Dateline Moscow and Kyiv: Reports of a planned Russian withdrawal and an uptick in privateering.
Ukraine at D+252: Retreat across the Dnipro? (CyberWire) Russian sources in Kherson say that Russian forces plan to withdraw east, back across the Dnipro River, but Ukraine views the statement with caution. Russian officials chide the US for lack of cooperation in cyberspace. The RomCom cybercriminal group looks more like a unit controlled by a Russian intelligence service.
Russia signals huge new retreat in southern Ukraine; Kyiv cautious (Reuters) Russian forces are likely to abandon their foothold on the west bank of Ukraine's Dnipro River, a Russian-installed occupation official said on Thursday, a Russian retreat that, if confirmed, would be a major turning point in the war.
Ukraine war latest: Russian soldiers dub combat vehicles 'aluminium cans' as they lose battalion daily
(The Telegraph) Frustrated Russian soldiers have dubbed their ageing combat vehicles "aluminium cans" after losing more than 40 a day to Ukrainian attacks, according to British intelligence.
North Korea covertly sending artillery to Russia, White House says (Defense News) The White House did not provide evidence to support the new accusations or answer questions about how many weapons were involved.
Hardened Ukrainian brigade sees Russian vulnerability in Kherson City (Military Times) The soldiers of the 59th Motorized Brigade are bullish on their prospects of beating the Russians back at Kherson City.
Russians try to subdue Ukrainian towns by seizing mayors (AP NEWS) Not long after Russian tanks rolled into Ukraine, soldiers broke down the office door of Melitopol Mayor Ivan Fedorov. They put a bag over his head, bundled him into a car and drove him around the southern city for hours, threatening to kill him.
Russia orders wider evacuation of occupied southern Ukraine (Reuters) People walk to board a ferry during the evacuation of Kherson residents in the course of Russia-Ukraine conflict, in the city of Kherson, Russian-controlled Ukraine October 31, 2022. REUTERS/Alexander
Zelenskiy labels Putin U-turn on Ukraine grain deal a ‘failure of Russian aggression’ (the Guardian) Ukraine president has said the Kremlin’s call for guarantees shows ‘Russian blackmail has led nowhere’
Ukraine war latest: Russian military leaders 'discussed using tactical nuclear weapons' (The Telegraph) Senior Russian military leaders discussed the use of tactical nuclear weapon in Ukraine, according to numerous senior American officials.
Russian military leaders’ talk of nuclear attack rattles U.S. calculus (Washington Post) U.S. officials still maintain that Moscow is unlikely to go nuclear in Ukraine. But Washington doesn’t have many good options to prevent Putin’s worst intentions.
The Reality Behind Russia’s Talk About Nuclear Weapons (New York Times) U.S. officials say they do not believe that Russia has decided to detonate a tactical device, but concerns are rising.
Potential nuclear strike in Ukraine is just talk for now, but here's what Russia could do next (The Telegraph) High state of alarm in the West as Kremlin military leaders talked about how and when they might deploy lower-yield devices
The West must not let Putin freeze millions of Ukrainians to death (Atlantic Council) Unable to defeat Ukraine on the battlefield, Putin is now deliberately targeting the civilian population and openly threatening to freeze millions of Ukrainians to death. The West must not stand by and let this genocide take place.
What Could Bring Putin Down? (Foreign Affairs) Regime collapse is more likely than a coup.
Good at Being Bad (Foreign Affairs) How dictatorships endure.
Putin's failing Ukraine invasion proves Russia is no superpower (Atlantic Council) Vladimir Putin's failing Ukraine invasion has dramatically undermined the credibility of modern Russia's Great Power pretensions and exposed the dysfunctional reality behind the Kremlin's claims to superpower status.
Opinion | Putin Says Ukraine Doesn’t Exist. That’s Why He’s Trying to Destroy It. (New York Times) The country has a profound story to tell.
Russia cyber director warns no U.S. cooperation risks "mutual destruction" (Newsweek) Russian Foreign Ministry cyber chief Artur Lyukmanov warned Newsweek of "full-fledged interstate confrontation" with "the use of conventional means of warfare."
