Dateline Moscow, Minsk, and Kyiv: Russia goes kinetic (with cyber operations in support).
Russia effectively declares war on Ukraine. (The CyberWire) As Russia effectively declares war on Ukraine, the civilized world considers its options. Cyber operations continue, and Ukraine says it will fight.
Full report: Vladimir Putin launches 'special military operation' to 'de-Nazify' Ukraine (The Telegraph) Russian troops land in Odessa and Kharkiv as terrified Ukrainians rush to bomb shelters
Exclusive: 'All hell broke loose' - Ukrainian soldiers on front line reveal how Russian invasion started (The Telegraph) Troops holding the line against pro-Russian separatists at Kramatorsk airbase tell The Telegraph how the attack came with no warning
In maps, videos and photos, how Russia’s military push into Ukraine is unfolding on the ground (Washington Post) Russian troops have entered Ukrainian territory, in what U.S. officials have called an invasion of the European country. On Wednesday, Ukraine announced plans to impose a state of emergency, and it called up military reservists, a sign the country was bracing for further aggression from Russia.
Latest images from Ukraine: Civilians in firing line as Russia attacks (The Telegraph) Forty of its soldiers have died so far, plus 50 'Russian occupiers', according to Ukraine's interior ministry
Russia attacks Ukraine; conflict reverberates around globe (AP NEWS) Russia launched a wide-ranging attack on Ukraine on Thursday, hitting cities and bases with airstrikes or shelling, as civilians piled into trains and cars to flee.
Putin orders military operations in Ukraine, demands Kyiv forces surrender (Reuters) Russian President Vladimir Putin authorised a military operation in eastern Ukraine on Thursday in what appeared to be the start of war in Europe over Russia's demands for an end to NATO's eastward expansion.
Russia's Putin authorises special military operation in Ukraine's Donbass region (Reuters) Russian President Vladimir Putin authorised a special military operation in Ukraine's Donbass region in the early hours of Thursday morning and told the Ukrainian military to lay down its weapons and go home.
Ukraine-Russia crisis: Vladimir Putin announces 'military operation' in Donbas (The Telegraph) Vladimir Putin has announced a "military operation" in Ukraine – a move that has effectively declared war in Europe.
Putin launches attacks across Ukraine (Axios) Putin confirmed that Russia is now invading Ukraine.
Ukrainian President Zelensky says Putin has ordered invasion as country prepares for war (Axios) Zelensky revealed that he had tried to call Putin but been met with "silence."
Timeline: Putin attacks Ukraine – how it happened (Al Jazeera) Explosions have been heard across Ukraine, with Kyiv saying military sites targeted by Russia in eastern Donbas region.
Ukraine declares state of emergency, may ban some political activities (Newsweek) The government declared a state of emergency for 30 days, starting Thursday.
Exclusive: U.S. warns Ukraine of full-scale Russian invasion within 48 hours (Newsweek) U.S. officials told Newsweek that Ukrainian President Volodymyr Zelenskyy has been informed a full Russian invasion involving airstrikes, missiles and ground troops is imminent.
Ukraine-Russia crisis: US warns Kyiv of 'imminent' full scale invasion
(The Telegraph) The US sent a new intelligence report to Ukraine on Tuesday morning, suggesting a full scale attack was "imminent”.
Concerns grow over miscalculations with Russia as U.S. troops build up near Ukraine (Military Times) A full-scale Russian invasion of Ukraine could push troops right up to NATO's U.S.-reinforced border.
The line Biden won’t cross on Ukraine (POLITICO) The president says he won’t send American troops to battle Russian forces in Ukraine. That, some critics say, is a stance Russia will exploit and China will remember.
Analysis: Putin's Ukraine assault confounds Biden strategy, puts leadership to the test (Reuters) He threatened to impose the harshest sanctions ever on Russia. He worked to galvanize U.S. allies into a united front. He supplied Ukraine with more weapons than any American president before him. And he beefed up U.S. forces on NATO's eastern flank as reassurance of his commitment.
China, seemingly surprised by sudden Ukraine incursion, denies backing Russian attacks (Washington Post) While Beijing urges calm, Chinese analysts blame the United States and Ukraine for provoking the Russian attack
‘We are facing war and horror’: Ukraine vows to fight on as Russia attacks. (Military Times) World leaders condemned the attack Thursday, with the U.S. and its allies promising severe sanctions, even as Russian forces remained on the move across Ukraine.
