Dateline Moscow, Kyiv, Brussels, London, and Washington: Rebuilding infrastructure in wartime.
Ukraine at D+279: Infrastructure restoration, air defense, and crimes against peace. (CyberWire) Restoring a power grid and enhancing air defenses are NATO's current priorities in aiding Ukraine. Killnet continues to dabble in DDoS.
Russia firing unarmed missiles to deplete Ukraine air defense, says U.S. military official (Reuters) Russia is firing unarmed cruise missiles that were designed to carry nuclear warheads at targets in Ukraine to try to deplete Kyiv's stocks of air defenses, a senior U.S. military official said on Tuesday.
Fueling Ukraine's fight back against Russia's blackout blitz (Atlantic Council) Russia's bombing campaign of civilian infrastructure means Ukraine faces the toughest winter season in the country's 31-year independent history, writes newly appointed Naftogaz CEO Oleksiy Chernyshov.
Ukraine war: Nato pledges to provide more weapons and fix power grid (BBC News) Millions of Ukrainians remain without power and water in freezing temperatures after Russian strikes.
U.S. Pledges $53 Million to Help Fix Ukraine’s Electrical Grid (New York Times) American officials said they hoped the commitment would spur allies to make similar donations, as many Ukrainians head into winter without power or water.
US mulls sending Patriot missile defense system to Ukraine (The Hill) The U.S. government is mulling sending the Patriot missile defense system to Ukraine to help bolster its air defenses against an ongoing barrage of Russian strikes, a senior U.S. defense official t…
Expect more refugees as Putin is weaponising winter, Nato chief warns (The Telegraph) Russia is attempting to 'freeze the Ukrainians into submission' by attacking critical services
Ukraine war: Chornobaivka airbase, symbol of Russian defeat (BBC News) Chornobaivka has earned its status as one of the most important battlefields of the war.
From a bunker, an acting mayor keeps her front-line Ukraine town alive (Washington Post) It was the only time of day when the Russians weren’t shelling, so the people of Orikhiv rushed toward city hall, looking for the woman in charge.
Essay | Ukrainian Hospital Stymied Russians With Defiant Doctors and a Fake Covid Outbreak (Wall Street Journal) In a hospital in Russian-occupied Kherson, the staff’s resistance was part of an eight-month, mostly unarmed campaign by residents to keep the city Ukrainian—and out of Moscow’s full control—for as long as possible.
The short life of baby Serhii, killed in a Ukraine maternity ward (Washington Post) On the morning she gave birth, Maria Kamianetska sent a photo of the infant to the baby’s father, back in their home village. The boy’s eyes were closed, his tiny head covered in a white hat, his body swaddled in a cloth.
Like Britain in WWII, Ukraine will not surrender, Olena Zelenska tells MPs (The Telegraph) Olena Zelenska, the first lady of Ukraine compared Russian invaders to Nazis as she called for justice in an address to MPs and peers.
'Drone strike' in Russian border town sparks fire at oil depot (The Telegraph) A worker was injured after a letter bomb sent to the Ukrainian Embassy in Madrid exploded in his hands.
Ukraine Should Be Free to Hit Military Targets in Russia, Latvia Says (Bloomberg) Ukraine should be free to strike military sites inside Russia as it fends off attacks on its critical infrastructure, Latvia’s foreign minister said. But allies including the US have held back on sending weapons that can strike Russia.
The West must urgently overcome its fear of provoking Putin (Atlantic Council) Western leaders insist they will stand with Ukraine until Russia's invasion is defeated but fear of provoking Putin continues to constrain the democratic world's response to a war that has already cost tens of thousands of lives.
U.S., Allies Work to Supply Ukraine Air Defense Needs (U.S. Department of Defense) Air defense capabilities remain the absolute priority as Ukraine seeks to stop the Russians from further damaging the civilian infrastructure in the nation, a senior defense official said.
