Dateline Kyiv, Moscow, Brussels, and New York: Hybrid conflict and diplomacy in the Ukraine crisis.
Hybrid war across the spectrum of conflict (The CyberWire) Diplomacy over the Ukrainian crisis continues, even after an acrimonious session at the UN Security Council. So do cyber operations.
Ukraine’s president praises support from the West as leaders shuffle through Kyiv. (New York Times) President Volodymyr Zelensky of Ukraine opened a new session of Parliament on Tuesday by calling for unity in the country, offering assurance that its economy was stable, and praising the enormous show of diplomatic and military support from Ukraine’s allies.
Ukraine ‘calmly preparing’ for the worst as US-Russia clash at UN (Military Times) Russia accused the West of "whipping up tensions" over Ukraine, while Ukraine's security chief argues the country needs to revise a 2015 peace deal.
Bomb shelters, guerrilla war: Building Ukraine's resistance (AP NEWS) The table tennis coach, the chaplain's wife, the dentist and the firebrand nationalist have little in common except a desire to defend their hometown and a sometimes halting effort to speak Ukrainian instead of Russian.
Ukraine announces plan to boost army, Europeans rally behind Zelenskiy (Reuters) President Volodymyr Zelenskiy signed a decree on Tuesday to boost Ukraine's armed forces by 100,000 troops over three years and raise soldiers' pay, as European leaders lined up to back him in a standoff with Russia.
Statement from President Biden on United Nations Security Council Meeting (The White House) Today in the United Nations Security Council, the United States presented in detail the full nature of Russia’s threat to Ukraine’s sovereignty and
Ukraine Live Updates: Putin to Hold News Conference Amid Flurry of Diplomacy (New York Times) A day after the United States and Russia faced off at the United Nations, President Vladimir V. Putin is likely to address the Ukraine crisis for the first time since December. The top diplomats from Washington and Moscow are expected to speak by telephone.
More Russian Attacks Against Ukraine Come to Light (SecurityWeek) The WhisperGate attack is not the only operation believed to have been conducted by Russia-linked threat actors against Ukraine in recent months
Researchers detail Russia-linked group's cyber-espionage tactics in Ukraine (CyberScoop) Researchers at Symantec say they have identified some of the specific tactics used by a Russia-linked hacking operation that Ukraine’s government outed in November of last year.
Conversation with a top Ukrainian cyber official: What we know, what we don't, what it means (CyberScoop) Cybersecurity officials in Ukraine issued a warning Monday about yet another phishing attack using either compromised or spoofed government email addresses, the second such warning since Saturday.
Russian 'Gamaredon' hackers use eight new payloads against Ukraine (Computing) The group is thought to be operated directly by the Russian Federal Security Service
'No war pls' — Gen Z is spamming Putin's Instagram asking him not to start World War III (Task & Purpose) "I know you're in a silly goofy mood but please don't start ww3."
Russia is willing to go to war and incur sanctions over Ukraine, analysts warn (CNBC) Russia is willing to risk "real financial harm" and all-out war to achieve its political objectives in Ukraine, defense analysts have said.
Cord-cutting, Russian style: Could the Kremlin sever global internet cables? (Atlantic Council) Moscow knows that information is vital in a crisis—and that controlling or entirely disrupting its flow can provide important strategic advantages.
How are Russian media outlets portraying the Ukraine crisis? (Al Jazeera) Pro-Kremlin media assure audiences that Russia doesn’t want a war, as independent news laments Putin’s dangerous games.
Ukraine Crisis: Western sanctions must target Putin’s propagandists (Atlantic Council) As Putin threatens a new invasion of Ukraine, Russia’s disinformation apparatus is playing a central role in the march to war. The international community must recognize this role and react accordingly.
Ukraine crisis: Boris Johnson lands in Kyiv; Putin phone call delayed – live (the Guardian) British PM arrives in Ukraine, as Putin meets Hungarian leader Viktor Orbán in Moscow
Orban, visiting Moscow, is accused of stoking acrimony with the E.U. (New York Times) Prime Minister Viktor Orban of Hungary is perhaps the closest ally of President Vladimir V. Putin within the 27-member bloc.
Ukraine Live Updates: Putin to Hold News Conference Amid Flurry of Diplomacy (New York Times) A day after the United States and Russia faced off at the United Nations, President Vladimir V. Putin is likely to address the Ukraine crisis for the first time since December. The top diplomats from Washington and Moscow are expected to speak by telephone.
