Dateline
Ukraine at D+272: Crossing the Dnipro and exchanging drone attacks. (CyberWire) Blackouts in Ukraine induced by Russian strikes spread to Moldova as both countries work to restore power and prepare for more power interruptions. Ukrainian forces cross the Dnipro and strike Russian facilities in Sevastopol.
Most Ukrainians left without power after new Russian strikes (AP NEWS) A punishing new barrage of Russian strikes on Ukrainian infrastructure on Wednesday caused power outages across large parts of the country as well as neighboring Moldova, piling more damage onto Ukraine’s already battered power network and adding to the misery for civilians as winter begins.
Russia-Ukraine war: List of key events, day 273 (Al Jazeera) As the Russia-Ukraine war enters its 273rd day, we take a look at the main developments.
Russia-Ukraine war live: ‘massive’ blackout reported in Moldova and Kyiv’s critical infrastructure hit after new Russian strikes (the Guardian) Moldova’s deputy PM says hit to Ukraine’s energy infrastructure has caused power outages; at least one dead in Kyiv after Russian rocket strikes
Strike on Ukrainian maternity ward kills newborn baby (the Guardian) Rocket attack on hospital in Zaporizhzhia region comes as Russia launches another wave of missiles
Russia-Ukraine War: Ukrainian Raid on Monastery Sharpens Conflict Over Russian Church (New York Times) Moscow condemns the raid on a centuries-old church complex that many Ukrainians view as a front for pro-Russian activity.
Ukraine Strikes at Sevastopol and Pushes to Reclaim Key Black Sea Peninsula (Wall Street Journal) Ukrainian forces stepped up efforts to reclaim parts of the country’s south, attempting to strike Sevastopol and saying it was launching an operation to push Russian forces from a strategic peninsula on the Black Sea coast.
Ukraine launches assault to gain strategic foothold on occupied side of Dnipro river (The Telegraph) Control of the Kinburn Spit allows for dominance of the Dnipro river entrance and the ports of Kherson and Mykolaiv
Russia’s Munitions Shortages Raise Questions Over How Long It Can Continue Ukraine War (Wall Street Journal) Both sides have suffered heavy losses of men and materiel, but Moscow is more dependent on its shrinking economy to replenish supplies, while Kyiv has powerful backers.
Russia-Ukraine War: Ukraine Remembers an Uprising That Foreshadowed War (New York Times) Nine years after protests that challenged Moscow, President Volodymyr Zelensky says Ukraine’s desire for freedom is undimmed. Voluntary evacuations begin in Kherson, as international officials forecast a brutal winter for Ukrainians.
Exhausted Ukrainian soldiers fight mental fatigue as the war drags on (NPR) Commanders say Ukrainian forces' motivation and spirit are the most important weapons in the fight to protect their nation. They are turning to official "morale officers" and psychologists to help.
Yale Researchers Cite Evidence Of 'Targeted Campaign' Of Terror By Kherson's Russian Occupiers (RadioFreeEurope/RadioLiberty) Yale researchers with U.S. State Department backing say they have documented allegations of extrajudicial detentions and disappearances under Russian occupation in the southeastern Ukrainian city of Kherson that are "consistent with an intentional and targeted campaign."
Videos Suggest Captive Russian Soldiers Were Killed at Close Range (New York Times) Videos circulating online and reported on by Russian state media have raised questions about whether Ukrainian soldiers committed a war crime.
Putin's peace ploy is a ruse to rearm (Atlantic Council) Russia is currently calling for a return to the negotiating table but Ukrainian leaders are convinced Vladimir Putin is merely seeking to buy time in order to regroup and rearm before the next phase of his invasion.
What’s the Harm in Talking to Russia? A Lot, Actually. (Foreign Policy) Diplomacy is neither intrinsically moral nor always strategically wise.
Is Putin a Rational Actor? (Foreign Affairs) How and why the Kremlin might use the bomb.
