Dateline Moscow and Kyiv: Rear area strikes by Russian missiles and Ukrainian diversionary forces.
Ukraine at D+271: Diversionary strikes and missile barrages. (CyberWire) Kinetic war continues against targets once thought particularly vulnerable to cyber interference. Diversionary and partisan operations grow in prominence.
Russia-Ukraine war: List of key events, day 272 (Al Jazeera) As the Russia-Ukraine war enters its 272nd day, we take a look at the main developments.
Ukraine-Russia war latest: Ukraine launches 'silent' amphibious assault on strategic Black Sea peninsula - live updates (The Telegraph) The Kherson counteroffensive entered a new chapter as Ukraine's forces launched a "silent" assault on the strategic Kinburn Spit.
Ukraine rules out ‘short truce’ with Russia (Al Jazeera) Ukrainian leader says ‘honest peace’ can take place only with the ‘complete demolition of Russian aggression’.
Shelling at nuclear plant raises alarm, as war intensifies in east Ukraine (Washington Post) Russia and Ukraine traded blame Monday over shelling near the Zaporizhzhia nuclear power plant, and the International Atomic Energy Agency (IAEA) warned that the bombing over the weekend had come “dangerously close” to hitting key safety and security systems.
Ukraine claims Russia planning false flag attack on Belarus nuclear plant (The Hill) Ukraine’s Defense Ministry on Sunday claimed that Russia is planning a false flag attack on a major nuclear power plant in Belarus as part of an alleged effort to rope the country into its wa…
Ukraine Has a Secret Resistance Operating Behind Russian Lines (Foreign Policy) Modern-day Ukrainian partisans are quietly working to undermine the occupation.
On the River at Night, Ambushing Russians (New York Times) Ukrainian units plying the Dnipro River venture behind enemy lines under the cover of darkness, carrying out reconnaissance and sabotage.
For Ukraine, So Much Unexpected Success, and Yet So Far to Go (New York Times) Ukraine is on the offensive along most of the 600-mile front line, and the Russians are in a defensive crouch. But about one-fifth of Ukrainian territory is still occupied by Russia.
What Russia has gained and lost so far in Ukraine, visualized (Washington Post) For weeks, Russia has struggled to make any territorial advances in Ukraine. Russian troops have retreated from key areas in the east and the south, most recently from the city of Kherson.
Estonia’s Former Spy Chief: Too Soon to Count Russia Out (Foreign Policy) Mikk Marran talks about Moscow’s intelligence failures, cyberwar, and whether Western resolve will last the winter.
Opinion | If Putin Uses a Nuclear Bomb in Ukraine (Wall Street Journal) A no-fly zone would put an end to Russia’s war effort.
Inside Kherson's torture chambers where Russians electrocuted anyone who went against them (The Telegraph) Ukraine has said it has discovered at least 60 bodies with signs of torture so far in the newly liberated region
How Ukraine can win a war of attrition against Russia (Task & Purpose) Russia has a vastly larger population, but its forces are taking high losses.
Russia’s Vindictive Rage (The Atlantic) Ukraine is winning, but at a high cost in reprisals on civilians.
Russia-Ukraine War: Ukrainian Raid on Monastery Sharpens Conflict Over Russian Church (New York Times) Moscow condemns the raid on a centuries-old church complex that many Ukrainians view as a front for pro-Russian activity.
Ukraine's Security Service Conducts 'Counterintelligence' Raid At Historic Kyiv Monastery (RadioFreeEurope/RadioLiberty) Security agents in Ukraine have conducted a “counterintelligence” operation at Kyiv’s historic Pechersk Lavra and other facilities of the Ukrainian Orthodox Church (UOC) as part of a probe into suspected pro-Russia activity.
Ukrainians Are Holding Strong as Some in West Falter (Foreign Policy) Ukrainian identity has been fundamentally changed by invasion.
'Stock up on blankets': Ukrainians brace for horrific winter (AP NEWS) Ukraine could face rolling blackouts across the country through March, an energy expert said, due to what another official described Tuesday as the “colossal” damage done to Ukraine's power grid by relentless Russian airstrikes.