Readout of Secretary of Defense Lloyd J. Austin III's Call With Romanian Minister of Natio (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III spoke with Romanian Minister of National Defense Angel Tîlvăr to reflect upon the robust bilateral defense relationship between the two countries.
Readout of Secretary of Defense Lloyd J. Austin III's Call With Polish Deputy Prime Minist (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III spoke with his Polish counterpart about the current security situation along NATO's Eastern Flank.
'Losing is not an option': Putin is 'desperate' to avoid defeat in Ukraine as anxiety rises in Moscow (CNBC) Moscow faces what's likely to be months more fighting, military losses and potential defeat.
Lessons from the Cuban Missile Crisis: Putin is no Khrushchev (Atlantic Council) The 1962 Cuban Missile Crisis may offer some useful insights as Western leaders seek the right response to Russian President Vladimir Putin's recent nuclear saber-rattling over Ukraine, writes Harlan Ullman.
Ukraine Is Biden’s Defining Issue, and His Biggest Economic Challenge (New York Times) The shape of the war, and its effects on global markets, in the months and years to come could determine the president’s political fate.
Ukraine's digital resilience: A conversation with Deputy Prime Minister of Ukraine Mykhailo Fedorov (Atlantic Council) Ukraine’s impressive technology community has helped the country fight back against Russia’s full-scale invasion shown the world that Ukraine is a modern, functioning society fighting for its very existence. How has Ukraine leveraged its technology expertise into an effective defense against hybrid threats from Russia?
Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites (Trustwave) Pro-Russian threat actor group Killnet claims to have launched DDoS attacks against Starlink and the United States’ government website whitehouse.gov. Starlink is a satellite internet service company operated by SpaceX.
Sandworm gang launches Monster ransomware attacks on Ukraine (Register) The RansomBoggs campaign is the Russia-linked group’s latest assault on the smaller country
Russia-backed Sandworm group using novel RansomBoggs ransomware to target Ukrainian organisations (Computing) The PowerShell script used by the RansomBoggs operation to distribute the ransomware is very similar to the one used in the Industroyer2 malware attacks against Ukraine's energy industry in April this year
No, a former Marine general is not working for an infamous Russian mercenary group (Task & Purpose) I smell a rat. A big, fat, commie rat.
Prosecutors Targeting Russian Oligarchs Shift Focus to Service Providers That Support Them (Wall Street Journal) A Justice Department task force created in response to Russia’s invasion of Ukraine is increasingly shifting its attention from yachts and private jets to the professional network of service providers that enable Russian oligarchs to move and hide their money around the world, a senior prosecutor said.
Attacks, Threats, and Vulnerabilities
China Covid Protesters Become Targets of Beijing’s Surveillance State (Wall Street Journal) Chinese police have begun leveraging the powers of the country’s surveillance state to go after demonstrators who participated in rare public displays of defiance over the government’s stringent Covid control policies.
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia (Mandiant) A new campaign since at least April 2022 has targeted users primarily in the Philippines.
New Chinese Cyberespionage Campaign Targets Asia, US (Decipher) A newly discovered cyber espionage campaign from a Chinese threat actor is targeting Asian and US organizations with self-replicating malware called MISTCLOAK.
Espionage group using USB devices to hack targets in Southeast Asia (The Record by Recorded Future) USB devices are being used to hack targets in Southeast Asia, according to a new report by cybersecurity company Mandiant.
LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling (Sophos News) Reverse-engineering reveals close similarities to BlackMatter ransomware, with some improvements
New details on commercial spyware vendor Variston (Google) The Threat Analysis Group shares new information on the commercial spyware vendor Variston.
Vulnerabilities found affecting OT products from German companies Festo and CODESYS (The Record by Recorded Future) Three vulnerabilities have been disclosed affecting operational technology products from two German factory automation companies.
Cyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw (Dark Reading) The vulnerability, disclosed In October, gives an unauthenticated attacker a way to take control of an affected product.