Ukraine must be allowed to strike back against targets inside Russia (Atlantic Council) In order to defeat Putin and end the war, Ukraine must be allowed to strike back inside Russia. At present, this is not possible due to restrictions imposed by Ukraine's overly cautious international allies, writes Ira Straus.
$400 Million in Additional Assistance for Ukraine (U.S. Department of Defense) The Defense Department announced the authorization of a Presidential Drawdown of security assistance valued at up to $400 million to meet Ukraine's critical security and defense needs.
WSJ News Exclusive | U.S. Presses Allies to Tighten Up Sanctions Enforcement on Russia (Wall Street Journal) Sanctions “leakage” could undermine the pressure campaign and potentially prolong the war, officials say.
Congress to Ukraine: We’ve Still Got Your Back (Foreign Policy) Lawmakers flock to security conference to allay doubts over long-term Ukraine commitment.
Putin’s invasion has strengthened the case for Ukrainian NATO membership (Atlantic Council) Vladimir Putin's ongoing invasion has highlighted the dangers of allowing Ukraine to exist in a geopolitical gray zone and strengthened arguments for the country's post-war NATO integration, writes Taras Kuzio.
Billionaires Won’t Save Ukraine’s Internet (Foreign Policy) Turns out Elon Musk isn’t a dependable ally.
Cyber as important as missile defences - ex-NATO general (Reuters) A cyber attack on the German ports of Bremerhaven or Hamburg would severely impede NATO efforts to send military reinforcements to allies, retired U.S. General Ben Hodges told Reuters.
Microsoft Wages Nation-State Cyberwar, Deleting 600 Domains (Virtualization Review) Microsoft has been busy removing internet domains identified as being criminally used by bad actors, including those sponsored by nations.
Microsoft Digital Defense Report 2022 (Microsoft Security) Illuminating the threat landscape and empowering a digital defense.
Statement by Secretary of the Treasury Janet L. Yellen on the Disbursement of $4.5 Billion in Direct Budget Support for Ukraine (U.S. Department of the Treasury) Secretary of the Treasury Janet L. Yellen issued the following statement on the disbursement of $4.5 billion in direct budget support for Ukraine: “Today, the United States continued to uphold its unwavering commitment to Ukraine with the mobilization of an additional $4.5 billion in grants for direct budget support...
WSJ News Exclusive | Western Allies Aim to Agree on Russian Oil Price Cap Wednesday (Wall Street Journal) Officials are discussing setting the price cap at around $60 a barrel, as the group rushes to complete the plan before it begins early next month.
Russian ‘War Refugees’ Are a Dilemma for Kazakhstan and the Caucasus (World Politics Review) In Kazakhstan, Georgia, Armenia, responses to Russian immigrants have ranged from a welcoming attitude to downright hostility.
Attacks, Threats, and Vulnerabilities
Guadeloupe government fights 'large-scale' cyberattack (AP NEWS) The French Caribbean island of Guadeloupe is fighting what it calls a “large-scale” cyberattack on its computer networks. The government is working with an unidentified specialized firm to limit the consequences of the attack as it tries to restore its systems as soon as possible, officials said Monday.
Vietnam-Based Ducktail Cybercrime Operation Evolving, Expanding (SecurityWeek) The Ducktail information stealer has been updated with new capabilities and has adopted new spear-phishing avenues for distribution, such as WhatsApp.
The Yanluowang ransomware group in their own words (The Record by Recorded Future) The Yanluowang ransomware group finds itself the victim of a leak.
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice (Proofpoint) Nighthawk is an advanced C2 framework intended for red team operations through commercial licensing.
Part 1: SocGholish, a very real threat from a very fake update (Proofpoint) SocGholish, while relatively easy to detect, is difficult to stop.
Professional stealers: opportunistic scammers targeting users of Steam, Roblox, and Amazon in 111 countries (Group-IB) Group-IB, one of the global leaders in cybersecurity, has identified 34 Russian-speaking groups that are distributing info-stealing malware under the stealer-as-a-service model.
