Dateline Moscow, Kyiv, and the Bering Strait: Motivated draft evaders and a Defense Minister in hot water.
Ukraine at D+125: Abandoned tanks and discontented hawks. (CyberWire) Russian supporters of the war are increasingly disaffected, and the finger of blame increasingly points toward the Defense Minister. The US Ambassador-at-Large for Cyberspace and Digital Policy reflects on the course of the hybrid war and sees deterrence working.
Russia-Ukraine war: List of key events, day 226 (Al Jazeera) As the Russia-Ukraine war enters its 226th day, we take a look at the main developments.
Ukraine to target Russia’s bases of Iran-supplied explosive drones (Defense News) Ukrainian forces have used Soviet anti-aircraft weapons as well as German-supplied Gepards to counter so-called suicide drones, a Ukrainian official says.
Russia-Ukraine war latest: Three-year-old girl pulled from rubble after deadly Russian strikes on Zaporizhzhia (The Telegraph) A three-year-old girl has been pulled from the rubble alive after Russia launched a series of deadly missile strikes on the Ukrainian city of Zaporizhzhia overnight.
Watch: Russian troops hand themselves in to Ukraine’s surrender hotline (The Telegraph) Recently mobilised soldiers complain of being ‘treated like cattle’ and sent into battle with ‘no equipment’
Winter nears in Ukraine — and a battle of stamina awaits (Washington Post) The arrival of rain, snow and cold threaten to stalemate the war and bring even greater misery for civilians trapped in the fighting
Ukraine’s New Offensive Is Fueled by Captured Russian Weapons (Wall Street Journal) Ukraine’s rapid breakthrough in the Kharkiv region a month ago ended up putting hundreds of pieces of Russian armor into Kyiv’s hands, military officials say.
As his troops retreat, Russian defense chief comes under pressure at home (Washington Post) Russian Defense Minister Sergei Shoigu faced intensifying political pressure Thursday over a series of disorderly retreats in Ukraine, as powerful nationalist figures openly attacked Moscow’s military command for setbacks in areas President Vladimir Putin claims to have annexed.
‘Someone will fall victim’: insiders reveal elite anguish as Russia’s war falters (the Guardian) Key figures including Wagner Group’s Yevgeny Prigozhin are using military defeats to undermine defence chief Sergei Shoigu
Ukraine reworks its weapons wish list as winter approaches (POLITICO) Kyiv wants to beef up its air defenses as it anticipates Russian missile attacks.
Ukraine’s Appeal for Longer-Range Missiles Presents Fresh Test of Biden Administration Support (Wall Street Journal) Kyiv is eyeing Russian military sites in Crimea, while Washington worries the American weaponry could risk escalation with Moscow.
Putin’s Mobilization Mess Was Years in the Making (Foreign Policy) Russia can’t recruit, train, equip, or supply new troops. So what’s the plan?
Memo to Elon Musk: Only Ukrainian victory can stop Vladimir Putin (Atlantic Council) Elon Musk recently became the latest high-profile figure to argue that Ukraine should cede land to Russia in exchange for peace. These advocates of appeasement fail to grasp the genocidal nature of Vladimir Putin's war.
Ukraine’s top NATO priority should be weapons, not fast-track membership (Atlantic Council) Ukraine's recent application for fast-track NATO accession is unlikely to receive the necessary backing from alliance members but appeals for more weapons would pay dividends for Kyiv, writes Steven Pifer.
Ukraine won back territory and support, but Russia will test the west’s resolve again | Keir Giles (the Guardian) Talk of nuclear escalation or attacks on pipelines may be far-fetched at present, but Moscow has other levers at its disposal, says Keir Giles of Chatham House
Three in four Americans say U.S. should support Ukraine despite Russian threats, Reuters/Ipsos poll shows (Reuters) Nearly three-quarters of Americans say that the United States should continue to support Ukraine, despite Russian threats that it could use nuclear weapons to protect its territory, according to a Reuters/Ipsos opinion poll released on Wednesday.
Putin’s Apocalyptic End Game in Ukraine (Foreign Affairs) Annexation and mobilization make nuclear war more likely.
Why Putin’s Denunciations of Western Imperialism Ring Hollow (Foreign Policy) Russia is among the world’s most ambitious imperial nations.
Putin's path: from pledges of stability to nuclear threats (AP NEWS) As he turns 70 on Friday, Russian President Vladimir Putin finds himself in the eye of a storm of his own making: His army is suffering humiliating defeats in Ukraine. Hundreds of thousands of Russians are fleeing his mobilization order, and his top lieutenants are publicly insulting military leaders.