Evacuation of newly liberated Kherson begins as Ukraine and Russia artillery duel intensifies (The Telegraph) Residents were wounded in the shelling as Kyiv promised to take care of those willing to leave amid fears they won’t survive the winter
Ukraine begins evacuating residents from Kherson, Mykolaiv (Al Jazeera) Ukrainian authorities begin evacuating residents from recently liberated southern areas amid power and water cuts.
Britain’s Brimstone missiles primed to make Russian soldiers' lives hell (The Telegraph) The RAF is sending Kyiv supplies of its latest laser-guided rocket, which can travel at double the range of the previous model
Weapons shortages spark tough choices for Ukraine’s allies (Defense News) Arms shortages among Ukraine’s allies are forcing difficult conversations about how to balance support concerns Russia may target them next.
After missile scare, Poland accepts German offer for Patriot defenses (Breaking Defense) Christian Thiels, a spokesman for the German Ministry of National Defense, said that assistance for Poland could be provided at any time, including with Eurofighters, though the details are still being sorted out.
Ukraine, Irregular-War Changes Are Reshaping Pentagon’s Info-Ops Strategy (Defense One) Civilians reporting military movements and a return to proxy war will inform the first IO update in seven years.
Killnet DDoS hacktivists target Royal Family and others (ComputerWeekly.com) Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks.
Nuclear sector threatened by data leaks on the dark web (Cybernews) The dark web is full of data leaks containing sensitive data from critical infrastructure companies, including nuclear facilities. A cyber analyst claims this is a ripple effect of Russia's invasion of Ukraine.
Attacks, Threats, and Vulnerabilities
Android SharkBot Droppers on Google Play Underline Platform's Security Needs (Bitdefender Labs) A common theme we've noticed in the last few months consists of malicious apps distributed directly from the Google Play Store.
Protected: Hardcoded Algolia API Keys Could be Exploited by Threat Actors to Steal Millions of Users’ Data (CloudSEK) Algolia's API is used by companies to incorporate search, discovery, and recommendations into their voice, mobile, and website applications. It is currently used by over 11,000 companies, including Lacoste, Stripe, Slack, Medium, and Zendesk to manage ~1.5 trillion search queries a year.
How social media scammers buy time to steal your 2FA codes (Naked Security) The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server… but the content is all fake
Daixin Team claims AirAsia ransomware attack with five million customer records leaked (Tech Monitor) An AirAsia ransomware attack carried out by the Daixin Team gang may have seen five million customer and staff records leaked online.
Daixin Ransomware Gang Steals 5 Million AirAsia Passengers' and Employees' Data (The Hacker News) Daixin Team ransomware compromises AirAsia airlines and claims to have stolen personal data of five million passengers and all employees.
DraftKings Users Hacked, Money In Account "Cashed Out" (Action Network) Darren Rovell breaks down the latest updates on the DraftKings hack that cashed out some users' accounts on the betting site.
The long, lonely wait to recover a hacked Facebook account (Washington Post) Victims are losing time, money and peace of mind. Facebook is doing next to nothing.
Meta Workers Hijacked User Accounts and Charged Bribes, Report Says (Wall Street Journal) Meta disciplined or fired more than two dozen workers that it found allegedly misused an internal system to hijack users’ accounts. In some cases, Meta says the workers charged users bribes to regain access to their profiles, according to people familiar with the matter and internal documents. WSJ reporter Kirsten Grind joins host Zoe Thomas to discuss how it happened.
Trends
Oomnitza Survey Reveals Over a Quarter of Enterprises Lose More than 10% of Their Technology Assets When Offboarding Workers (GlobeNewswire News Room) With Half of Senior IT Professionals Doubting Their Current Capabilities, New Research Confirms the Need to Enhance Automated Offboarding Processes...
