Dateline Moscow and Kyiv: Russia plays the underdog card.
Ukraine at D+122: Ukraine's counteroffensive continues. (CyberWire) Russia begins to portray itself as the outgunned, overmatched underdog in its war against Ukraine, gamely fighting against the odds. Nuisance-level cyber operations continue on both sides as Ukraine's counteroffensive continues.
Russia-Ukraine war: List of key events, day 223 (Al Jazeera) As the Russia-Ukraine war enters its 223rd day, we take a look at the main developments.
Monday, October 3. Russia’s War On Ukraine: News And Information From Ukraine (Forbes) Dispatches from Ukraine.
Russia no longer has full control of any of four ‘annexed’ Ukrainian provinces (the Guardian) Kyiv’s troops advanced in southern Kherson province and made additional gains in east
Russia fires another general as Ukraine forces continue to advance across two fronts (The Telegraph) Vladimir Putin’s Kremlin admits to being unsure of the boundaries of the territory in Ukraine it has claimed
‘Lots of heavy fighting ahead’: U.S. officials urge caution after Ukrainian gains (POLITICO) Kyiv’s forces over the weekend captured the city of Lyman, a strategic railway hub, and continued to push east into the Donetsk region.
Nuclear weapons convoy sparks fears Putin could be preparing test to send ‘signal to the West’ (The Telegraph) Train operated by secretive nuclear division spotted in central Russia heading towards the front line in Ukraine
Will Putin send mobilized Russians to Belarus for a new Kyiv offensive? (Atlantic Council) Vladimir Putin’s decision to order Russia’s first mobilization since World War II has revived fears in neighboring Belarus that the country could be dragged into the invasion of Ukraine and a new march on Kyiv.
Ramzan Kadyrov sends his teenage sons to fight for Vladimir Putin in Ukraine (The Telegraph) The Chechen leader insists his three boys, the youngest aged 14, must ‘prove themselves in battle’
Russia's bloated military has finally been properly tested - and the results are not good (The Telegraph) Like a boa constrictor squeezing the life out of its prey, Kyiv’s forces moved with deliberate if unglamorous speed around the Russians
Russian troops likely losing already limited trust in military leadership as Ukraine's lightning offensive forces a turn to 'emergency' defense, UK intel says (Business Insider) "The already limited trust deployed troops have in Russia's senior military leadership is likely to deteriorate further," UK intel said.
Russian soldiers had a drunken firefight with FSB officers at a bar in occupied Ukraine that ended with at least 3 dead: report (Business Insider) There have been a number of reports of alcohol-related issues involving the Russian military ahead of and during the war in Ukraine.
Frustration with Ukraine war spills out on Russian state TV (AP NEWS) Russia’s retreat from a key Ukrainian city over the weekend elicited outcry from an unlikely crowd – state-run media outlets that typically cast Moscow’s war in glowing terms. A series of embarrassing military losses in recent weeks has presented a challenge for prominent hosts of Russian news and political talk shows struggling to find ways to paint Ukraine's gains in a way that is still favorable to the Kremlin.
Russian TV presenter and prominent Putin propagandist laments that 'the West is starting to mock us' over Ukraine war (Business Insider) Vladimir Solovyov, a firebrand Russian TV presenter known for promoting pro-Kremlin propaganda, bemoaned Russia's progress in its Ukraine invasion.
Russia admits borders of two annexed regions are unclear (The Telegraph) Russia has admitted it does not know exactly where its new borders are as Ukraine continues its counter advance into annexed territories.
Russia May Use Nord Stream Aftermath to Cause More Trouble (Foreign Policy) An investigation of the leaks may cause a standoff with Russia.
Putin’s World Is Now Smaller Than Ever (Foreign Policy) The moral and strategic disaster of the Russian leader’s war in Ukraine has ended his imperial dreams.
All the Tsar’s Men (Foreign Affairs) Mobilization can't save Putin’s war.
Russian forces poised for ‘major defeat’ in Kherson, says DoD official (Defense News) Ukraine is racking up wins in territory Russia claimed last week.
Volodymyr Zelensky hits back at Elon Musk after he tweets his ‘peace’ plan for Ukraine (The Telegraph) Tesla boss suggested Kyiv could surrender Crimea and cede territory – prompting Ukraine's ambassador to tell him to 'f--- off'
The Russian Warship and the South China Sea (Foreign Policy) What lessons does the sinking of the Moskva have for Taiwan?