BMC Firmware Vulnerabilities Expose OT, IoT Devices to Remote Attacks (SecurityWeek) Researchers discovered more than 13 BMC firmware vulnerabilities, including critical flaws that can expose OT and IoT devices to remote attacks.
Donut extortion group also targets victims with ransomware (BleepingComputer) The Donut (D0nut) extortion group has been confirmed to deploy ransomware in double-extortion attacks on the enterprise.
Vulnerable SDK components lead to supply chain risks in IoT and OT environments (Microsoft Security) Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices.
Hackers breach energy orgs via bugs in discontinued web server (BleepingComputer) Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.
Hive ransomware actors have amassed $100m from 1,300 businesses: CISA (Computing) Hive's ransomware affiliates have been seen attacking vulnerabilities in Microsoft Exchange Server and Fortinet VPNs
How to hack an unpatched Exchange server with rogue PowerShell code (Naked Security) Review your servers, your patches and your authentication policies – there’s a proof-of-concept out
One More Chrome Extension? You Need an Intervention! – Chrome Extensions Research (Incogni) Our research shows that 1 in 2 Chrome extensions are poised to wreak havoc on your digital privacy and security. But what does that mean, exactly, and how did we get there?
Personal data of nearly 4,000 people leaked in hack of Radio Free Asia (The Record by Recorded Future) Radio Free Asia announced a breach this week that affected almost 4,000 people – leaking troves of personal information including Social Security numbers.
Ticketmaster blames ‘bot attacks’ for Taylor Swift ticket fiasco (The Record by Recorded Future) Ticketmaster blamed “bot attacks” for the controversy surrounding their sale of tickets for Taylor Swift’s upcoming tour.
A cyber-attack on your supply chain: A real life case study (Computing) Most organisations have a playbook for cyber attacks. The problem is that real life can unfold in ways the playbook doesn't predict.
5 scams to watch out for this holiday season (Google) How Gmail is helping keep you stay safe and secure from email scams this holiday season.
Beware of Cybercriminals Preying on Online Shoppers on Black Friday (Fortinet Blog) The holiday season is a busy time of year for retailers and shoppers, but also for cybercriminals. The FortiGuard Labs team examines two Black Friday-themed cyberattacks, one using an old PDF file …
Staying protected from cybercriminals this holiday season (Tripwire) As we approach the holiday season, we wanted to focus this month’s post on you (and your family). Bad guys don’t just wait until the holidays to start causing havoc, they also relentlessly target all of us all throughout the year.
Meta's Adversarial Threat Report, Third Quarter 2022 (Meta) We’re sharing details about three deceptive networks we took down during the last quarter.
Facebook owner says pro-U.S. online campaign had military ties (Washington Post) Meta says it found U.S. military links to fake online accounts
Keeping one step ahead of Black Friday cyber threats (Digital Shadows) The tail end of the calendar year represents arguably the most important period for retailers and companies working in e-commerce, with a huge amount of yearly profits determined in the penultimate two months of the year. This profit is largely generated through the two biggest online sales events of the year, Black Friday and Cyber
Weihnachtsshopping 2022: Vorsicht vor Fake-Shops und Betrug im Netz (pressetext) G DATA CyberDefense gibt Verbrauchern Tipps für den sicheren Online-Geschenkekauf
VPN Demand Surges Over 1000% During the World Cup (SafetyDetectives) VPN demand surged on November 20th as millions of people tuned in to watch Qatar vs Ecuador in the first game of the FIFA World Cup Qatar 2022.
According to Saf
Cyber-attack affects several northern Arkansas county offices (KY3) A recent cyber attack against Apprentice Information Systems has affected much of the Arkansas county government offices, including those in Boone County.
Westmount target of a cyberattack, city says it’s not ‘immune to this sad reality’ (Global News) In a statement, the city wrote the attack has affected several of the administration's servers which lead to a computer outage.
Russian zero-day firm offers $1.5m for a Signal RCE exploit (Cyberenews) OpZero, a Russian zero-day company, has raised its prices for Signal RCE (remote code execution) exploits so much that it now pays three times more than Zerodium, its closest competitor. Why?
