Dateline
Ukraine at D+7: Belarusian cyberespionage, Russian rocket fire, Ukrainian hacktivism. (The CyberWire) A Black Sea port falls, and Russian artillery continues to hit civilian targets. Russia, Belarus, and Ukraine are all engaged in cyber operations (and Ukraine is said to be targeting Russia's railroads and power grid). The UN condemns Russia for a war of aggression.
Maps: Tracking the Russian Invasion of Ukraine (New York Times) Russian troops have captured Kherson and continue to advance toward other cities in southern Ukraine.
Russia takes aim at urban areas; Biden vows Putin will 'pay' (AP NEWS) Ukraine’s leader decried Russia's escalation of attacks on crowded cities as a blatant terror campaign, while U.S. President Joe Biden warned that if the Russian leader didn't “pay a price” for the invasion, the aggression wouldn’t stop with one country.
Vladimir Putin resorts to brutal bombardments after ‘Western’ approach to Ukraine invasion fails (The Telegraph) With Russia’s forces stalled outside Kyiv and a rapid victory unlikely, missile and air strikes are set to pound areas into submission
Convoy still stalled outside Kyiv, but casualties mount in Ukraine as Russia advances (Washington Post) Russian troops advanced inside a key Ukrainian port, Kherson, but its mayor said the city remains in government hands
Russia-Ukraine latest news: Kherson becomes first major city 'under Russian control' (The Telegraph) Russian troops appear to have taken control of Kherson, after its mayor posted a cryptic message suggesting a military takeover.
Russian paratroopers storm Kharkiv after devastating rocket attacks (The Telegraph) As missiles rained down, airborne forces landed in the largely Russian-speaking city of 1.4million people, close to the eastern border
‘They are fighting like lions’ (The Record by Recorded Future) So far, Russia has depended little on cyber weapons as it launches its bloody invasion on Ukraine. But that is unlikely to last for long. U.S. officials say cyber attacks are coming, and they have a pretty good idea what will be in the crosshairs.
Ukrainians block roads leading to Europe’s largest nuclear power plant (The Telegraph) Makeshift blockade erected to prevent access to Zaporizhzhia facility as Russian troops advance in the area
Putin Reaches for the Syria Playbook as Ukraine Invasion Stalls (Foreign Policy) Cluster bombs, leveled apartments, and sieges are Russia’s recipe for war.
Vladimir Putin’s Ukraine War is a blueprint for genocide (Atlantic Council) Putin has convinced millions of Russians that Ukraine is not a country and Ukrainians are really Russians. This has set the stage for mass atrocities in the country as the Russian invasion runs into the reality of a hostile Ukraine.
Molotov Cocktails in winter: What 1939 Finland tells us about Ukraine today (Atlantic Council) But while Ukrainians may be prepping Molotov Cocktails, this winter war is already different.
Tweets of the Week: Ukraine Invasion (Euractiv.) Welcome to #EUTweets of the Week, coming to you a day early for… obvious reasons.
When War Struck, Ukraine Turned to Telegram (Wired) As Russian troops surround Kyiv, millions of Ukrainians have relied on the messaging platform for government information.
Cyber Realism in a Time of War (Lawfare) Activity in the digital domain may affect the war in Eastern Europe at the margins, but it will not decide it. That should tell us something about the West’s cyber posture.
Russian Hybrid War Report: Social platforms crack down on Kremlin media as Kremlin demands compliance (Atlantic Council) Google, Meta, and Twitter are taking action against Russian state-owned media accounts to limit the spread of harmful information online.
Exclusive: Google blocks RT, Sputnik from Play app store in Europe (Reuters) Alphabet Inc's Google said on Tuesday that it has blocked mobile apps connected to RT and Sputnik from its Play store, in line with an earlier move to remove the Russian state publishers from its news-related features.
Apple Stops Sales in Russia—and Takes a Rare Stand (Wired) The company joins the chorus of tech giants pushing back against Russian aggression.
Oracle, SAP suspend business in Russia amid invasion (Register) As Moscow tries to retain IT talent with military exemption, a three-year tax suspension for biz
Snap Suspends Advertising in Russia, Belarus and Ukraine in Response to Sanctions (The Hollywood Reporter) Three hundred Snap employees are from Ukraine, according to a message shared on Tuesday.
Russia's war spurs corporate exodus, exposes business risks (AP NEWS) Car factories idled, beer stopped flowing, cargo ships dropped port calls and energy companies cut their pipelines .
Ukrainian government calls for game companies to cut off Russia during invasion (Ars Technica) Vice PM says move "will motivate the citizens of Russia" to rise up in protest.