Punisher Ransomware uses a COVID Lure to Spread Among Users (Heimdal Security Blog) A new variant of Punisher ransomware was discovered recently that spreads through a fake COVID tracking application.
More than 87% of Pentagon Supply Chain Fails Basic Cybersecurity Minimums (Business Wire) Defense contractors hold information that's vital to national security and will soon be required to meet Cybersecurity Maturity Model Certification (C
TikTok “Invisible Challenge” porn malware puts us all at risk (Naked Security) An injury to one is an injury to all. Especially if the other people are part of your social network.
Invisible npm malware - evading security checks with crafted versions | JFrog (JFrog) The npm CLI has a very convenient and well-known security feature – when installing an npm package, the CLI checks the package and all of its dependencies for well-known vulnerabilities – The check is triggered on package installation (when running npm install) but can also be triggered manually by running npm audit. This is an …
New Chrome Exploit Lets Attackers Completely Disable Browser Extensions (Red Access) On October 31, GitHub user Echo, posted an exploit that targets Google Chrome and allows attackers to disable any extension installed on the web browser regardless of any policies in place. This exploit affects Chrome on all major operating systems – including Windows, Linux, and ChromeOS. Google confirmed that patches were recently issued for all Chrome browsers running v.106 and above.
Scammers on the pitch: Group-IB identifies online threats to fans at FIFA World Cup 2022 in Qatar (Group-IB) Group-IB, one of the global leaders in cybersecurity, has identified multiple scam and phishing attacks targeting users looking for tickets, official merchandise, and jobs at the FIFA World Cup 2022 in Qatar.
Great win, U.S. soccer team! Now, hackers (Washington Post) Cyberattacks rain on the pageantry of the World Cup
DICT: Possible ‘new Friendster’ being used for phishing (GMA News Online) In an advisory, the DICT’s National Computer Emergency Response Team (DICT-NCERT) said an initial investigation showed that the IP address hosting the new Friendster was found to have “had previous reports about phishing, brute force and DDoS attacks, hacking, and host exploitations.” “Having said that, there is a possibility that the said website is being used for phishing,” the DICT-NCERT said.
Security researcher says Eufy has a big security problem (Android Central) Allegedly, Eufy cameras aren't as secure as they claim.
Intel disputes seriousness of Data Centre Manager authentication flaw (The Daily Swig) Security researcher scores $10K bug bounty
US Army app with Russian code reaped no user data, service says (C4ISRNet) Officials have looked askance at Moscow’s activities in the digital domain, where hackers are used to project military force and meddle in foreign affairs.
IKEA investigating cyberattacks on outlets in Kuwait, Morocco (The Record by Recorded Future) Swedish furniture giant IKEA confirmed that its franchises in Kuwait and Morocco are dealing with a cyberattack.
Third-Party Data Breach Impacts 119 Pediatric Practices, 2.2M Patients (Health IT Security) The healthcare data breach occurred at Connexin Software, a provider of pediatric-specific health IT solutions.
Cyberattack on Durham District School Board impacting online learning (CP24) A school board northeast of Toronto says a cyberattack over the weekend is impacting at-home schooling.
Tehama County alerts people about data breach compromising social security numbers (Action News Now) Tehama County is sending letters to people whose personal information may have been compromised in a data breach.
AIIMS cyber attack: Hospital data has been restored, say authorities (mint) The official statement from AIIMS mentioned that the network is being sanitized before services can be restored. They further informed that the process is taking some time due to the volume of data and large number of servers/computers for the hospital services
HSE begins national data breach notification programme (HSE.ie) The HSE has today, (Tuesday, 29th November 2022), started to notify patients and HSE staff by letter who had some of their personal information illegally accessed and copied during the cyber-attack on the HSE.
Dangerous Software To Search (Surfshark) Thanks to the Internet, people from all over the world have instant access to a wealth of information, programs, and tools.