Petraeus: US would destroy Russia’s troops if Putin uses nuclear weapons in Ukraine (the Guardian) Former CIA director and retired army general says Moscow’s leader is ‘desperate’ and ‘battlefield reality he faces is irreversible’
Ukraine-Russia war latest - US to send four more Himars to Zelensky (The Telegraph) The US is expected to send four High Mobility Artillery Rocket System (Himars) to Ukraine as part of a $625 million aid package.
US may establish new command in Germany to arm Ukraine: report (Military Times) A final decision on the command is expected within the next few weeks.
From HIMARS to helos: What the US has given Ukraine [GRAPHIC] (Breaking Defense) The US has committed more than $16.2 billion in defense aid since Russia's invasion in February.
A Stronger But Less Ambitious NATO (Foreign Affairs) What Sweden and Finland’s membership will mean for the alliance.
Finnish intelligence warns of Russia’s cyberespionage activities (Security Affairs) The Finnish Security Intelligence Service (SUPO) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter. According to the SUPO, future NATO membership will make the country a privileged target […]
Russian Citizens Wage Cyberwar From Within (Kyiv Post) For the first time in known history, hackers from within Russia have begun a systemized effort to hack… - Oct. 02, 2022. By Jason Jay Smart
Russian Hackers Take Aim at Kremlin Targets: Report (Infosecurity Magazine) National Republican Army wants to overthrow Putin regime
Russian retail chain 'DNS' confirms hack after data leaked online (BleepingComputer) Russian retail chain 'DNS' (Digital Network System) disclosed yesterday that they suffered a data breach that allegedly exposed the personal information of 16 million customers and employees.
Pro-Russian groups are raising funds in crypto to prop up military operations and evade U.S. sanctions (CNBC) Pro-Russian groups have raised $400,000 in cryptocurrency since the start of the Ukraine invasion to fund paramilitary operations and evade U.S. sanctions.
Coding in a war zone: Ukraine’s tech industry adapts to a new normal (Rest of World) Displacement, attacks, and air raid alerts are daily life for Ukraine’s disrupted tech workforce.
Attacks, Threats, and Vulnerabilities
U.S. Warns of Security Threats Ahead of Midterm Elections (Wall Street Journal) The midterm elections face a widening range and volume of domestic and international security threats, including foreign cyber operations, disinformation campaigns and rising threats of physical violence against election workers, U.S. officials said.
Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm (Mend) Another week, another supply chain incident. It’s been only nine days since the Mend research team detected the dYdX incident, and today we have detected another supply chain malicious campaign.
Bumblebee Malware Loader's Payloads Significantly Vary by Victim System (Dark Reading) On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows.
A deep dive into a Corporate Espionage operation (SecurityBrief Australia) In the last few years, we have seen a dramatic shift in the level of sophistication of cyberattacks, mostly thanks to the introduction of the profit-sharing business model for financially motivated threat actors.
SEO poisoning: Beware of suspicious links to avoid malware infections (Security Boulevard) Getting infected with malware isn’t just clicking on an errant file, but it usually occurs because an entire ecosystem is created by attackers to fool you into actually doing the click. This is the very technique behind something called SEO poisoning, in which seemingly innocent searches can tempt you with malware-infested links.
Ferrari says internal documents online, but no evidence of cyber attack (Reuters) Ferrari said on Monday some internal documents had been posted online and the luxury sports carmaker was working to identify how this had happened.
Ferrari hacked? RansomEXX claims to have punctured automaker's cyber defences (Tech Monitor) Ransomware gang RansomEXX posts Ferrari data on its victim blog, days after the company signs a contract with security company Bitdefender.
Hackers targeted 8 Shangri-La hotels between May and July, guests' data potentially leaked (The Straits Times) Guests who had stayed at its hotels in Singapore, Hong Kong, Chiang Mai, Taipei and Tokyo may be affected.
Read more at straitstimes.com.
TD Bank discloses data breach after employee leaks customer info (BleepingComputer) TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud.
Patient details could be compromised as large North Island GP network hit by a cyber attack (RNZ) A large North Island GP network has been hit by a cyber attack, with patient details potentially compromised.
Cyber attack on health provider Pinnacle a 'wake up call' (Stuff) The latest hack follows one in 2021 targeting the Waikato DHB in which patient details were leaked online. A top doc says it shows vulnerabilities.
Student, Teacher Data Not Affected in Los Angeles School District Hack (Wall Street Journal) The Los Angeles public school system lost some sensitive information but little data related to its teachers and students during a cyberattack last month, the superintendent said.
‘No evidence of widespread impact,’ LAUSD says of data released by hackers (KTLA) Los Angeles Unified School District Superintendent Alberto Carvalho downplayed the severity of last month’s cyberattack and subsequent data leak of district information during a Monday news c…
Hacker returns nearly $19 million stolen on Transit Swap DeFi platform (The Record by Recorded Future) Decentralized exchange Transit Swap said a hacker that stole nearly $30 million this weekend returned most of it on Monday.
