Dateline Moscow, Kyiv, Berlin, Paris, London, and Washington
Casus belli for an intensifying war of aggression. (The CyberWire) 2022 continues to look more like 1938, with the addition of cyberspace as an operational domain.
Putin Orders Troops to Separatist Regions and Recognizes Their Independence (New York Times) Mr. Putin hinted at the possibility of a wider military campaign and laid claim to all of Ukraine as a country “created by Russia.” The U.S. and E.U. said they would begin imposing limited sanctions.
Lawmakers give Putin permission to use force outside Russia (AP NEWS) Russian lawmakers Tuesday authorized President Vladimir Putin to use military force outside the country — a move that could presage a broader attack on Ukraine after the U.S.
Ukraine: How the world reacted to Vladimir Putin's speech (The Telegraph) Moscow's actions torpedo a last-minute bid for a summit with President Joe Biden to prevent Russia from invading Ukraine
Germany Stops Approval Of $11 Billion Nord Stream 2 Pipeline With Russia (Forbes) Germany’s Chancellor Olaf Scholz is suspending the approval of the gas pipeline in response to Russia’s current actions in Ukraine, he said.
U.S. Offers Limited Initial Response to Russia as It Weighs Stiffer Sanctions (New YTork imes) President Biden faces the challenge of maintaining unity with allies as he seeks to balance deterrence and punishment in dealing with President Vladimir Putin of Russia.
Biden imposes sanctions over Putin's recognition of breakaway Ukraine regions (Axios) The U.S. and European Union sharply condemned the announcement by Putin, calling it a violation of international law.
Russia just ordered troops into Ukraine again. What happens next? (Atlantic Council) As the fast-moving situation on the ground develops, our experts weigh in on what this moment means for a world that could soon be forever altered.
Vladimir Putin warns of ‘bloodshed’ as he orders Russian forces into Ukraine breakaway regions (The Telegraph) Russian president officially recognises separatist states Luhansk and Donetsk in what Boris Johnson calls a ‘very ill omen’ of invasion
Ukraine may break off diplomatic ties with Russia, president says (Reuters) Ukraine may break off diplomatic relations with Russia after Moscow decided to recognise two breakaway regions of eastern Ukraine as independent, President Volodymyr Zelenskiy said at a briefing on Tuesday.
The Russia-Ukraine Crisis Has Removed All Doubt. We’re in a New Cold War (World Politics Review) While it is still impossible to know for sure how the Russia-Ukraine crisis will play out, one consequence of it is already certain: There is no more use in dancing around reality using terms like “strategic competition” or “great power tensions” to describe relations between the West and Russia. We are in a new Cold War.
U.S. has intel that Russian commanders have orders to proceed with Ukraine invasion (CBS News) The intelligence indicates that commanders on the ground making specific plans for how they would maneuver in their sector of the battlefield.
Has Putin invaded Ukraine? The White House isn’t sure (The Telegraph) US military leaders warn of potential Russian 'shock and awe' to follow
Russia’s Shock and Awe (Foreign Affairs) Why Moscow would use overwhelming force against Ukraine.
Blitzkrieg or Minor Incursion? Putin’s Choice Could Determine World Reaction. (New York Times) President Vladimir V. Putin of Russia may be looking for fissures in the Western alliance, which so far has been united against him.
Putin escalates his Ukraine war with recognition of separatist republics (Atlantic Council) Eight years since the invasion of Crimea, Putin struck another blow in his war against Ukrainian statehood on February 21 by recognizing the two separatist republics of east Ukraine as independent states.
Kremlin says Moscow will see two Ukrainian regions as independent, a potential pretext for war (Washington Post) The Kremlin announced Monday that Moscow will recognize the independence of two breakaway regions in eastern Ukraine, a move that Russia could use to justify an attack in those areas.
Putin recognizes Ukraine's rebel region, lighting fuse on Europe's next war (Newsweek) Separatist region leaders previously called for all able-bodied men to take up arms and defend the land.
Putin Orders Troops to Separatist Regions and Recognizes Their Independence (New York Times) Mr. Putin hinted at the possibility of a wider military campaign and laid claim to all of Ukraine as a country “created by Russia.” The U.S. and E.U. said they would begin imposing limited sanctions.
Lindsey Graham calls Vladimir Putin a 'thug,' says 'enough is enough' (Newsweek) "His decision should immediately be met with forceful sanctions to destroy the ruble and crush the Russian oil and gas sector," said the senator on Twitter.
Shelling Escalates in Ukraine as Thousands Flee, Fearing Attack (New York Times) Western leaders repeat calls for a diplomatic resolution to the crisis. Russia fires missiles in a blunt warning of where the conflict could lead.
In Ukraine’s war-weary east, intensifying shelling and battered homes signal attempts at provocation by Russia (Washington Post) The work to repair the roof from Thursday’s shelling continued even as Saturday’s booming thuds, edging closer and closer, signaled a new round of artillery fire nearby. An elderly woman riding a bicycle didn’t flinch as the shock from the bombardment rattled off the already-broken window panes.
Russia-backed rebels say Moscow doesn't want war but will defend them (Newsweek) "It is my recommendation that Ukraine withdraws her troops from the territory...as soon as possible," Donbas rebel envoy in Finland Johan Bäckman told Newsweek.
U.S. claims Russia has list of Ukrainians ‘to be killed or sent to camps’ following a military occupation (Washington Post) The United States has informed the United Nations it has credible information showing that Moscow is compiling lists of Ukrainians “to be killed or sent to camps following a military occupation,” according to a letter to the U.N. human rights chief obtained by The Washington Post on Sunday night.