Security Patches, Mitigations, and Software Updates
Microsoft Defender boosts default protection for all enterprise users (BleepingComputer) Microsoft announced that built-in protection is generally available for all devices onboarded to Defender for Endpoint, the company's endpoint security platform.
Windows 11 KB5020044 preview update released with 25 changes (BleepingComputer) Microsoft has released the November optional KB5020044 preview cumulative update for all editions of Windows 11, version 22H2.
CISA Releases Seven Industrial Control Systems Advisories (CISA) CISA released seven (7) Industrial Control Systems (ICS) advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:
Mitsubishi Electric GOT2000 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT2000 Series Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition by sending a specially crafted command.
Hitachi Energy IED Connectivity Packages and PCM600 Products (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: PCM600 Vulnerability: Cleartext Storage of Sensitive Information 2.
Hitachi Energy MicroSCADA Pro/X SYS600 Products (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA X SYS600, MicroSCADA Pro Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to execute administrator level scripts.
Moxa UC Series (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low attack complexity Vendor: Moxa Equipment: UC Series Vulnerability: Improper Physical Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with physical access to take full control of the device using the console port.
Mitsubishi Electric FA Engineering Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials, Use of Hard-coded Cryptographic Key, Cleartext Storage of Sensitive Information in Memory 2.
Mitsubishi Electric MELSEC and MELIPC Series (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric
Equipment: MELSEC and MELIPC Series
Vulnerabilities: Uncontrolled Resource Consumption, Improper Handling of Length Parameter Inconsistency, Improper Input Validation
Omron PLC CJ and CS Series (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Omron Equipment: PLC CJ and CS Series Vulnerabilities: Authentication Bypass by Spoofing, Authentication Bypass by Capture-replay, Unrestricted Externally Accessible Lock 2.
Trends
CDNetworks Releases State of Web Security H1 2022: Attacks Against API Services Surged 168.8% (Dark Reading) CDNetworks, the global-leading CDN (Content Delivery Network) and Edge Service Provider, released its annual State of Web Security Report for H1 2022.
Security Breach: A Little Social Engineering Goes A Long Way (Manufacturing Business Technology) Cheap, but effective phishing, ransomware, and spoofing attacks ensure manufacturers are "always touchable."
Enemy at the Gates: Analyzing Attacks on Financial Services (Akamai) The latest State of the Internet report highlights our research findings on the growing risk exposures of financial services.
Bitdefender Threat Debrief | November 2022 (Bitdefender) This month, we feature the MITRE Engenuity ATT&CK® Evaluation for Managed Services report as well as the top 10 ransomware families and countries impacted.
Government breaches - can you trust the US Government with your data? (Comparitech) The US government suffered 443 data breaches since 2014, with 2018 being the worst year so far, according to a new study by Comparitech. Data breaches are often associated with the private sector—hackers break into databases owned by businesses to steal user data and other valuable information. But the government is also a frequent target …
The five cyber attack techniques of the apocalypse (Register) Watch SANS experts discuss some of the most devious and dangerous methods employed by hackers in 2022
Fighting Fire With Fire: Research Reveals Cybersecurity Strategies Are Suffering as a Result of Complexity (Business Wire) Research released today by Fastly, Inc. (NYSE: FSLY), the world’s fastest global edge cloud platform, finds that nearly three quarters (73%) of organi
Report warns of more devastating cyberattacks in 2023 (Insurance Business) It delved into ransomware industrialisation and its impacts on cyber environment
Marketplace
Cybersecurity Stocks Drop as CrowdStrike Warns Headwinds Are Growing (Bloomberg) Zscaler, SentinelOne among stocks sinking in extended trading. CrowdStrike warned of ‘increased macroeconomic headwinds’.
For Gaming Companies, Cybersecurity Has Become a Major Value Proposition (Dark Reading) New users and monetization methods are increasingly profitable for gaming industry, but many companies find they have to stem growth in cheats, hacks, and other fraud to keep customers loyal.