Biden warns world would face ‘Armageddon’ if Putin uses a tactical nuclear weapon in Ukraine (the Guardian) In his starkest assessment yet, US president says world is the closest it has come to nuclear catastrophe in 60 years
A Russian Nuclear Strike in Ukraine Would Cross a Point of No Return (World Politics Review) Russia’s use of a nuclear weapon in Ukraine would be catastrophic because it would cause us to enter a new world transformed in three permanent ways.
How Far Will Xi Go to Help a Desperate Putin? (Foreign Policy) Cracks have emerged in their marriage of convenience, but the two autocrats are in it for the long haul.
Russia and China Can’t Get Anyone to Like Them (Foreign Policy) Beijing and Moscow are failing to produce soft power. But do they really want it?
Collaborators or Compatriots? (Foreign Affairs) How Ukraine should treat residents of territory it retakes from Russia.
Russia’s war pushes Latvia's voters to the center (Atlantic Council) As dramatic government reshuffles across Europe sweep far-right forces into power, Latvians seem to prefer continuity.
Nobel peace prize given to human rights activists in Belarus, Russia and Ukraine (the Guardian) Jailed campaigner Ales Bialiatski, Memorial and Center for Civil Liberties win award that will be seen as condemnation of Putin
Russia submits objections to Ukraine genocide case in World Court (Reuters) Russia has submitted preliminary objections to a genocide case against Moscow brought by Ukraine, the International Court of Justice (ICJ) said Thursday.
Jailed Kremlin Critic Kara-Murza Charged With Treason (The Moscow Times) Jailed Kremlin critic Vladimir Kara-Murza faces up to 20 years in prison on newly levied charges of “treason,” the state-run TASS news agency reported Thursday, citing his lawyer Vadim Prokhorov.
2 Russians fleeing military service reach remote Alaska island (Military Times) Two Russians who said they fled the country to avoid compulsory military service have requested asylum in the U.S.
Russia plans transition to home-grown IT (Computing) The Government's import substitution policy aims to counter Western sanctions by relying on domestic alternatives to software like Windows.
Attacks, Threats, and Vulnerabilities
Anonymous continues campaign against Iran (Computing) The group has attacked state media and websites, as well as sharing information on how to bypass restrictions on internet use.
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors (CISA) This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). PRC state-sponsored cyber actors continue to exploit known vulnerabilities to actively target U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.
Exploiting COVID-19: how threat actors hijacked a pandemic (Proofpoint) The global relevance of the COVID-19 pandemic created an environment primed for exploitation like none witnessed in the age of the cybercriminal. Adversaries of every sophistication level — advanced state-aligned groups, large and small-scale crime-motivated actors, fraudsters and spammers of every variety — all pivoted to make use of COVID-19 related content for their respective nefarious ends.
HTML File Attachments: Still A Threat (Trustwave) This past month, Trustwave SpiderLabs observed that HTML (Hypertext Markup Language) file attachments had become a common occurrence in our spam traps, which is not unusual since malware is often delivered through Phishing spam.
Backdoored version of popular network admin tool hits 80 organizations around the globe (SC Media) While researchers did not mention victims in North America, a security researcher told SC Media that Advanced IP Scanner is a popular tool for attackers and is also used within a substantial number of U.S.-based organizations.
Maggie malware hits Microsoft SQL servers (Computing) The culprits, their targets and objectives remain a mystery.
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot (Dark Reading) The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram.
LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data (The Hacker News) A hacker group called LofyGang distributed nearly 200 trojanized packages on the NPM open source repository that steals credit card information.
Facebook users warned: You may have downloaded these password-stealing Android and iOS apps (ZDNET) Hundreds of malicious apps available in Google Play and Apple App Store tricked users into giving away their passwords. Here's what to watch out for.
Hackers Have It Out for Microsoft Email Defenses (Dark Reading) Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security.
BlackByte ransomware abuses legit driver to disable security products (BleepingComputer) The BlackByte ransomware gang is using a new technique that researchers are calling "Bring Your Own Driver," which enables bypassing protections by disabling more than 1,000 drivers used by various security solutions.
BlackByte ransomware uses a new technique to disable security products (New Times Of India) BlackByte ransomware has been spotted using a new sophisticated “Bring Your Own Driver” technique to disable security products.
Binance Smart Chain Halts After 'Potential Exploit' Drains Estimated $100M in Crypto (CoinDesk) An attacker moved $100-$110 million in crypto off the Binance linked blockchain.