No specific plans to hold Putin-Biden summit just yet, says Kremlin (TASS) A meeting is possible provided that the heads of state deem it appropriate, Kremlin Spokesman Dmitry Peskov noted
Elysee Palace announces consent of Putin and Biden to hold security summit (TASS) Questions for the summit will be prepared by Russian Foreign Minister Sergey Lavrov and US Secretary of State Antony Blinken during their February 24 meeting
Vladimir Putin has embarrassed Emmanuel Macron - again (The Telegraph) The French President's attempt to broker a deal with Russia could be doing more harm than good
Joe Biden agrees to summit with Vladimir Putin if Russian invasion of Ukraine does not proceed (The Telegraph) Move comes as Russian president and Emmanuel Macron to hold talks in last-ditch effort to secure ceasefire
War fears grow as Putin orders troops to eastern Ukraine (AP NEWS) A long-feared Russian invasion of Ukraine appeared to be imminent Monday, if not already underway, with Russian President Vladimir Putin ordering forces into separatist regions of eastern Ukraine.
World leaders focus on how to punish Russia over Ukraine (AP NEWS) Shocked by Russian President Vladimir Putin’s order to deploy troops to separatist regions of eastern Ukraine, world leaders moved quickly Tuesday to impose as forceful a response as possible in hopes of averting a full-blown war in Europe.
Russia-Ukraine latest news: Moscow sanctions must go ‘further and faster’, Tories tell Boris Johnson (The Telegraph) MPs have urged the Prime Minister to hit Russia with tougher sanctions, with Foreign Affairs Committee chairman Tom Tugendhat warning that the Government's actions should go "much further, much faster".
Ukraine crisis: OSCE to hold security meeting on Monday, chairmanship says (The New Arab) OSCE monitors have reported hundreds of artillery and mortar attacks in recent days, in a conflict that has rumbled since 2014 and claimed more than 14,000 lives.
Ukraine Live Updates: Biden Warning on Russian Attack Was Prompted by New Intelligence (New York Times) The American president stepped up his warnings about Moscow’s plans after seeing evidence that an attack on Ukraine was imminent.
Ukraine latest: NATO chief says Russia planning 'full-scale attack' (Deutsche Welle) NATO's chief said that "all signs" suggest Russia will attack its neighbor as the alliance relocated its Kyiv staff. Ukraine's President Zelenskyy delivered a passionate speech in Munich. DW has the latest.
Put Sanctions on Russia Now, Ukraine’s Leader Urges West (New York Times) “What are you waiting for?” President Volodymyr Zelensky of Ukraine asked Western leaders in Munich, as Russian-backed rebels urged people to evacuate and shelling escalated in eastern Ukraine.
Special dispatch from Munich: Putin provokes dread and resolve (Atlantic Council) In every crisis lies opportunity, but it’s anyone’s bet how deep the crisis Putin unleashes will be, or how lasting the Western response.
Zelenskyy says will meet Putin anywhere after Munich trip called 'reckless' (Newsweek) Ukraine's president may not be able to get back home if Russia takes control of the airspace, warned an ex-general.
Ukraine crisis: Boris Johnson says there is ‘extreme danger to the world’ from potential Russia invasion - live (the Guardian) Joe Biden ‘convinced’ Vladimir Putin plans invasion; Russian leader to discuss crisis with French counterpart on Sunday; Ukraine’s Zelenskiy believed to be heading to Munich security conference
Ukraine crisis: Putin and Macron agree to try to secure ceasefire in eastern Ukraine and urgent summit (the Guardian) Leaders spoke on the phone for 105 minutes and outcome suggests Russia might be willing to step back from brink of invasion of Ukraine
Vladimir Putin has decided to attack Ukraine and will target Kyiv, says Joe Biden (The Telegraph) In a speech to Munich Security Conference on Saturday, Boris Johnson will warn Russia will pay ‘high price’ for Ukraine invasion
Biden says he believes Putin has made decision to invade Ukraine (Newsweek) The president added that diplomacy is "always a possibility" until Putin makes a decision.
Will there be a “Munich Moment” in the Russia-Ukraine crisis? (Atlantic Council) A full-scale Russian invasion of Ukraine could yet be prevented via a "Munich moment" bringing together Vladimir Putin and Joe Biden to strike a last-minute geopolitical deal, writes Thomas Warrick.
Vladimir Putin steels Russia for tough Western sanctions amid Ukraine crisis (The Telegraph) President says he believes 'sanctions will be introduced anyway', claiming that the EU's goal is to ‘hinder Russia’s development'
Ukraine warns of cyberattacks on banks and state agencies (Reuters) Ukrainian authorities said they had seen online warnings that hackers were preparing to launch major attacks on government agencies, banks and the defence sector on Tuesday.
The Cybersecurity Risks of an Escalating Russia-Ukraine Conflict (Harvard Business Review) Now is the time to revisit your business continuity plans.
Opinion | The Cyberspace Front in the Attacks on Ukraine (Wall Street Journal) A full Russian military assault on the country would likely involve debilitating digital strikes.
US, UK: Russia responsible for cyberattack against Ukrainian banks (Reuters) Russian military hackers were behind a spate of distributed denial of service (DDoS) attacks that briefly knocked Ukrainian banking and government websites offline, the United States and the United Kingdom said on Friday.
U.S., U.K. Say Russian Government Responsible For Cyberattack On Ukraine (RadioFreeEurope/RadioLiberty) The United States and Great Britain have accused Russia of being behind the February 15 cyberattacks on Ukraine's Defense Ministry and banking system.
White House blames Russia for latest digital attacks on Ukraine (The Record by Recorded Future) A senior White House official on Friday blamed Russia’s military intelligence agency for flooding the websites of Ukrainian defense agencies and banks with phony traffic earlier this week, which briefly knocked them offline and ratcheted up fears of an invasion by Moscow.
The US is unmasking Russian hackers faster than ever (MIT Technology Review) The White House was quick to publicly blame Russia for a cyberattack against Ukraine, the latest sign that cyber attribution is a crucial tool in the American arsenal.
Attribution to Russia of malicious cyber activity against Ukraine (Minister for Foreign Affairs) The Australian Government joins the United States and the United Kingdom in publicly attributing the cyber attacks against the Ukrainian banking sector on 15 and 16 February 2022 to the Russian Main Intelligence Directorate (GRU).
Australia promises cyber support to Ukraine as Russian forces array along its borders (ABC) Australia will expand cyber training for Ukrainian officials and could join a broader coalition of Western countries to provide the besieged Eastern European nation with support as fear of a Russian invasion continues.
