Dateline
Ukraine at D+278: Bakhmut remains Russia's face-saving objective. (CyberWire) Bakhmut becomes Russia's prestige objective as indiscriminate shelling of towns continues wherever Russian systems are in range. US Cyber Command describes its support for Ukraine's defense.
Russia-Ukraine war: List of key events, day 279 (Al Jazeera) As the Russia-Ukraine war enters its 279th day, we take a look at the main developments.
Fighting Rages in Eastern Ukraine as Zelensky Warns of More Russian Missile Attacks (Wall Street Journal) Russia is pushing to seize the city of Bakhmut and achieve a symbolic victory, and dismissing claims that it will abandon the Zaporizhzhia nuclear-power plant.
Russia dismisses speculation it is planning to withdraw from Ukraine nuclear plant (The Hill) The Kremlin on Monday dismissed reports that Russian forces may be planning to retreat from the Zaporizhzhia nuclear power plant in Ukraine. Dmitry Peskov, a press secretary for Russian President …
Torture allegations mount in aftermath of Kherson occupation (AP NEWS) When a dozen Russian soldiers stormed into Dmytro Bilyi's home in August, the 24-year-old police officer said they gave him a chilling choice: Hand in his pistol or his mother and brother would disappear.
The Hard Truth About Long Wars (Foreign Affairs) The conflict in Ukraine won’t end anytime soon.
Russian Exiles Struggle to Form a United Opposition to Putin (Foreign Policy) Historically, Russian emigrants have been reluctant to form exile communities and have tried to assimilate.
Why Putin May Endure (Foreign Affairs) Powerful leaders have often withstood staggering defeats.
NATO set to renew vow on Ukraine membership, boost non-lethal aid (Military Times) Foreign ministers will meet in Bucharest, where, 14 years ago, the alliance decided to allow Ukraine and Georgia to join over vehement Russian objections.
US says Russia abruptly postpones arms control talks (AP NEWS) The Biden administration said Monday that Russia has abruptly and without explanation postponed the scheduled resumption of arms control talks this week. The State Department said Russia had “unilaterally postponed” a meeting of the Bilateral Consultative Commission that was scheduled to begin Tuesday in Egypt and last through next week.
Exclusive: U.S., Russia have used their military hotline once so far during Ukraine war (Reuters) The U.S. initiated a call to communicate concerns about Russian military operations near critical infrastructure in Ukraine.
Senators urge Pentagon to send advanced Gray Eagle drones to Ukraine (Defense News) The senators are pushing the Pentagon to modify the MQ-1C Gray Eagle drones so that the U.S. can transfer them to Ukraine.
Poland wants to divert pledged German air defenses to Ukraine (Defense News) Berlin is unlikely to accept the terms because they would entail sending German forces into Ukraine.
Before the Invasion: Hunt Forward Operations in Ukraine (U.S. Cyber Command) U.S. joint forces, in close cooperation with the government of Ukraine, conducted defensive cyber operations alongside Ukrainian Cyber Command personnel from December 2021 to March 2022, as part of a
More Europeans will perish from energy crisis than Ukraine war death toll (Modern Diplomacy) More people will perish in Europe this winter because of unaffordable household energy costs than those who have died on the battlefield in the Ukraine war, according to research by the British weekly newspaper The Economist. Last week, the United Nations said the official civilian death toll from the Ukraine war has risen to nearly […]
Biden, Macron ready to talk Ukraine, trade in state visit (AP NEWS) French President Emmanuel Macron is headed to Washington for the first state visit of Joe Biden's presidency — a revival of diplomatic pageantry that had been put on hold because of the COVID-19 pandemic.
Attacks, Threats, and Vulnerabilities
China intensifying cyberattacks against Taiwan: report (Taipei Times) Bringing Taiwan to the World and the World to Taiwan
Cyber-Threat Group Targets Critical RCE Vulnerability in 'Bleed You' Campaign (Dark Reading) More than 1,000 systems are exposed to a campaign hunting weak Windows servers and more.
Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign (Dark Reading) The ransomware group is using Qakbot to make the initial point of entry before moving laterally within an organization’s network.
Infosec researcher reports possible 'massive' Twitter breach (SearchSecurity) Security researcher Chad Loder last week reported a 'massive' Twitter breach involving millions of phone numbers in the U.S. and Europe.
Meta Fined For 2021 Data Breach As Millions Of Twitter Users’ Data Also Leaked (Forbes) A massive data breach may have affected some 5.4 million Twitter user accounts containing non-public information in Europe and the United States.