‘Here we are now, entertain us!’ — Ukrainian soldiers troll Russia with Nirvana rendition (Task & Purpose) ♬ Load up on guns, bring your friends. ♬
Friendless Putin has gone full tonto on Ukraine, Ben Wallace says (Times) Ben Wallace says President Putin has “gone full tonto” over Ukraine as he told soldiers to be prepared for a “busy” period serving in the British Army.The defen
World expresses outrage, plans stronger Russia sanctions (AP NEWS) World leaders expressed a raw outrage shrouded by an impotence to immediately come to the aid of Ukraine to avoid a major war in Europe, condemning Russia’s attack on its neighbor as the European Union and others promised unprecedented sanctions to hit the Kremlin.
Russia invasion: Boris Johnson and Joe Biden lead world leaders' fury at Vladimir Putin (The Telegraph) PM says Russian president has 'chosen a path of bloodshed' and Biden promises to 'hold Russia accountable'
Britain to send more weapons to Ukraine as threat of full Russian invasion mounts (The Telegraph) Boris Johnson announces that both 'lethal' and 'non-lethal' weapons will be sent in light of the threatening actions from Russia
Is the curtain coming down on ‘Londongrad’? (The Telegraph) Russia's billionaire oligarchs have been living the high-life in Britain for decades, but now the gravy train may be grinding to a halt...
NATO to take additional deterrence measures after Russian attack - statement (Reuters) NATO will take additional steps to strengthen the alliance's deterrence and defence after Russia launched an invasion of Ukraine, the alliance said in a statement on Thursday.
U.S., Allies Poised to Hit Russia With Broad Sanctions for Ukraine Invasion (Wall Street Journal) Measures are expected to target Russian banks and debt, ban exports of technology critical to industry.
Joe Biden marshals U.S. allies as Europe faces darkest hour since WW2 (Newsweek) The president will speak with U.S. allies on Thursday amid promises of harsh sanctions against Russia.
Russia-Ukraine: Putin's army 'are as ready as they can be,' US official says (Fox News) Key Ukrainian government websites are being disrupted Wednesday in a new cyberattack, an official says, a day after the U.S., U.K. and other western nations sanctioned Russia for their actions in the Donbas and Luhansk regions.
Invasions Don’t Pay Off Anymore (Foreign Policy) There’s a reason that full-scale interstate war, of the sort that Russia is inching toward, has become a rarity.
The West Is Sleepwalking Into War in Ukraine (Foreign Policy) It’s not easy to make sense of how the United States and Europe are responding to Russia’s aggression.
Many Russians Feel a Deep Unease Over Going to War (New York Times) After months of tuning out American warnings that Vladimir Putin was preparing to invade Ukraine, Russians now realize that “this is not a game.”
Opinion | The West Must Show Putin How Wrong He Is to Choose War (New York Times) Russia’s invasion of Ukraine calls for a determined, comprehensive response.
Putin’s Gamble in Ukraine Risks Xi’s Friendship (Bloomberg) Beijing lent its support against the West while Russia rattled sabers. A full-scale invasion of Ukraine is another matter.
Cyberattacks accompany Russian military assault on Ukraine (AP NEWS) The websites of Ukraine's defense, foreign and interior ministries were unreachable or painfully slow to load Thursday morning after a punishing wave of distributed-denial-of-service attacks as Russia struck at its neighbor, explosions shaking the capital of Kyiv and other major cities.
Cyberattack hits Ukrainian banks and government websites (CNBC) The source of the attack is not yet confirmed but the outages come as Russia has positioned troops to be able to invade Ukraine.
Second data wiper attack hits Ukraine computer networks (The Record by Recorded Future) Two cybersecurity firms with a strong business presence in Ukraine—ESET and Broadcom's Symantec—have reported tonight that computer networks in the country have been hit with a new data-wiping attack.
Key Ukrainian government websites hit by series of cyberattacks (CNN) Key Ukrainian government websites were down early Thursday morning local time following a day in which Ukrainian agencies dealt with multiple cyberattacks and as concerns mounted over Russian troop movements into Ukraine's separatist regions.
Russia is using an onslaught of cyber attacks to undermine Ukraine's defence capabilities (The Conversation) Further cyber exploitation of Ukraine could cause citizens immense distress at this critical moment.
The Russia-Ukraine crisis isn't just unfolding on the ground. Cyber attacks are 'intensifying' too (ABC) Data-wiping malware is detected on computers across Ukraine, with cyber attacks downing government websites and impacting banks.