Using DDoS, DanaBot targets Ukrainian Ministry of Defense (Zscaler) Researchers at Zscaler discovered a DDoS attack launched by DanaBot against the Ukrainian Ministry of Defense. Click here for more information.
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement (Proofpoint) Proofpoint has identified a likely nation-state sponsored phishing campaign using a possibly compromised Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.
Phishing campaign targets European officials assisting in refugee operations (The Record by Recorded Future) A phishing campaign with possible links to a state-sponsored actor is targeting European officials assisting in the effort to evacuate Ukrainian refugees, cybersecurity firm Proofpoint said in a report Wednesday.
Hacked Ukrainian Military Emails Used in Attacks on European Governments (SecurityWeek) Hacked email accounts belonging to members of the Ukrainian military have been used in attacks targeting European government personnel.
Pro-Russian hackers launch email attack to disrupt Ukraine refugee rescue attempts (The Independent) A ‘likely’ state sponsored phishing campaign appears to be sourced from Belarus, cybersecurity researchers suggest
Ukrainian cyber officials warn of new wave of phishing attacks (CyberScoop) Ukraine's CERT and another infosec agency issued phishing warnings. U.S. companies are also advising Ukrainians to lock down their accounts.
Domains Linked to Phishing Attacks Targeting Ukraine (SecureWorks) Learn how CTU researchers investigated a Computer Emergency Response Team of Ukraine (CERT-UA) warning of phishing activity posted to Facebook on February 25, 2022.
Warning: Hackers Are Targeting The Ukraine Refugee Crisis (Forbes) Emails laced with malware hit an unnamed European government entity and targeted individuals helping the more than 600,000 refugees who have fled Ukraine.
Anonymous vs. Russia: Hackers Say Space Agency Breached, More Than 1,500 Websites Hit (Hstoday) Hackers also went after the pro-Russia Conti ransomware group, followed by CISA warning stakeholders to not think the Conti threat had abated.
Ukraine stands up to Russian cyberattacks; Putin could launch revenge attacks against US, expert warns (Fox News) A former CIA official warned of a potential Russian cyberattack against the U.S. supply chain.
Russian cyber attacks against US banks increasing: sources (New York Post) Bank executives tell the Post they’ve spent billions of dollars annually to protect against cyber criminals, but they say the recent wave of attacks is different.
Conti Ransomware Source Code Leaked (SecurityWeek) The Ukrainian hacker who started leaking files stolen from the Conti gang has also leaked the ransomware’s source code.
Hacker Group Anonymous Vows to Disrupt Russia's Internet — RT Websites Become 'Subject of Massive DDoS Attacks' (Bitcoin News) The international hacktivist collective known as Anonymous has vowed to attack Russian government websites over the recent Ukraine invasion.
Ukrainian cyber resistance group targets Russian power grid, railways (Reuters) A Ukrainian cyber guerrilla warfare group plans to launch digital sabotage attacks against critical Russian infrastructure such as railways and the electricity grid, to strike back at Moscow over its invasion, a hacker team coordinator told Reuters.
Army of Cyber Hackers Rise Up to Back Ukraine (SecurityWeek) An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other "hacktivists" to stay out of a potentially very dangerous online war.
Google expands security protections for Ukrainian users (The Record by Recorded Future) Google announced on Tuesday that it was increasing security measures to help protect Ukrainian civilians and websites, following similar moves by other technology giants in recent days.
Understanding the Roots of Russia’s War in Ukraine (Bloomberg) Russia’s invasion of Ukraine has set off the most dangerous struggle between Moscow and NATO allies since the Cold War.
The Kremlin won't admit that it has already lost (The Telegraph) All Vladimir Putin can expect now is a Pyrrhic victory for Russia, as his army cannot hope to keep hold of the territory it will secure
In Putin, intelligence analysts see an isolated leader who underestimated the West but could lash out if cornered (Washington Post) As the Russian invasion of Ukraine enters its second week, U.S. and European intelligence officials say that Russian President Vladimir Putin appears isolated and reliant on a small coterie of advisers who have not told him the truth about how difficult and costly conquering Ukraine is turning out to be.
A dozen experts weigh in on what is going on inside Putin's head (Newsweek) Experts are divided over whether Putin's increasingly erratic behavior is a calculated move, or a sign of an emotional and unstable leader.
The Beginning of the End for Putin? (Foreign Affairs) Dictatorships look stable—until they aren’t.
Alexei Navalny calls on Russians worldwide to ‘fight against the war,’ slams Putin (Washington Post) Jailed Kremlin critic Alexei Navalny has called on Russians around the world to protest President Vladimir Putin’s invasion of Ukraine, issuing tweets saying that people must not just “be against the war” but they must also “fight against” it.