US cyber chief in Europe to hold talks on potential Russian hacks (CNN) A senior White House official will meet with European allies this week to discuss ways to support Ukraine's digital defenses in the event of Russian cyberattacks, a senior Biden administration official told CNN.
Blinken to try diplomacy again with Russian counterpart after sharp U.N. clash over Ukraine (Washington Post) Secretary of State Antony Blinken will speak with his Russian counterpart, Sergei Lavrov, on Tuesday in a bid to defuse tensions over the Ukraine crisis, just hours after U.S. and Russian diplomats squared off at the United Nations in one of the most confrontational international meetings in years.
Ukraine Live Updates: Putin to Hold News Conference Amid Flurry of Diplomacy (New York Times) A day after the United States and Russia faced off at the United Nations, President Vladimir V. Putin is likely to address the Ukraine crisis for the first time since December. The top diplomats from Washington and Moscow are expected to speak by telephone.
U.S. Receives Russian Response on De-Escalation: Ukraine Update (Bloomberg) Russian Foreign Minister Sergei Lavrov and U.S. Secretary of State Antony Blinken will speak by phone Tuesday as diplomatic efforts continue to reduce tensions over Ukraine, while U.K. Prime Minister Boris Johnson plans to travel to Ukraine to meet with its president.
Russia responds in writing to U.S. proposal on Ukraine crisis (Washington Post) The Russian government has delivered a written response to a U.S. proposal aimed at de-escalating the Ukraine crisis, said a U.S. official who spoke on the condition of anonymity to discuss sensitive diplomatic talks.
Russia responds in writing to US ahead of Blinken-Lavrov call on Ukraine crisis (CNN) The United States has received a written response from Moscow after it sent its own written answers following face-to-face meetings on the ongoing Ukraine crisis, the latest development in the ongoing diplomatic campaign aimed at deterring a potential Russian invasion of the country.
Watch: The U.S. and Russia exchange bitter accusations at the U.N. Security Council. (New York Times) Russia called the public meeting on the Ukraine crisis an example of “megaphone diplomacy,” while the U.S. criticized Russia, saying, “Imagine how uncomfortable you would be if you had 100,000 troops sitting at your border.”
U.S., Russia clash sharply over Ukraine at U.N. meeting (Washington Post) Russia angrily denounced the United States Monday for “whipping up hysteria” over Ukraine, saying it had brought “pure Nazis” to power on Russia’s border and wanted to make “heroes out of those peoples who fought on the side of Hitler.”
Pentagon boss to brief lawmakers on latest Ukraine threats (Military Times) The briefings come amid ever-rising concerns about another Russian invasion of Ukraine.
U.S. Sanctions Aimed at Russia Could Take a Wide Toll (New York Times) The boldest measures that President Biden is threatening to deter an invasion of Ukraine could roil the entire Russian economy — but also those of other nations.
Keep NATO’s Door Open to Ukraine (Foreign Affairs) Washington shouldn't grant Putin the sphere of influence he wants.
Biden has selected ambassador to Ukraine but is waiting on Ukraine's approval (CNN) President Joe Biden is close to publicly naming his ambassador to Ukraine, but his administration is still waiting on formal approval from the Ukrainian government, US and Ukrainian sources told CNN.
As Russia threatens Ukraine, Baltic nations work to update armored vehicle fleets (Breaking Defense) Despite small budgets, Estonia, Latvia and Lithuania are working to strengthen their ground forces to protect their borders with Russia.
Pentagon discussing more Europe deployments amid Russia-Ukraine tension (Military Times) More units could be put on alert for possible individual deployments.
The Russia crisis has exposed why NATO needs a strategy shift (Atlantic Council) With Russia threatening Ukraine, NATO's new strategy already seems dated, as it lacks a comprehensive counter-gray area/hybrid-war approach, among other shortcomings.
With Low-Tech, Trench Warfare, Ukraine’s Army Isn’t NATO Caliber (New York Times) The United States and its allies have trained and helped equip the Ukrainian army. But it has little resemblance to the kind of sophisticated, contemporary military that distinguishes NATO members.
A Little Mud Won’t Stop Putin (Foreign Policy) Frozen ground may aid a Russian invasion of Ukraine, but it’s not a decisive factor.