Ukraine is getting pummeled with cyberattacks. What’s the West to do? (POLITICO) From sanctions to rustling up support for Kyiv, cyber diplomats scramble to deter Moscow from launching cyberattacks.
Ukraine: UK ready to launch retaliatory cyber-attacks on Russia, defence secretary tells MPs (Independent) ‘I’m a soldier, I was always taught the best part of defence is offence,’ says Ben Wallace – pointing to new ‘offensive cyber capability’
Despite years of preparation, Ukraine’s electric grid still an easy target for Russian hackers (POLITICO) Portions of Ukraine’s electric system went dark following two Russian cyberattacks in recent years. Efforts to strengthen the grid in the years since likely won’t be enough to fend off Russian hackers.
New Zealand warns of digital collateral damage from Russia-Ukraine crisis (The Record by Recorded Future) New Zealand’s top cybersecurity agency on Friday warned the country’s “nationally significant” organizations to prepare for cybersecurity risks that might result from the ongoing conflict between Ukraine and Russia.
The Dutch cyber approach is too fragmented (Ruetir) Russian ground forces have gathered in front of the world at the border of Ukraine. At the same time, there is a conflict that is less visible, but which can be at least as disruptive: the struggle in the digital domain.
West braces for false-flag operations by Kremlin as fighting in eastern Ukraine escalates (Washington Post) The threat of renewed war in Ukraine escalated Saturday as shelling and military preparations by Russian-backed separatists picked up in the country’s contested east.
How ten false flag narratives were promoted by pro-Kremlin media (Medium) Russian media actively portrays the self-proclaimed Donetsk and Luhansk People’s Republics as victims of Ukrainian aggression
Russians accuse Ukrainians of genocide as they pave way for potential invasion (The Telegraph) Experts believe the extreme claims are part of a propaganda blitz as Moscow tries to justify any conflict at home and abroad
Putin’s absurd genocide claims cannot hide his war crimes in Ukraine (Atlantic Council) Russian President Vladimir Putin likes to claim that an anti-Russian genocide is underway in Ukraine but in reality he is upset by the historical loss of influence suffered by representatives of the Russian state.
Russian Media Reports Fire at Gas Pipeline: Ukraine Update (Bloomberg) President Joe Biden said he believes that President Vladimir Putin has decided to attack Ukraine and that an invasion -- including a strike on Kyiv -- could come within days.
Prince Andrew and Prince Charles 'need' a war in Ukraine, says Russian state TV (The Telegraph) Bizarre Russian broadcast suggests crisis is being used to deflect attention from royal scandals
Russia’s Propaganda & Disinformation Ecosystem - 2022 Update & New Disclosures (Miburo) New revelations and a structural update to our chart
Russian Hybrid Threats Report: Evacuations begin in Ukrainian breakaway regions (Atlantic Council) The Atlantic Council’s Digital Forensic Research Lab tracks Kremlin allegations of mass graves in Donbas, troop movements, and more.
'We don't know where we're going': Russia sends 'fake' evacuees to far-flung parts of the country (The Telegraph) Russian-backed separatists have evacuated thousands of people out of eastern Ukraine, but they have no idea where they're going
Four Russian false flags that are comically easy to debunk (The Telegraph) Analysts are poring over footage of purported standoffs and attacks paint Ukraine as the aggressor as Europe teeters on the edge of war
Kremlin’s propagandist Kiselyov added to list of persons that pose threat to Ukraine’s national security (Ukrinform) The Ministry of Culture and Information Policy of Ukraine has put Russian propagandist Dmitry Kiselyov on the list of persons that pose a threat to Ukraine’s national security, according to the ministry’s press service. — Ukrinform.
Kazakhstan’s Internet Shutdown Offers Lessons for Russia-Ukraine Crisis (New York Times) Control of the internet is increasingly part of any modern conflict.
EU to mobilize cyber team to help Ukraine fight Russian cyberattacks (POLITICO) European civilian-military officials will help Kyiv fend off Russian hackers.
'Shields up': Biden administration moves to protect U.S. targets from Russian cyber attack (USA TODAY) Russia-based hackers with potential ties to the government are believed to have been behind last year’s ransomware attack against Colonial Pipeline,
Britain warns of Russian cyber attacks as companies urged to take defensive action (The Telegraph) Infrastructure at risk as GCHQ calls for tighter security to counter Kremlin’s online threat
NY state boosting cyber defenses as Ukraine-Russia tensions soar: Hochul (WCBS) Gov. Kathy Hochul released a statement late Sunday saying it’s important to review New York’s cybersecurity preparedness given it’s a global hub.
Once He Kept Russia at a Distance. Now He Is a Docile Putin Satrap. (New York Times) President Aleksandr G. Lukashenko of Belarus once skillfully managed Moscow, but now he is doing the Kremlin’s bidding in Russia’s confrontation with Ukraine.
Why Putin doesn't seem to be deterred by sanctions threats (Newsweek) Russian President Vladimir Putin is gambling that his country can withstand the severe economic sanctions that would come with an attack on Ukraine.
Ex-Cyber Official: Financial Services Top Target For Russian Sanctions Retaliation (Newsmax) A former top U.S. cybersecurity official said on Sunday the financial services industry is probably the No.1 target for Russian retaliation if there are U.S-imposed sanctions over Ukraine.
Russia-Ukraine Crisis: Resources for the Crisis Management Team (OODA Loop) The Russian aggression against Ukraine will have impacts far beyond the region. All companies and all government organizations (including those at local and state levels) should evaluate the potential impact of these hostilities on operations.
The inside story of Vladimir Putin’s mythical obsession with Ukraine and why it's so important to Russia (The Telegraph) The current crisis has pushed Europe to the brink of war. No matter how it ends, Mr Putin will be back for Ukraine
Ukraine’s Kids Are Literally on the Front Line (Foreign Policy) Hundreds of thousands of Ukrainian children suffer shellings, shootings, and psychological trauma.
