses government, union-themed lures to deliver Cobalt Strike beacons (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads (Infosecurity Magazine) Cisco Talos discovered the malicious campaign in August 2022
Cobalt Strike malware campaign targets job seekers (SearchSecurity) Cisco Talos researchers uncovered a new malware attack that uses job-themed phishing emails to deliver Cobalt Strike beacons.
Semiconductor industry faced 8 attacks from ransomware groups, extortion gangs in 2022 (The Record by Recorded Future) Several of the world’s leading semiconductor companies faced ransomware attacks, extortion attempts and other malicious activity in 2022.
IOTW: Everything we know about the Optus data breach (Cyber Security Hub) A full timeline of the Optus data breach and the events that followed it
This new POS malware can totally bypass your card security (TechRadar) Prilex malware is back with a vengeance
SANS Report: Inside the Minds & Methods of Modern Adversaries (Bishop Fox) To stay ahead of an attacker, think like one! We surveyed 300+ hackers for insights into how they think, their tools, speed, and targets. Get the report >
Fast Company hack causes obscene Apple News notifications. (CyberWire) A breach of Fast Company’s WordPress systems allowed for a hacker to send obscene notifications via Apple News on Tuesday.
Fake CISO Profiles on LinkedIn Target Fortune 500s (KrebsOnSecurity) Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may…
The Future of Deepfakes. (CyberWire) Deepfakes have grown in sophistication and verisimilitude, but there are still some tells that can help an alert consumer
Capital One Phish Showcases Growing Bank-Brand Targeting Trend (Dark Reading) Capital One lures leveraged the bank's new partnership with Authentify, showing that phishers watch the headlines, and take advantage.
Primary Care Clinic Network Suffers Healthcare Data Breach, 233K Impacted (Health IT Security) A Texas-based network of primary care clinics, Family Health Centers, suffered a healthcare data breach involving unauthorized access to some PHI.
Sexual Predators Are Grooming Young Teens On Wattpad, A Storytelling App Beloved By Gen Z (Forbes) For many teenagers, the reading and writing platform is a creative and educational outlet. But for others, it’s where they encounter adults who want to exploit them, in some cases leading to sex trafficking and assault.
Security Patches, Mitigations, and Software Updates
VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere (CISA) VMWare has released Protecting vSphere From Specialized Malware, addressing malware artifacts known as VirtualPITA (ESXi & Linux), VirtualPIE (ESXi), and VirtualGATE (Windows), which are used to exploit and gain persistent access to instances of ESXi. CISA urges organizations employing VMWare ESXi to review the following for more information and to apply recommended mitigations and threat hunting guidance:
Hitachi Energy MicroSCADA Pro X SYS600 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerability: Improper Input Validation, Improper Privilege Management, Improper Access Control, Improper Handling of Unexpected Data Type. 2.
Hitachi Energy MicroSCADA Pro X SYS600 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerability: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause the affected modules in the product to stop working.
Baxter Sigma Spectrum Infusion Pump (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Sigma and Baxter Spectrum Infusion Pumps Vulnerabilities: Missing Encryption of Sensitive Data, Use of Externally Controlled Format String, Missing Authentication for Critical Function 2.
ARC Informatique PcVue (Update A) (CISA) Skip to main content Toolbar items Manage Administration menu Tools Extend Tools Content Extend Content Structure Configuration Extend Configuration Help Horizontal orientation dgloria Edit ICS Advisory ARC Informatique PcVue (Update A) Primary tabs View Edit(active tab) Delete Revisions Breadcrumb Home ARC Informatique PcVue (Update A) Is Medical Advisory No Yes Title ARC Informatique PcVue (Update A) docid ICSA-22-235-01 Enter a document ID in the form of ICSA-YY-XXX-ZZ Where Y is the 2 digit year, X is julian day e.g, ICSA-13-045-01 Description About text formats Body (Edit summary)
Delta Electronics DOPSoft (CISA) 1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Out-of-bounds Read 2.
Delta Electronics DOPSoft (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-182-03 Delta Electronics DOPSoft (Update A) that was published July 27, 2022, on the ICS webpage on cisa.gov/ICS.