Vulnerability Summary for the Week of November 14, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Sophos 2023 Threat Report: the continued evolution of “Crime-as-a-Service” (Sophos News) Maturing marketplaces, capabilities-for-hire continue to proliferate professional tools, techniques and practices across the threat spectrum.
Sophos report reveals stark reality of cybercrime-as-a-service (IT Brief Australia) The report addresses how ransomware remains one of the greatest cyber crime threats to organisations with operators innovating their extortion tactics.
Criminals “Follow the Money” by Commercializing Cybercrime, Sophos report (TechTrendsKE) A new Sophos today published its 2023 Threat Report has detailed how the cyberthreat landscape has reached a new level of commercialization
Security Patches, Mitigations, and Software Updates
Amazon addresses vulnerability affecting AWS AppSync (The Record by Recorded Future) Amazon has addressed a vulnerability affecting Amazon Web Services' AppSync that was discovered by researchers in September.
Microsoft Releases Out-of-Band Update After Security Patch Causes Kerberos Issues (SecurityWeek) Microsoft has released an out-of-band update after learning that the security patch for CVE-2022-37966 started causing Kerberos authentication issues.
CISA Releases Eight Industrial Control Systems Advisories (CISA) CISA has released eight (8) Industrial Control Systems (ICS) advisories on 22 November 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations:
AVEVA Edge (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: Edge Vulnerabilities: Uncontrolled Search Path Element, Exposure of Sensitive Information to an Unauthorized Actor, Uncontrolled Resource Consumption, Improper Access Control, Windows UNC Share 2.
Digital Alert Systems DASDEC (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Digital Alert Systems Equipment: DASDEC Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities might result in false alerts being issued to broadcast or cable sites that are immediately connected to the compromised system.
Phoenix Contact Automation Worx (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to a heap buffer overflow, release of unallocated memory, or a read access violation.
GE CIMPLICITY (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Equipment: CIMPLICITY Vulnerabilities: Access of Uninitialized Pointer, Heap-based Buffer Overflow, Untrusted Pointer Dereference, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution.
Moxa Multiple ARM-Based Computers (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Moxa Equipment: ARM-Based Computers Vulnerability: Privilege Escalation 2. RISK EVALUATION Successful exploitation of this vulnerability could provide an attacker with root privileges and total control of the system.
Hillrom Medical Device Management (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.9
ATTENTION: Exploitable remotely
Vendor: Hillrom
Equipment: Welch Allyn medical device management tools
Vulnerabilities: Out-of-Bounds Write, Out-of-Bounds Read
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-152-01 Hillrom Medical Device Management that was published June 1, 2021, to the ICS webpage at www.cisa.gov/uscert.
Mitsubishi Electric Factory Automation Engineering Products (Update F) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation Engineering products Vulnerability: Unquoted Search Path or Element 2.
Mitsubishi Electric FA Engineering Software Products (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerabilities: Heap-based Buffer Overflow, Improper Handling of Length Parameter Inconsistency 2.
Trends
Expel Quarterly Threat Report - Q3 2022 (Expel) Our report surfaces the most significant data we’re seeing in our threat detection and response efforts and offers resilience recommendations to protect your organization.
NCC Group Monthly Threat Pulse – October 2022 (Mynewsdesk) Analysis from NCC Group’s NCC Group’s Global Threat Intelligence team has revealed a decrease in ransomware attacks in October, but a sharp rise in DDoS...
Cybercrooks to ditch BTC as regulation and tracking improves: Kaspersky (Cointelegraph) Kaspersky has predicted that Bitcoin (BTC) will be less relied upon for ransomware due to advances in tracking technology and increased regulation.
