Dateline Moscow and Kyiv: Same war, seen very differently.
Ukraine at D+301: Same war, different worlds. (CyberWire) Zelenskyy frames aid as investment in the international common good. Putin continues to insist that Russia is the real victim, and that the war it unleashed is really just the latest stage of centuries-long Western aggression.
Russia-Ukraine war live: Moscow accuses US of proxy war; Russian aircraft carrier ‘catches fire’ (the Guardian) Moscow says support announced by Joe Biden during Volodymyr Zelenskiy’s visit to Washington is evidence of an indirect war with Russia
'We will find you:' Russians hunt down Ukrainians on lists (AP NEWS) Three days after the first Russian bombs struck Ukraine, Andrii Kuprash, the head of a village north of Kyiv, walked into a forest near his home and began to dig. He didn’t stop until he had carved out a shallow pit, big enough for a man like him.
Russia Has Turned Eastern Ukraine Into a Giant Minefield (WIRED) Vast swathes of the country have been vindictively laced with explosives, threatening the civilian population both physically and mentally.
Russia scrubs Mariupol's Ukraine identity, builds on death (AP NEWS) Throughout Mariupol, Russian workers are tearing down bombed-out buildings at a rate of at least one a day, hauling away shattered bodies with the debris. Russian military convoys are rumbling down the broad avenues of what is swiftly becoming a garrison city, and Russian soldiers, builders, administrators and doctors are replacing the thousands of Ukrainians who have died or left.
Ex-Russian space boss wounded in ‘targeted’ Ukrainian attack (RT International) NATO-supplied artillery was used to strike a hotel in Donetsk, wounding a senior DPR official and former Roscosmos head Dmitry Rogozin
Putin Pledges Unlimited Spending to Ensure Victory in Ukraine (Bloomberg) President Vladimir Putin said Russia has “no limitations” on military spending for the war in Ukraine, as he urged the army to deliver on his declared goals with the invasion approaching its 11th month.
Putin expands army size by 500,000 and promises military 'everything it needs' (The Telegraph) The Russian president has vowed there will be no limit on military spend in order to win in Ukraine
NATO’s confrontation with Moscow, army modernization, and operation in Ukraine: Key points from Putin’s speech (RT International) President Vladimir Putin comments on Russia’s confrontation with the West, the operation in Ukraine and improvements to national security
Why Belarus matters for the Russia-Ukraine war (The Hill) Russian President Vladimir Putin’s visit to Belarus this week escalated concerns that he is seeking to drag the country into his war in Ukraine. Both Russia and Ukraine have acknowledged they are e…
Zelenskyy to meet Biden, address Congress as war rages on (AP NEWS) Ukrainian President Volodymyr Zelenskyy was making his way to Washington on Wednesday for a summit with President Joe Biden and to address Congress in his first known trip outside the country since Russia’s invasion began in February.
Nato spy plane guards Zelensky's aircraft on flight to Washington (The Telegraph) Soon after the Ukrainian president entered the airspace over the North Sea he was greeted by an F-15 fighter jet
Zelensky: Ukraine is 'alive and kicking' and will never surrender (The Telegraph) In an impassioned speech, Mr Zelensky vowed Ukraine would not surrender and there would be 'no compromises' to bring an end to the war
Live Updates: Zelensky Tells Congress ‘You Can Speed Up Our Victory’ (New York Times) Making his first trip outside Ukraine since Russia invaded, Zelensky urged a joint session of Congress to continue support for the defense of his country. Some Republicans skipped his speech.
Zelenskyy to meet Biden, address Congress as war rages on (AP NEWS) Ukrainian President Volodymyr Zelenskyy was making his way to Washington on Wednesday for a summit with President Joe Biden and to address Congress in his first known trip outside the country since Russia’s invasion began in February.
Zelenskyy to meet Biden, address Congress as war rages on (AP NEWS) Ukrainian President Volodymyr Zelenskyy was making his way to Washington on Wednesday for a summit with President Joe Biden and to address Congress in his first known trip outside the country since Russia’s invasion began in February.
More U.S. military aid to Ukraine will aggravate conflict, Kremlin says (PBS NewsHour) Speaking during a meeting with his top military brass, Putin told them to analyze the Western weapons used by Ukraine to “develop our armed forces and strengthen the capability of our troops.”
Zelensky's ‘Hollywood-style’ US visit a ‘proxy war’ promotion – Moscow (RT International) Zelensky’s visit has confirmed that Washington is waging a “proxy war” against Moscow, the Russian ambassador has said
$1.85 Billion in Additional Security Assistance for Ukraine (U.S. Department of Defense) On December 21, as part of President Zelenskyy’s visit to the White House, the Department of Defense announced $1.85 billion in additional security assistance for Ukraine.