DOD wants cyber apprenticeships for contractors, but acquisition regs may remain an obstacle (FCW) DOD officials say contractors should increase the use of registered cyber apprenticeships, but some companies argue that federal contract requirements often lock them into education and experience prerequisites.
CloudWave acquires Sensato to expand its healthcare cybersecurity portfolio (Help Net Security) CloudWave acquires Sensato, bringing together cloud hosting services and managed Cybersecurity-as-a-Service for healthcare organizations.
SPHERE Receives $31 Million for Series B Funding from Edison Partners, Forgepoint Capital (PR Newswire) SPHERE Technology Solutions (SPHERE), a leader in identity hygiene, announced today a $31 million Series B investment led by Edison Partners, a...
PlainID Announces Strategic Partnership with Dremio (PR Newswire) PlainID, The Authorization Company™, the leading provider of authorization and policy-based access control, today announced a strategic...
IBM plans to train 500,000 Indians in cybersecurity over the next five years (Moneycontrol) Cybersecurity is a major investment focus and growth vertical for IBM in India the rest of the Asia-Pacific. Earlier this year, the technology giant launched its second global cybersecurity hub in India. India is home to three IBM development facilities that build software and security products exported to IBM sellers and clients globally.
Amazon’s Cloud Unit Plans to Add Staff in 2023, Keep Building Data Centers (Bloomberg) Amazon.com Inc.’s cloud unit plans to add employees next year and keep building new data centers, a sign that a hiring freeze elsewhere in the company hasn’t derailed investment plans for its most profitable business.
CrowdStrike shares tumble on weaker-than-expected growth in new revenue (CNBC) CrowdStrike shares dropped after the cybersecurity company said annual recurring revenue was below expectations in part because of "macroeconomic headwinds."
Crypto Exchange Bitfront Shuts Down (Wall Street Journal) Bitfront, operated by Japanese messaging app Line, is the latest cryptocurrency exchange to shut down.
Bitfront, which runs on the Line blockchain that offers crypto token Link, said in a Sunday notice that its closure is unrelated to recent develop
Early Alameda Staffers Quit After Battling Sam Bankman-Fried Over Risk, Compliance Concerns (Wall Street Journal) “We ended up not really knowing how much money we even had,” one former employee said.
FTX founder manipulated ESG to earn 'virtue signaling glow': Palantir co-founder (Yahoo) The founder of the crypto exchange FTX manipulated ESG to convince investors that everything was above board before filing for bankruptcy, investor says.
Twitter Blue Relaunch Adds Pressure to Musk’s Apple Fight (The Information) Twitter’s impending relaunch of its subscription product, Twitter Blue, could bring Elon Musk’s fight with Apple to a head. Twitter Blue Verified, as the product is called, is scheduled to roll out on Friday but only on Apple’s iOS mobile software, according to a person briefed on the plans. And ...
Twitter discontinues Covid misinformation policy under Elon Musk (Computing) Musk is also said to have reduced the size of the team responsible for stopping child sexual exploitation on the platform
Twitter is no longer enforcing its Covid misinformation policy (CNN) Twitter said it will no longer enforce its longstanding Covid misinformation policy, yet another sign of how Elon Musk plans to transform the social media company he bought a month ago.
Opening The Doors At Kocho’s New Cardiff Office (Kocho) Announcing the opening of our new offices in the heart of Cardiff city centre. A hub for our hybrid workers and security operations.
Traceable AI Adds Dr. Jisheng Wang in Dual Leadership Role as Head of Artificial Intelligence and Machine Learning and VP of Engineering (PR Newswire) Traceable, the industry's leading API security and observability company, today announced the appointment of Dr. Jisheng Wang as Head of...
Freshworks Welcomes Jason Loomis as Chief Information Security Officer (GlobeNewswire News Room) Freshworks Inc. (NASDAQ: FRSH), a software company empowering the people who power business, today...