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom (BlackBerry) The threat actor known as RomCom is actively deploying new campaigns aimed at victims in Ukraine and English-speaking regions. The BlackBerry Threat Research and Intelligence Team discovered new campaigns that spoof popular brand-name software packages. The United Kingdom is possibly a new target, while Ukraine is still the main focus.
Ukrainian official: Musk to keep funding key satellite links (AP NEWS) Elon Musk has given assurances to Ukraine that he will keep funding its access to a crucial satellite network providing Kyiv with battlefield and humanitarian communications in its war with Russia , a senior Ukrainian official said Wednesday.
Attacks, Threats, and Vulnerabilities
Religious Minority Persecuted in Iran Targeted With Sophisticated Android Spyware (SecurityWeek) Persian-speaking religious minority Bahaʼi targeted a previously unknown Android espionage campaign called SandStrike.
Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor (SentinelOne) Black Basta operational TTPs are described here in full detail, revealing previously unknown tools and techniques and a link to FIN7.
OPERA1ER: Playing god without permission (Group-IB) The group relied solely on known “off-the-shelf” tools to steal millions from financial service and telecommunications companies. In total they managed to carry out at least 30 successful attacks Africa, Latin America, and Asia between 2019 and 2021.
CyRC Vulnerability Advisory: CVE-2022-43945 buffer overflow vulnerabilities in NFSD (Application Security Blog) Get remediation guidance on CVE-2022-43945, which contains two vulnerabilities causing buffer handling issues in Linux Kernel NFSD implementation.
Emotet botnet starts blasting malware again after 5 month break (BleepingComputer) The Emotet malware operation is again spamming malicious emails after almost a five-month "vacation" that saw little activity from the notorious cybercrime operation.
Malicious App Developer Remains on Google Play Despite Being Cited Multiple Times for Malware (Gizmodo) A report shows four Bluetooth-centered apps by the same developer have been downloaded 1 million times combined while containing malicious code.
Hackers Stole Source Code, Personal Data From Dropbox Following Phishing Attack (SecurityWeek) Dropbox has suffered a data breach after employees fell for a phishing attack. The hackers gained access to source code and personal data.
Hackers get into Dropbox developer accounts on GitHub, access 130 code repositories and more (The Record by Recorded Future) DropBox announced this week that a phishing campaign targeting its developers was successful, allowing hackers to copy 130 code repositories.
Abusing Microsoft Customer Voice to Send Phishing Links (Avanan) Hackers are using Microsoft Customer Voice to send phishing links.
Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3) (Sonar Blog) Checkmk is a modern IT infrastructure monitoring solution developed in Python and C++. According to the vendor’s website, more than 2,000 customers rely on Checkmk. Due to its purpose, Checkmk is a central component usually deployed at a privileged position in a company’s network. This makes it a high-profile target for threat actors.
Netskope Threat Research: Next Generation of Phishing Attacks Uses Unexpected Delivery Methods to Steal Data (PR Newswire) Netskope, a leader in secure access service edge (SASE), today unveiled new research that shows how the prevalence of cloud applications is...
Netskope threat research identifies next gen phishing tactics (Security Systems News) Netskope, the SASE computer security platform provider have released their new threat research which reveals the top sources of phishing attacks and cloud vulnerabilities.
Hundreds of U.S. news sites push malware in supply-chain attack (BleepingComputer) The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S.
Server Security is Now Dangerously Flawed (Morphisec) The cybersecurity industry needs more effective Windows and Linux server security—which doesn’t impact server performance.
IEEE paper on process sensor monitoring – what you need to know about process sensor cyber security (Control Global) “Mother Nature” is analog, and all process sensor readings start with some form of physical impact from the environment.
Inside Raccoon Stealer V2 (The Hacker News) Raccoon Stealer is back on the news again. This article will give a quick guide to the latest info stealer's version.