Scammers and rogue callers – can anything ever stop them? (Naked Security) Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?
New data breach targets Telstra employees (Cybersecurity Connect) The names and emails of thousands of current and former Telstra employees have been uploaded to the dark web. Telstra has confirmed reports of a data breach impacting 30,000 current and former employe
Trends
New IBM Study Finds Cybersecurity Incident Responders Have Strong Sense of Service as Threats Cross Over to Physical World (IBM Newsroom) IBM Security announced the results of a global survey that examines the critical role of cybersecurity incident responders at a time when the physical and digital worlds are increasingly converging.
DDoS Statistical Report for 1HY 2022 (Nexusguard) In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021.
Report: Data-savvy Organizations Are More Profitable, Resilient and Innovative (Business Wire) Splunk Inc. (NASDAQ: SPLK), the data platform leader for security and observability, in collaboration with the Enterprise Strategy Group, today releas
Secureworks State of the Threat Report 2022: 52% of ransomware incidents over the past year started with compromise of unpatched remote services (Secureworks) Analysis of the cyber threat landscape from the Secureworks® Counter Threat Unit™ highlights key shifts in the tools and behaviors of adversaries across the world
Go Phish? How To Avoid Falling Foul Of Fraudsters | Hicomply (Hicomply) Key advice from Hicomply's experts on how to avoid falling victim to phishing attacks - and view the ideal phishing target profile created with ONS data.
The dread, sincerity and comedy of Cybersecurity Awareness Month (Washington Post) For better or worse, Cybersecurity Awareness Month sparks a running commentary.
New API Threat Research Shows that Shadow APIs Are the Top Threat Vector (Cequence Security) New API threat research shows that shadow APIs are the most common API attack vector followed closely by API10+, an extension to the OWASP.
The Great SaaS Data Exposure (Varonis) The average organization has more than $28M in SaaS data-breach risk.
Marketplace
Insurers "run risk" of relying on government cyber warfare declarations (Insurance Business Magazine) MGA CEO expects most underwriters will not look to LMA clauses in wake of Lloyd's mandate
Moody's turns up the heat on 'riskiest' sectors for attacks (Register) $22 trillion of global rated debt has 'high' or 'very high' cyber-risk exposure
Eclypsium Raises Series B to Protect the Digital Supply Chain As Attacks Grow (Eclypsium) The new round highlights market demand to protect global businesses from soaring breaches through supply chains of critical hardware, devices, firmware and software
Deloitte Australia builds cyber arsenal with Hacktive deal (ARN) Big four consulting firm, Deloitte Australia has added to its cyber security armour, purchasing Sydney-based cyber consultancy Hacktive.
RealDefense Closes $30 Million in New Financing To Accelerate Acquisitions and Growth (Business Wire) RealDefense LLC, a company that develops and markets privacy, security, and optimization software and services, announced today that it has closed a $
Disability group says sorry after cyber hack (Newcastle Herald) The affected individual said they had also been caught in the Optus hack and had done everything possible...
Why Is Akamai an Appealing M&A Target for Private Equity? (BankInfo Security) The steady barrage of acquisition reports around publicly traded digital experience vendor Akamai has intensified in recent weeks. The latest salvo landed Monday when StreetInsider reported that the intelligent edge platform provider held talks with a private equity firm about a potential takeover.
Bugcrowd Expands Executive Team with Hiring of Robert Taccini as Chief Financial Officer (Yahoo) Bugcrowd, the leader in crowdsourced cybersecurity, today announced the appointment of Robert Taccini to Chief Financial Officer (CFO). Taccini brings nearly three decades of experience in the security and information technology fields to Bugcrowd.
Splunk Hires Microsoft Exec Gretchen O’Hara As Its New Channel Chief (CRN) Splunk, a data observability and security platform developer, hires Microsoft executive O’Hara as its new channel chief.
Products, Services, and Solutions
Safe Security Launches Return on Security Investment Calculator to Help Organizations Maximize Returns on Cybersecurity Budgets (Business Wire) Safe Security today announced the Return on Security Investment (ROSI) Calculator, to measure the ROI of an organization's cybersecurity program
SecurityScorecard Teams with HCLTech to Deliver Customers Proactive, Holistic Security Management (Business Wire) SecurityScorecard, the global leader in cybersecurity ratings, today announced a strategic partnership with HCLTech, a leading global technology compa
Corelight Investigator: Ready for Europe (Corelight) Corelight Investigator platform is engaged in attestation for GDPR to support customer threat hunting and incident response operations across Europe.