Boeing says Ukraine tensions creating 'adverse climate' for business (Reuters) Boeing Co said on Monday the ongoing tensions between the United States and Russia over Ukraine were creating an "adverse climate" for its business and threatening to disrupt its supply chain.
Attacks, Threats, and Vulnerabilities
NSO Group Pegasus Spyware Aims at Finnish Diplomats (Threatpost) Finland is weathering a bout of Pegasus infections, along with a Facebook Messenger phishing scam.
OT Data Stolen by Ransomware Gangs Can Facilitate Cyber-Physical Attacks (SecurityWeek) Many ransomware attacks on industrial and critical infrastructure organizations result in OT data leaks that can be useful to threat actors for cyber-physical attacks.
Top-Ranking Ramnit Banking Trojan Looking to Steal Payment Card Data (Security Intelligence) Shopping online has been accelerated since the COVID-19 pandemic. See how the Ramnit Trojan infects files to steal payment card data.
How Scalping Bots Manipulate NFT Sales (PerimeterX) As NFTs have grown in popularity, scalping bots have expanded their focus from fashion and entertainment to the metaverse. Here’s how bots exploit NFT sales.
Microsoft: Here's how we stopped the biggest ever DDoS attack (ZDNet) Microsoft details how Azure helped mitigate a 3.47 terabytes per second distributed denial of service (DDoS) attack.
North Korea's Lazarus uses Windows Update, GitHub to infect PCs in latest campaign (Computing) The spear-phishing campaign impersonates the American security and aerospace firm Lockheed Martin to target people interested in getting a job at the company
Log4Shell in the Field – A Brief Analysis Through January 2022 (Arctic Wolf) We've looked into the activity related to the Log4Shell vulnerability CVE-2021-44228 observed across our 2,300+ customers. Learn the results.
Threat actor target Ubiquiti network appliances using Log4Shell exploits (The Record by Recorded Future) Threat actors are using a customized public exploit for the Log4Shell vulnerability to attack and take over Ubiquiti network appliances running the UniFi software, security firm Morphisec said in a report last week.
Rust-Coded Malware Key Factor in BlackCat's Meteoric Rise (Gov Info Security) In just a month, the BlackCat cybercrime group has carried out high-impact ransomware attacks on international organizations and risen to seventh place in Unit 42's
Aggressive BlackCat Ransomware on the Rise (Dark Reading) The cybercriminals behind the malware claim to have compromised more than a dozen companies; they have aggressively outed victims and purportedly paid a significant share of ransoms back to affiliates.
Security Researchers Say Attackers Can Access Unlimited Stolen User Credentials Through Simple VirusTotal Hacking Techniques (CPO Magazine) Security researchers at SafeBreach discovered a method to collect millions of stolen user credentials through Google’s malware analysis platform, VirusTotal without compromising any organizations.
Crypto Finance Firm Offers $2m Bug Bounty to Hackers (Infosecurity Magazine) Attackers stole $80m from Qubit Finance last week
Australian Red Cross warns clients of potential security breach (CRN Australia) After parent disclosed attack against its servers.
Hackers turn to fake COVID websites to support phishing attacks (Fortune) More than 600 suspicious domain names, including covidtestsgov.com, covidtestgov.net, and specialusps.com, have been registered since Jan. 15.
Messages and user data from secret sharing app Whisper exposed online (again): report (Comparitech) Millions of anonymous messages and user records apparently from the secret sharing app Whisper were exposed online without a password. Again.
Energieversorgung: Cyberangriff legt Oiltanking-Tanklager deutschlandweit vollständig lahm – Tankwagen-Beladung außer Betrieb (Handelsblatt) Zwei Tochterunternehmen des Hamburger Konzerns Marquard & Bahls sind Opfer von Hackern geworden. Mittelständische Tankstellen, aber auch Konzerne wie Shell sind betroffen.
Potential for Malicious Cyber Activities to Disrupt the 2022 Beijing Winter Olympics and Paralympics (FBI) The FBI is warning entities associated with the February 2022 Beijing Winter Olympics and March 2022 Paralympics that cyber actors could use a broad range of cyber activities to disrupt these events. These activities include distributed denial of service (DDoS) attacks, ransomware, malware, social engineering, data theft or leaks, phishing campaigns, disinformation campaigns, or insider threats, and when successful, can block or disrupt the live broadcast of the event, steal or leak sensitive data, or impact public or private digital infrastructure supporting the Olympics. Additionally, the FBI warns Olympic participants and travelers of potential threats associated with mobile applications developed by untrusted vendors.