Microsoft is phasing out SwiftKey for iOS (ZDNET) The SwiftKey for iOS predictive keyboard will be delisted from the Apple App Store as of October 5. Microsoft isn't (publicly, at least) saying why.
Trends
New Intelligence Trends Report Analyzes Cyber Threats in the Retail, Hospitality, and Travel Sectors (RH-ISAC) Credential harvesting is the most prevalent reported threat, but recent developments, such as Adversary-in-the-Middle attacks, are increasing.
70% of Security/IT Professionals Say They are Overwhelmed by the Complexity of their Authentication Systems (Business Wire) 70% of security/IT professionals are overwhelmed by the complexity of their authentication systems, which can lead to gaps exploited by bad actors
Nearly All Security Experts (99%) Are Unhappy With Their Tokenization (PRWeb) Titaniam, Inc., the industry's most advanced data protection and ransomware immunity platform, today announced new research, revealing that 40% of compani
Marketplace
Ox Security lands $34M in seed funding to strengthen software supply chains (TechCrunch) Ox Security, a startup developing a cybersecurity platform for software supply chains, has raised $34 million in seed funding.
Detectify secures $10M more to expand its ethical hacking platform (TechCrunch) Detectify, a startup that leverages a community of ethical hackers to identify vulnerabilities in corporate platforms, has raised $10 million.
Onyxia raises $5 million for cybersecurity strategy and performance platform (CTech) Leveraging AI, the Israeli startup’s platform provides a centralized way for security teams to monitor and manage cybersecurity efforts in real-time
The Israeli entrepreneur who founded a startup and named it after her faourite character from World of Warcraft (Geektime) With no other entrepreneurs by her side, in one of the most male-dominated fields in high-tech, Sivan Tehila has founded a new cyber startup and gave it a particularly geeky name
Crypto hardware wallet maker OneKey raises $20 million in Series A funding (The Block) OneKey, a crypto hardware wallet maker based in Hong Kong, has raised around $20 million in a Series A funding round.
Giant Optus Hack May Swallow a Quarter of Singtel Profits (Bloomberg) Fallout from security breach at phone company Optus grows. Estimated bill could top $420 million, based on typical costs.
Google’s Anti-Phishing Frenemy Opens Door to a Sale Amid Tepid Sales (The Information) A streaming TV show about cybersecurity may not sound like must-see TV, but Yubico, a low-profile maker of computer security keys used by big tech firms and big banks to protect against phishing attacks, is optimistic about the project’s potential. The company has been developing a series about ...
DHS Selects 3 Companies for Crowdsourced Vulnerability Assessment Program (GovConWire) The Department of Homeland Security has chosen three vendors for its $43.16 million multi-award contract to assess crowdsourced vulnerabilities across DHS’ information technology assets. A notice posted Wednesday on SAM.gov lists Bugcrowd, Synack and SecureSoft Technologies as the companies holding positions on the indefinite-delivery/indefinite-quantity contract.
Palantir Extends Controversial US Defense Contract (CNET) Contract worth $229 million is an extension of an image recognition tech initiative that Google abandoned.
Barracuda accelerates growth in its data protection business (SecurityBrief New Zealand) Barracuda cloud-to-cloud backup protects against evolving cyber threats, such as ransomware, and is now transactable in the Azure Marketplace.
Announcing the Results of Hack U.S. (HackerOne) On July 4th, 2022, Chief Digital and Artificial Intelligence Office (CDAO), Directorate for Digital Services (DDS), DoD Cyber Crime Center (DC3), and HackerOne publicly launched the “Hack U.S.” bug bounty, allowing ethical hackers from around the globe to earn monetary rewards for reporting of critical and high vulnerabilities from within the DoD Vulnerability Disclosure Program (VDP) published scope. Through the piloting of Hack U.S., DoD gained critical insights into how the hacker community competes for prizes with an end goal of strengthening the security of the hundreds of thousands of assets in the DoD scope.
The Cyber Guild Celebrates the 'Who's Who' of Cybersecurity at Annual VIP Awards Reception (PR Newswire) The Cyber Guild held their annual VIP Celebration and Awards on Tuesday evening at the Ritz Carlton Hotel, where they honored seven...