Putin’s self-defeating war has succeeded in uniting Ukrainians (Atlantic Council) Vladimir Putin’s eight-year war against Ukraine has had a profound impact on Ukrainian identity and done more for national unity than any other single factor since Ukraine regained independence three decades ago.
Ukraine: the crisis that brought the west together (the Guardian) As Kyiv confronts the possibility of Russian invasion, Vladimir Putin’s opponents have had an unexpected bonus
Opinion | The Speech In Which Putin Told Us Who He Was (POLITICO) In his 2007 Munich address, the Russian leader firmly rejected the post-Cold War system he's still trying to torpedo.
Canada Warns Russia on Ukraine (TDPel Media) Canadian Finance Minister Chrystia Freeland stepped well beyond economic policy at a G20 finance meeting on Friday to issue an “impassioned” warning to
West plans to arm resistance if Russian forces occupy Ukraine (the Guardian) Invasion ‘must be seen to fail’, says Boris Johnson, as western allies hold secret talks about how to give military backing to Kyiv
We’ll make it impossible for Russia to raise funds in City, says Boris Johnson (The Telegraph) Prime Minister says steps will be taken against firms and individuals of importance to Russian state if Ukraine invasion happens
Boris Johnson's speech to the Munich Security Conference in full (The Telegraph) The Prime Minister addressed a major security conference today amid rising tensions between Russia and the West over Ukraine
Harris, Blinken navigate Munich Security Conference as Europe holds its breath (Washington Post) Harris and Blinken are both highlighting the U.S. presence at the Munich security conference unfolding in the shadow of war. The double-billing could be complementary--or awkward.
At Munich Security Conference, Harris Reinforces Biden’s Messages About Russia, Ukraine (Forbes) Messaging is important in a crisis. So is consistency in delivering those messages.
The escalating situation in Ukraine is no exception.
Kamala Harris makes last-ditch appeal for peace Putin is poised to ignore (Newsweek) By wading into the Ukraine crisis, she takes on another assignment that may provide little in the way of political victory for her or the Biden administration.
Remarks by Vice President Harris at the Munich Security Conference (The White House) Hotel Bayerischer HofMunich, Germany 11:45 A.M. CEST THE VICE PRESIDENT: Good morning. Good morning. Thank you, Ambassador
What Nato is doing to prevent a Russia-Ukraine war and what it could do if there is an invasion (The Telegraph) Nato’s repeated warnings against an invasion do not seem to have had much of an impact on Russia
Analysis: U.S., allies united if Russia invades, at odds over other scenarios (Reuters) The United States and its allies have mapped out detailed plans for coordinated, severe sanctions if Russian troops physically invade Ukraine, but how they should respond to other kinds of aggressions is far from agreed, U.S. and European officials say.
Transatlantic Telegram: Whatever happens next in Ukraine, a new European security order is emerging (Atlantic Council) The view from Vilnius, Lithuania, and Washington about a crisis that is both familiar and taking us into uncharted waters.
How Far Will Turkey Go to Support Ukraine? (Foreign Policy) Erdogan has signaled strong support for Kyiv, but he won’t sacrifice a strong, stable working relationship with Russia.
In Ukraine Crisis, the Looming Threat of a New Cold War (New York Times) If he invades, President Vladimir V. Putin is inviting a new global struggle with the West. He should think about how the last one ended, analysts say.
What if Russia Wins? (Foreign Affairs) A Kremlin-controlled Ukraine would transform Europe.
What’s at Stake for the Global Economy as Conflict Looms in Ukraine (New York Times) Countries that depend on the region’s rich supply of energy, wheat, nickel and other staples could feel the pain of price spikes.
Executive Overview of Russian Aggression Against Ukraine (Recorded Future) This report provides an executive-level overview of Insikt Group’s unified view on the conflict between Russia and Ukraine, incorporating notable cyber offensive actions, influence operations, and geopolitical and physical threats.
Ukrainian diaspora in the U.S. grieves, pleads for peace as conflict escalates in their homeland (Washington Post) The screen inside the Ukrainian National Museum flashed with images of gunfire, helmeted young protesters and bloodied bodies. In one massive photo propped against a wall, a lone Ukrainian protester waves the country’s blue and yellow flag as fire burns around him.
Ukraine’s Lviv becomes ‘western capital’ as some diplomats leave Kyiv (Washington Post) There are winding cobblestone streets and delicious pastries. The old Habsburg elegance still runs through Lviv.
Foreign Office's old IT is slowing UK's Ukraine response (Computing) Emails between people who previously worked for other departments are flagged as spam
Why world leaders don’t trust Vladimir Putin with their DNA (The Telegraph) From ancestry checks to futuristic bioweapons, the West aren't taking any risks when it comes to the Russian president
Ransomware Adds New Wrinkle in Russian Cybercrime Market (Dark Reading) Government crackdowns may destabilize Russian crime rings and strengthen their ties to Chinese allies.
Global Incident Report: Deep Web Database and Network Access Sales Affecting Russia Ukraine Dispute (Accenture) Deep web threat actors are posting advertisements for assets, including databases and breached networks, that could interest buyers involved in the ongoing Russia Ukraine conflict
Attacks, Threats, and Vulnerabilities
Chinese hackers linked to months-long attack on Taiwanese financial sector (The Record by Recorded Future) A hacking group affiliated with the Chinese government is believed to have carried out a months-long attack against Taiwan's financial sector by leveraging a vulnerability in a security software solution used by roughly 80% of all local financial organizations.
Jordanian official says Royal Court among cyber attack targets this year (The National) Cyber security agency records 900 strikes since starting operations in January
CISA warns of hybrid operations threat to US critical infrastructure (BleepingComputer) CISA urged leaders of U.S. critical infrastructure organizations on Friday to increase their orgs' resilience against a growing risk of being targeted by foreign influence operations using misinformation, disinformation, and malformation (MDM) tactics.
Hackers Dropping Malicious Executable Files in Teams Conversations (Cyber Security News) Cybersecurity researchers at Avanan security firm have recently detected that some threat actors are compromising Microsoft Teams. Because of the popularity of Microsoft.