Big business suffers global surge in cybersecurity attacks (Technology Magazine) A new report indicates 32 per cent of global businesses have suffered a serious cybersecurity breach in the past year, with more incidents expected in 2023
Small Firms Need Cyber Protection As Much As Large Ones (Law360) Small law firms need cybersecurity protection as much as large firms do, because they are also high-value targets for cybercriminals seeking sensitive client information, according to attorneys and security consultants.
KnowBe4 predicts rise in 'catastrophic' attacks on CI (SecurityBrief New Zealand) KnowBe4, the provider of the security awareness training, has announced its 2023 cybersecurity predictions from its team of industry experts.
Marketplace
Cycurion, a Tech-Enabled Cybersecurity Solutions Provider, to Become a Public Company via Merger with Western Acquisition Ventures Corp. (Access Wire) Cycurion serves a massive market for cybersecurity solutions estimated at $174 billion with significant secular tailwinds for growth given the rapid proliferation and severity of cyber threats; - Cycurion provides Managed Security, Managed IT and Consulting/Advisory services and solutions. In addition, Cycurion offers the Cycurion ARx Security platform which is a multilayer software platform that consists of a Web Application Firewall, Bot
Funding Boost Will Help Protect More Companies from Cybercrime (Holm Security) Specialist B2B software venture capital firm Subvenio Invest has led the funding round to provide further capital to Holm Security.
Nucleo Raises $4 Million Seed Round to Build Privacy Crypto Infrastructure for Organizations (Yahoo) NEW YORK, November 22, 2022--Nucleo, the first private, non-custodial, auditable multi-sig on Ethereum that provides the privacy infrastructure required for a new wave of organizations to go on-chain, today announced the close of its $4 million seed round. The round was led by Bain Capital Crypto and 6th Man Ventures, with participation from notable leaders in privacy infrastructure and zero-knowledge cryptography including Aztec Network, Aleo and Espresso Systems.
Cyber Due Diligence in M&As Uncovers Threats, Improves Valuations (Dark Reading) To get the full picture, companies need to look into the cybersecurity history and practices of the business they're acquiring.
Complex M&A Deals Pave Way For Security Gaps (Decipher) The inherent complexity, speed and secrecy across the acquisitions process makes this landscape particularly lucrative for threat actors.
Cohesity forging new Data Security Alliance (Technology Decisions) Cohesity has announced an alliance with a number of leading security companies aimed at helping customers improve their data security posture.
Intercede's interim profit jumps following repeat licence orders (MarketScreener) Intercede Group PLC on Tuesday said its profit jumped in the first half of its financial year, due to increases in revenue and follow-on licence orders from existing customers.
HP Plans Layoffs With PC Demand Slump Stretching Into Next Year (Wall Street Journal) The company said it would slash up to nearly 10% of its workforce. Dell also warned of a worsening decline after a 17% drop in third-quarter laptop and desktop sales.
HP to lay off up to 6,000 workers as part of its restructuring plan (Silicon Valley Business Journal) The company announced its job cuts as it reported a drop in fourth-quarter sales and profit.
Twitter Lays Off Some Sales Employees After They Committed to Twitter 2.0 (Wall Street Journal) The new cuts follow mass layoffs and resignations since Elon Musk took over the social-media platform.
FTX lawyer: 'Substantial amount' of assets has been stolen (AP NEWS) Lawyers for FTX disclosed Tuesday that a “substantial amount" of assets has been stolen from the accounts of the collapsed cryptocurrency exchange, diminishing the odds that its millions of investors will get their money back.
Sam Bankman-Fried Ran FTX Like a Personal Fiefdom, Lawyers Say (Wall Street Journal) In bankruptcy court, the crypto exchange’s attorneys said a ‘substantial amount’ of the firm’s assets are stolen or missing.
Bankman-Fried's FTX, senior staff, parents bought Bahamas property worth $300 mln (Reuters) Sam Bankman-Fried's FTX, his parents and senior executives of the failed cryptocurrency exchange bought at least 19 properties worth nearly $121 million in the Bahamas over the past two years, official property records show.