White House announces Patriots for Ukraine amid Zelenskyy visit (Defense News) The announcement came after Ukrainian President Volodymyr Zelenskyy landed in Washington for a meeting with President Joe Biden and an address to Congress.
Zelenskyy praises US plan to include ‘a’ Patriot battery in $1.9B weapons package (Breaking Defense) In an impassioned address to Congress, the Ukrainian president said US aid was an “investment in global security and democracy.”
The U.S. will send a Patriot air defense system to Ukraine. How will it help? (NPR.org) The transfer of the sophisticated missile system comes amid a Russian barrage on Ukraine's energy infrastructure. The announcement came as President Volodymyr Zelenskyy visited Washington.
Here’s everything you need to know about Patriot missiles (Washington Post) Fulfilling one of Kyiv’s biggest requests to Washington, the United States will send its most advanced and highly sought-after air defense weapon, the Patriot missile system, to Ukraine to block Russia’s air assault.
Zelenskiy to Appeal for Further Aid in US Visit (Bloomberg) Ukraine President Volodymyr Zelenskiy will deliver an in-person address to Congress in Washington on Wednesday as President Joe Biden is set to unveil nearly $2 billion in assistance and announce moves to deliver a Patriot missile battery to help Ukraine bolster its defenses.
Biden Says Giving Kyiv Advanced Weapons Risks US Alliances (Bloomberg) US President met with Ukrainian counterpart for over two hours. Zelenskiy’s visiting Washington in first overseas trip of war.
Biden: US hamstrung from giving Ukraine more offensive weapons by Europe's 'World War Three' fears (The Telegraph) Joe Biden responds to plea for more military hardware as war leader gives American president bravery medal from Himars captain
Zelensky shares 'Churchill moment' with Biden (The Telegraph) US officials hope the sight of Volodymyr Zelensky in Washington will embolden Vladimir Putin’s opponents inside Russia
Zelenskyy's address to Congress puts him in a category with Churchill, Netanyahu and Mandela (POLITICO) Addresses by foreign leaders are not unprecedented, but they are relatively uncommon.
Amid a show of unity, Zelensky and Biden differ on some war needs (Washington Post) Behind the smiles and handshakes — and a new $1.85 billion military aid package — the Ukrainian president and his advisers continue to push Washington for advanced weaponry that Biden is reluctant to provide
Ukraine to Get Thousands More Starlink Antennas, Minister Says (Bloomberg) Influx comes as Russia strikes threaten to cut off internet. Nation preparing aid stations to help people survive outages.
Ukraine’s Cyber Units Aim to Retain Staff, Keep Services Stable as War Enters Year Two (Wall Street Journal) As Ukrainian President Volodymyr Zelensky visits Washington, the country’s cyber defense staff continue to fend off persistent Russian cyberattacks.
Russia, Ukraine ransomware attacks show value of threat intelligence (SC Media) Foreign cyberespionage efforts between Russia and Ukraine stress the importance of threat intelligence, SiliconAngle reports.
Open Secrets (Foreign Affairs) Ukraine and the next intelligence revolution.
Europe Is Learning to Live Without Russian Energy (Foreign Policy) Russian President Vladimir Putin played the energy card on Europe to undercut Ukraine. Europe called his bluff.
Attacks, Threats, and Vulnerabilities
A sophisticated fraud ring is waging war on commerce, using rapidly changing tactics (Signifyd) A sophisticated fraud ring stole $660 million in goods from U.S. ecommerce in November alone.
Cyber Criminals Impersonating Brands Using Search Engine Advertisement Services to Defraud Users (FBI) The FBI is warning the public that cyber criminals are using search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information.
Use an ad blocker for security, says FBI (Computing) US intelligence agency warns of the danger of malicious online advertising
CISA Warns Healthcare Organizations of Cuba Ransomware Threat (Health Tech) One foreign healthcare system has already been compromised by Cuba ransomware actors. Here’s how health IT leaders can strengthen their security posture to mitigate the threat.
No holiday pause for cyber adversaries warn government agencies (American Hospital Association | AHA News) The Healthcare Cyber Communications Center, FBI, Cybersecurity & Infrastructure Security Agency and National Security Agency in December warned of new ransomware strains and other cyber threats targeting health care.
Fake payload deployed by Raspberry Robin in new attacks (SC Media) New Raspberry Robin malware attacks against government systems and telecommunication service providers involved the delivery of a fake payload aimed at bypassing detection and confusing researchers, according to BleepingComputer.