HUMAN Appoints Industry-Leading CRO and CISO to Accelerate Growth After Momentous Year (HUMAN Security) HUMAN Security today announced the appointment of Anuj Kumar as CRO and Gavin Reid as CISO.
SpyCloud Announces Damon Fleury as Chief Product Officer (Business Wire) Today, SpyCloud announced Damon Fleury as its new Chief Product Officer.
Products, Services, and Solutions
Where is AWS in the cybersecurity conversation? (Cybersecurity Dive) The cloud leader doesn’t emphasize security and share information at the same level as its competitors. Experts say that's by design.
Amazon Security Lake is a standards-based data lake for security data (TechCrunch) AWS today launched the Amazon Security Lake, a purpose-built data lake for security data, now available in preview.
AWS gets data clean rooms for analytics data (TechCrunch) AWS today launched a new service that will help users inside an advertising or marketing organization share data with other employees inside their company or with outside partners, all without running the risk of inadvertently sharing personal data. This new service is part of Amazon’s new AWS for Advertising & Marketing initiative, which aims to […]
AWS launches DataZone, a new ML-based data management service (TechCrunch) AWS today launched DataZone, a new ML-based tool that makes it easier for enterprises to build out data catalogs and govern this data.
Cribl Announces Integration with Amazon Security Lake and Support for OCSF Format (PR Newswire) Cribl, the leader in enabling open observability, today announced its integration with Amazon Security Lake and full support for the Open...
Adoption of Cohesity-Managed SaaS Offerings Skyrockets as Customers Demand an Innovative, Efficient, and Simple Way to Secure and Manage Data (Business Wire) Cohesity, a leader in data security and management, today announced at Amazon Web Services (AWS) re:Invent 2022 that it’s seeing exceptional growth an
OT:ICEFALL Continues: Vedere Labs Discloses Three New Vulnerabilities Affecting OT Products (Forescout) OT:ICEFALL continues – 3 new vulnerabilities disclosed affecting 100s of industrial devices
Laminar Supports Launch of Amazon Security Lake (Laminar) Laminar, a leader in public cloud data security, today announced it is supporting the launch of Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake.
Lacework Helps Customers Achieve Greater Security Visibility with Amazon Security Lake (PR Newswire) Lacework®, the data-driven cloud security company, today announced support for Amazon Security Lake, allowing Lacework customers to share rich...
Fortanix Expands Relationship with AWS, Fortanix Data Security Manager Works with the AWS KMS External Key Store (Fortanix) Fortanix announces integrating DSM with the AWS External Key Store for centralized key management to deliver complete control of encryption & compliance.
Barracuda helps customers optimize access to email security data with AWS (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
Securonix Announces Support of Amazon Security Lake at AWS re:Invent 2022 to Deliver Faster Data Ingestion and Analysis (Yahoo) Securonix, Inc. today announced at AWS re:Invent 2022 that it is supporting Amazon Security Lake from Amazon Web Services (AWS).
Vectra Extends Support for Amazon Security Lake (Vectra news release) Published: Nov 30, 2022. Vectra Extends Support for Amazon Security Lake. Visit our news releases page to read more!
Splunk : Integrates with Amazon Security Lake to Deliver Analytics Using the Open Cybersecurity Schema Framework (Market Screener) It's been an exciting few months behind the scenes since the Open Cybersecurity Schema Framework (OCSF) project was made public and announced at Black Hat in August.
Solvo Announces AWS Marketplace Availability (PR Newswire) Solvo, a provider of adaptive cloud infrastructure security solutions, today announced general availability in AWS Marketplace, an online...
Contrast Security Rolls Out Open Source Software Sponsorship Program to Support Developers (Contrast Security) Code security leader commits $15K annually to support developers and their open source projects.
Symmetry Systems Launches Zero Trust for Data (PR Newswire) Symmetry Systems, the industry's leading Data Security Posture Management (DSPM) platform, today launched its Zero Trust Data Assessments,...