The Identity Defined Security Alliance (IDSA) Appoints Executive Director Julie Smith to Executive Advisory Board (GlobeNewswire News Room) Initiates search for Executive Director to lead the next phase of growth as organizations prioritize identity security as a top priority...
Menlo Security Names Kate Terrell Chief Human Resources Officer (Menlo Security) Tapped to lead people and places team across Menlo’s global operations Mountain View, Calif.,–September 29, 2022– Menlo Security, a leader in cloud security, today announced that Kate Terrell has joined the company as Chief Human Resources Officer (CHRO). Reporting to Menlo co-founder and CEO, Amir Ben-Efraim, Terrell is chartered with leading and managing the company’s...
JFrog Appoints Seasoned DevOps, Cloud, and Security Leader Yvonne Wassenaar to its Board of Directors (JFrog) Wassenaar Brings More than 30 Years’ Experience in Enterprise Software, Security, IoT and Cloud Leadership from Puppet, New Relic, VMware, and Accenture
Products, Services, and Solutions
New infosec products of the week: September 30, 2022 (Help Net Security) The featured infosec products this week are from: Illumio, Malwarebytes, Netography, TransUnion, and Truecaller.
Celebrating 15 Years of Online Training, SANS Institute Announces Updated OnDemand Training Platform (SANS Institute) Provides Improved Learning Experience with Increased Accessibility and Usability for Students
Digital Enterprise Journal (DEJ) Names Checkly a Leader in Monitoring for Cloud Native Environments (The Checkly Blog) Digital Enterprise Journal (DEJ), a business technology research firm, has published a new research report entitled Top 20 Emerging Vendors for Managing IT Performance in 2022 that names Checkly a market leader in 8 key areas.
oak9 Launches Native Integration with Terraform Cloud and Terraform En (PRWeb) oak9, developer-first Infrastructure as Code (IaC) security leader, launched a new integration with HashiCorp’s Terraform Cloud and Terraform Enterprise platfor
ESET Launches New Cloud and XDR Solutions for Managed Service Providers (ESET) ESET, a global leader in digital security, today announced the launch of new cloud and XDR solutions for Managed Service Providers (MSPs).
Aunalytics Launches Security Patching Platform as a Service (Dark Reading) Expedited software patching and updating recognized as one of the most important processes to protect against system compromise from cyberattacks.
Safous Adds Browser Isolation to Its Zero-Trust Network Access Service (Dark Reading) This new function offers secure access to corporate applications and external SaaS through a virtual browser.
WISeKey Selected by ODIN Solutions to Secure Its IoT Sensors and Applications and Enable them with WISeSAT Satellite Communications (EIN News) WISeKey Selected by ODIN Solutions to Secure Its IoT Sensors and Applications and Enable them with WISeSAT Satellite Communications ODIN Solutions is
WISeKey Selected by Gibraldrone for its Drones Services (Geospatial World) WISeKey International announced at the Smart Agrifood Summit held in Málaga, Spain its partnership with Gibraldrone.
LMG Security Introduces New Proactive Cybersecurity Solutions (PR Newswire) LMG Security, an internationally recognized cybersecurity consulting firm, has expanded its popular selection of cybersecurity advisory,...
USI Expands Cyber Answerlytics Solution Platform (GlobeNewswire News Room) Proprietary solution platform offers USI clients prioritized access to a network of industry-leading cyber risk management providers at discounted pricing...
Konvergenz introduces cyber security program for the finance sector in Kenya (TechTrendsKE) Konvergenz Solutions, a leading technology company operating in the East African region has introduced, Zero Trust, a cyber security program
Trellix enables greater cyber resiliency with extended XDR platform (SecurityBrief New Zealand) Legacy SIEM technology has failed to modernise security operations. We are confident Trellix XDR fills this critical gap.
A new weapon against Command & Control infrastructures (IronNet) IronNet launched a unique attack intelligence feed, IronRadar, to identify threats as new adversary infrastructure servers appear and before they are used in sophisticated cyber attacks.
Telus picks Palo Alto Networks to assist with 5G network security (MobileSyrup) Telecom giant Telus has selected Palo Alto Networks to protect its stand-alone core network and IoT infrastructure.