Some Russian oligarchs speak out, cautiously, against war (AP NEWS) There have been social media messages calling for peace, an image of a murdered Russian opposition figure, a newspaper editorial demanding President Vladimir Putin “stop this war.” As Russian forces pound Ukraine’s cities, the sentiments might not be surprising.
Boris Johnson accuses Russia of committing war crimes
(The Telegraph) Boris Johnson has accused Russia of committing war crimes as he condemned the "abhorent" attacks on civilian targets.
U.S. prepares to expand financial attack on Russian oligarchs, aiming to freeze billions held by Putin allies (Washington Post) Western allies plan to confiscate yachts, jets, luxury apartments from Russian elites in hopes of undercutting Moscow over invasion
The Ukrainian leader who is pushing Silicon Valley to stand up to Russia (Washington Post) Mykhailo Fedorov, the nation’s youngest cabinet minister, turned a staid government Twitter account into a cannon to shame the world’s biggest tech companies
U.S. Delays ICBM Test to Avoid Russia Confusion: Ukraine Update (Bloomberg) Russia’s invasion was denounced by the United Nations General Assembly, underscoring Moscow’s increasing isolation on the global stage, as U.S. authorities weighed restrictions on Russian imports.
The five Tiktok videos spreading 1950s-style nuclear fear (The Telegraph) Experts warn the videos are misleading and lack context
Poles Shed ‘Old, Bad Memory’ to Express ‘Simple Human Compassion’ for Ukrainians (Foreign Policy) Reflecting the mood of the country, the Polish press has been unusually unified in support for its “eastern neighbors.”
Will Germany's geopolitical awakening last? (Atlantic Council) For Germany’s new government, Russia’s invasion of Ukraine is a geopolitical baptism by fire.
Japan Steps Up on Ukraine (Foreign Policy) Tokyo is moving slower than Europe but is ready to act.
US, allies weaponizing sanctions to curb Russian aggression (AP NEWS) President Joe Biden and U.S. allies in a matter of days weaponized the global economy against Russia for invading Ukraine , and the resulting destruction has been devastatingly fast.
Putin Just Pushed the World Into an Even Bigger Energy Crisis (Foreign Policy) Even without sanctions, Russia’s war will increase the shortage of oil and gas.
China refuses to impose financial sanctions on Russia (The Telegraph) Sberbank abandons European market after run on deposits
Putin’s War Has Killed China’s Eurasian Railway Dreams (Foreign Policy) The iron silk road was a key part of the Belt and Road Initiative.
Xi Jinping will exploit Putin’s Ukraine discomfort for his own ends (The Telegraph) The war is disturbing the conditions that facilitated China’s rise, but a humbled Russia is a win for the CCP
China’s Propaganda Over Ukraine Is Shifting and Uncertain (Foreign Policy) Beijing is backing Moscow—but less so than in the early days of war.
Taiwan Is Rethinking Defense in Wake of Ukraine Invasion (Foreign Policy) Western support for endangered democracies can only go so far.
Here's why crypto won't save the Kremlin from sanctions (Atlantic Council) Moscow turning to cryptocurrency to evade financial punishment is more illusory than it might appear.
Middle-class Russians banned from fleeing with their wealth as sanctions start to bite (The Telegraph) Kremlin tightens grip on well-off citizens by barring them from leaving the country with more than $10,000
The oligarchs are turning on Russia’s new tsar (The Telegraph) It’s early days, but the level of dissent is striking given the risks of seeming to question Putin’s rule
Where are Russia’s oligarchs hiding their wealth? (Quartz) Western countries are trying to crack down on Russian billionaires' assets, but the process could take years.
Resignation Sets In as Russians Face Their New Economic Reality (Bloomberg) Crisis-hardened households say they take sanctions in stride. People withdrew $14 billion one day after Putin ordered attack.
Logistics companies follow carriers and axe services to Russia (The Loadstar) Logistics companies have joined shipping lines in announcing suspensions of services to Russia, as western sanctions attempt to brig a volte-face by Russia’s president Putin. Seko Logistics told The Loadstar it had “ceased all shipments to and from Russia”, while DP-DHL announced last night it had suspended its Russian operations and would not be accepting shipments to or from the country until further notice. Sources told The Loadstar they expected operators to begin ...
The second Cold War is here — and supply chains will be the front lines (FreightWaves) If the Russia-Ukraine conflict’s international ramifications keep spreading, we face a real possibility of a bifurcating global economy. according to FreightWaves CEO Craig Fuller.