WSJ News Exclusive | Sequoia Capital Apologizes to Its Fund Investors for FTX Loss (Wall Street Journal) Sequoia apologized to its fund investors in a conference call for its $150 million loss on the crypto exchange.
Tanium Converge 2022 Draws Cybersecurity Industry Leaders from around the World and Showcases New Feature Suite of Enhanced IT, Risk, and Security Capabilities (Business Wire) Tanium, the industry’s only provider of converged endpoint management (XEM), announced today highlights and key takeaways from its seventh annual Conv
Celebrating excellence: 2022 Acronis #CyberFit Partner Award winners (Acronis) #CyberFit, #CyberFit Partner Awards, Acronis #CyberFit Partner Awards, 2022
Scotland's broadband builder linked to Israeli spyware (HeraldScotland) One of the firms building broadband services in Scotland is backed by a state-owned Emirati company investing in the controversial Pegasus spyware.
Maria Alvarez Joins Alkami Board of Directors (Yahoo) Alkami Technology, Inc. (Nasdaq: ALKT) (“Alkami”), a leading cloud-based digital banking solutions provider for banks and credit unions in the U.S., today announced Maria Alvarez will join its distinguished Board of Directors effective January 1, 2023. Alvarez currently serves as VP, AI Platform, Cloud and AI Division at Microsoft Corporation, a technology company, and has served in senior roles at Microsoft since 2011, including as General Manager
Products, Services, and Solutions
SimSpace Expands Globally with Commercial Release of Cyber Force Platform used by US Cyber Command Elite Forces (PR Newswire) SimSpace, the industry leader in military-grade cyber ranges, is announcing today the commercial availability of its upgraded SimSpace Cyber...
OT & Industrial Protection Now Available in Germany
(Nanolock) ectacom, Germany’s leading Business Development Distributor for IT and security solutions, is expanding its OT security offering for the industrial and manufacturing sectors with NanoLock’s zero trust device-level protection to prevent outsiders, insiders and supply chain cyber events as well as human errors
Acalvio ShadowPlex Lists on AWS Marketplace (Business Wire) Acalvio Technologies, the leader in cyber deception technology, today announced that the company’s ShadowPlex platform is now available on AWS Marketp
Cohesity Ups the Ante on Data Security and Management at AWS re:Invent (Business Wire) Cohesity, a leader in data security and management, today announced its participation in AWS re:Invent 2022, an in-person and virtual global cloud com
Wiz becomes the first CNAPP to deliver integrated Data Security Posture Management (Wiz Blog) Wiz expands its platform to proactively eliminate attack paths to discovered critical data.
Malwarebytes and Stellar Cyber Partner to Investigate and Mitigate Cyber Threats (PR Newswire) Malwarebytes, a global leader in real-time cyber protection, today announced a new partnership with Stellar Cyber, an industry-leading Open XDR...
Bug Bounty Calculator helps organisations fine-tune their payouts (ComputerWeekly) Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention.
Dell Technologies boosts its cyber resiliency with multicloud data protection and security innovations (Express Computer) Dell Technologies is expanding its industry leadership in data protection appliances and software to help customers protect their data on premises, in public clouds and at the edge. The Dell […]
ZeroFox Launches PII Removal to Automatically Eliminate Executives’ Exposed Personal Information from Data Broker Sites (Yahoo) One of the largest data brokers has collected personal data on 68% of the world’s internet population, putting millions of companies at risk of this information being used against them in a cyber attack
Akamai and Macrometa bring the cloud and edge together (VentureBeat) Akamai and Macrometa have announced a partnership and technical integration to simplify building applications and deploying them on the edge.
Fime qualified to enhance the authentication journey with EMV® 3DS v2.3.1. (Fime Group) Fime is one of the first Test Platform Providers to support EMV®* 3-D Secure (EMV 3DS) Access Control Server (ACS) testing in line with v2.3.1 of the EMV 3DS Specifications. Fime’s EMV 3DS Test Platform has been qualified and its labs (in France, India and Taiwan) accredited by EMVCo to help vendors and issuers to ensure the compliance of their 3DS ACS solutions.