GitHub incident allowed attacker to copy Okta's source code (The Record by Recorded Future) Access management company Okta had some of its source code copied after an intruder gained unauthorized access to its private GitHub repositories.
Godfather makes banking apps an offer they can’t refuse (Register) No horse heads in beds...that we know of
Guardian newspaper hit by suspected ransomware attack (BBC News) The paper says its IT network is being affected by a "serious incident" and staff are working from home.
Guardian shuts offices after ransomware attack (The Telegraph) Staff forced to work from home after ‘serious incident’ affects IT network
Guardian employees asked to work from home after suspected ransomware attack (Computing) The business said its online publishing was 'largely unaffected'
Corsair keyboard bug makes it type on its own, no malware involved (BleepingComputer) Corsair has confirmed that a bug in the firmware of K100 keyboards, and not malware, is behind previously entered text being auto-typed into applications days later.
Security Patches, Mitigations, and Software Updates
Microsoft fixes Hyper-V VM problem caused by Patch Tuesday (Register) The emergency OOB release should solve those frustrating failures
Trends
Deepwatch SecOps Pulse Report - Q4 2022 (DeepWatch) Get a fresh read on what SecOps leaders are doing to prepare for 2023
Marketplace
Proofpoint announces acquisition of ITDR firm Illusive (SecurityBrief Australia) Identity Threat Detection and Response technology extends Proofpoint's people-centric security vision to thwart identity-based breaches, including ransomware.
Palo Alto Networks completes acquisition of Cider Security (Technology Magazine) Palo Alto Networks said Prisma Cloud's integration of Cider Security's capabilities will bring security to the forefront of the development lifecycle
Citizens Advises QinetiQ on its Acquisition of Avantus (Citizens Bank) Citizens Advises QinetiQ on its Acquisition of Avantus
Palantir lands 75 million pound deal with British military (Reuters) Palantir Technologies Inc has signed a three-year, 75 million pound ($91.39 million) deal with the United Kingdom's Ministry of Defense, the U.S. software company said Wednesday, expanding its overseas military work months into the Ukraine war, Europe's biggest conflict since World War II.
Twitter Has a New Wave of Layoffs, in Public Policy Team (The Information) Elon Musk continued to whittle down Twitter’s shrunken workforce on Wednesday night, laying off members of its public policy team, said two people familiar with the matter. Slashing that team could hamper Twitter’s ability to deal with regulators and politicians, even as the Federal Trade ...
Elon Musk Is Still Silencing the Journalists He Banned From Twitter (The Intercept) To you, it looks like Musk unblocked journalists like me. It’s an illusion: The truth is that we are still locked out of our accounts.
Virginia Cybersecurity Firm Opening Silver Spring Office (Source of the Spring) A Reston, Va.-based cybersecurity firm is expanding into Maryland via a Silver Spring office, according to a report in the Commercial Observer.
Rubrik Appoints John W. Thompson as the Lead Independent Board Director (Rubrik) Former Microsoft Chairman and Former CEO of Symantec expands board role; further strengthens Rubrik’s cybersecurity leadership
Technologies, Techniques, and Standards
How Marvel’s Avengers inspire Pinsent Masons CISO to adapt cybersecurity hiring (CSO Online) Pinsent Masons CISO Christian Toon discusses the need to challenge hiring practices to attract and keep cybersecurity talent.
Research and Development
The Biggest Discoveries in Computer Science in 2022 (Quanta Magazine) Computer scientists this year learned how to transmit perfect secrets, why transformers seem so good at everything, and how to improve on decades-old algorithms (with a little help from AI).
Legislation, Policy, and Regulation
Lawmakers Highlight Cyber, New Tech and Space in Proposed Spending Bill (Nextgov.com) The $1.7 trillion omnibus introduced by lawmakers on Tuesday would spur on investments in cutting-edge technologies, cyber defense and space during the 2023 fiscal year.
Biden signs quantum computing cybersecurity bill into law (FedScoop) President Biden on Wednesday signed legislation to encourage federal government agencies to adopt technology that is protected from decryption by quantum computing.
Top Biden cybersecurity adviser to step down (CNN) One of President Joe Biden's most senior cybersecurity advisers is expected to step down in the next two months, three people familiar with the decision tell CNN.
Chris Inglis to resign as national cyber director (CyberScoop) A 30-year veteran of the NSA, Inglis has helped stand up a new office aimed to bring unity of effort to U.S. cybersecurity policy.
First-ever national cyber director Chris Inglis set to retire in coming months: sources (Axios) Inglis spent his tenure growing the office from one person in July 2021 to nearly 70 employees.