What is a Social Engineering Attack:Types and Prevention (ANY.RUN Blog) Social engineering attacks are a leading cause of security breaches. But why do they happen so frequently and how can we protect ourselves from them?
Wib pioneers industry-first API PenTesting-as-a-Service (PR Newswire) Wib, the fast-growing cybersecurity startup pioneering a new era in API security, today announced an industry-first API PenTesting-as-a-Service...
Sophos Launches Industry-First Managed Detection and Response (MDR) Service from an Endpoint Security Provider that Integrates Vendor Agnostic Telemetry (GlobeNewswire News Room) Introduces Sophos Marketplace and $1 Million Breach Protection Warranty Sophos X-Ops Identifies LockBit 3.0 Similarities to BlackMatter; Attackers Use...
QuoLab Launches SaaS Platform to Enable Sensitive Data Sharing and Optimize Investigations (Business Wire) The platform will deliver Fortune 1,000 SOC teams and MSSPs with an optimized process for conducting investigations and managing threat intelligence.
Safe Security Expands to 50 Technology Integrations to Make Cyber Risk Quantification and Management More Trustworthy and Accessible to All (Business Wire) Safe Security announces the expansion of their technology integrations to various platforms to make cyber risk management attainable for all users.
Delinea Introduces New Granular Privileged Access Controls on Servers (PR Newswire) Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today announced the latest release of Cloud...
Brightwell’s Product Arden Named 2022 Winner in the BIG Award for Busi (PRWeb) Atlanta-based global payments technology company Brightwell announced today that its fraud prevention and mitigation solution Arden received the Business Intelligence...
Adaptive Shield Releases SaaS-to-SaaS Capabilities to Minimize Supply Chain Risks (Business Wire) Adaptive Shield, the leading SaaS Security Posture Management (SSPM) company, today announced new capabilities to discover and monitor 3rd party apps
Technologies, Techniques, and Standards
A Practical Guide to Implementing Connected Device Security for Healthcare (Ordr) Learn about the steps to improve your security posture with greater visibility, insights and capabilities to protect all your connected devices.
Five Principles to Help Secure Technology Supply Chains (HS Today) As we consider this new normal of supply chains, with new risks and threats, a new approach is needed to secure our technology supply chains.
Detection Tools and Human Analysis Lead to a Security Non-Event (Sophos News) A look at how MDR turned a targeted attack into a non-event, in which no high-value credentials are compromised and several dozen employees are not tricked into letting a bad guy get boots on the g…
How Israel is preparing the next generation of cyber soldiers (Defense News) Defense News spoke with three senior officers at the training center to discuss their goals and how cyberspace is changing how Israel’s military functions.
Design and Innovation
Lockheed Martin's Army cyber training platform goes civilian (Register) Army civilian employees, that is, but aerospace biz says it could be used in the private sector, too
Research and Development
Emperor Charles V's secret code cracked after five centuries (the Guardian) Letter from 1547 reveals Spanish king’s fears of a French assassination plot against him
Legislation, Policy, and Regulation
UK Parliament launches inquiry into national security strategy around ransomware (The Record by Recorded Future) An inquiry into whether the United Kingdom’s national security strategy is effectively addressing the threats posed by ransomware held its first evidence session on Monday.
EU Adopts Rules To Boost Finance Sector Cybersecurity (Law360) The European Council has said it has strengthened the online security of financial institutions across the bloc by adopting legislation it said will ensure the sector could stay resilient through severe disruption or cyberattack.
TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations (Nextgov.com) The agency is exercising its authority to regulate pipelines and railways after issuing a series of short-term emergency security directives.
How the US EARN IT Act Threatens Security, Confidentiality, and Safety Online (Internet Society) Read how the US EARN IT Act poses an existential threat to the Internet safety and security by preventing service providers from using end-to-end encryption.