Russian cyberattacks to cause more insurance disputes: GlobalData (Reinsurance News) A new report from GlobalData says that cyberattacks from Russia could be set to cause more disputes between businesses and insurers following the Zurich-Mondelez case.
Marketplace
CISA Seeks Information for Potential Cyber Threat Intelligence Platform (Nextgov.com) The request will help the agency develop the platform to address current challenges related to cyber threat intelligence.
Tempe cybersecurity company Bishop Fox extends series B funding haul by $46M (Arizona Inno) Tempe-based cybersecurity software company Bishop Fox says it will spend more on taking its product to market and on internal training with a fresh $46 million in funding.
11 (and counting) things journalism loses if Elon Musk destroys Twitter (Nieman Lab) Goodbye to screenshotted best bits, DMs, "that tweet should be a story"...
Where will the security community turn, if not Twitter? (Cybersecurity Dive) A consistent stream of credibility hits could cause lasting damage for cybersecurity and those who flock there.
In crises, officials tweet crucial info. What if Twitter dies? (Washington Post) Kate Hutton was watching a Dodgers game one Friday night when she saw something strange in the outfield: The foul poles swayed, her TV feed trembled.
What Elon Musk Is Doing to Twitter Is What He Did at Tesla and SpaceX (New York Times) Firing people. Talking of bankruptcy. Telling workers to be “hard core.” Mr. Musk has repeatedly used those tactics at many of his companies.
Twitter won’t restart paid verification until ‘significant impersonations’ stop, Elon Musk says (The Verge) The rollout of paid checkmarks quickly led to rampant impersonation of high-profile accounts on Twitter.
Banned Twitter users return: ‘We’re coming back with a vengeance’ (The Washington Times) Several banned Twitter users are making their return to the social media platform, following new owner Elon Musk’s decision to restore some restricted accounts, including activists, satirists and celebrities.
FTX Says Top 50 Creditors Are Owed $3.1 Billion (Wall Street Journal) FTX owes its 50 largest creditors about $3.1 billion, the failed cryptocurrency exchange said in a bankruptcy court filing Saturday.
The Press Failure That Led to FTX (The Information) As the crypto currency contagion spreads, there is a tough truth about the press’s role in the crisis that is becoming crystal clear. Reporters and editors (myself and The Information included) were so busy waxing on about all the things crypto companies were not doing that we failed to focus on ...
Having a safe CEX: proof of solvency and beyond (Vitalik) Every time a major centralized exchange blows up, a common question that comes up is whether or not we can use cryptographic techniques to solve the problem.
Amazon Alexa is a “colossal failure,” on pace to lose $10 billion this year (Ars Technica) Layoffs reportedly hit the Alexa team hard as the company's biggest money loser.
Drata Welcomes Adam Aarons as CRO (PR Newswire) Drata, a continuous security and compliance automation platform, today announced Adam Aarons has joined the company as Chief Revenue Officer...
Products, Services, and Solutions
Morpheus Space and Kayhan Space Collaborate for Collision Avoidance Subscription (Via Satellite) Propulsion company Morpheus Space and space situational awareness company Kayhan Space recently announced a strategic partnership to offer a collision
Resonate Testing Delivers Training on Testing Processes for Irish Space Companies (Via Satellite) Resonate Testing is offering new training program to deliver specialized training for space companies in Ireland. The industrial testing company announced
CyberRes Unveils New Managed Security Service Partner Program (Micro Focus) CyberRes Unveils New Managed Security Service Partner Program
Betterview to Use Iceye Imagery to Respond to Floods (Via Satellite) Insurtech company Betterview signed a deal to add Iceye’s satellite data into the third-party marketplace in its Property Intelligence & Risk
Technologies, Techniques, and Standards
Making Cobalt Strike harder for threat actors to abuse (Google Cloud Blog) A new initiative from Google Cloud and Cobalt Strike’s vendor has made it easier to find and block cracked versions of the popular red team software.
Google seeks to make Cobalt Strike useless to attackers (Help Net Security) Google's researchers have released 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers.