Patch for Actively Exploited Flaw in Adobe Commerce and Magento Bypassed (SecurityWeek) Researchers have bypassed the patch for a critical and actively exploited vulnerability affecting Adobe Commerce and Magent.
Hackers distribute Cobalt Strike to unpatched MS-SQL server instances (Computing) Most attacks were likely conducted by the same threat actor, the researchers believe
Xenomorph: A newly hatched Banking Trojan (ThreatFabric) In February 2022, ThreatFabric came across a new Android banking Trojan, which we dubbed Xenomorph. The name comes from its clear ties with another infamous banking Trojan, Alien, from which Xenomorph adopts class names and interesting strings.
New Xenomorph malware sneaks onto the Google Play Store (The Record by Recorded Future) A new Android banking trojan named Xenomorph is threatening Android users after being spotted on the official Play Store.
New Android Banking Trojan Spreading via Google Play Store Targets Europeans (The Hacker News) Researchers discover a new Android banking trojan that spread via the Google Play Store and targets customers of dozens of European banks.
Hackers Exploiting Infected Android Devices to Register Disposable Accounts (The Hacker News) Hacker use infected Android devices to register disposable accounts in bulk, which can be abused to create phone-verified accounts.
French speakers blasted by sextortion scams with no text or links (Naked Security) You’d spot this one a mile away… but what about your friends or family?
HHS Warns of Threats to Electronic Health Records (GovInfoSecurity) Healthcare entities should implement a "proactive preparedness" approach for protecting their electronic health record systems, which are an increasingly
Warning: Popular e-cigarette store hacked to steal credit cards (BleepingComputer) BleepingComputer has confirmed Element Vape, a prominent online seller of e-cigarettes and vaping kits is serving a credit card skimmer on its live site, likely after getting hacked. Element Vape has a presence across the U.S. and Canada and sells products in both retail outlets and on their online store.
Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm (The Hacker News) Researchers retrieve the master key for unlocking files locked by Hive ransomware by exploiting a flaw in its encryption algorithm.
Trickbot operation is now controlled by Conti ransomware (Security Affairs) The Conti ransomware group takes over TrickBot malware operation and plans to replace it with BazarBackdoor malware. TrickBot operation has arrived at the end of the journey, according to AdvIntel some of its top members move under the Conti ransomware gang, which is planning to replace the popular banking Trojan with the stealthier BazarBackdoor. TrickBot is […]
Yik Yak has returned — and so have reports of cyberbullying, students say (The Record by Recorded Future) Students and watchdog groups are already reporting instances of abuse on Yik Yak, and say that the new safeguards aren’t enough to stop people from using the app for cyberbullying.
Cyber scammers use James Bond film to abuse fans (MENAFN) Spam and phishing outbreaks rose in the past year as cyber offenders enticed people by concentrating on subjects connected to profitable investments,
PseudoManuscrypt Malware Spreading the Same Way as CryptBot Targets Koreans (The Hacker News) PseudoManuscrypt malware is being distributed in the same way CryptBot is targeting Koreans
At Olympics, Cybersecurity Worries Linger in Background (SecurityWeek) There were many cybersecurity and privacy concerns related to the Winter Olympics in Beijing, but not everyone heeded them.
At Olympics, cybersecurity worries linger in background (AP NEWS) Warnings to use disposable “burner” phones and laptops. Privacy-protecting software. Concerns about a security flaw in an official Games smartphone app.
Apple Airtags' anti-stalker features can be bypassed – claim (Register) Open source + public key generation = no alerts, says infosec startup
Thanks, dad: Jammer used to stop kids going online, wipes out a town's internet by mistake (ZDNet) The interesting control method could lead to a hefty fine and jail time.
University of Neuchâtel back online after cyberattack (SwissInfo) The University of Neuchâtel website was functioning again on Friday evening following a cyberattack but an investigation continues into the scope of the problem. The university is the latest Swiss institution to fall victim to a cyber attack.
Cookware giant Meyer discloses cyberattack that impacted employees (BleepingComputet) Meyer Corporation, the largest cookware distributor in the U.S., and the second-largest globally, has informed U.S. Attorney General offices of a data breach affecting thousands of its employees.
New phishing campaign targets Monzo online-banking customers (BleepingComputer) Users of Monzo, one of the UK's most popular digital-only banking platforms, are being targeted by phishing messages supported by a growing network of malicious websites.
OpenSea Investigating ‘Exploit Rumors’ as Users Complain of Missing NFTs (Coindesk) Emails purporting to be from the NFT marketplace about a planned smart contract migration may have been a phishing attack.
Threat actors stole at least $1.7M worth of NFTs from tens of OpenSea users (Security Affairs) Threat actors have stolen and flipped high-valued NFTs from the users of the world’s largest NFT exchange, OpenSea. The world’s largest NFT exchange, OpenSea on Sunday confirmed that tens of some of its users have been hit by a phishing attack and had lost valuable NFTs worth $1.7 million. The phishing attack was confirmed by […]
Expeditors suffers 'targeted cyber-attack' (The Loadstar) Premium sources have passed on a statement from Expeditors, according to which: “Expeditors is currently managing a global systems downtime due to a targeted cyber-attack. We are working with global cybersecurity experts to manage through the situation. “Our global operations will be impacted throughout the incident, and we are working urgently to resolve. “Systems may be unavailable during this time, as we assess and stabilize, the safety of our global environment, ...
Expeditors Targeted in Cyber-attack (Expeditors) Expeditors International of Washington, Inc. (NASDAQ:EXPD) announced that on February 20, 2022, we determined that our company was the subject of a targeted cyber-attack. Upon discovering the incident, we shut down most of our operating systems globally to manage the safety of our overall
Tens of thousands of NHS patients' private medical information leaked (Mail Online) The confidential files include test results of cervical screening and letters to parents of children needing urgent surgery at Alder Hey Children's Hospital, Liverpool.
Luxury Children’s Fashion E-commerce Site Exposes Customers Worldwide (SafetyDetectives) Intro
The SafetyDetectives security team discovered a data breach affecting the French children’s fashion e-commerce website melijoe.com.