LogRhythm Introduces Groundbreaking, Cloud-Native Security Operations Platform (LogRhythm) Unlike other providers, Axon is a brand-new cloud-native platform— built from the ground up and incorporating years of cybersecurity experience.
Solo G3 Secure (ioSafe) Safely store family photos and videos, important documents, or work files on the ioSafe Solo G3. Convenient, secure, and robust data protection.
Illumio Joins AWS ISV Accelerate Program to Advance Zero Trust Segmentation Adoption (Illumio) Illumio Zero Trust Segmentation Platform available on AWS to help organizations see risk and reduce the hybrid attack surface
'Total Economic Impact' Study Concludes That XM Cyber Delivered 394% Return On Investment (PR Newswire) XM Cyber, leader in hybrid cloud security, today released the results of a commissioned Total Economic Impact™ (TEI) study conducted by...
Conceal Partners with Barrier Networks to Increase Cyber Resiliency of UK Businesses and Critical Infrastructure Sector (Business Wire) Conceal, the leader in Zero Trust isolation and ransomware prevention technology, today announced a strategic partnership with Barrier Networks, a UK-
One Identity Enhances Unified Identity Security Platform to Strengthen Customer Support and Improve UI (One Identity)
One Identity announces new OneLogin integrations to Safeguard for Privileged Passwords 7.0 LTS and Identity Manager 9.0 LTS to strengthen its unified identity security platform
Additions to Safeguard for Privileged Passwords 7.0 improve user exper...
NINJIO Offers Four Free Security Awareness Episodes for Cybersecurity Awareness Month (NINJIO) Industry-leading cybersecurity company NINJIO is giving companies an opportunity to share hyper-engaging awareness training content with their workforces
Buffalo’s New Cybersecurity Program Protects for Free (Governing) The city has partnered with CrowdStrike as part of a New York state-created shared services program that will use $30 million to boost local government cyber defenses. The program will save Buffalo $75,000 a year.
Aryaka Delivers Industry's First Zero Trust WAN Based on Unified SASE Architecture (PR Newswire) Aryaka®, the leader in SASE solutions, today announced the next evolution of its Zero Trust WAN with the inclusion of Secure Web Gateway and...
Technologies, Techniques, and Standards
CRU Data Security Group Offers Critical Cybersecurity Tips During Cybersecurity Awareness Month (CRU Data Security Group) Since 2004, the Cybersecurity and Infrastructure Security Agency (CISA) has used October to raise awareness and prompt action during Cybersecurity Awareness Month
Design and Innovation
Acronis founder is afraid of his own vaccum cleaner (Register) It is the exponential changes in the course of human history that worry Serg Bell
Research and Development
Who Are You (I Really Wanna Know)? Detecting Audio DeepFakes Through Vocal Tract Reconstruction (USENIXusenix) Generative machine learning models have made convincing voice synthesis a reality. While such tools can be extremely useful in applications where people consent to their voices being cloned (e.g., patients losing the ability to speak, actors not wanting to have to redo dialog, etc), they also allow for the creation of nonconsensual content known as deepfakes.
Legislation, Policy, and Regulation
US-UK Data Sharing Program Goes Into Effect (Nextgov.com) The bilateral CLOUD agreement between both nations aims to provide law enforcement with access to valuable data to fight transatlantic and international crime.
Landmark U.S.-UK Data Access Agreement Enters into Force (US Department of Justice) The Agreement between the Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland on Access to Electronic Data for the Purpose of Countering Serious Crime (“Data Access Agreement” or “Agreement”) entered into force today. The Agreement is authorized by the Clarifying Lawful Overseas Use of Data (CLOUD) Act, a law enacted by Congress in 2018, and will be the first agreement of its kind, allowing each country’s investigators to gain better access to vital data to combat serious crime in a way that is consistent with privacy and civil liberties standards.
Binding Operational Directive 23-01 (CISA) This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Binding Operational Directive 23-01 - Improving Asset Visibility and Vulnerability Detection on Federal Networks.
CISA Directs Federal Agencies to Improve Cybersecurity Asset Visibility and Vulnerability Detection (Cybersecurity and Infrastructure Security Agency) New Binding Operational Directive Establishes Core Actions to Achieve Operational Visibility Throughout Federal Civilian Executive Branch
CISA aims to expand cyber defense service across fed agencies, potentially further (Federal News Network) CISA’s Protective DNS will help prevent phishing and other cyber incidents by blocking agency web traffic from known malicious websites.
CISA directs federal agencies to track software and vulnerabilities (The Record by Recorded Future) Federal civilian agencies have been ordered to closely track the technology they use and the vulnerabilities that may be within it, according to a new CISA directive.