TikTok ‘Invisible Body’ challenge exploited to push malware (BleepingComputer) Hackers are capitalizing on a trending TikTok challenge named 'Invisible Challenge' to install malware on thousands of devices and steal their passwords, Discord accounts, and, potentially, cryptocurrency wallets.
Hackers are spreading malware via trending TikTok challenge: report (The Record by Recorded Future) Hackers are using the popular “Invisible” TikTok challenge to get people to download information-stealing malware.
Trio of new vulnerabilities allow code manipulation, denial of service (and worse) for industrial controllers (SC Media) The bugs allow for logic manipulation and denial of service, primarily impacting products from two major German vendors: Festo automated controllers and CODESYS runtime.
A flaw in some Acer laptops can be used to bypass security features (Security Affairs) ESET announced the discovery of a vulnerability impacting Acer laptops that can allow an attacker to deactivate UEFI Secure Boot. ESET researchers announced in a series of tweets the discovery of a vulnerability impacting Acer laptops, the issue can allow an attacker to deactivate UEFI Secure Boot. The experts explained that the flaw, tracked as […]
A school told parents only 'limited' data was published by hackers. What the ABC found went far further (ABC) ABC Investigation uncovers large swathes of confidential material widely available on the open internet, ranging from sensitive contracts to privileged legal advice about a student's death.
The alarming risks for Legal Firms Cybersecurity (Salt | Secure Communications) Cybercrime has increased substantially in recent years, harming businesses and key services in unfathomable quantities. Breaches in cyber security cost billions of pounds and are responsible for 50% of all crimes in the UK. Attacks carried out by cybercriminals for personal gain have become increasingly complex, with threats coming from both domestic and foreign […]
Belgian Police Under Fire After Major Ransomware Leak (Infosecurity Magazine) Crime reports dating back 15 years are made public
Stop Before You Shop - Are Your Shopping Apps Sharing Access to Your Device? (Incogni Blog) In a recent consumer survey, 88% of respondents reported having at least one shopping app installed on their mobile device1. Given their popularity, you might
Vulnerability Summary for the Week of November 21, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Chrome fixes 8th zero-day of 2022 – check your version now (Naked Security) There isn’t a rhyme to remind you which months have browser zero-days… you just have to keep your eyes and ears open!
Trends
State of SIEM Report 2022 | Panther Labs (Panther Labs) Panther alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, & flexible scalability. Visit our website for a demo or pricing.
NSA cyber director talks threats, opportunities (POLITICO) The country’s top cyber warriors are dedicating “substantial resources” to combating ransomware, but attack activity is “back to as much or more than the historical norm,” Rob Joyce said.
What’s next in cybersecurity (MIT Technology Review) “When it comes to really cutting off ransomware from the source, I think we took a step back.”
Don't be fooled by end-of-the-year articles on cybersecurity trends. Most of them aren't focusing on the right thing (Geektime) Why threat intelligence must lead cybersecurity configuration in 2023
The Cloud is a Growing Target for Cyberattacks, A New Sophos Survey Finds (GlobeNewswire News Room) Among Infrastructure as a Service (IaaS) Users, 56% Experienced an Increase in the Volume of Attacks and 67% Were Hit by Ransomware...
The Reality of SMB Cloud Security in 2022 (Sophos News) 4,986 IT professionals in small and mid-sized organizations (SMBs) share their real-world experiences
Marketplace
Cyber Insurers Turn Attention to Catastrophic Hacks (Wall Street Journal) While cyber insurance has evolved significantly in recent years, insurers say they might still be unprepared for the fallout from a catastrophic cyberattack.
Is it worth taking out personal cyber insurance in case you are caught up in a data hack? (the Guardian) Experts say investing in identity theft protection may provide peace of mind, but won’t help recover lost information
RegScale Acquires GovReady to Deliver Leading NIST OSCAL-Enabled GRC Platform (PR Newswire) RegScale, a next-generation Governance Risk and Compliance (GRC) software company, today announced that it has acquired GovReady, an...
Recorded Future Surpasses $250M ARR (Benzinga) Company Reaches Significant Milestone as Intelligence Proves Vital to Defend Against Converging Threats BOSTON, Nov. 28, 2022 /PRNewswire/ -- Recorded Future, the intelligence company, today announced it has surpassed
Cybersecurity Consolidation Continues, Even as Valuations Stall (Dark Reading) Financing and acquisitions are trending toward smaller deals, which means fewer high-valuation purchases and funding, but likely fewer post-merger layoffs as well.