Melijoe is a high-end
DC Metro secures social media accounts after 'obscene posts' made on agency's Twitter page (WJLA) It appears the Washington Metropolitan Area Transit Authority became a victim of cybercrime after someone hacked into their Twitter account Monday morning. In a series of posts, which started around 3:40 a. m. , the hacker(s) reportedly made unsolicited comments on the WMATA Twitter pageand changed their name to"Blueface Da Bus. " It also appears the @Metrorailinfo Twitter page was compromised. In a series of posts, which started around 3:40 a. m.
Vulnerability Summary for the Week of February 14, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
How to Use Google Chrome's Enhanced Safety Mode (Wired) You get a safer, more secure browser experience, but Google gets a lot more data about you.
Irony alert! PHP fixes security flaw in input validation code (Naked Security) What’s wrong with this sequence? 1. Step into the road 2. Check if it’s safe 3. Keep on walki…
Trends
Iranian hackers behind biggest ransomware attacks of 2021: Report (mint) Iran-based hacker groups, according to the report released on Friday, have been focusing on using ransomware as their key tool since late 2020
ThreatX Uncovers the Impact of API Security on Consumers; Releases "API [In] Security: The Consumer Perspective" Research Report (Business Wire) ThreatX today released the results of its new survey “API [In] Security: The Consumer Perspective.”
Proofpoint’s 2022 State of the Phish Report Reveals Email-Based Attacks Dominated the Threat Landscape in 2021; Tailored Security Awareness Training Remains Critical for Protecting Hybrid Work Environments (GlobeNewswire News Room) 83% of survey respondents said their organization experienced at least one successful email-based phishing attack in 2021, a 46% increase over 2020; 78% of...
2022 Data Protection Trends (Veeam Software) The largest data protection industry report from 3,000+ IT leaders
Marketplace
TitanHQ Announces Acquisition of Cyber Risk Aware (AiThority) TitanHQ, the leading cybersecurity SaaS business, announced their acquisition of Cyber Risk Aware.
Akamai CEO: Linode acquisition makes company 'world's most distributed cloud services provider' (ZDNet) Akamai CEO Tom Leighton touted the company's recent acquisitions of Linode and Guardicore.
Microsoft specialist Arinco dips its toes into cyber due to customer demand (CRN Australia) Fast 50 No.1 receiving an increasing number of requests.
Radware to acquire DDoS scrubbing business (iTWire) Security specialist Radware is to pay $US30 million to acquire the business of SecurityDAM, which currently provides the company with DDoS scrubbing centres. Radware also plans to expand its innovation centre in India, increase its cloud network footprint and capacity, and expand its cloud services...
Global Cybersecurity Leader eSentire Raises US$325M and Achieves Unicorn Status (GlobeNewswire News Room) Investment by Georgian and CDPQ will support geographic expansion, scaling operations to meet increasing enterprise demand, and growth of eSentire’s Atlas...
Beyond Identity Raises $100 Million to Accelerate Adoption of Invisible, Un-phishable MFA for Customers and Employees (Beyond Identity) Evolution Equity Partners Joins Existing Investors in Valuing the Company at $1.1 Billion, Further Fueling Innovation, Rapid Growth, and Global Expansion
Cybersecurity stocks caught in the storm while private firms keep rising (SiliconANGLE) Cybersecurity stocks caught in the storm while private firms keep rising - SiliconANGLE
Coinbase Pays $250K for 'Market-Nuking' Security Flaw (SecurityWeek) Coinbase scrambles to fix a "market-nuking” security flaw that could have allowed users to sell bitcoins they didn’t own.
DISA Awards $162M ICAM Contract to GDIT (Meritalk) General Dynamics Information Technology (GDIT) has snagged an Identity, Credential and Access Management (ICAM) Other Transaction Authority (OTA) Phase III production agreement from the Defense Information Systems Agency (DISA).
ESET announces new brand positioning: Progress. Protected. (PR Newswire APAC) Global leader in digital security to champion innovation and empower progressive change for society through a fully integrated marketing and communications campaign.
Cambium nabs some Huawei 'rip and replace' business (Light Reading) Add Cambium to the list of vendors cashing in on the US government's ongoing "rip and replace" program.
Meta axes a head of global community development after he appears on video in underage sex sting (TechCrunch) Meta, the parent company of Facebook, has confirmed to TechCrunch that Jeren A. Miles, who had been a manager of global community development, is no longer employed by the company after a video went viral on YouTube, which was then reposted on Reddit and other sites, featuring him in a sting operat…
Zuckerberg Still Has Too Much Control of Facebook (Bloomberg) Promoting Nick Clegg masks the founder’s tight grip on voting shares and Meta’s tepid response to metaverse safety issues.
Is Meta Platforms Basically A Tobacco Company? (NASDAQ:FB) (SeekingAlpha) Meta's (formerly Facebook) main business is not loved, but used by billions of addicted users. Is FB a tobacco stock? And if so, what would the conclusion be?
As the Need for IT Security Heats Up, CrowdStrike Is Well Positioned to Dominate (The Motley Fool) CrowdStrike represents a new, innovative solution available in the marketplace and is bringing the heat as it battles legacy incumbents like Microsoft.
Kaspersky names Sandra Lee as APAC managing director (CRN Australia) Sandra Lee succeeds Chris Connell, who moved to global role.
GRIMM Appoints Cybersecurity Industry Expert Jennifer Tisdale as CEO (Business Wire) GRIMM, a pioneering cybersecurity organization led by industry experts who view technology threats through the view of an attacker, today announced th
LogRhythm names Jerry Tng Vice President of Sales for Asia Pacific to Accelerate Business Growth in the Region (LogRhythm) LogRhythm, the company powering today’s security operations centers (SOCs), today announced the appointment of Jerry Tng as Vice President of Sales for Asia Pacific and Japan.
UNITED ARAB EMIRATES : UAE's Digital14 reshuffles top line-up as it draws closer to EDGE Group (Intelligence Online) The Emirati firm has quietly begun to overhaul its management as it continues to align itself with the state-owned defence group, all the while forming closer ties with Israeli cyber specialists.