U.S. Said to Plan New Limits on China’s A.I. and Supercomputing Firms (New York Times) The new rules could be the most sweeping action taken yet by the Biden administration to thwart China’s access to American technology that powers data centers and supercomputers.
The White House just unveiled a new AI Bill of Rights (MIT Technology Review) It's the first big step to hold AI to account.
Crypto Needs More Rules and Better Enforcement, Regulators Warn (New York Times) The Financial Stability Oversight Council said that the growing crypto market could pose risks to the broader financial system.
Are You a Victim of Crypto Crime? Good Luck Getting Help (WIRED) Local law enforcement isn’t ready to deal with this new type of fraud, even with shady scams on the rise.
Litigation, Investigation, and Law Enforcement
Supreme Court takes up a divisive issue: Should tech companies have immunity over problematic user content? (NBC News) The family of Nohemi Gonzalez, who was killed in the 2015 Paris terrorist attacks, claims YouTube helped aid and abet the spread of violent Islamic ideology.
Supreme Court Takes Up Challenge to Social Media Platforms’ Shield (New York Times) The family of a student killed in terrorist attacks challenged a 1996 law that gives websites immunity for suits based on their users’ posts.
Supreme Court to hear challenge to Big Tech’s Section 230 liability protections (The Hill) The Supreme Court on Monday agreed to hear two cases this term on whether social media companies can be held financially responsible for hosting terrorist content. The family of Nohemi Gonza…
Fight over social media’s role in terror content goes to Supreme Court (Washington Post) A case involving Google and an Islamic State attack gives the high court a chance to review Section 230, the controversial law that shields websites from liability for users’ posts
New Pegasus Spyware Abuses Identified in Mexico (The Citizen Lab) Mexican digital rights organization R3D, with technical support from the Citizen Lab, has determined that Mexican journalists and a human rights defender were infected with Pegasus between 2019 and 2021. The infections occurred years after the first revelations of Pegasus abuses in Mexico, and after Mexico’s current President assured the public that the government no longer used the spyware, and that there would be no further abuses.
China drops the gauntlet on NSA’s serial cyberattacks (Asia Times) China’s top cybersecurity authority has accused the US National Security Agency (NSA) of stealing information from a top Chinese university through a trojan virus, an allegation that threatens to e…
Privacy Commissioner’s Office Commences Compliance Check into a Data Breach Incident of Shangri-La Group (Office of the Privacy Commissioner for Personal Data,) The Office of the Privacy Commissioner for Personal Data (PCPD) received a data breach notification from Shangri-La Asia Limited (Shangri-La) in the evening of 29 September, notifying the PCPD that 8 of its hotels suffered cyber attacks, including 3 hotels in Hong Kong (Island Shangri-La, Hong Kong; Kerry Hotel, Hong Kong; Kowloon Shangri-La, Hong Kong).
FCC to Remove Companies from Robocall Database for Non-Compliance (US Federal Communications Commission) The FCC's Robocall Response Team announced first-of-their-kind Enforcement Bureau orders to begin removing seven voice service providers from the agency's Robocall Mitigation
'Fines alone aren't enough:' FCC threatens to blacklist voice providers for flouting robocall rules (CyberScoop) The FCC move to prevent American from receiving robocalls could boot as many as seven VoIP providers from U.S. telecom networks.
Millions in Cryptocurrency Vanished as Agents Watched Helplessly (Bloomberg) Feds locked up a storage device full of ill-gotten tokens. Then someone started stealing the loot.
FBI tracked document printouts before arrest of ex-NSA man (Register) Infosec systems designer alleged to have chatted with undercover agent
Optus commissions review into data breach (News.com.au) The federal government has accused Optus of not handing over information about its major data breach fast enough. Optus has now launched a review into the breach.
Samsung facing class action alleging CCPA violations over data breaches (Compliance Week) Samsung collected too much personal data from customers and failed to adequately secure it, leading to two data breaches this year and potentially millions of harmed individuals, a class-action lawsuit alleges.
Calgary police announce cybersecurity partnership (Calgary Newsroom) October is Cyber Awareness Month, and we are announcing a new partnership with the University of Calgary and a local cybersecurity company, ENFOCOM.Last month, we welcomed various cyber industry experts, international law enforcement agencies and post-secondary leaders to our bi-annual Cyber Summit in southeast Calgary.Over the course of four da...
Langevin tops $1 million in Wall Street trades for 2022 despite backing a ban (WPRI.com) The 11-term Democrat has also regularly placed bets on the share prices of major tech companies despite being chairman of a cybersecurity committee.