No, a researcher didn't find Olympics app spying on you (Errata Security) For the Beijing 2022 Winter Olympics, the Chinese government requires everyone to download an app onto their phone. It has many security/pri...
FTC Warns Social Media Users About Targeted Advertising as Scams Abound (Wall Street Journal) Antifraud specialists and marketing executives say opting out will make minimal difference in the fight against con artists online.
CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog (Security Affairs) The US CISA added eight more flaws to its Known Exploited Vulnerabilities Catalog that are known to be used in attacks in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to the Known Exploited Vulnerabilities Catalog. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that […]
Unpatched Vulnerabilities Remain Primary Ransomware Attack Vector (Health IT Security) Cybercriminals continually look to unpatched vulnerabilities such as Log4j and others as primary ransomware attack vectors.
Vulnerability Summary for the Week of January 24, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Trends
Trellix Advanced Threat Research Report: January 2022 (Trellix) Insight into Log4j, Q3 2021 ransomware, APT, and top sector targets
Cyber Insights 2022: Improving Criminal Sophistication (SecurityWeek) When defenses get stronger, attackers get more sophisticated; and when attackers get more sophisticated, defenses get stronger
The rise of ransomware: Its cause & effect (PropertyCasualty360) <b>Part one:</b> Discover how the ransomware situation reached a fever pitch and where it is heading.
Diligent Finds Cyberbreaches Due to Work-From-Home Have Cost Surveyed US Businesses $396 Million in the Last 18 Months (Business Wire) Diligent, the global leader in modern governance providing SaaS solutions across governance, risk, compliance and ESG, today announces new findings fr
Attacks Signal Coming Shift From ID Theft to ID Fraud (Security Boulevard) Security practitioners looking back on 2021 may see it as the year attackers shifted their focus from identity theft to identity fraud. That’s according
Warning hospitals are 'most vulnerable to cyber attack' in wake of Covid (The US Sun) AMERICAN hospitals are most vulnerable to a cyberattack that would be more devastating than the September 11 terror attacks, an expert fears. Professor Scheherazade Rehman, director of the European…
Marketplace
ThycoticCentrify is Now Delinea, a Privileged Access Management Leader Providing Seamless Security for Modern, Hybrid Enterprises (PR Newswire) Delinea today announced its debut as a leading provider of privileged access management (PAM) solutions for seamless security. Backed by TPG...
Cengage Group Announces Agreement to Acquire Infosec (PR Newswire) Cengage Group, a global education technology company serving millions of learners, entered into an agreement to acquire Infosec, a leading...
Cengage Group Acquires Infosec for Cybersecurity Training (GovTech) The $190 million merger aims to combine their online education programs and expand professional development training for IT security professionals, given the projected need for them in both the public and private sectors.
EXCLUSIVE SoftBank-backed Cybereason confidentially files for U.S. IPO -sources (Reuters) Cybereason, a security startup backed by SoftBank's Vision Fund 2 and Alphabet Inc's Google Cloud unit, has confidentially filed for a U.S. initial public offering that could value it at more than $5 billion, according to people familiar with the matter.
Pixm Raises $4.3M to Stop Zero-day Phishing Attacks with AI Computer Vision (Business Wire) Computer vision cyber security startup Pixm raises $4.3M in seed funding to protect enterprises from undiscovered, non-traditional phishing attacks.
Copado Acquires Leading SAP Testing and Implementation Companies to Expand Depth of its DevOps and Testing Platform (Copado) Copado expands the depth of its DevOps and Testing Platform with Qualibrate and IOVIO acquisition.
DISA Taps Booz Allen Hamilton For Thunderdome Zero Trust Prototype Program - Defense Daily (Defense Daily) The Defense Information Systems Agency (DISA) has awarded Booz Allen Hamilton a $6.8 million prototype deal to work on developing a new zero-trust
Binance creates $1 billion insurance funds against hackers, benefiting BNB price (FXStreet) Binance has created an insurance fund to protect users from hacks. The exchange has restricted accounts of Nigerian users in line with anti-money laun
Scandal-plagued NSO Group Likely To Be Dismantled but Pegasus Will Live On, Expert Says (The Media Line) The scandal-plagued NSO Group cybersecurity company behind the […]
The company trying to give cyber intel a good name (Globes) Paragon Solutions, backed by former prime minister Ehud Barak and Battery Ventures, hopes to succeed by playing by the rules.