Glut of Fake LinkedIn Profiles Pits HR Against the Bots (KrebsOnSecurity) A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees. The fabricated LinkedIn identities — which…
An ‘unprecedented’ hospital system hack disrupts health-care services (Washington Post) An IT security incident hits a ‘massive’ hospital chain, a sector where the risks are grav
US Healthcare Giant CommonSpirit Hit by Possible Ransomware (Infosecurity Magazine) Provider runs 140 hospitals across the nation
Ferrari denies breach following 7GB of data posted online (Cyber Security Hub) The car manufacturer was allegedly targeted by ransomware group RansomEXX
CareOregon notice of data breach (GlobeNewswire News Room) PORTLAND, Ore., Oct. 06, 2022 (GLOBE NEWSWIRE) -- CareOregon recently discovered an incident involving disclosure of personal information for a subset of...
City of Tucson Data Breach impacted 123,500 individuals (Security Affairs) The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals. The security breach was discovered at the end of May 2022 and concluded the investigation in September. According to the notification letter sample provided to the Maine Attorney General’s Office, over 123,500 were impacted have been impacted […]
Ransomware Pummeling Cash-Strapped US Schools (Bloomberg) A hack on Los Angeles schools is a brutal reminder that educational institutions are still too vulnerable to ransomware.
Security Patches, Mitigations, and Software Updates
Cisco Releases Security Updates for Multiple Products (CISA) Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following advisories and apply the necessary updates:
October 2022 Patch Tuesday forecast: Looking for treats, not more tricks (Help Net Security) Todd Schell from Ivanti offers his October 2022 Patch Tuesday forecast, and discusses all the important developments from September 2022.
Understanding Risk: the Dark Side of Data (DFIN Solutions) Gartner defines dark data as the information assets organizations collect, process and store during regular business activities, but generally fail to use for other purposes (for example, analytics, business relationships and direct monetizing).
DFIN DealMaker Meter: Surge in "Dark Data" Represents Growing Danger for Corporations (PR Newswire) Dark data represents the biggest potential cybersecurity exposure for U.S. and U.K. businesses, according to a special cybersecurity edition of...
New SonicWall Survey Data Reveals 91% of Organizations Fear Ransomware Attacks in 2022 (PR Newswire) SonicWall, publisher of the world's most quoted ransomware threat intelligence, released the 2022 SonicWall Threat Mindset Survey which found...
Arctic Wolf Announces the Closing of a $401 Million Convertible Notes Offering (Arctic Wolf) Arctic Wolf®, a leader in security operations, today announced the closing of a convertible notes offering in the aggregate principal amount of $401 million, led by existing investor Owl Rock, a division of Blue Owl Capital, with participation from new and existing investors including Viking Global Investors, ... Arctic Wolf Announces the Closing of a $401 Million Convertible Notes Offering
DISA chooses Iron Bow for $743M 'Fourth Estate' software contract (Washington Technology) The company will act as lead integrator of Cisco's hardware and software products across non-combat support agencies.
Investors Wary of Board Seats at Crypto Startups Due to Legal Risks (The Information) As regulators take aim at cryptocurrency tokens, prominent crypto investors have taken unusual steps to insulate themselves: not seeking board seats at startups in hopes of avoiding liability. Investors’ lawyers are warning that members of token-issuing startup boards could potentially face big ...
Shift5 Appoints Robert Sison as Inaugural Chief Financial Officer Amid Accelerated Growth (GlobeNewswire News Room) Finance Leader from BigPanda Inc., Tanium Inc., and Electronic Arts to Strengthen Financial Infrastructure and Lead Momentum Into the Company’s Growth and...
eSentire Adds Cybersecurity Industry Heavyweights to its Board of… (eSentire) Learn more about the two cybersecurity industry veterans, Amit Mital, former Special Assistant to the President and Senior Director in the White House, and John Becker, renowned technology executive, advisor, and investor, joining eSentire’s Board of Directors.
Aware Appoints Chief Technology Officer (PR Newswire) Aware, the leading collaboration intelligence platform that identifies and reduces risk, maintains compliance, and uncovers new business...
Products, Services, and Solutions
Keeping Your Emails Secure: Who Does it Best? (Avanan) We analyzed over three million emails to determine how Microsoft Defender, and others, fare against the most advanced, evasive and sophisticated threats.
JupiterOne Launches Stellar Technology Alliance Program To Help Customers with Cyber Asset Management, Integration, and Visibility (PR Newswire) JupiterOne, the industry's leading provider of cyber asset attack surface management (CAASM) technology, today announced its Stellar Partner...