Owl Cyber Defense Announces V3CDS Multi-Domain Streaming Cross Domain Solution (GlobeNewswire News Room) Flexible, Scalable, Voice, Video, and Data Multi-Domain CDS Now Available...
Technologies, Techniques, and Standards
CISA Updates the Infrastructure Resilience Planning Framework (CISA) WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated Infrastructure Resilience Planning Framework (IRPF) to better help state, local, tribal, and territorial (SLTT) planners protect infrastructure.
CISA releases updated infrastructure guide for local gov't, tribal defenders (The Record by Recorded Future) CISA published an updated version of a guide for state, local, tribal, and territorial cybersecurity defenders protecting infrastructure across the U.S.
Industrial control system security needs ICS threat intelligence (SearchSecurity) Industrial control systems are under constant attack from threat actors. Learn why ICS threat intelligence is a key weapon when protecting these systems.
Department of Defense Releases Zero Trust Strategy and Roadmap (U.S. Department of Defense) The Department of Defense released its Zero Trust Strategy and Roadmap and intends to implement distinct capabilities and activities as outlined in the strategy by FY27.
Pentagon releases zero trust strategy to guide DoD cybersecurity priorities (Federal News Network) DoD published a much-anticipated zero trust strategy and roadmap laying out an ambitious plan for DoD to shift to a “never trust always verify” approach.
Pentagon publishes zero-trust cyber strategy, eyes 2027 implementation (C4ISRNet) Zero trust, a new cybersecurity paradigm, assumes networks are always at risk. As a result, continuous validation of users, devices and access is needed.
DoD releases zero-trust strategy to thwart hackers who 'often' breach network 'perimeter' (Breaking Defense) “Naysayers will argue that the strategy is five years or more too late, and although they might be correct, the bigger takeaway is that the DoD has found religion on cybersecurity and they are addressing it architecturally, aiming for a lasting and measurable effect,” Eric Noonan, CEO of CyberSheath and former BAE Systems CISO, told Breaking Defense.
Security fatigue is real: Here’s how to overcome it (WeLiveSecurity) Do your employees take more risks with valuable data because they’ve become desensitized to security guidance? Spot the signs before it’s too late.
Five ways security leaders can prepare for economic uncertainty (SC Media) Expect tighter budgets and the ongoing talent gap ahead, so better to have a plan for early 2023 and remain flexible as conditions change.
C-suite mystified by cyber security jargon (ComputerWeekly) Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders.
Design and Innovation
Facebook’s Most Popular Posts Were Trash. Here Is How It Cleaned Up. (Wall Street Journal) Facebook’s third-quarter Widely Viewed Content Report, released on Tuesday, shows only one in the top 20 posts qualified as engagement bait, down from 100% a year earlier. For the first time since the report began being produced, none of the top 20 posts violated platform rules.
The secret history of encrypted DMs on Twitter (Platformer) They almost launched in 2018 — and could still do a lot of good today
Musk’s Plans Around Verification, Moderation, and Payments on Twitter are Slowly Becoming Clear (Social Media Today) Here’s a look at the latest updates from Twitter HQ, as Elon Musk continues to re-shape the company.
Academia
Cybersecurity in the age of personal devices for institutes of higher education (GovInsider) Yitao Cen, Head of Product Marketing, Asia at Fortinet, explores the cybersecurity challenges faced by higher education institutions and what can help them secure increasingly complex networks.
What Do Schools Need to Know to Recognize a Social Engineering Attack? (Technology Solutions That Drive Education) Social engineering targets users, with the goal of manipulating their emotions to inspire action. Training staff to recognize these threats is imperative to cybersecurity.
Dakota College at Bottineau offering information security intersession course (KFYR TV) Dakota College at Bottineau is offering courses during the three weeks between the fall and spring semesters.