Google Releases YARA Rules to Disrupt Cobalt Strike Abuse (Dark Reading) The popular pen-testing tool is often cracked and repurposed by threat actors. Google now has a plan to address that.
Google releases 165 YARA rules to detect Cobalt Strike attacks (BleepingComputer) The Google Cloud Threat Intelligence team has open-sourced YARA Rules and a VirusTotal Collection of indicators of compromise (IOCs) to help defenders detect Cobalt Strike components in their networks.
Academia
BU launches mandatory cybersecurity training (Pipe Dream) After repeated incidents of cyberattacks, Binghamton University has launched an online cybersecurity training. The training — titled the 2022 Kevin Mitnick Security Awareness Training —...
Legislation, Policy, and Regulation
NSW govt eyes law change to spur ‘good faith’ hacking (InnovationAus.com) The New South Wales government will push for changes to Commonwealth criminal laws to prevent security researchers being prosecuted for reporting potential bugs and vulnerabilities, including in the systems of public sector agencies, in “good faith”.
Biden Lays Path to Cyber Regulations for Critical Infrastructure (Bloomberg Law) The Biden administration’s sustained focus on strengthening the cybersecurity of critical infrastructure is a sign that more regulatory action may soon follow, attorneys say.
How the Biden administration wants to tackle foreign commercial spyware (Washington Post) An executive order and more is in store for spyware fight
Inside a Crypto Nemesis’ Campaign to Rein In the Industry (New York Times) Gary Gensler, the chair of the S.E.C., is at the center of a reckoning over the future of cryptocurrency after the implosion of FTX.
OMB memo offers guidance to agencies on planning for post-quantum cryptography (Inside Cybersecurity) The Office of Management and Budget is providing direction to departments and agencies on steps they need to take in preparation for the transition to “post-quantum cryptography,” including a prioritized inventory of cryptographic systems, as required under President Biden’s National Security Memorandum-10 on quantum computing.
Litigation, Investigation, and Law Enforcement
IG dings State Department's information security program in annual report (FCW) The State Department Office of the Inspector General says it found weaknesses in eight of nine domains in an audit of the department's information security program.
Two Estonian Citizens Charged With Running a Series of Crypto Scams Totaling $575M (CoinDesk) According to the Department of Justice, the two men used shell companies to launder the proceeds of their fraudulent schemes and buy luxury cars and real estate in Estonia.
[Letter from Rep Tonko to FTC Chair Khan] (Representative Paul D. Tonko, New York 20th) Dear Chairwoman Khan, I write to you ahead of this holiday season with concerns about the practices of “Grinch” bots.
U.S. Senate to hold FTX hearing on Dec. 1, CFTC chairman to testify (Reuters) The U.S. Senate Agriculture Committee on Thursday said it will hold a hearing on Dec. 1 to examine the sudden collapse of FTX, one of the world's biggest crypto exchanges.
Treasury Warns Crypto Industry of Money-Laundering Risks in ‘Mixers’ (Wall Street Journal) The cryptocurrency industry must follow the Treasury’s anti-money-laundering and sanctions regulations to prevent bad actors from abusing platforms known as “mixers” to launder illicit funds, a senior official said.
Grayscale won’t share proof of reserves, citing ‘security concerns’ (The Block) Crypto firms are under pressure to show proof of reserves after the shocking FTX collapse.
Grayscale refuses to share proof of reserves due to 'security concerns' as shares trade at a 45% discount to bitcoin (CNBC) Grayscale won't be sharing its proof of reserves with customers, citing "security concerns."
Tom Brady, Steph Curry FTX Endorsements Probed by Texas Regulator (Bloomberg) State looking at whether endorsements violated securities laws. Texas investigating disclosures made to retail investors.
FTC Slams Kochava Over 'Staggering' Data-Sharing Practices (Law360) The Federal Trade Commission is defending its lawsuit against the mobile app analytics provider Kochava Inc., doubling down on allegations that location data sold by the company can be used to identify certain people and places they have visited, such as health clinics and houses of worship.