Layoffs Have Gutted Twitter’s Child Safety Team (WIRED) Just one person remains to enforce the company’s ban on child sexual abuse across Japan and the Asia Pacific region.
Aqua Security Named the Top Innovation Leader in Frost & Sullivan Global Cloud-Native Application Protection Platform Report (Aqua) Aqua Security was named a top vendor in Frost & Sullivan’s report: Global Cloud-Native Application Protection Platform (CNAPP) Radar.
Avint Taps BD and Capture Executive Brian Edwards as Its First Executive Director of Growth (PR Newswire) Avint LLC, a fast-growing federal cybersecurity and management consulting firm, today announced the hiring of Brian Edwards as the company's...
HackerOne Appoints Jayson Noland as Chief Financial Officer (HakcerOne) Ex-Cloudflare Executive Will Drive Financial Strategy as HackerOne Continues Platform Expansion
SAN FRANCISCO, November 29, 2022: HackerOne, the le
Products, Services, and Solutions
KnowBe4 Launches New Mobile Learner App for Cybersecurity Learning (Dark Reading) KnowBe4 empowers end users by introducing security awareness and compliance training on the go at no additional cost.
CyberCube Account Manager Version 4.0 helps underwriters proactively assess their CAT exposure (Help Net Security) CyberCube launched Version 4.0 of Account Manager, the SaaS solution designed explicitly for single risk (re)insurance underwriters.
AWS releases Wickr, its encrypted messaging service for enterprises (Computerworld) The release of the enterprise version of the encrypted messaging service, announced at AWS re:Invent, is designed to allow secure collaboration across messaging, voice, video and file sharing.
CYE Expands US Footprint by Partnering with Leading Intelligence Firm ISG to Provide Customized Security Solutions to Enterprises that Reduces Cyber Risk Exposure (Benzinga) CYE, the industry leader in cybersecurity optimization platforms, announced today a new partnership with ISG, an intelligence and cybersecurity firm applying its unique DNA
Orange Cyberdefense Unveils Its Security Navigator With OT Hacking Demos (Infosecurity Magazine) The cybersecurity arm of Orange Business Services (OBS) organized a launch event at its Lyon campus, in France, for its latest annual threat report
Fast50 company Mantel Group launches cyber security offering (CRN Australia) Led by CMD Solutions co-CEO Adam Durbin.
Open-Source Tool Tests Java Applications for Unexpected Behaviors (Code Intelligence) The CI Fuzz CLI tool enables developers to find functional bugs and security vulnerabilities by dynamically generating millions of unusual test inputs
Dynatrace Extends Advanced Observability and AIOps to AWS Compute Optimizer (Business Wire) Software Intelligence company Dynatrace (NYSE: DT) announced today its platform natively supports AWS Compute Optimizer, a service that uses customers
Drata Joins AWS ISV Accelerate Program (PR Newswire) Drata, a continuous security and compliance automation platform, today announced it has joined the Amazon Web Services (AWS) Independent...
Nok Nok and UberEther Partner to Deliver Phishing-Resistant MFA Fedram (PRWeb) Nok Nok, a leader in FIDO (Fast IDentity Online) authentication solutions and a founder of the FIDO Alliance, today announced it is partnering with Uber
Technologies, Techniques, and Standards
DOD Releases Path to Cyber Security Through Zero Trust Architecture (U.S. Department of Defense) The Defense Department released its Zero Trust Strategy and Roadmap, which spells out how it plans to move beyond traditional network security methods to achieve multiple cybersecurity goals over the
What the Census Bureau Can Learn From the IRS About Detecting Cyberattacks (Nextgov.com) Inspectors general from Commerce and Treasury present a tale of two testing regimes.
Cybersecurity Tips for SMBs To Avoid Phishing Scams (E-Commerce Times) Hackers understand that SMBs are vulnerable when connected to the internet and that there is a market to monetize stolen data.
An Introductory Guide to the Point-to-Point Tunneling Protocol (PPTP) (TechGenix) What is PPTP? Read this article to learn more about one of the fastest and oldest VPN protocols still in use.
NATO's Cyber Coalition 2022 exercise kicking off in Tallinn (Baltic Times) TALLINN – The NATO cyber exercise Cyber Coalition, starting on Monday at the CR14 foundation in Tallinn, is one of the largest of its kind...