Former Exelon Cybersecurity Executive Named New COO of Fortress Information Security (PR Newswire) Betsy Soehren-Jones has been named Chief Operation Officer (COO) of Fortress Information Security, the nation's leading supply chain...
Products, Services, and Solutions
A Visual Future of Cybersecurity (Optiv) This ebook looks at technologies and innovations that will affect cybersecurity in the coming years, including AI, quantum computing and IoT.
Ostendio Launches Security Audit Guarantee (AiThority) Ostendio, a leading integrated risk management platform provider, announced the first industry audit guarantee for data security audits.
Darktrace's Cyber AI Analyst Now Runs Open Investigations (PR Newswire) Darktrace, a global leader in cyber security AI, today announced significant enhancements to its flagship Cyber AI Analyst product as it now...
EGUARDIAN and Cybereason Partner to Protect Organizations from Sophisticated Cyberattacks (Colombo Gazette) EGUARDIAN, a leading Value-Added Distributor and a technology enabler in the Asia Pacific (APAC) region, Cybereason, the XDR company, today announced a partnership to protect enterprises in Sri Lanka from sophisticated cyberattacks. Cybereason is the newest addition to EGUARDIAN’s expanding portfoli
Encrypted Backup to the Cloud - ASCOMP Releases BackUp Maker 8.1 for Windows (Newswire) Data loss results in billions of dollars in losses year after year. The causes range from hardware defects and malware to operating errors and ex ...
New infosec products of the week: February 18, 2022 (Help Net Security) The featured infosec products this week are from: Blueshift Cybersecurity, Bugcrowd, CoSoSys, F5 Networks, Mandiant, Orca Security, Stellar Cyber, and Verimatrix.
Swimlane Delivers Intelligent Automation to Help U.S. Government Agencies Meet Executive Orders for Security Orchestration (Yahoo Finance) Swimlane's cloud-scale, low-code security automation is being adopted by leading U.S. Government agencies to improve cybersecurity effectiveness.
Technologies, Techniques, and Standards
Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (CISA) Malicious actors use influence operations, including tactics like misinformation, disinformation, and malinformation (MDM), to shape public opinion, undermine trust, amplify division, and sow discord.
Department of Defense Releases New Cyber Resilient Weapon Systems Body of Knowledge (U.S. Department of Defense) The Department of Defense announced today the release of the Cyber Resilient Weapon Systems Body of Knowledge Portal Version 1.3.
US Government sets forth Zero Trust architecture strategy and requirements (Microsoft Security Blog) To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order 14028 on Improving the Nation’s Cybersecurity, requiring US Federal Government organizations to take action to strengthen national cybersecurity.
Zeroing In On The Zero Trust Model Via Simulation Platforms (CyberTheory) A core tenet of the Zero Trust model is to assume that the network has been compromised and includes hostile intruders.
CISA Creates List of Free Cybersecurity Tools and Services for Defenders (SecurityWeek) CISA has compiled a list of free cybersecurity services and tools that can help organizations reduce risk and improve resilience.
IRS plans pivot to Login.gov, lets users create online accounts without facial recognition (Federal News Network) The IRS, after weeks of pushback from Congress and the public, is now allowing taxpayers to sign up for an online account without the use of any biometric data, including facial recognition.
Why You Need An Adversary-First Approach to Threats in the Cloud (Dark Reading) Security teams need an adversary-focused approach that automates security controls and compliance and provides visibility into the cloud environment.
Navy plans to become ‘cyber ready’ by ditching compliance-obsessed ATO processes (Federal News Network) The Navy Department’s top IT official says current cyber approval processes create strange incentives that degrade systems’ security instead of improving it.
Municipal Utilities Bolster Their Cyber Defenses (State Tech) The Albuquerque Bernalillo County Water Utility Authority in New Mexico gains greater visibility into network traffic.
Design and Innovation
Microsoft aims to improve anti-phishing MFA for White House 'zero trust' push (ZDNet) Microsoft plans to make it easier for organizations using Azure Active Directory to enforce multi-factor authentication for users from external organizations.
What the history of AI tells us about its future (MIT Technology Review) IBM’s chess-playing supercomputer Deep Blue was eclipsed by the neural-net revolution. Now, 25 years on, the machine may get the last laugh.
Why Signature-Based Detection Struggles to Keep Up with the New Attack (Cyber Security News) Signature-based detection has been the cornerstone of the security strategy of organizations for a long. Thanks to rapid technological advancements, attackers constantly find ways.
‘Disruption’ Is a Two-Way Street (Wired) There's a wave of innovation that we're failing to recognize—and it's being led by users and networks, not tech companies.
Academia
Georgia Institute of Technology wins the 2021 NSA Codebreaker Challenge (National Security Agency/Central Security Service) Today, the National Security Agency announced Georgia Institute of Technology, University of North Georgia and Oregon State University as the first, second and third place winners of the 2021 NSA
ODU Alum Allen Walker Working to Change the Face of Cybersecurity (Old Dominion University) The recent honoree at the 2022 Black Engineer of the Year Award STEM Conference created a company that provides pathways into the workforce – and to ODU’s School of Cybersecurity.
Marshall, WVU link resources with U.S. Cyber Command network (Charleston Gazette-Mail) West Virginia’s two largest universities have joined forces with the U.S. Department of Defense to protect and serve the nation while their students gain current — and future — work
Legislation, Policy, and Regulation
China Is About to Regulate AI—and the World Is Watching (Wired) Sweeping rules will cover algorithms that set prices, control search results, recommend videos, and filter content.
European Cybersecurity Agencies Issue Resilience Guidance for Decision Makers (SecurityWeek) ENISA and CERT-EU have released guidance to help CISOs and other decision makers in public and private organizations increase their cyber resilience.
Brazil joins the Convention on Cybercrime: How will it impact other BRICS countries? (MediaNama) The Federal Senate of Brazil approved the draft legislative decree triggering Brazil’s adhesion to the Convention on Cybercrime. What are the consequences?