US space leaders warn sat operators to beware likely Russian interference (Breaking Defense) "We've been talking about the fact that space is contested, and we're probably right in the middle now of our first space fight," said Lt. Gen. Michael Guetlein.
Cyber-attacks bring down many Ukraine websites (BBC News) Multiple government and company websites go down in the largest cyber-attack since the crisis began.
Ukraine computers hit by data-wiping software as fears of full-scale Russian invasion rise (Reuters) A newly discovered piece of destructive software found circulating in Ukraine has hit hundreds of computers, according to researchers at the cybersecurity firm ESET, part of what Ukrainian officials said was an intensifying wave of hacks aimed at the country.
Ukraine’s cyber lessons get tested (POLITICO) Report comes as Ukraine faces cyber-attack and allies brace for state-sponsored hacks
Senate intelligence chair warns Putin cyberattacks could trigger bigger war (Axios) Sen. Mark Warner said Putin's actions during the next few days risk triggering NATO's Article 5 collective defense principle.
Cyber Threat Brief: How Worried Should We Be About Cyber Attacks On Ukraine? (S&P Global) Cyber attacks are becoming a more prevalent means of achieving foreign policy objectives, given their lower deployment costs relative to conventional military tactics and uncertain scope for retaliation. We are also seeing a hybrid cyber-kinetic form of warfare, where cyber assaults can precede or be accompanied by military operations. The intent of such attacks is often to undermine confidence in key institutions and infrastructure, which implies wider credit implications across sectors and geographies. Given tensions between Russia and the West over Ukraine in recent weeks, S&P Global Ratings sees a heightened risk that Ukraine will be the target of additional cyber attacks. We are monitoring if such attacks could spill beyond the country's borders and their potential credit implications.
The U.S. is still frighteningly vulnerable to deadly Russian cyberattacks (MSNBC) America's old and weak infrastructure isn't just a matter of politics. A yearslong failure to update America's infrastructure has put us all in grave danger.
U.S. Cyber Agency, Others Warn Ukraine Crisis Could Lead to More Cyberattacks (Security Sales & Integration) As more tech firms fall victim to cyberattacks, experts warn threats could increase in the wake of Russian aggression against Ukraine.
EU Will Send a Newly Created Cyber Rapid-Response Team (CRRT) to Ukraine (Heimdal Security Blog) A coalition of six EU nations, including Lithuania, will lead the effort to "assist Ukrainian institutions in dealing with escalating cyber-threats," according to a press release. The coalition also includes Croatia, Poland, Estonia, Romania, and the Netherlands.
Utica-trained cybersecurity experts on front lines as tensions grow between Russia and Ukraine (WKTV NewsChannel2) As two countries a world away prepare to duke it out, possibly on the battlefield or the cyberfield....local cybersecurity experts and those who train them....tell us why we, here in
Russian troops invaded Ukraine. Sanctions are in place. What happens next? (USAtoday) Three scenarios about what happens next for Ukraine and Europe after Putin's invasion.
Biden Expands Russia Sanctions to Nord Stream 2, Its Officers (Bloomberg) Biden imposed an initial set of sanctions on Russia on Tuesday. President threatens additional penalties if Russia escalates.
U.S. Eyes Oil Reserves Release as Prices Rise on Ukraine (Bloomberg) Oil release with allies considered if prices keep rising. High oil and gas prices present political risks for Biden.
Germany has emerged as Vladimir Putin's toughest opponent by shutting down Nord Stream 2 (The Telegraph) Olaf Scholz was the first to take decisive action by cancelling controversial pipeline
Deluded Berlin has finally woken up to the truth about Vladimir Putin (The Telegraph) The veil has finally lifted: Moscow never wanted a diplomatic solution to the Ukraine crisis
E.U. will unveil a strategy to break free from Russian gas, after decades of dependence (Washington Post) Ukraine crisis has pushed Europe toward renewables — but will the change come quickly enough?
London is the center of Russian influence and money overseas. Will the U.K. government act further? (Newsweek) The British capital is the nexus of various Russian financial interests and assets, from mansions and soccer clubs to listed companies.
Time to go after the Kremlin’s wallets (Atlantic Council) Going after the Kremlin’s oligarchs who stash their illicit wealth in the West is an essential move that should happen now before Putin goes further in his campaign to end Ukrainian independence and revise Europe as we know it today.