Why Cyprus is a ‘Russian bank with dirty money posing as an EU state’ (The Telegraph) Mediterranean nation faces some difficult questions as connections with Russia come back to haunt it
U.S. Officials Detail Efforts to Enforce Raft of New Russia Rules (Wall Street Journal) Law enforcement and regulatory agencies are preparing to enforce a raft of new export control rules and initiatives as part of the U.S. government’s response to the invasion of Ukraine.
How to invest as the conflict in Ukraine intensifies: A complete guide to protecting your portfolio as global markets react to Russia's invasion (Business Insider) Insider's guide for investors to navigate the conflict in Ukraine: interviews with top analysts, reports from the biggest financial firms, and more.
Harvard Law 2L Quits Summer Associate Position to Protest New York Firm's Work in Russia (New York Law Journal) I didn’t want to be associated with anyone who is, in essence, funding the Putin regime, Ryan Donahue, a 2L at Harvard Law School, told Law.com on Wednesday.
Fells Point bars stock up on Ukrainian liquor while Baltimore-area stores, restaurants, dump Russian vodka (Baltimore Sun) The past few days have seen an increase in interest for Ukrainian products as people seek to support the country, but whether the supply can meet the demand is unclear given the ongoing conflict.
Attacks, Threats, and Vulnerabilities
TCP Middlebox Reflection: Coming to a DDoS Near You (Akamai) Over the past week, Akamai Security Researchers have detected and analyzed a series of TCP reflection attacks, peaking at 11 Gbps at 1.5 Mpps, that were leveled against Akamai customers.
This stealthy and 'most advanced' malware burrows deep into networks to steal data (ZDNet) Researchers say Daxin is the most advanced malware known to have come from China-linked actors.
Hackers Begin Weaponizing TCP Middlebox Reflection for Amplified DDoS Attacks (The Hacker News) Attackers begin weaponizing TCP middlebox reflection to launch amplified DDoS attacks
TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps (The Hacker News) TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps
Threat Spotlight: Attacks on Log4Shell vulnerabilities (Journey Notes) Barracuda researchers analyzed attacks and payloads detected by our systems that attempted to exploit the Log4Shell complex of vulnerabilities.
Credential Stuffing Examples and Keys to Detection (ThreatX) As part of our ongoing blog series on the modern threat landscape, we are taking a look at some of the many threats and risks that are often missed by legacy WAFs and security tools. Unlike traditional injection and XSS attacks, this newer breed of attacks excels at evading traditional signatures and regex rules, allowing […]
Data Breach At DHS May Have Compromised Thousands Of Peoples' Information (News on 6) A data breach at Oklahoma's Department of Human Services is causing concerns. DHS said thousands of people with intellectual and developmental disabilities might have had their information stolen.
Liberty of Oklahoma, which handles an Oklahoma Department of Human Services wait-list is notifying people of the potential for leaked information after the breach in December.
Infusion Pump Vulnerabilities: Common Security Gaps (Unit42) Infusion pump vulnerabilities can be surprisingly common. We scanned 200,000 pumps and found 75% had known security gaps.
Aon confirms it is investigating 'cyber incident' (Register) Oh the irony! Insurance companies, even those selling cyber insurance, are attack targets
Trends
Telcos & Digital Identity Cyber Risks (Constella) Constella found over 5.6M exposed records from 4.9K breaches pertaining to corporate credentials across the world’s largest Telco companies.
SpyCloud 2022 Identity Exposure Report: Majority of Consumers Have Poor Password Hygiene (Business Wire) SpyCloud, the leader in account takeover and fraud prevention, today announced its 2022 SpyCloud Identity Exposure Report, an annual report that exami
ICS Vulnerability Disclosures Grew 110% Over Last Four Years (Claroty) Biannual ICS Risk & Vulnerability Report from Claroty’s Team82 finds 34% of vulnerabilities affect IoT, IT, and medical devices, highlighting need to extend ICS security to the XIoT
The State of Secrets Sprawl 2022 (GitGuardian Blog - Automated Secrets Detection) In its 2022 report, GitGuardian extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in corporate codebases.
Marketplace
Cybersecurity M&A Roundup: 35 Deals Announced in February 2022 (SecurityWeek) Thirty-five cybersecurity-related mergers and acquisitions were announced in February 2022.
Fraud Prevention Startup nSure.ai Raises $18 Million (SecurityWeek) Fraud prevention startup nSure.ai has closed an $18 million Series A funding round that brings the total investment in the company to $25.4 million.
Bright Security (NeuraLegion) Raises $20 Million in Series A Funding (SecurityWeek) Application security platform NeuraLegion today announced a $20 million Series A funding round complemented by its rebranding as Bright Security.