Technologies, Techniques, and Standards
The Final Countdown to Cybersecurity Awareness Month 2022: “It's easy to stay safe online!” (NIST) Today’s blog will jumpstart NIST’s celebration of
CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0 (CISA) CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version 2.0 fact sheet in preparation for its November 1, 2022 move from Traffic Light Protocol (TLP) Version 1.0 to TLP 2.0.
MFA: A critical cybersecurity tool, but not all companies get it right (Insurance Business) Insurers are leaning heavily on MFA as a precaution
Design and Innovation
Brave browser to start blocking annoying cookie consent banners (BleepingComputer) The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit.
Legislation, Policy, and Regulation
US defeats Russia to head UN telecoms agency in fight for internet’s future (POLITICO) Doreen Bogdan-Martin received 139 of the 172 votes.
Doreen Bogdan-Martin is first woman to head UN's ITU (Computing) She beat her Russian rival with 139 votes to 33.
CISA to Oversee Enforcement of Cyber Incident Reporting in Critical Infrastructure (JD Supra) On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require...
Lawmakers want the Biden administration to do more about spyware (Washington Post) The State and Commerce departments should take more aggressive action against foreign commercial spyware, including forging a ban on its use among democratic countries and ensuring companies aren’t evading existing U.S. prohibitions, according to a letter from House Intelligence Committee members today.
New U.S. National Security Rule Requires Firms to Disclose Key Owners (Wall Street Journal) Millions of companies in the U.S. will soon have to report primary ownership, in an effort to close anti-money-laundering loopholes.
U.S. Army Cyber Command celebrates 12th anniversary (DVIDS) On Oct. 1, 2022, U.S. Army Cyber Command (ARCYBER) marks the 12th anniversary of its establishment, saluting the date in 2010 when the command reached its full operational capability and was designated as ARCYBER.
Ransomware attack on Suffolk County heightens importance of cybersecurity for local municipalities - The Suffolk Times (The Suffolk Times) The cyber breach earlier this month that left Suffolk County systems in turmoil has placed a heightened emphasis on the importance of cybersecurity for local municipalities that can be particularly vulnerable to threats. So far, town governments in Riverhead and Southold have remained relatively unaffected by the hack against the county. The ALPHV/BlackCat and LockBit...
Litigation, Investigation, and Law Enforcement
Rohingya seek reparations from Facebook for role in massacre (AP NEWS) With roosters crowing in the background as he speaks from the crowded refugee camp in Bangladesh that's been his home since 2017, Maung Sawyeddollah, 21, describes what happened when violent hate speech and disinformation targeting the Rohingya minority in Myanmar began to spread on Facebook.
NSA Cyber Specialist, Army Doctor Charged in US Spying Cases (SecurityWeek) A cyber specialist who worked at the US National Security Agency and an army doctor and his wife were charged in separate cases with seeking to sell US secrets to foreign governments.
Former NSA Employee Arrested on Espionage-Related Charges (US Department of Justice) A Colorado Springs man will make his initial appearance in federal court today on charges that he attempted to transmit classified National Defense Information (NDI) to a representative of a foreign government.
NSA Employee Leaked Classified Cyber Intel, Charged with Espionage (Nextgov.com) Former NSA InfoSec Designer Jareh Sebastian Dalke was arrested by the FBI in Denver, Colorado on Wednesday as part of a sting operation.
Former NSA employee charged for trying to sell national, cyber secrets (SC Media) Prosecutors allege a former NSA employee took copies of classified documents and attempted to sell them to an undercover FBI operative posing as representative for a foreign government.
Former U.S. intelligence employee arrested on espionage-related charges (NBC News) Jareh Sebastian Dalke, who was an information systems security designer for the National Security Agency, is accused of trying to sell classified information to an undercover FBI agent posing as a foreign spy.
Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets (CyberScoop) The former employee allegedly told an undercover FBI agent he was willing to sell classified documents for a $85,000 due to significant debt.
Ex-NSA employee in Colorado arrested on espionage charges for allegedly trying to sell secrets to foreign power (Greeley Tribune) A former National Security Agency employee in Colorado has been charged with violating the Espionage Act for allegedly trying to send classified national defense information to a foreign government…
Former NSA employee charged with offering to sell cyber secrets to foreign gov’ts (The Record by Recorded Future) A 30-year-old NSA employee was charged in federal court with attempting to sell sensitive information related to foreign targeting of U.S. systems, information on U.S. cyber operations and more.