What I heard in Munich: A lot of bold words, but little bold action (Atlantic Council) As long as there are doubts about who belongs to Europe (and how), that means weakness and vulnerability for all.
Imperial Russia has called the West’s bluff (The Telegraph) Nato’s toothless response to Putin’s aggression has raised the risk of an even more disastrous conflict
Putin’s Long Game in Ukraine (Foreign Affairs) How the West can still protect Kyiv.
Russian Diplomats’ Credibility Crisis (Foreign Policy) Shifting justifications for Ukraine aggression suggest they may be running blind.
Belarus joins Putin's new Russian empire (Atlantic Council) Vladimir Putin appears to have succeeded in the unofficial annexation of neighboring Belarus with news that Russian troops deployed ostensibly for military exercises will now remain in the country indefinitely.
Fact-checking Putin’s speech on Ukraine (Washington Post) Russian President Vladimir Putin on Monday made a lengthy, often-bitter televised speech as he ordered troops into two pro-Russian separatist regions of eastern Ukraine. His speech contained many dubious claims, both historical and factual. Here’s a guide to some of the more noteworthy statements, using the official translation provided by the Kremlin.
Vladimir Putin Has No Time for Your Reality (Bloomberg) Isolated and surrounded by sycophants, the Russian president may have lost touch with the real world. That could spell disaster.
What these three pictures tell us about Putin and power (The Telegraph) Everything the Russian president presents to the world is about image – and his messages aren’t subtle
Like Others Before Him, Putin Will Find the U.S. Media Is a Potent Foe (World Politics Review) If Russia does not launch an all-out invasion of Ukraine, the Biden administration’s use of intelligence disclosures “to get inside Putin’s head” may come to be regarded as a brilliant deterrent tactic. But this is not the only way to understand the information warfare around the current crisis, nor is it the most convincing.
MacPaw’s Operations amidst the Russian Aggression against Ukraine (MacPaw) Being humans of the 21st century, we all wish that the tragic days of war were a thing of the past. However, now once more, with the Russian aggression against Ukraine, we’ve been made to witness how easy freedom, independence, and the human right to life and choice are put on the line.
The Russia Ukraine Crisis Affect on Small Business Cyber Security (Mind The Gap Cyber) We need to be aware of how the Russia Ukraine Situation will affect Small Business Cyber Security. Small businesses will be targets.
Attacks, Threats, and Vulnerabilities
SockDetour Backdoor Targets U.S. Defense Contractors (Unit42) SockDetour is a custom backdoor being used to maintain persistence, designed to serve as a backup backdoor in case the primary one is removed.
Russia’s most cutthroat hackers infect network devices with new botnet malware (Ars Technica) The Russian government's Sandworm group uses previously unseen Cyclops Blink.
New Sandworm Malware Cyclops Blink Replaces VPNFilter (CISA) The Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework.
New Sandworm Malware Cyclops Blink Replaces VPNFilter (CISA) The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting that the malicious cyber actor known as Sandworm or Voodoo Bear is using new malware, referred to as Cyclops Blink. Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office routers and network-attached storage devices.
New Sandworm malware Cyclops Blink replaces VPNFilter (NCSC) Joint advisory published by the UK and US identifies a new malware known as Cyclops Blink that could be used to remotely access networks.
Russia-backed hackers behind powerful new malware, UK and US say (the Guardian) Report comes as Ukraine faces cyber-attack and allies brace for state-sponsored hacks
New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store (Check Point Research) Popular games such as “Temple Run” or “Subway Surfer” were found to be malicious Attackers can use the installed malware as a backdoor in order to gain full control on the victim’s machine Most of the victims are from Sweden, Bulgaria, Russia, Bermuda and Spain Check Point Research (CPR) has spotted new malware that is... Click to Read More
Asustor network storage devices are being hit by a nasty ransomware attack (The Verge) Asustor NASes are being hit by a Deadbolt ransomware attack.
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool (SecurityWeek) CISA has expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.
Please Sign on the Dotted Line: DocuSign Phishing Attack (Armorblox) This blog examines an attack impersonating DocuSign, the market leader in the electronic signing services industry. The email attack had a social engineered payload, attempting to spoof the email address and design the subject line of a legitimate email related to e-signature
Increasing Number of Threat Groups Targeting OT Systems in North America (SecurityWeek) Industrial cybersecurity firm Dragos saw three new threat groups targeting ICS/OT environments in 2021.