Legislation, Policy, and Regulation
China massively outguns U.S. in increasingly bellicose cyber shootout (The Washington Times) Once considered “sloppy” in its cyber operations, China’s online capabilities have grown rapidly over the past decade into a dangerous threat regarded as equal to U.S. military digital skills, a new congressional report warns.
ISSAN Advocates Safe Cyberspace, Holds National Conference (This Day) The Information Security Society of Africa – Nigeria (ISSAN) has concluded plans to hold its annual cyber security conference with particular focus on how to check rising cyber-attacks on businesses.
OFFSHORE OIL AND GAS: Strategy Urgently Needed to Address Cybersecurity Risks to Infrastructure (US Government Accountability Office) Offshore oil and gas infrastructure faces significant and increasing cybersecurity risks in the form of threat actors, vulnerabilities, and potential impacts.
Migrating to Post-Quantum Cryptography (Office of Management and Budget) This memorandum provides direction for agencies to comply with National Security Memorandum 10 (NSM-10), on Promoting United States Leadership in Quantum Computing While Mitigating Risk to Vulnerable Cryptographic Systems (May 4, 2022).1
Trade Org Urges OMB to ‘Harmonize’ Secure Software Development Practices (Nextgov.com) The Information Technology Industry Council asked OMB to clarify a memorandum that was creating challenges for software producers.
Tech group seeks clarity from OMB on implementation of software attestation memo required under cyber EO (Inside Cybersecurity) The Information Technology Industry Council is asking the Office of Management a
Coast Guard Establishes Cyber Reserve Component and Cyber Billets (Seapower) The Coast Guard is creating three reserve entities to strengthen its cyber capabilities, the service’s headquarters announced in an internal message. The Coast Guard’s Office of Cyberspace Forces’ team in charge of implementing the cyber mission specialist...
New York Enacts 2-Year Ban on Some Crypto-Mining Operations (New York Times) National cryptocurrency industry groups had lobbied Gov. Kathy Hochul to veto the environmental ban, fearful that other states could follow New York’s lead.
Council Post: Revisiting The U.S. Cyberspace Solarium Commission Report (Forbes) Our world changes quickly, but the goals and recommendations of the Cyberspace Solarium Commission were drafted with an eye on the future of cybersecurity.
Litigation, Investigation, and Law Enforcement
Court Authorizes the Seizure of Domains Used in Furtherance of a Cryptocurrency “Pig Butchering” Scheme (US Department of Justice) The U.S. Attorney’s Office for the Eastern District of Virginia announced today the seizure of seven domain names used in a recent cryptocurrency confidence crime, known as “pig butchering.”
DOJ shuts down ‘pig butchering’ domains responsible for $10 million in victim losses (The Record by Recorded Future) The Justice Department announced on Monday that it seized seven domain names used in scams to steal more than $10 million.
Helicopter dawn raid after 'friendly couple in 60s' suspected of spying on Sweden for Russia (The Telegraph) Helicopters used in raid near Stockholm as pair allegedly use their import export firm as a front for illegal intelligence activities
Meta Hit With UK Suit Over 'Surveillance Advertising' System (Law360) Meta Platforms Inc. is facing a new lawsuit in the U.K. challenging its practice of gathering personal information to tailor ads to Facebook users, with the human rights campaigner who's pressing the action arguing that this "surveillance business model" violates Europeans' data privacy rights.
IBM sues Micro Focus, claims it copied mainframe software (Register) It's all kicking off around company's CICS service
Court OKs $53.2M In Atty Fees In Capital One Data Breach Suit (Law360) A Virginia federal judge has awarded $53.2 million in attorney fees out of a $190 million deal Capital One customers secured with the bank and Amazon over Capital One's 2019 data breach, after final approval of the settlement in September.
Hacker Who Testified Against Uber Exec Cops To Slack Heist (Law360) A convicted hacker who testified for the government in a recent criminal trial against ex-Uber security chief Joseph Sullivan pled guilty in California federal court Tuesday to an additional criminal charge for using stolen Slack credentials to monitor corporate executives' communications and steal more than $4 million in Ethereum cryptocurrency.