The National Cybersecurity Consortium is appointed to lead the Government of Canada's new Cyber Security Innovation Network (Yahoo) The National Cybersecurity Consortium (NCC) is pleased to announce that the Government of Canada has appointed the NCC to lead the Government of Canada's new Cyber Security Innovation Network (CSIN). In a statement issued today, the Honourable François-Philippe Champagne, Minister of Innovation, Science and Industry, stated that the NCC will receive up to $80 million over four years towards a potential total project well above $160 million, including significant cash and in-kind contributions fr
Lessons From Israel In Stopping Ransomware (Times of Israel) Israel is a small, but powerful nation that wants to stop attacks before they get to their door, and indeed, their lives depend on that. We can learn from Israel’s military doctrine of deterrence through overwhelming strength, unity, and disincentivizing the attackers to inform other security issues, such as ransomware attacks. I believe that the answer lies in a public-private security partnership financially backed by the government.
Pegasus: Investigations worldwide hold a crucial lesson for India (The Week) That our surveillance laws are obsolete and are in need of urgent reform
UK Government Consults on Plans to Restrict Huawei’s Involvement in Telecoms Networks (Infosecurity Magazine) The consultation will focus on legal mechanisms to restrict the use of Huawei in the UK's infrastructure due to national security concerns
The Cyber Social Contract (Foreign Affairs) How to rebuild trust in a digital world.
Biden's cybersecurity order opens our post-quantum era (TheHill) The White House is focused on national security concerns regarding the future threat of large-scale quantum computers to encrypted data.
Biden seen issuing crypto oversight exec order next week (Yahoo Finance) President Biden is expected to issue an executive order next week directing agencies across the government to study cryptocurrencies and a central bank digital currency (CBDC).
Want to weed out ransomware? Regulate crypto exchanges (Cointelegraph) Ransomware groups are stepping up their operations, often relying on the crypto space to move and cash out the ransom — and it’s time for the blockchain world to boot them out.
USA to attack bad cyber actors if it protects victims (Register) DoJ also creates two teams to prevent abuse of cryptocurrency – who knew that happens?
UNITED STATES : Forced to share presidential cyber adviser role, Nakasone balances defensive and offensive (Intelligence Online) Paul Nakasone was sole cyber chief in the White House for a long time thanks to his dual position as head of both the NSA and USCYBERCOM. But the rise of the CISA and the Office of the National Cyber
Time to reel in the growing number of supply chain risk management initiatives? (Federal News Network) Since November at least six agencies issued notices or requests for information/proposals to industry seeking feedback on how to do more to protect their supply chains.
Litigation, Investigation, and Law Enforcement
Meta, Google Face Data Doomsday as Key EU Decision Looms (Bloomberg) Irish watchdog to rule on data transfer contract term. Terms are used as an alternative after EU-U.S. pact was banned.
Tekun Nasional lodges police report over cyberattack on SPIM system (The Star) JOHOR BAHRU: The National Entrepreneur Group Economic Fund (Tekun Nasional) lodged a police report on Wednesday (Feb 16) after its online application system for Informal and Micro Financing Scheme (SPIM) was believed to have been hacked.
US Agencies Seized Around $30M of Crypto Related to NetWalker Ransomware Last Year (Coindesk) The January 2021 seizure is the largest related to ransomware, according to blockchain research firm Chainalysis.
No legal basis for leaving Assange in high security prison – human rights expert (The Leader) The WikiLeaks founder’s health is being ‘destroyed’ as he remains in Belmarsh prison in London, claims the UN special rapporteur on torture.
Investigation Finds Broward Schools Delayed, Hid Key Details of Cyber Attack (GovTech) An investigation by the South Florida Sun Sentinel uncovered a series of decisions by the district and its lawyers to mislead or delay notifying potential victims, and withhold details and internal correspondences.
Yahoo boys' are intelligent - Gov Obaseki reveals plan on internet fraudsters in Edo (Daily Post Nigeria) Governor Godwin Obaseki of Edo State has said that internet fraudsters, known locally as Yahoo boys, are very intelligent, saying their thinking need to
Trump's classified-docs scandal demands DOJ probe: legal experts (Newsweek) "Trump should be held to at least the standard for criminal conduct he set for Hillary Clinton," a former district attorney said.
NSO's Pegasus: A-G probe finds no illegal use of spyware by Israel Police (Jerusalem Post) The announcement contradicted a series of reports by the economic newspaper Calcalist that 26 public figures had their phones illegally hacked.
Israel Says Police Didn’t Hack Civilians Without Court Approval (New York Times) An official investigation refuted claims that the police had illegally hacked dozens of civilians using spyware from NSO Group, an Israeli company that has long attracted global scrutiny.
Phones of Bahraini Citizens Found Hacked With Pegasus Spyware (The Media Line) The phones of three Bahraini citizens who have […]
Police probe shows Missouri data weakness existed a decade before Post-Dispatch exposed it (St. Louis Post-Dispatch) Missouri Highway Patrol probe shows state data weakness existed 11 years before Post-Dispatch exposed it.
Miami Street Gangs See No Hope In Dope. They’ve Switched To Identity Fraud Fueled By Russian Hackers (Forbes) Instead of selling drugs on street corners, gang members are costing Americans millions by using personal data stolen by Russian cybercriminals to maintain fancy lifestyles.
Kaspersky and INTERPOL thwart a cyber-robbery in a central bank in Latin America (Intelligent CIO LATAM) Joint efforts of Kaspersky and INTERPOL helped prevent cybercriminals from stealing funds from a central bank in Latin America. Kaspersky experts discovered the incident when the attackers were attempting to find partners to help them conduct additional malicious activity. This sort of scheme has become particularly common over the past few years, wherein different groups […]
‘Clinton tech’ Rodney Joffe had a shady past before he targeted Trump (New York Post) Long before Rodney L. Joffe allegedly trolled Internet traffic for dirt on President Trump, he scammed unwitting Americans over a grandfather clock.
FCC Floats $45M Fine Against Health Insurance Robocaller (Law360) The Federal Communications Commission floated a $45 million fine Friday against a company it says capitalized on pandemic uncertainty and tried to sell insurance plans to customers through illegally placed robocalls.