Cyber can now create biowarfare effects, without a bioweapon (Breaking Defense) The digitization of medicine and biomedical research has been a boon for medical breakthroughs, but comes at a cost. From ransomware attacks at hospitals to intellectual property breaches at research centers, cybersecurity is now a major concern in the medical world. In the following op-ed, three experts at the intersection of national security and health…
Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool (The Hacker News) A team of Chinese researchers has revealed details of a "top-tier" backdoor used by the Equation Group, a APT group linked to the NSA.
Dridex Malware Spreads Entropy Ransomware In Recent Cyberattacks (Decipher) Researchers point to a possible common origin between the Dridex malware and Entropy ransomware due to code similarities.
Cybercriminals Seek to Profit From Russia-Ukraine Conflict (SecurityWeek) Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict
Four 'serious' personal data breaches reported by North East council (The Northern Echo) Redcar and Cleveland Council said in a report that two of the breaches involved reports and paperwork being disclosed in error to individuals
Social Security Numbers, Passport Data, and More Stolen from 'Thousands' of Meyer Employees After Ransomware Attack (Tech Times) Employees of the Meyer Corporation have had sensitive data stolen by a ransomware gang. Learn more about what data was stolen.
Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients (HIPAA Journal) Logan Health Medical Center in Kalispell, MT, has recently started notifying certain patients that hackers gained access to a file server that housed Logan Health Medical Center in Kalispell, MT, and NHS Management in Tuscaloosa, AL have recently announced they were victims of sophisticated cyberattacks.
Book Depot data breach could impact ‘hundreds’ of current, former staff (St. Catharine's Standard) Company says no customer data compromised; former worker angry Book Depot took four months to warn her and others their information might have been stolen
Sinclair Says Cyber Attack Resulted in $63 Million Ad Revenue Loss (Broadcasting Cable) Company reports $89 million net loss for fourth quarter
Metaverse app allows kids into virtual strip clubs (BBC News) A BBC investigation witnesses grooming, sexual material and a rape threat in a virtual reality world.
Security Patches, Mitigations, and Software Updates
Cisco Releases Security Updates for Email Security Appliance (US-CERT) Cisco has released security updates to address a vulnerability affecting Cisco Email Security Appliance. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
Zenly Fixes User Data Exposure and Account Takeover Risks (Checkmarx.com) The Checkmarx Security Research Team responsibly notified Zenly, providing detailed information of our research findings, instructions to reproduce the issues, and recommendations. Zenly has now fixed the issues we discovered.
Trends
The State of Ransomware Attacks in Healthcare (CyberSaint Research) CyberSaint's new research provides insight into the healthcare industry's ability to mitigate ransomware risk and healthcare sector readiness including their ability to restore data from backups, and their propensity to pay a ransom.
Illusive Research Reveals Identity Risks on 1 in 6 Enterprise Endpoints - illusive (illusive) Learn how unmanaged, misconfigured, and exposed identity risks leave every organization vulnerable to cyberattack.
RiskIQ Intelligence Roundup: Spoofed Sites and Surprising Infrastructure Connections (RiskIQ) Our last intelligence roundup covered increased threat activity involving hijacked infrastructure, which gives threat campaigns additional credibility, flexibility, and stealthiness. Recently, we've seen attacks using hijacked infrastructure to spoof well-known brands and websites to deliver malware. For attackers, these spoofed websites have all the benefits of stolen legitimate infrastructure plus coopted brand recognition that helps them fool users into clicking their malicious links. In this roundup, we'll cover this activity in greater detail. We'll also dissect new findings on malware campaigns, nation-state threat infrastructure, and Magecart digital credit card skimming.
The Trend Toward Heightened Cybersecurity for the Water Utility Sector (Lexology) With high-profile cybersecurity attacks in 2021 such as those at Colonial Pipeline and JBS Foods, there is no doubt that cybersecurity is of utmost…
The 4 Biggest Cyber Threats Hanging Over The Future (The Birmingham Times) There are those who say a “cyber pandemic” is inevitable. And there are those who say we’re in it right now. Gil Schwed, founder and director of Israel’s cybersecurity pioneer, Check Point Software Technologies, belongs to the latter camp.
Personal info leaks from listed Japan firms hit record high in 2021 (The Japan Times) The number of personal information leaks from companies listed on Japanese stock exchanges, as well as their subsidiaries, rose by 30% in 2021 from the previous year.