SecurityScorecard Announces Distribution Agreement with Wordtext Systems to Expand Access to World-Class Security Solutions Throughout Asia (Business Wire) SecurityScorecard, the global leader in cybersecurity ratings, today announced a strategic distribution partnership with Wordtext Systems, Inc. (WSI),
Veracode Launches Container Security Offering that Secures Cloud-Native Application Development (Veracode) Early Access Program for New Product Provides DevOps-friendly Solution to Integrate Container Security into the Software Development Lifecycle
DoControl Secures Enterprise Video Conferencing Data Through Zoom Integration (PR Newswire) DoControl, the automated Software as a Service (SaaS) security company, today announced it has teamed up with Zoom Video Communications, Inc....
Cynet Announces Partnership with TD SYNNEX (Cynet) TD SYNNEX selected as first U.S. channel distributor for Cynet’s fully automated XDR platform Boston, MA – October 6, 2022 – Cynet, the world’s first provider of an autonomous, end-to-end, fully automated extended detection and response (XDR) platform, today announced it has signed an agreement with TD SYNNEX, a leading distributor and solutions aggregator for […]
Laminar Launches Laminar Labs to Shine Light on Shadow Data, Cloud Security Risks (Business Wire) Laminar, the leader in public cloud data security, today announced the launch of Laminar Labs, the company’s cutting-edge research team designed to he
Quantum Xchange Expands Global Presence Inking Partnership with Warpcom to Bring Quantum-Safe Networking to Spain and Portugal (Business Wire) Quantum Xchange announced a new strategic partnership with Iberian ITC services firm, Warpcom to bring quantum-safe networking to the European market
Dashlane Expands Enterprise Offering, Adds Starter Plan for Businesses and Entrepreneurs (Business Wire) Today, Dashlane, the security-first password manager, announced updates to its suite of enterprise plans to provide stronger security tools for admins
GovPilot Launches Digital Special Needs Module, Adopted by Eastampton and Englewood, New Jersey Police Departments (GlobeNewswire News Room) Digital form enables public to share helpful information about special needs relatives with local governments for use in the event of emergencies...
LogRhythm Wins Best SIEM Solution in the 2022 CyberSecurity Breakthrough Awards (Business Wire) Leading cybersecurity analytics company recognized as best in the industry.
Blackpoint Cyber Launches Four Product Updates (Business Wire) Blackpoint Cyber, a leading technology-focused cybersecurity company, has released multiple product launches and updates this fall, as they look ahead
Technologies, Techniques, and Standards
IBM Security Incident Responder Study (IBM) Cybersecurity Incident Responders said that the sense of duty to help and protect others/businesses was by far the most influential factor attracting them to the profession. Continuous opportunity to learn and being rooted in problem solving followed as most influential factors.
IBM: Ransomware attacks take psychological toll on incident responders (The Record by Recorded Future) Hundreds of cybersecurity incident responders said ransomware attacks are having a dramatic effect on their mental health.
AFRL developing ‘cyber range’ for space operators (SpaceNews) AFRL is developing a cyber training range where Space Force operators could practice defending satellites using actual spacecraft in orbit
Design and Innovation
Cybersecurity could be the Metaverse’s Kryptonite—or its Cornerstone. (F5) On behalf of F5, YouGov surveyed 500 IT decision makers to get a snapshot of priorities as they balance the need to empower people and organizations today. One key takeaway: All the Metaverse’s potential to fuel growth, innovation, and emerging industries is at risk if we don’t make security foundational to its evolution.
Research and Development
As ransomware attacks increase, new algorithm may help prevent power blackouts (Purdue University) Millions of people could suddenly lose electricity if a ransomware attack just slightly tweaked energy flow onto the U.S. power grid.
KnowBe4 : Launches Cybersecurity Awareness Month University Challenge (MarketScreener) Industry and university collaboration project sees students combine cybersecurity, communications, and creativity to deliver new security awareness content based on CAM themes
Legislation, Policy, and Regulation
FACT SHEET: President Biden Signs Executive Order to Implement the European Union-U.S. Data Privacy Framework (The White House) Today, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (E.O.) directing the steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework (EU-U.S. DPF) announced by President Biden and European Commission President von der Leyen in March of 2022. …
BREAKING: US Moves Forward On New EU Data Transfer Pact (Law360) President Joe Biden on Friday signed off on enhanced protections for how the U.S. intelligence community handles European Union residents' personal data and fields government surveillance complaints, paving the way for a new transatlantic data transfer framework to be finalized in coming months.