Alma radio telescope in Chile taken down by cyber attack (Yahoo) The Atacama Large Millimeter/submillimeter Array Observatory will be offline for an indeterminate amount of time as workers try to recover from a 29 October cyber attack
French defense firm denies ransomware attack after leak site posting (The Record by Recorded Future) French defense and technology firm Thales has denied it was hit with ransomware after LockBit threatened to leak stolen data.
LockBit 3.0 gang claims to have stolen data from Thales (IT Security News) The ransomware group LockBit 3.0 claimed to have stolen data from the French defence and technology group Thales. Thales is a global high-tech leader with more than 81,000 employees worldwide. The Group invests in digital and deep tech innovations – big data, artificial intelligence, connectivity, cybersecurity and quantum – to build a future of trust,
$28 million stolen from cryptocurrency platform Deribit (The Record by Recorded Future) Cryptocurrency derivatives platform Deribit said $28 million was stolen from hot wallets on Tuesday evening.
Bed Bath & Beyond's technology chief resigns after possible data breach (Reuters) Bed Bath & Beyond Inc said on Wednesday its customer and technology chief, Rafeh Masood, will step down, days after the home goods retailer reported a possible data breach.
Vodafone Italy discloses data breach after reseller hacked (BleepingComputer) Vodafone Italia is sending customers notices of a data breach, informing them that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telco's services in the country, has fallen victim to a cyberattack.
Royal Mail customer data leak shutters online Click and Drop (Register) Customers complain of exposed order info, multiple charges — but still no postage
Chester, Pa., Lost $400K to Phishing Scheme Over Summer (GovTech) The incident, which was just recently revealed to the public, saw Chester Councilman William Morgan allegedly send an estimated $400,000 to an unknown scammer during a phishing incident in June.
Security Patches, Mitigations, and Software Updates
Fortinet Patches 6 High-Severity Vulnerabilities (SecurityWeek) Fortinet has released 16 security advisories, including six that describe high-severity vulnerabilities.
Nokia ASIK AirScale System Module (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Nokia Equipment: ASIK AirScale 5G Common System Module Vulnerabilities: Improper Access Control for Volatile Memory Containing Boot Code, Assumed-Immutable Data is Stored in Writable Memory 2.
Trends
Cloud Computing, 5G, Metaverse, Electric Vehicles Among the Most Important Areas of Technology in 2023, Says New IEEE Study (PR Newswire) IEEE, the world's largest technical professional organization dedicated to advancing technology for humanity, today released the results of...
APT trends report Q3 2022 (Securelist) This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.
Cyber threats in K-12 are 'here to stay' (StateScoop) Even without robust funding, there are still free and low-cost steps K-12 schools can take to improve their cyber defenses, speakers said at a CISA event.
Marketplace
HUMAN Acquires Anti-Malvertising Leader, clean.io, to Enhance Protection Across the Media Ecosystem (Human Security) Third strategic market move of 2022 expands Human Defense Platform capabilities to safeguard against fraud and abuse earlier in the attack cycle
Alethea Closes $10M Series A Financing Led by Ballistic Ventures (PR Newswire) Alethea, a technology company that detects and mitigates disinformation, misinformation, and social media manipulation, raised $10 million...
Apiiro Raises $100M Series B Funding Round to Solidify Position as the Cloud-Native Application Security Leader (Apiiro) Apiiro is excited to announce the latest round of funding led by General Catalyst with participation by Greylock and Kleiner Perkins.
Intel 471 Acquires SpiderFoot (PR Newswire) Intel 471, the premier provider of cyber threat intelligence for leading intelligence, security, and fraud teams across the globe, today...
Alation Raises $123M Series E to Meet Surging Global Demand for Data Intelligence Platforms (GlobeNewswire News Room) Company Valued Over $1.7 Billion...
Binary Defense raises $36 million to accelerate sales and marketing (Help Net Security) Binary Defense Systems has closed a $36 million first institutional growth equity funding round led by Invictus Growth Partners.
1Password Acquires Passage Identity to Power a Passwordless Future (PR Newswire) 1Password, a leader in human-centric security and privacy, today announced the acquisition of Passage, a developer-first passwordless...