Marketplace
Cloudflare to Buy Area 1 Security in Push to Protect Against Phishing Emails (Bloomberg) The $162 million deal will bolster the company’s product suite. Cloudflare is among software vendors targeting email security.
Astrix Security Nabs $15M to Tackle Attack Surface Sprawl (SecurityWeek) Israeli startup Astrix Security has banked $15 million to build technology to help organizations secure third-party app integrations.
Secureframe secures $56M for a platform that automates an enterprise’s compliance with standards like HIPAA and SOC 2 (TechCrunch) Meeting compliance standards like HIPAA and SOC 2 can be a critical — and often mandatory — part of the matrix of boxes that need to be ticked when securing an organization, but it’s also one of the more thorny to see through, since it involves not only assessing systems as they c…
Aporia raises $25M Series A for its ML observability platform (TechCrunch) Aporia, a Tel Aviv-based startup that helps businesses monitor and explain their AI-based services, today announced that it has raised a $25 million Series A funding round led by Tiger Global. New investor Samsung Next, as well as previous investors TLV Partners and Vertex Ventures also participate…
BlueVoyant nabs $250M to help enterprises nab malicious hackers and stop security breaches (TechCrunch) Cybersecurity continues to be a pernicious and complex problem, for enterprises, and today a company that’s building a multi-faceted toolkit to help them address it better is announcing a big round of funding to continue its growth. BlueVoyant — which provides a mix of proprietary techn…
Phosphorus Cybersecurity raises $38 million to secure IoT devices (VentureBeat) Phosphorus Cybersecurity’s flagship solution, provides users with a complete inventory of IoT devices throughout their environment, displaying the IP address, manufacture, model, and firmware so they have more transparency over the security posture of IoT devices.
Managed detection and response startup eSentire raises $325M on $1B valuation (SiliconANGLE) Managed detection and response startup eSentire raises $325M on $1B valuation - SiliconANGLE
Red Sift Closes $54 Million Series B Funding to Scale Innovation and Adoption of Integrated Cloud Email Security and Brand Protection Platform (Business Wire) Red Sift, provider of the only integrated cloud email security and brand protection platform, today announced that it raised $54M in Series B funding.
Security compliance startups attract millions in funding (The Register) There's gold in them thar forms
Elevate Security Quadruples Enterprise Annual Recurring Revenue in 2021 by Refocusing Enterprise Cybersecurity on its Biggest Risk—Users (GlobeNewswire News Room) User Security pioneer expands leadership team amidst rapid growth, adding a CRO, Field CISO, and VP Marketing to drive adoption of proactive user security...
Telos Corporation Awarded Contract Extension with National Security Agency (Telos Corporation) Cybersecurity leader to build on deep-rooted NSA relationship with additional Xacta support and deployment of Xacta 360 ASHBURN, Va. , Feb. 24, 2022 (GLOBE NEWSWIRE) -- Telos ® Corporation (NASDAQ: TLS), a leading provider of cyber, cloud and enterprise security solutions for the world’s most
Nonprofits, Activate! Orgs Team Up to Tackle Cybersecurity Threats (PCMAG) Nonprofit Cyber says its goal is 'joint action to improve cybersecurity' not political lobbying.
Identity Management Day 2022 Awards (Identity Defined Security Alliance) The 2022 Identity Management Awards recognize end user organizations along with their solution providers and leaders who are making identity management and security an enabler to business operations while reducing risk.
Identity Defined Security Alliance Partners with National Cybersecurity Alliance for Second ... (The Bakersfield Californian) DENVER, Feb. 24, 2022 (GLOBE NEWSWIRE) -- The Identity Defined Security Alliance (IDSA), a nonprofit that provides free vendor-neutral education and resources to help organizations reduce the risk of a
Identity Management Day - April 12, 2022 (Identity Defined Security Alliance) Identity Defined Security Alliance Partners with National Cybersecurity Alliance for Second Annual ‘Identity Management Day’ April 12, 2022.
Island Adds Prominent Cybersecurity Advisors and Investors (Business Wire) Island, developer of the Enterprise Browser, announced it has added a select group of investor advisors to its strong bench of strategic partners, inc
NTT Application Security Appoints Mark Rossiter as VP of Sales, Americas (PR Newswire) The Application Security Division of NTT Ltd., a world leader in application security, today announced the appointment of Mark Rossiter as the...
Cybersecurity Startup Dazz Appoints Mike Gesnaldo as Chief Revenue Officer (PR Newswire) /PRNewswire/ -- Dazz, a fast-growing cloud security remediation company, has announced the appointment of Mike Gesnaldo as Chief Revenue Officer. Gesnaldo will...