3 actions Latin American leaders must take to reduce risk of cyberattacks (CSO Online) Threat actors are targeting government and private sector organizations across Latin America, so business and political leaders must step up to meet the challenge.
Australia unveils privacy rule changes after Optus data breach (Reuters) Australia on Thursday proposed an overhaul of consumer privacy rules that will help facilitate targeted data sharing between telecommunication firms and banks following a massive data breach at Optus, the country's second largest mobile operator.
Australia moots changes to privacy laws after Optus data breach (ZDNET) Government is revising regulations to allow telcos to temporarily share some of their customers' personal information, such as driver's licence and passport numbers, with financial services institutions to facilitate monitoring and remediation in the event of a data breach.
Online Safety Bill should exclude encryption scanning, says policy paper (Computing) The cost would outweigh any benefits, researchers argue
Age verification is coming (Computing) 'If you are online you are going to need to demonstrate your age'
UK Launching New £50 Million Cyber Academy (Overt Defense) The United Kingdom announced its new £50 million Military Cyber Academy which will train British and allied cyber personnel.
Department Press Briefing – October 6, 2022 - United States Department of State (United States Department of State) 2:13 p.m. EDT MR PATEL: Good afternoon, everybody. And sorry that we are running just a smidge tardy. As I promised, we have a special guest with us today. Today it is my pleasure to introduce Ambassador-at-Large for Cyberspace and Digital Policy Nate Fick, who started just a couple weeks ago and had his […]
As Cyber Insurance Dries Up, Treasury Department Eyes a Backstop (Bloomberg Law) A US Treasury Department request for public input on a potential federal cyber insurance program highlights a coverage gap for US companies as insurers reduce offerings.
Mona Harrington Selected as Assistant Director of CISA’s National Risk Management Center (CISA) WASHINGTON - Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly has announced the selection of Mona Harrington as Assistant Director for the agency’s National Risk Management Center (NRMC). Harrington started at CISA as Deputy Assistant Director for the NRMC in February 2022 and has been serving as Acting Assistant Director since March.
Governor Hochul Announces $9 Million in Federal Homeland Security Grants (Governor Kathy Hochul) Governor Hochul announced $9 million in federal funding awards through the State Homeland Security Program to 77 cities, towns, villages, and counties through seven unique grant programs designed to enhance their public safety preparedness and response capabilities.
Litigation, Investigation, and Law Enforcement
Australian teen charged with using leaked Optus data to blackmail customers (The Record by Recorded Future) Australian Federal Police (AFP) arrested a 19-year-old man in Sydney for allegedly extorting victims of the recent Optus hack.
19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam (The Hacker News) A 19-year-old Sydney teenager has been arrested for allegedly using Optus data to extort victims in SMS scams.
The Elon Musk vs. Twitter trial is on hold until October 28th (The Verge) Twitter wanted the trial to continue.
Journalist Sues Spyware Company for Allegedly Helping Gov. Surveil Him (Gizmodo) A Greek financial journalist is one of several who believe they have been targeted for surveillance by the nation's government with the help of Intellexa.
A Swatting Spree Is Terrorizing Schools Across the US (WIRED) Sixteen states collectively suffered more than 90 false reports of school shooters during three weeks in September—and many appear to be connected.
Roblox, Discord Sued Over Girl's Abuse, Suicide Attempts (Law360) The family of a 13-year-old girl is suing Roblox Corp., Discord Inc., Meta Platforms Inc. and Snap Inc., saying their platforms and algorithms facilitated the sexual abuse and exploitation of the girl, leading to multiple suicide attempts.
Yes, You Can Face Prison Time For Hiding A Data Breach (Law360) Former Uber security chief Joseph Sullivan's conviction on charges of covering up a 2016 data breach and his potential sentence of up to eight years in prison drive home the importance of speaking frankly within C-suites and with regulators about cybersecurity episodes.
From 'Golden Boy' To Guilty: Snapshots Of Uber Exec's Trial (Law360) The weekslong trial for ex-Uber security chief Joseph Sullivan, a former federal prosecutor convicted Wednesday for not reporting a massive 2016 data breach, had memorable moments, including a hacker's admission that extortion was the goal and testimony from a fired Uber lawyer who called Sullivan "the golden boy."
Jury in Alex Jones Defamation Trial Deliberates on Damages for Sandy Hook Families (Wall Street Journal) Connecticut jury began considering how much conspiracy theorist Alex Jones should pay for claiming the 2012 Sandy Hook school massacre was a hoax, after a trial where victims’ families testified they were harassed for years by his followers.