Trusona appointed to FIDO Alliance Board, bringing user experience leadership (Yahoo) Trusona, the pioneering leader in passwordless identity authentication, today announced it has been appointed to the FIDO Alliance Board of Directors with Kevin Goldman, Trusona's Chief Experience Officer, as the Primary Board Delegate.
Kaspersky plays a role in new sci-fi film (IT-Online) Global cybersecurity company Kaspersky plays a crucial role in protecting the heroes in the epic sci-fi film Moonfall on their historic journey to save Earth. The epic new sci-fi disaster film, Moonfall, is directed by Roland Emmerich and written by Roland Emmerich, Harald Kloser and Spenser Cohen. It tells the story of a mysterious force […]
Egnyte Announces Record-Breaking Year of Growth (PCR) Egnyte has reported a record-breaking year of growth in 2021. The company also announced the appoint
Dayton-area tech firm plots expansion, 100 new hires (Dayton Business Journal) The $930,000 expansion will accommodate the firm's growing portfolio of work with the U.S. Department of Defense.
SecZetta Expands International Presence with Opening of EMEA Headquarters (SecZetta) SecZetta expands its international presence with opening headquarters in EMEA. Entry into EMEA market demonstrates growing demand for SecZetta.
CIPL President Bojana Bellamy and Vivienne Artz OBE, Advisor to CIPL, Among Data Pros Appointed to UK’s International Data Transfer Expert Council (Hunton Andrews Kurth LLP) Hunton Andrews Kurth LLP helps businesses around the world navigate complex legal challenges in the energy, financial services, real estate investment and finance, retail and consumer products, and technology sectors and beyond. The firm has offices in the United States, Europe, Asia and the Middle East.
MPC Alliance announces new Board of Directors (RealWire) MPC Alliance has started the year by appointing new Officers after a new board of Directors was elected in December 2021. The board will include privacy and sec
Versa Networks Expands Executive Leadership Team to Continue Global Growth and Meet Accelerating Worldwide Demand for Versa SASE (Business Wire) Versa Networks, the recognized secure access service edge (SASE) leader, today announced it has named former Proofpoint and CA Technologies executive
SecurID Expands Leadership Team, Naming Laura Marx as Chief Marketing Officer (SecurID) SecurID, the trusted identity platform and an RSA business, today announced a key addition to its leadership team, appointing Laura Marx as Chief Marketing Officer.
Products, Services, and Solutions
International Spy Museum’s Popular Espionage Podcast, SpyCast, joins the CyberWire Network (The CyberWire) The CyberWire and the International Spy Museum announced today that the museum’s popular, long-running podcast, SpyCast, has joined the rapidly growing CyberWire Podcast Network.
WhiteStar Communications, Inc. Launches SOCIETY: Secure Social Network (WhiteStar) NC Tech startup Launches new version of SOCIETY mobile app with, Secure Instant Messaging, Social Media Communities, and Secure File Transfer
Fullstack Academy Brings Tech Bootcamps to India in First International Partnership (Business Wire) Fullstack Academy has partnered with upGrad, Asia’s largest higher edtech company, to introduce cybersecurity and data analytics bootcamps in India.
Protos Labs protects insurers and policyholders against cybersecurity risks (KrASIA) Protos Labs protects insurers and policyholders against cybersecurity risks. Through statistical modeling, the startup helps insurers price premiums.
ARV and IBM to build Thailand's national digital corporate identity system (Paypers) ARV has announced it is launching a blockchain-based National Digital Corporate Identity (NCID) platform in collaboration with...
Databarracks | Data protection and IT resilience for the UK's most iconic venue (RealWire) About The Royal Albert HallThe world’s leading figures in music, dance, sport and politics have appeared on stage at The Royal Albert Hall since it opened in 1871. Now over 1.7 million people en
[redacted] Unveils TIDE to Automate and Scale Delivery of Layered Defense and Orchestrated Incident Response (Yahoo Finance) SAN FRANCISCO, February 01, 2022--[redacted], the mission-driven cloud security company that levels the playing field against attackers, today launched the Threat Intelligence Detection Engine (TIDE). As a major expansion of its cloud-native platform that scales delivery of [redacted]’s layered defense services, TIDE automates the technical analysis of all files and immediately shares results with clients.