Products, Services, and Solutions
Illumio Introduces Managed Service Provider Program to Empower MSPs to Protect Customers with Zero Trust Segmentation (Illumio) New Program Offers MSPs and MSSPs Specialized Capabilities to Defend Against Cyber Attacks Such as Ransomware and Capitalize Upon Surging Zero Trust Segmentation Market
New MyCena Enterprise Security Solution is Digital Vaccine Against Cyberpandemic (MyCena) With nine out of ten breaches related to passwords, MyCena’s segmentation and cyber-resilience model ends password phishing...
Perimeter 81 Adds a Radically Simple Secure Web Gateway to its Security Services Edge Solution (Business Wire) Perimeter 81 adds a Secure Web Gateway feature strengthening its Security Services Edge solution.
Theom Utilizes Hedera Consensus Service to Help Organizations Establish Auditable Zero Trust Data Security (PR Newswire) Theom, a fully managed Cloud Data Protection Platform that empowers enterprises to protect their data in the cloud, has integrated with the...
Scalefusion Now Offers Corporate Email Security with Conditional Email Access (PR Newswire) ProMobi Technologies today announced that Scalefusion, its leading Mobile Device Management (MDM) solution, now offers Conditional Email Access...
NVISIONx Develops Data Risk Intelligence Platform (Cards International) California’s cybersecurity startup NVISIONx has rolled out a data risk intelligence (DRI) platform that enables companies to gain control of their enterprise data to reduce data risks, compliance scopes, and storage costs.
IBM Cybersecurity Hub to mitigate APAC cyberattacks (Tech Wire Asia) IBM virtually inaugurated its Cyber Range and IBM Security Command Center to help APAC organizations mitigate cybersecurity threats.
Resecurity® Introduced Cyber Threat Intelligence Solutions for Law Enforcement in South Africa (PR Newswire) Resecurity®, a Los Angeles-based cybersecurity and intelligence company, recently served as the lead sponsor of the inaugural Cyber...
JupiterOne Releases New Starbase Open-Source Tool to the Security Community (PR Newswire) JupiterOne, the security industry's leading cyber asset attack surface management (CAASM) platform provider, today announced the availability...
Technologies, Techniques, and Standards
CISA unveils new catalog of free cyber tools amid Ukraine crisis (FCW) Cybersecurity and Infrastructure Security Agency Director Jen Easterly said the agency is "leaning forward" to inform critical infrastructure owners of ways they can protect their most important assets against possible cyber fallout from Russia's moves against Ukraine.
NIST seeks information on updating its Cybersecurity Framework (CSO Online) Security community welcomes the update, but a U.S. GAO report cites slow adoption among government.
New cyber guidelines to safeguard construction sector (ComputerWeekly) NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building.
Shadowserver Starts Conducting Daily Scans to Help Secure ICS (SecurityWeek) The Shadowserver Foundation has started conducting daily scans in an effort to identify exposed ICS and help organizations reduce exposure.
Informing Defense with Adversary Sightings (Medium) Written by. Kellyn Wagner Ramsdell, Mike Cunningham, and Jon Baker.
Sightings Ecosystem: A Data-driven Analysis of ATT&CK in the Wild (MITRE Engenuity | Center for Threat Informed Defense) The costs of intrusions are increasing as adversaries evolve their attacks. This evolution forces defenders to consider more and more attack sequences and techniques.
8 Steps To Be GDPR Compliant With Your Website (Online Tech Tips) In 2018, the European Union implemented a series of data protection reforms known as the General Data Protection Regulation (GDPR). In essence, GDPR replaced all the different data protection laws [...]
The Advantages And Risks Of Biometric Security (Android Headlines) You’re probably already using biometric technology on a regular basis, even if you aren’t aware of it. According to ExpressVPN, biometric is the use of
CISA Tribal Affairs (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) works with our partners to keep our critical infrastructure safe and resilient for all Americans.
Why Effective Cybersecurity Starts at the Top (Financial Executives) The need for enhanced cyber capabilities is evident, but how do finance leaders take the initiative?
Design and Innovation
Inside the Lab Where Intel Tries to Hack Its Own Chips (Wired) Researchers at iSTARE have to think like the bad guys, finding critical flaws before processors go to production.