HelpSystems Is Now Fortra (Business Wire) New brand identity marks strategic shift toward providing global customers with a single line of cyber defense
DISA moves forward with $1.5B network transport contract after protest (Breaking Defense) The contract was awarded in August, but the government froze work until a protest by Verizon was resolved, a Defense Department official told Breaking Defense.
Cybersecurity unicorn Checkmarx cuts 10% of workforce (CTech) The Israeli company, acquired by American private equity firm Hellman & Friedman at a $1.15 billion valuation in March 2020, is laying off around 100 employees
Musk Plans to Eliminate Half of Twitter Jobs to Cut Costs (Bloomberg) Twitter’s new owner aims to reduce workforce starting Friday. Remaining employees will be asked to return to office.
Musk meeting with civil rights groups upsets his fans (Washington Post) After a Zoom meeting, Twitter’s new owner said that no suspended accounts will return to the site until there is a clear process for doing so
Elon Musk Takes a Page Out of Mark Zuckerberg’s Social Media Playbook (New York Times) As Mr. Musk takes over Twitter, he is emulating some of the actions of Mr. Zuckerberg, who leads Facebook, Instagram and WhatsApp.
Abacus Group Named Best Cyber Security Provider at the Private Equity Wire US Awards (PR Newswire) Abacus Group, the leading IT Managed Services Provider ("MSP") to alternative investment firms, announces it has been voted Best Cyber Security...
Lumen signs White House Infrastructure Talent Pipeline Challenge, invests in workforce training and development (Lumen Newsroom) Lumen signed the White House Infrastructure Talent Pipeline Challenge and pledged to grow and care for our workforce by investing in training and development programs. These training programs will enable us to bring fiber broadband to more Americans.
AuditBoard Announces Evan Fitzpatrick as Chief Product Officer (Auditboard) Former Bain Capital executive brings deep SaaS management experience to lead company’s product and design efforts through next stages of growth.
Channel Vet Ravi Vedantam Joins Unravel Data (Business Wire) Channel vet Ravi Vedantam joins Unravel Data, the first DataOps observability platform built to meet the needs of modern data teams.
Flashpoint Expands C-Suite Team With New Chief Intelligence Officer and Chief Product Officer (Business Wire) On the heels of a year of rapid growth that includes two acquisitions, Flashpoint, the globally trusted leader in actionable risk intelligence, today
Ordr Appoints Cybersecurity Leader and Industry Expert Jim Hyman as CEO (PR Newswire) Ordr, the leader in connected device security, announced today that Jim Hyman has been appointed Chief Executive Officer (CEO) and member of...
Jamil N. Jaffer, Cyber Expert and Executive, Appointed to Tozny Board of Directors (Yahoo Finance) Tozny, Inc., announced that cybersecurity executive and national security expert Jamil N.
What’s next for NCSC’s Ian Levy? ‘A Proper Job,’ he tells The Record (The Record by Recorded Future) Luminaries of the British security and intelligence community bid farewell to Dr. Ian Levy, the agency’s outgoing technical director.
Veterans of Germany's defunct cyber firm FinFisher pursue new avenues (Intelligence Online) Ex-Finfisher CEO Georg Magg has been appointed to head the European branch of US cybersecurity firm SilverSky, a subsidiary of BAE, while Martin Johannes Münch, the brains behind Finfisher's Trojan
Dynatrace Names Jim Benson Chief Financial Officer (Yahoo) Software intelligence company Dynatrace (NYSE: DT) today announced the appointment of Jim Benson as Chief Financial Officer (CFO), effective November 15, 2022. Benson has a broad business background with more than 30 years of experience at market-leading technology companies. He will be succeeding Kevin Burns who announced in May 2022 his intention to transition out of Dynatrace by the end of the calendar year. Burns will remain at Dynatrace through an interven
Ermetic Appoints Scott Hoard Head of Global Channel Sales (Business Wire) Scott has served in senior channel roles with Fortanix, Corelight, Kenna Security, A10 Networks, Barracuda Networks and Imperva.