Cybersecurity Posture Management Firm Balbix Raises $70 Million (SecurityWeek) Cybersecurity posture management company Balbix has raised $70 million in a Series C funding round that brings the total investment to over $100 million.
Google Paid Out Over $100,000 for Vulnerabilities Patched by Chrome 99 (SecurityWeek) Google released Chrome 99 to the stable channel with a total of 28 security fixes inside, including 21 for vulnerabilities reported by external researchers.
Dave Bossio Joins Samsara as Chief Information Security Officer (Business Wire) Samsara Inc. (“Samsara”) (NYSE: IOT), the pioneer of the Connected Operations Cloud, today announced Dave Bossio has joined the company as Chief Infor
Products, Services, and Solutions
eSentire Selects SentinelOne to Advance Multi-Signal MDR Capabilities… (eSentire) eSentire, the Authority in Managed Detection and Response (MDR), today announced a partnership with SentinelOne (NYSE: S), an autonomous cybersecurity platform company, to empower organizations to prevent, detect, and autonomously respond to cyber threats.
Zerto Announces New Training Certification, Reaffirming Commitment to Customer Success (Zerto) Two-Day Class “Managing Zerto” to be Delivered by HPE Education Services
Microsoft Defender Takes Aim at Mid-Market (SecurityWeek) Microsoft's SMB-focused Defender for Business packs antivirus capabilities, attack surface reduction, and endpoint detection and response (EDR) features.
Avocado Systems Protect (Avocado) Discover & secure your most complex, distributed applications in a matter of clicks with automated Application XDR.
IronNet Enhances Collective Defense Platform (IronNet) IronNet, an innovative leader Transforming Cybersecurity Through Collective Defense, today announced new automation capabilities of its cybersecurity platform to enable security operations center (SOC) analysts to “prove the positive'' – in other words, to confirm that their enterprise network is safe from cyber attacks.
Censinet Selected by the American Hospital Association as the Preferred Cybersecurity Provider for Cyber Firm Risk Management and Information Governance (Censinet) Censinet, a leading provider of risk management solutions for healthcare, today announced its selection by the American Hospital Association (AHA) as an AHA Preferred Cybersecurity Provider for two critical risk management categories in healthcare: Cyber Firm Risk Management and Information Governance; and Cyber Risk Assessments, Privacy, and HIPAA Compliance.
Enzoic Expands Automated Credentials Monitoring in Active Directory (Business Wire) Solution Now Continuously Screens for Both Unsafe Passwords and Compromised Full Credentials Reducing the Risk of a Cyberattack
Fastly Accelerates Edge Adoption with New Compute@Edge Partner Ecosystem (Fastly) Fastly’s edge cloud platform helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences.
Cape Privacy Launches Self-Service Enterprise Solution to Enable Secure Predictions (GlobeNewswire News Room) Platform Runs Predictive Models on Encrypted Data Optimized for Snowflake...
Technologies, Techniques, and Standards
The Linux Foundation and Harvard's Lab for Innovation Science Release Census of Most Widely Used Open Source Application Libraries (PR Newswire) The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the final release of "Census II...
Academia
Boise State University’s Cyberdome Adopts New Technology to Accelerate Learning, Deliver Security-as-a-Service to State-Funded Organizations (Business WIre) Boise State University’s Cyberdome Adopts New Technology to Accelerate Learning, Deliver Security-as-a-Service to State-Funded Organizations.
Legislation, Policy, and Regulation
Senate Passes Cyber Package That Would Require Firms to Report Hacks (Wall Street Journal) The legislation clears a major hurdle for rules seen as key for U.S. cybersecurity.
Biden demands Congress protect kids online in State of the Union address (The Verge) He wants to ban targeted advertising to kids
Litigation, Investigation, and Law Enforcement
TikTok Faces Scrutiny in State Attorneys General Probe of Online Harms to Children (Wall Street Journal) A bipartisan coalition of eight attorneys general is expanding the list of targets in an investigation unveiled last November into Instagram, which focuses on similar concerns.
TikTok's effects on kids and teens under investigation by states (CNBC) The investigation into TikTok is the latest evidence of momentum behind the push for greater protections for children online.
SEC Scrutinizes NFT Market Over Illegal Crypto Token Offerings (Bloomberg) Regulator is probing whether some of the assets are securities. Agency’s enforcement lawyers have sent out queries, subpoenas.
Capital One Hacking Suspect Can't Shake Wire Fraud Charge (Law360) A federal judge in Seattle has denied a request from the woman accused of stealing the personal data of 106 million Capital One customers to throw out several of the charges she is facing, including wire fraud.