Legislation, Policy, and Regulation
China and Russia are proposing a new authoritarian playbook. MENA leaders are watching closely. (Atlantic Council) When President Donald Trump lost the 2020 US presidential election to democratic candidate Joe Biden, many leaders in the Middle East and North Africa
EU Unveils Rules to Force Firms to Share Product Usage Data (Bloomberg) Rules affect company data, connected devices, cloud providers. Companies say rules could complicate international data flows.
India’s Personal Data Privacy Bill: What does it mean for individuals and businesses? (The Daily Swig) New legislation sets out to bring India in line with international best practice, but what will this look like in action?
CISA official floats Zero Trust roadmap for agencies (SC Magazine) An official at the Cybersecurity and Infrastructure Security Agency told a White House industry advisory panel that the agency was working on guidance for federal agencies around how best to adopt “Zero Trust” security strategies.
DOJ Axes Troubled 'China Initiative' After String Of Dismissals (Law360) The U.S. Department of Justice is scrapping a Trump-era initiative targeting Chinese economic espionage after a string of botched cases against academics drew outcry from civil rights groups and the scientific community, a senior official said Wednesday, although he gave no indication that pending cases would be shelved.
Most cyber pros give thumbs down to the EARN IT Act (Washington Post) An effort to stem child porn would bring serious collatoral damage, experts say
DoJ announces new strategy for countering nation-state threats (The Record by Recorded Future) A top Justice Department official on Wednesday said that the US government was ending a controversial China-focused strategy developed under the Trump administration, replacing it with a broader strategy that focuses on countering cyberattacks, espionage and other threats from a wider range of nation-state adversaries.
US Army cyber conference seeks to bolster holistic national cybersecurity (C4ISRNet) The Jack Voltaic series brings together a diverse group of organizations to bolster the cybersecurity of critical infrastructure.
Westchester creates cybersecurity task force as possible Russian retaliation looms (Westfair Communications) Westchester County Executive George Latimer on Feb. 23 announced during a news conference at the County Office Building in White Plains that he has signed an Executive Order creating a Task Force on Cybersecurity. The task force, together with the county’s existing Department of Information Technology (DIT), is being charged with protecting the county from …
Litigation, Investigation, and Law Enforcement
CISOs, beware of spyware tools for illicit competitive intelligence (CSO Online) Two recent court cases expose the capabilities of publicly available spyware and how businesses and governments use them for malicious purposes.
The FTC is going after companies behind those annoying auto warranty robocalls (Washington Post) They’re also costly. The consumer watchdog alleges in one case that consumers were bilked out of more than $6 million.
Don't Forget the March 1 HIPAA Smaller Breach Reporting Deadline (Holland and Knight) If a Health Insurance Portability and Accountability Act (HIPAA)-covered entity experiences a data breach involving fewer than 500 individuals, the incident must be reported to the U.S. Department of Health and Human Services (HHS).
CNIL Recommends Using US Analytics Tools Only for Anonymous Statistical Data (The National Law Review) Following a similar case from Austria, the French data protection authority recently concluded that certain use of cookies placed by US data analytics tools violated GDPR. The case came befo
Report: Missouri Governor’s Office Responsible for Teacher Data Leak (KrebsOnSecurity) Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they…
Nigerian hacker pleads guilty to stealing payroll deposits (BleepingComputer) A Nigerian national named Charles Onus has pled guilty in the District Court of the Southern District of New York to hacking into a payroll company's user accounts and stealing payroll deposits.
5 healthcare organizations facing lawsuits over data breaches (Becker's Hospital Review) Cybercriminals are continuing to attack healthcare organizations at an alarming rate. These attacks bring negative consequences to healthcare systems' operations and finances in several ways, one of them being data breach lawsuits.
Class Attys Defend Scuttled Data Breach Deal, $300K In Fees (Law360) Customers suing a water filtration retailer over a data breach are pushing back at a Wisconsin federal judge's refusal to grant final approval to a settlement and their attorneys' request for more than $300,000 in fees, arguing the deal has "universal support" and that class counsel hasn't "merely phoned it in."
DPC warns of damage to GDPR enforcement regime (RTE.ie) The Data Protection Commissioner has said a set of metrics against which the performance of all European data regulators can be assessed objectively must be agreed.
$92M TikTok Data Breach Settlement Deadline Coming Soon (Yakima Herald-Republic) You didn’t think anything of posting that video on TikTok of you cooking up the famed feta pasta dish or showing off your best moves for the Sun Goes Down