South Dakota Bans TikTok From State-Owned Devices Over Security (Bloomberg) TikTok is now banned on government employee devices in South Dakota because the governor believes the social media app’s ownership by a Chinese company poses a national security threat.
Litigation, Investigation, and Law Enforcement
Microsoft 365 faces GDPR challenges in Europe following German report (Computing) Microsoft has failed to clarify the wording of its contracts and its data retention and deletion rules don't always adhere to GDPR, German regulators have found
Google files lawsuit accusing ‘G Verifier’ scammers of impersonating company (The Record by Recorded Future) Google has filed a lawsuit against a company impersonating them and scamming businesses into paying for Business Profiles.
No answers on Pegasus hacking scandal as Spanish spy chief stays mute (euronews) The head of the National Intelligence Services of Spain, Esperanza Casteleiro, spoke to MEPs on Tuesday from Madrid. #EuropeNews
NHS’s Palantir Deal Draws Legal Threat From Patient Groups (Bloomberg) Groups ask for information about ‘Fast Data Flows’ pilot. Letter to NHS raises concerns about transfer of health data.
International operation shuts down websites offering counterfeit goods and pirated content | Europol (Europol) As of this year’s Cyber Monday, law enforcement agencies across several continents have taken down 12 526 websites, disconnected 32 servers used to distribute and host illegal content for 2 294 television channels and shut down 15 online shops selling counterfeit products on social media sites. In the physical realm, investigators seized 127 365 counterfeit products such as clothes, watches,...
Commercial prospecting and rights of individuals: EDF fined 600 000 euros | CNIL (CNIL) Background information The CNIL has received many complaints regarding difficulties encountered by individuals in having their rights considered by the company EDF, which is the first electric utility in France.
Sam Bankman-Fried says he donated just as many millions to Republicans as Democrats (Fortune) With about $40 million in donations, the former FTX CEO was the second-largest individual donor to Democrats behind George Soros.
Tech Giants Urge High Court To Toss Terrorism Aid Case (Law360) Twitter urged the U.S. Supreme Court on Tuesday to toss a Ninth Circuit decision holding the social media giant liable, along with Facebook and Google, for an ISIS attack in Turkey, saying the ruling "breaks sharply from the well-established legal framework for aiding and abetting," exposing businesses to "staggering terrorism liability."
Feds' Case Against Alleged Ga. Hacker Too Vague, Judge Says (Law360) A Georgia federal judge recommended dismissing an indictment accusing a cybersecurity consultant of hacking Gwinnett Medical Center's internal printer network, saying the charges are too vague for the consultant to mount a defense.
TikTok Secretly Collects 'Massive Amounts' Of Data, Suit Says (Law360) TikTok Inc. has secretly amassed "massive amounts" of invasive information on millions of users via its in-app browser, tracking users' activities on third-party websites in a violation of wiretap and consumer protection laws, according to a proposed class action filed in California federal court.
Ill. Accounting Firm To Pay $900K To Settle Data Hack Suits (Law360) Chicago accounting firm Bansley & Kiener LLP will pay $900,000 and improve its data security systems as part of a settlement approved Tuesday, resolving two class actions that stemmed from its alleged failure to promptly notify nearly 275,000 customers of a 2020 breach.
Group Says SEC Is Hiding In-House Court Breach Docs (Law360) A conservative civil rights organization has accused the U.S. Securities and Exchange Commission of withholding information related to an internal information breach earlier this year that allowed enforcement staff to access adjudicatory materials in the agency's in-house court system, as the system's constitutionality is being challenged at the U.S. Supreme Court.
Insurer Owes Coverage In T-Mobile $17M Data Breach Loss (Law360) A Zurich unit must provide coverage toward a $17.3 million data breach loss suffered by T-Mobile USA Inc. because the wireless carrier's loss surpassed a self-insured retention provision, a Washington appeals court panel said in an answer to a certified question from a trial court.