White House cyber adviser to resign (The Hill) White House cyber czar Chris Inglis is set to resign as head of the Office of the National Cyber Director in the next coming months, CNN reported. Inglis was appointed last year to lead the of…
Chris Inglis, Biden's top cyber adviser, plans to leave government in coming months (POLITICO) For 17 months, Chris Inglis has served as the inaugural holder of a new position as President Joe Biden’s top adviser on a range of cybersecurity issues.
White House Cyber Director Chris Inglis to Step Down (Bank Info Security) Chris Inglis intends to step down as head of the Office of the National Cyber Director inside the White House after President Joe Biden approves a new national
CISA’s EINSTEIN Gets Extension in FY2023 Approps Bill (Meritalk) One of the Cybersecurity and Infrastructure Security Agency’s (CISA) mainstay cybersecurity protection programs got an extended lease on life, along with $91 million of funding, in the fiscal year (FY) 2023 omnibus appropriations bill released by the House and Senate Appropriations committees on Dec. 20.
NSA, Cyber Command should continue to share a leader, a key review suggests (Washington Post) Getting a leadership divorce wouldn’t be optimal for NSA, Cyber Command, report suggests
Maryland Air Guard Sustains Support of U.S. Cyber Force (National Guard) Maryland Air National Guard members recently completed a six-month activation in support of U.S. Cyber Command’s Cyber National Mission Force.The 276th Cyberspace Operations Squadron
Maryland Airmen are key to strategic cyber missions; achieve sixth year of deployments (DVIDS) Members of the Maryland Air National Guard recently completed a six-month activation in support of U.S. Cyber Command’s Cyber National Mission Force and passed the mission to fellow Airmen of the 175th Cyberspace Operations Group on its sixth year of continuous support.
The 276th Cyberspace Operations Squadron handed over the responsibilities to the 175th Cyberspace Operations Squadron to continue to defend the U.S. against foreign adversaries under the 24th National Mission Team.
Litigation, Investigation, and Law Enforcement
FCC proposes record fine for robocallers who spammed at least 500 million (The Record by Recorded Future) The Federal Communications Commission is recommending a nearly $300 million fine for two men accused of running a robocall scheme.
Suffolk County, N.Y., Leaders Blame Clerk’s Office for Cyberattack (Wall Street Journal) Log4j vulnerabilities, delayed security upgrades and an IT leader’s behavior enabled the September attack, a county executive said.
NASA infosec again falls short of required standard (Register) Good thing space agency doesn’t have any state secrets … oh, hang on
Associates of FTX Founder Sam Bankman-Fried Plead Guilty to Criminal Charges (Wall Street Journal) The associates are former Alameda Research CEO Caroline Ellison and former FTX executive Gary Wang.
Sam Bankman-Fried Is Set for Extradition to U.S. (New York Times) The FTX founder agreed to be transferred from the Bahamas to face federal charges of fraud.
Sam Bankman-Fried’s Extradition Approved by Judge (Wall Street Journal) The FTX founder will soon be in U.S. custody to face criminal charges connected to the collapse of the crypto exchange.
Sam Bankman-Fried Leaves Bahamas to Face US Criminal Charges (Bloomberg) He is flying to US after agreeing to extradition on Wed. He’s been locked up in the Bahamas for more than a week.
Mark Zuckerberg Testifies About Meta’s Virtual Reality Ambitions (New York Times) Meta’s chief executive made a rare court appearance as the Federal Trade Commission tries to block his company’s purchase of the virtual reality start-up Within.
MSG Allegedly Used Facial Recognition to Remove Rival Attorney From Rockettes Show (Gizmodo) A privacy expert told Gizmodo this was one of the first instances of a private firm using facial recognition to retaliate against an opposing lawyer.
James Dolan’s facial ID tech snags another lawyer who says he was booted from Knicks game (New York Post) A Long Island attorney was kicked out of a Knicks game after getting flagged by facial recognition technology at Madison Square Garden — the same system the company used to boot another lawyer from…
DA forces San Benito schools to notify victims of ‘biggest’ data breach agency has seen (MyRGV.com) Cameron County District Attorney Luis Saenz on Tuesday said he disclosed the San Benito school district’s technology security breach Monday evening after district officials refused his requests that they notify as many as 30,000 employees and other victims whose confidential information was stolen.
RedMart fined S$72,000 for data breach resulting in online sale of customer data (CNA) The names, email addresses and other personal data of around 898,791 individuals were stolen from a database in September 2020 and later put up for sale online.
Morley reaches $4.3M settlement after hacking incident leads to data theft for 694K (SC Media) A settlement has been reached in the lawsuit filed against Morley in the wake of a 2021 hacking and data exfiltration incident.