Design and Innovation
A Former Amazonian Hits Bumps in Push to Make Microsoft More Secure (The Information) When Microsoft last year recruited Charlie Bell, a top product engineering executive at Amazon Web Services, it was a major coup for the software giant. Bell had spent 23 years at Amazon—15 of them at AWS, the retailer’s cloud computing unit—where he earned a reputation for being able to ...
Research and Development
Sweden opens advanced automotive cyber security centre (EENewsEurope) Research institute relies on ethical hackers and latest research in cybertechnology to combat increasing threats to linked vehicles.
U.S. Cyber Command, DARPA Initiate Pilot Program (U.S. Cyber Command) The United States Cyber Command (CYBERCOM) and DARPA are kicking off a pilot program aimed at getting new cyber capabilities into the hands of cyber operators faster.Known as Constellation, the pilot
Academia
Norwich University Receives $975k Grant for Computer Security Scholars (PRWeb) Norwich University officials announced a $975,000 grant from the National Science Foundation’s (NSF) Scholarship for Service program.
Over the cours
Legislation, Policy, and Regulation
Encouraging self-harm to be criminalised in Online Safety Bill (BBC News) An update to the Online Safety Bill was influenced by Molly Russell who ended her life in 2017.
No ‘bright-line rule’ shines on targeting commercial satellites (The Hill) Cyber counterspace weapons can target both space satellites and ground-based systems by intercepting and monitoring data, corrupting data with malware, or even wresting control of the space system …
Social media giants face multi-million pound fines if they fail to ban child accounts (The Telegraph) In a Telegraph article, Michelle Donelan says new Online Safety Bill will ensure tech firms 'no longer put profit before children’s lives'
EU Council adopts NIS2 directive to harmonize cybersecurity across member states (CSO Online) The NIS2 directive replaces NIS as EU Council seeks to improve resilience and incident response capacities in the EU.
Israel Police, FBI officials call for more aggressive crime tech laws (Jerusalem Post) There has been heavy criticism of the police’s use of one of NSO Group’s tools to hack suspects' cell phones and routinely collect data beyond what court orders stipulate.
What’s in store for cybersecurity in Congress’s stretch run (Washington Post) There could be some cyber hits and misses during Congress’s lame-duck session
Litigation, Investigation, and Law Enforcement
Pegasus spyware inquiry targeted by disinformation campaign, say experts (the Guardian) European parliament is investigating powerful surveillance tool used by governments around the world
Twitter failed to detect upload of Christchurch mosque terror attack videos (the Guardian) Footage was taken down only after the New Zealand government alerted Twitter, which had failed to pick up the content as harmful
Microsoft 365 faces darkening GDPR compliance clouds after German report (TechCrunch) Legal trouble may be brewing for Microsoft in the European Union where an assessment by a working group of German data protection regulators that’s spent around two years looking into a swathe of privacy concerns attached to its cloud-based 365 productivity products — including by engaging directly with the tech giant to try to get […]
Microsoft 365 faces GDPR challenges in Europe following German report (Computing) Microsoft has failed to clarify the wording of its contracts and its data retention and deletion rules don't always adhere to GDPR, German regulators have found
Crypto Exchange Kraken Settles Alleged Sanctions Violations (Wall Street Journal) Cryptocurrency exchange Kraken has agreed to pay more than $362,000 to settle allegations it violated U.S. sanctions against Iran, the U.S. Treasury Department said Monday.
Website offering spoofing services taken offline after joint operation (CSO Online) Law enforcement authorities in Europe, Australia and North America have arrested 142 people in connection with a website that allowed criminals to steal $120 million from victims that had fallen foul of spoofing campaigns.
Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown (Naked Security) Those numbers or names that pop up when a call comes up? They’re OK as a hint of who’s calling, but THEY PROVE NOTHING
Holiday DDoS Cyberattacks Can Hurt E-Commerce, Lack Legal Remedy (Bloomberg Law) Cyberattacks that knock internet platforms offline temporarily—a particular concern on Cyber Monday—are likely to spike this holiday season, but victims have few legal avenues to seek recovery, attorneys and industry professionals say.
$275M Fine for Meta After Facebook Data Scrape (Dark Reading) Meta has been found in violation of Europe's GDPR rules requiring the social media giant to protect user data by "design and default."
The Pig Butchery Scams That The U.S. Department of Justice Just Busted (CISO2CISO.COM & CYBER SECURITY GROUP) The Pig Butchery Scams That The U.S. Department of Justice Just BustedAuthorities have finally begun to crack down on fake investment platforms used by scammers.