Major in the United States Army and a Maryland Doctor Facing Federal Indictment for Allegedly Providing Confidential Health Information to a Purported Russian Representative to Assist Russia Related to the Conflict In Ukraine (US Department of Justice) A federal grand jury has returned an indictment charging Anna Gabrielian, age 36, and her husband, Jamie Lee Henry, age 39, both of Rockville, Maryland, with conspiracy and for the disclosure of individually identifiable health information (“IIHI”), related to their efforts to assist Russia in connection with the conflict in Ukraine. The indictment was returned on September 28, 2022 and unsealed today upon the arrest of the defendants.
Johns Hopkins doctor and spouse, an Army doctor, indicted for trying to leak medical information to Russia (the-baltimore-banner) Anna Gabrielian and Jamie Lee Henry, who had a secret security clearance as a doctor at Fort Bragg in North Carolina, communicated and met with an undercover FBI agent who they believed was from the Russian embassy, offering sensitive medical information on military members and their family, the indictment alleges.
First trans US army officer 'plotted to leak medical records to Russians' (The Telegraph) The pair met with someone they believed was an official at the Russian embassy in Washington, but who was in fact an undercover agent
U.S. says ex-Army major and wife tried to leak military health data to Russia (Reuters) A former U.S. Army major and his anesthesiologist wife have been criminally charged for allegedly plotting to leak highly sensitive healthcare data about military patients to Russia.
Army Doctor and Spouse Plotted to Give Russia Medical Records, U.S. Says (New York Times) Dr. Jamie Lee Henry, an internist at Fort Bragg, and Dr. Anna Gabrielian gave confidential medical records to an undercover F.B.I. agent who posed as a Russian agent, prosecutors said.
MD doctors charged with trying to help Russia in Ukraine war (Maryland Daily Record) A Maryland anesthesiologist and her U.S. Army doctor spouse have been charged with trying to help Russia in its war against Ukraine.
How the CIA failed Iranian spies in its secret war with Tehran (Reuters) Gholamreza Hosseini got caught spying for the CIA in Iran. The story of how he was burned casts light on an epic U.S. intelligence failure.
Ex-eBay execs heading to prison for harassing couple behind newsletter (Reuters) Two former eBay Inc security executives were sentenced to prison on Thursday for carrying out a campaign to harass and intimidate a Massachusetts couple through threats and disturbing home deliveries after their online newsletter drew the ire of the company's then-CEO.
Former eBay Executive Sentenced to Prison for Cyberstalking Campaign (Wall Street Journal) The campaign involved threatening emails, fake Craigslist posts and mysterious deliveries to bloggers.
'Cruel' EBay Stalking Ploy Lands Former Execs Prison Time (Law360) A couple stalked by an eBay security team over their e-commerce blog's reporting on the company watched from the gallery of a Boston federal courtroom Thursday as the two senior-most executives charged in the scheme were sentenced to 57 months and 24 months in prison.
AFP working with overseas law enforcement on Optus breach (Lexology) Following the recent Optus data breach, the AFP has announced that it is working with overseas law enforcement to identify the offenders behind the…
Election worker charged with crimes tied to Aug. 2 primary (AP NEWS) An election worker in the Grand Rapids area was charged with two crimes after a witness reported seeing him place a USB flash drive into an electronic poll book at the close of the Aug.
Robinhood data breach class action settlement (Top Class Actions) Robinhood agreed to a settlement to resolve claims it failed to prevent a data breach that caused account takeovers.
Capital One $190 Million Data Breach Settlement: Tomorrow Is the Last Day to Claim Money (CNET) Qualified customers can collect up to $25,000 for lost time and expenditures stemming from a 2019 cyberattack, but time's running out.
Magellan Health settles data breach lawsuit for $1.43M (Becker's Hospital Review) Magellan Health will pay $1.43 million to settle a lawsuit over a May 2019 phishing scheme that compromised the protected health information of 273,000 patients, Top Class Action reported Sept. 28.