Coalition launches tech-powered executive risks products with personalized risk assessment for all US small businesses (PR Newswire) Coalition, the world's largest commercial insurtech provider, announced the launch of its executive risks insurance products with new...
Nucleus Security Forms Strategic Partnership with Mandiant to Enhance Vulnerability Management Programs with Operationalized Threat Intelligence (Business Wire) Nucleus Security, a leader in unified vulnerability management and process automation, has entered a strategic partnership with Mandiant.
Island Introduces First Enterprise Browser to Radically Improve Enterprise Security and Redefine The Nature Of Work (Island) Backed by Insight Partners, Sequoia Capital, Cyberstarts and Stripes, Island delivers a familiar Chromium-based browser experience with built-in critical security control and governance for corporate applications and data
Mobile App Security Leader Expands Cross-platform Framework Support to Include Flutter (Guardsquare) Guardsquare Introduces Mobile App Protection for Flutter; Preventing Tampering and Reverse Engineering
Cymulate Launches Co-Managed Solution to Help Companies Close Critical Security Blind Spots (PR Newswire) Cymulate, the Extended Security Posture Management market leader, today announced the launch of Amplify, a human powered offering designed to...
Infosec products of the month: January 2022 (Help Net Security) The featured infosec products this month are from: Avast, Axonius, Borderless Security, CyberRes, Deepfence, GrammaTech, and more.
Technologies, Techniques, and Standards
Safeguarding our Future: Protecting Personal Health Data from Foreign Exploitation (National Counterintelligence and Security Center) Foreign companies and some U.S. businesses with facilities abroad have been partnering or
contracting with U.S. organizations to provide diagnostic tests and services that in some cases
collect specimens, DNA, fitness / lifestyle information, or other personal health data from patients
or consumers in the United States. Some of these companies may be subject to foreign laws
that can compel them to share such data with foreign governments, including governments that
exploit personal health data for their own ends and without regard to individual privacy.
Pt 2 – Students of the game: What are the Hash Table’s go-to information sources for 2022? (The CyberWire) Rick Howard, the CyberWire’s CSO and Chief Analyst, chats with Steve Winterfeld, the Akamai Advisory CISO, and Errol Weiss, the Health-ISAC CSO, about recommended sources of infosec content that they found valuable in 2021.
Ransomware Solutions & NIST Guidelines for SMBs (Nodeware) Running a business without NIST guidelines is like driving without a seatbelt. A typical trip will probably be uneventful, but given the potentially catastrophic consequences, you always buckle up. Ransomware attacks were up 150% percent in 2020, with an increase of 300% in ransoms being paid by vic
How to tell if your phone has been hacked | WeLiveSecurity (WeLiveSecurity) Think your smartphone has been compromised by malware? Here's how to spot the signs of an infected phone and how to remove hackers from your phone.
How to protect your network from a future attack (Avast) A new report on how to protect your networks from attack can be a helpful document that covers a lot of different bases within the cybersecurity landscape.
7 Privacy Tips for Security Pros (Dark Reading) How best to integrate privacy into your organization's security program.
Zscaler CEO: Network security firms have ‘hijacked’ zero trust (VentureBeat) As zero trust security finds growing demand, Zscaler CEO Jay Chaudhry says the term is being misused by some network security vendors.
Design and Innovation
Here’s how intelligence agencies can search foreign documents without learning the language (C4ISRNet) The new machine learning system developed by Raytheon BBN Technologies in partnership with the Intelligence Advanced Research Projects Activity allows English-speaking users to search foreign documents and speech without knowing the language.
Research and Development
Cobalt Iron Patents Technology for Dynamic Infrastructure Optimization in Response to Cyberthreats (Yahoo Finance) Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has been granted a patent on its technology for dynamic IT infrastructure optimization in response to cyberthreats. Issued on Dec. 28, 2021, U.S. Patent 11212304 describes new capabilities for Cobalt Iron Compass®, an enterprise SaaS backup platform, whereby Compass will automatically reconfigure IT infrastructure when it detects cyberthreats, such as a ransom
Meet the NSA spies shaping the future (MIT Technology Review) In his first interview as leader of the NSA's Research Directorate, Gil Herrera lays out challenges in quantum computing, cybersecurity, and the technology American intelligence needs to master to secure and spy into the future.