Mimecast Names Norman Guadagno as Chief Marketing Officer (Mimecast) Strategic Marketing Leader Joins Global Email and Collaboration Security Company at Pivotal Time of Growth
Products, Services, and Solutions
senhasegura Introduces MySafe for Managing Personal Passwords (Business Wire) senhasegura Introduces MySafe for Managing Personal Passwords; senhasegura first to offer password manager and PAM in a single platform
ComplyAuto Teams Up with Cybersecurity Innovator Coro (GlobeNewswire News Room) Joint solution will offer true “Security in a Box” to automotive dealers for comprehensive data protection, compliance, and cybersecurity needs...
The Perfect Pair: Integrating DomainTools Data Sets in Microsoft’s Sentinel SIEM Product (DomainTools) We’re excited to announce that Microsoft Sentinel users can now access DomainTools Iris Internet intelligence and Farsight DNSDB to develop deeper context around adversary assets, bolstering network defenses, incident responses, and threat hunting workflows.
Delinea Secret Server Introduces Additional Security Features and Enhances Disaster Recovery for High Availability (PR Newswire) Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today announced new enhancements to the...
Zettaset Achieves FIPS Certification, Partners with TD SYNNEX Public Sector to Bring One-Click-Compliance to the U.S. Public Sector (Zettaset) Together with Red Hat, partners will bundle data protection for on-premises, hybrid and cloud-native environments SAN FRANCISCO – Nov. 2, 2022 – Zettaset,
Onapsis Research Labs Surpasses 1,000 Critical Cybersecurity Vulnerabilities Discovered in Business Applications (Onapsis) Onapsis Research Labs, the only security team dedicated to finding and helping mitigate critical vulnerabilities within business applications, reaches material threat intelligence milestone
Bitdefender Launches Industry’s First Chat Protection Feature for Mobile-Based Instant Messaging Applications (Bitdefender) New Scam Alert Technology Detects Malicious Links and Notifies Users During Conversations Over WhatsApp, Facebook Messenger,Telegram and Discord
Fullstack Academy Partners with Amazon Career Choice to Provide Tech Training to Eligible Amazon Employees (Business Wire) National tech education provider Fullstack Academy was selected to join the Amazon Career Choice program.
OneSpan Modernizes High Assurance Identity Security to Address Today’s Relentless Threats (Business Wire) OneSpan™ (NASDAQ: OSPN), the digital agreements security company, today announces its latest high-assurance identity verification and authentication d
Tanium Software Bill of Materials identifies software supply-chain vulnerabilities (Help Net Security) Tanium launched the Tanium Software Bill of Materials (SBOM) to help organizations protect digital assets against external threats.
Acrisure Cyber Services partners with Silverfort | Cyber Insurance (Silverfort) Silverfort, a unified identity protection leader, today announced a partnership with Acrisure Cyber Services (ACS).
Optiv Helps Safeguard Critical Industries with Cyber Advisory and Protection Offerings (Optiv) Global conflicts and national infrastructure needs are bringing operational technology (OT) to the forefront of the security market. Optiv is extending its end-to-end capabilities to serve clients’ essential assets with heavy investment in people, process and technology for its OT cyber program.
Technologies, Techniques, and Standards
3 ways utility companies can protect national grids from cyberattacks (SecurityInfoWatch) Here are 3 ways to utility companies can adopt a modern, proactive security posture and start preparing for potential cyberattacks to protect the nation's utility grids.
Raytheon's Julian Zottl on training the new cyber workforce to be better defenders (CyberScoop) Raytheon's Offensive Labs trains the up-and-coming cyber workforce on offensive and defensive techniques as well as the zero-trust frameworks.
Design and Innovation
Our Principles for IoT Security Labeling (Google Online Security Blog) Posted by Dave Kleidermacher, Eugene Liderman, and Android and Made by Google security teams We believe that security and transparency ar...
Academia
CyberVista Announces Partnership with BlackGirlsHack, Providing Members with Free Access to Foundational Level Courses in Cybersecurity (PR Newswire) CyberVista, a N2K Networks brand and cybersecurity training and workforce development company, announced today its partnership with...
Legislation, Policy, and Regulation
Singapore unveils new cyber-focused military service (Defense News) Singapore has officially inaugurated its fourth military branch as it seeks to combat modern threats in the digital domain.
EU Expands Cyber Rules for Airline Flight Safety (Wall Street Journal) The new requirements apply to the aviation supply chain, including plane manufacturers, airlines and weather data providers.
India and Cyber Power: The Imperative of Offensive Cyber Operations (Observer Research Foundation) Defensive cyber operations are necessary to protect a network. At the same time, Offensive Cyber Operations (OCOs) cannot be neglected in military planning and should get as much attention as defensive cyber missions. Given the massive requirements for investment in cyber military capabilities geared for OCOs, this paper makes a case for the importance of OCOs for India. It outlines a roadmap for New Delhi to achieve effective OCO planning.
The intersection of tech and diplomacy: Global collaboration on emerging technologies (Protocol) Emerging technologies are transforming governments, businesses, and citizens into a truly digital society. Critical infrastructure, financial systems, and communication methods are migrating to an increasingly decentralized internet. New tech innovations like Web3, blockchain, and AI have massive po...
UK tightens security over hacking fears from Russia, China (Fox News) Liz Truss may have been the victim of a Russian cyberattack while serving as foreign secretary and helped coordinate the British response to Russia's invasion of Ukraine.
White House ransomware summit highlights need for borderless solutions (CSO Online) Representatives from 36 countries and the EU agree that combatting ransomware requires international collaboration but legal systems need to catch up.
US Electric Cooperatives Awarded $15 Million to Expand ICS Security Capabilities (SecurityWeek) The US Energy Department has awarded $15 million to the National Rural Electric Cooperative Association to help electric cooperatives expand their ICS security capabilities.
Cyber incident reporting isn’t the problem — ignorance is (The Hill) Relying on industry to report incidents voluntarily hasn’t been enough. We still lack key data about cyber incidents.
GAO report: government departments need dedicated leaders to oversee privacy goals (CSO Online) A US Government Accountability Office report is calling for a host of changes to improve privacy within various federal agencies and departments. How those changes get implemented will depend largely on the establishment of new privacy leaders.
NLRB’s Top Lawyer Wants to Crack Down on Electronic Surveillance in the Workplace () General Counsel Jennifer Abruzzo warned that employers are using surveillance and automated management practices to block workers from exercising their basic rights.
CISA promises bespoke cyber advice for agencies (FCW) A new engagement arm of the Cybersecurity and Infrastructure Security Agency is designed to help agencies navigate the crush of cybersecurity requirements.
More than 100 election jurisdictions waiting on federal cyber help, sources say (NBC News) The Cybersecurity and Infrastructure Security Agency did not deny the backlog but noted it has provided cyber hygiene tests for 425 “election-related entities.”
Litigation, Investigation, and Law Enforcement
Band Of Cybercriminals Responsible For Computer Intrusions Nationwide Indicted For RICO Conspiracy That Netted Millions (US Attorney's Office for the Middle District of Florida) United States Attorney Roger B. Handberg announces the partial unsealing of an indictment charging Andi Jacques (41, Greenacres), Monika Shauntel Jenkins (33, Hollywood), Louis Noel Michel (28, Hollywood), Jeff Jordan Propht-Francisque (28, Pompano Beach), Dickenson Elan (39, Clearwater), Michael Jean Poix (31, West Palm Beach), Vladimyr Cherelus (33, Lauderdale Lakes), and Louisaint Jolteus (37, West Palm Beach) with Racketeer Influenced and Corrupt Organizations (RICO) conspiracy....
Illicit underground pharma sales are on the decline (Cybersixgill News) Authorities have shut down dedicated underground pharmaceutical drug markets in big numbers over the last three years. But many are still active.