Math That Helped Solve Fermat’s Theorem Now Safeguards the Digital World (New York Times) The mathematicians who toiled on the famous enigma also devised powerful forms of end-to-end encryption.
Academia
Fortifying the foundations of cybersecurity (ASU News) ASU's new Center for Cybersecurity and Trusted Foundations aims to more holistically address the long-term cybersecurity challenges facing the nation by building up and fortifying the fundamental building blocks of security — technology, process and workforce.
Legislation, Policy, and Regulation
What do we know about cyber operations during militarized crises? (Atlantic Council) This essay focuses on how cyber operations employed during militarized crises are likely to impact escalation management. Cyber operations intended as offramps in a crisis could have an outcome opposite than that intended. Given the absence of direct experience, policymakers must critically examine assumptions and claims that cyber operations can serve as de-escalatory crisis offramps.
Master of Deterrence (Foreign Affairs) Effectively calculating risk requires a clear-eyed understanding of the stakes.
Pakistan And National Cyber Command: A Strategic Competitive Enabler (Part II) – OpEd (Eurasia Review) This is a series of three articles in which we aim to communicate our opinions on why it is a dire need for Pakistan to establish a cyber command and what strategic challenges such a command will n…
Congress wants to overhaul FISMA. Agencies are already measuring security differently (Federal News Network) The White House revised FISMA metrics for agencies this year, with a major focus on multifactor authentication, security testing, and cyber workforce.
SEC Chair Gensler Remarks Indicate 2022 Action Expanding Cyber Requirements (JD Supra) U.S. Securities and Exchange Commission (SEC) Chair Gary Gensler made remarks on Jan. 24, 2022, at Northwestern University Pritzker School of Law's...
Crypto advocates score win as Himes revises ransomware safeguard (POLITICO) The section at issue would expand the Treasury Department's authority to monitor and freeze accounts at financial institutions.
The Hunt For a Federal Data Privacy Law (Decipher) Privacy experts pinpoint the challenges and complexities behind a federal data privacy law.
Supply chain pain may lurk in container crane bill (FreightWaves) Legislation affecting the world’s largest gantry crane manufacturer brings supply chain risks along with it, according to a port security expert.
Top counterintel role remains unfilled by Biden (The Record by Recorded Future) More than a year after taking office, President Joe Biden has yet to find a nominee to oversee the nation’s counterintelligence efforts and combat influence campaigns by foreign adversaries like Russia — and there’s no contender in sight.
Litigation, Investigation, and Law Enforcement
NSA watchdog finds 'concerns' with searches of Americans' communications (CNN) The National Security Agency failed to follow both court-approved and internal procedures designed to prevent officials from using a controversial foreign surveillance law to inappropriately monitor Americans' communications, the NSA inspector general found in a semi-annual report released on Monday.
U.S. Companies Face More Restrictions After Privacy Ruling Against Google (Wall Street Journal) American technology providers are under intense pressure in Europe after a regulator there found Google Analytics’ services illegal. The decision is expected to spur a domino effect that could result in similar restrictions for other U.S. tech providers.
Russia responsible for more than half of all Google takedown requests (Computing) Russia, which has long desired to clean up its image online, submitted twice as many requests to remove content as the other top ten countries put together
Website operator fined for using Google Fonts “the cloudy way” (Naked Security) Google Fonts are OK, it seems, but only if everyone keeps their own copy of the fonts they use.
Cooley Privacy Talks: Reconciling the GDPR With the Clinical Trial Regulation (CTR) (cyber/data/privacy insights) This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer
Feds move to settle case with DoD cyber official in clearance dispute (SC Magazine) A lawyer for Katie Arrington, a former DoD cybersecurity official, told SC Media that the settlement will give them access to information around an incident that led the NSA to suspend Arrington's security clearance and place her on administrative leave last year.
Judge asks ‘Dr Bitcoin’ to put up hard cash for costs security (Law Gazette) Owner of Seychelles company must provide nearly £250,000 against adverse costs in a challenge over jurisdiction in a $4bn action.
Two Israelis finally paying for doing illegal cyber activities (TheDigitalHacker) Nearly a year after pleading guilty to the charges, an Israeli national was sentenced to 97 months in jail in connection with the operation of the DeepDotWeb