Dateline Moscow, Kyiv, Brussels, London, Washington, Canberra, and Beijing: Slow maneuver, heavy fires, and continued low-level cyber ops.
Ukraine at D+12: Roadbound and stalled, Russian army turns to indiscriminate fires. Low-level hacking continues. (The CyberWire) Russian maneuver shortcomings prompt a firepower intensive war. Negotiations continue despite Moscow's ultimatum, but without obvious effect. Hacktivism, privateering, and influence operations mark the cyber phases of Mr. Putin's war.
Moldova braces for 'spectrum of threats' as Russia bids to seize south of Ukraine (The Telegraph) Intelligence sources fear pro-European state with a breakaway pro-Russian enclave could be next on Vladimir Putin's list
What Happened on Day 12 of Russia’s Invasion of Ukraine (New York Times) Ukraine claimed to have shot down two Russian planes over Kyiv, as it continued to hold key cities. A third round of Ukraine-Russia talks raised hope for humanitarian corridors to allow civilians to escape the fighting.
Russia-Ukraine latest news: US to ban all Russian oil, coal and gas (The Telegraph) The US appears poised to ban the import of Russian oil in what would be another blow to the Russian economy.
Ukraine says it killed another high-ranking Russian military leader (Military Times) Vitaliy Gerasimov, a major general of the Russian Army, “was eliminated” near Kharkiv, according to Ukraine’s defense intelligence directorate.
Vladimir Putin sets out his key demands to halt Russian invasion of Ukraine (The Telegraph) Moscow calls for independence in rebel regions and ban on Kyiv joining Nato or EU, as Kremlin military offensive remains stalled
Ukraine’s resistance leaves Russia facing the prospect of a humiliating defeat (The Telegraph) Military loss or stalemate – which would be seen as a tactical victory for Ukraine – could lead Vladimir Putin to deploy increasing violence
Live Updates: Biden Expected to Ban Russian Oil Imports, as Civilian Toll in Ukraine Grows (New York Times) Biden’s move came after pressure from lawmakers in both parties to punish Russia for its invasion of Ukraine. Indiscriminate attacks left many Ukrainians without power and with no way to flee, but for the first time, a humanitarian corridor appeared to hold long enough to allow hundreds to escape one city.
Russia Reportedly Sinks Former US Coast Guard Patrol Boat Donated to Ukraine (Military.com) The former Coast Guard cutter Cushing, commissioned by the Ukrainian Navy as the Sloviansk, was destroyed during an airstrike, according to the mayor of a major port city.
‘We f------ hit them!’ Ukraine gets revenge on Russian warship that attacked Snake Island soldiers (The Telegraph) Vasily Bykov, one of the vessels said to have bombarded the island outpost, is reportedly struck during night-time firefight
In Putin’s War, the Map Is Not the Territory (Foreign Policy) Depictions of territory supposedly occupied by Russia are misleading.
Russian aircraft losses in Ukraine ‘unsustainable for more than a fortnight’ (The Telegraph) Verified images show 11 planes, 11 helicopters and two drones have been shot down since invasion began, including nine at the weekend
As Russia’s Military Stumbles, Its Adversaries Take Note (New York Times) President Vladimir Putin could still reduce cities in Ukraine to rubble, officials say. But European countries say they are not as intimidated by Russian ground forces as they were in the past.
Arming Ukraine: 17,000 Anti-Tank Weapons in 6 Days and a Clandestine Cybercorps (New York Times) The United States has walked to the edge of direct conflict with Russia in an operation that is reminiscent of the Berlin airlift of 1948-49, but far more complex.
How the US and Europe helped Ukraine prep for insurgency (Army Times) Ukraine is one of several countries in Eastern Europe and Scandinavia that have implemented portions of the Resistance Operating Concept into their national defense plans.
In Kyiv’s Middle-Class Suburbs, Desperate People Are Trapped (Bloomberg) Thousands hiding in basements in towns under Russia occupation. Zelenskiy: Russian actions ‘make no military sense whatsoever’.
Occupied Ukrainian Towns Want Russian Troops to ‘Go Home’ (Wall Street Journal) Russia’s soldiers, who were told they were on a mission to liberate a brotherly nation from neo-Nazi rulers, will now have to suppress the very people they are purporting to protect.
'Now it’s no mercy,' Ukrainian soldiers vow, as a showdown with Russian forces nears (Los Angeles Times) Ukrainian troops in Irpin, on the outskirts of Kyiv, dig in as a long column of Russian tanks advances toward them. They vow to fight to the end.
Hate for Putin’s Russia Consumes Ukraine (New York Times) Much of the bitterness is directed at President Vladimir V. Putin, but Ukrainians also chastise ordinary Russians, calling them complicit.
Russia-Ukraine latest news: Shelling stops civilians from escaping despite ceasefire claims (The Telegraph) Russian shelling has continued to prevent the evacuation of civilians from cities across Ukraine, Kyiv’s foreign ministry said this afternoon.
Russian attacks kill nearly 500 civilians, injure nearly 900, toll much higher: UN (Military Times) The latest on what we know about Russia's war on Ukraine, March 8.
Ukraine humanitarian crisis grows as Russian advance stalls after 12 days of war (Military Times) The suffering continues to mount after 12 days of Russia's war on Ukraine.
Zelensky rejects Putin's demands for ending war: "It's an ultimatum" (Newsweek) Ukrainian President Volodymyr Zelensky said giving in to Putin's conditions aren't as simple as they may seem to people.
Putin might just settle for a land grab and leave the puppet regime aside if his price for peace is to be believed (The Telegraph) The deal, which would surely be unacceptable to the Ukrainians, would spell the end of the country’s ambitions to join the EU and Nato
Latest negotiations end, but net no breakthroughs or new agreements (Washington Post) A third round of talks between Russia and Ukraine ended without a breakthrough, Ukrainian officials said, as Russia continues to press Ukraine to give up Crimea and a large slice of eastern Ukraine as a condition for Russian to stop its attacks.
Ukraine and Russia foreign ministers to meet in Turkey (Al Jazeera) Turkish foreign minister says the two top diplomats agreed to meet on the side of a forum in southern Turkey.
‘Hopefully we’ll win,’ say British volunteers travelling to fight Russians in Ukraine (The Telegraph) Recruits to ‘foreign legion’ motivated to join battle after hearing of war crimes being committed by Vladimir Putin’s troops
‘I can help them’: one man’s journey from Portland to Ukraine’s frontlines (the Guardian) Sergey Korenev is one of about 66,000 Ukrainians returning home ‘to help my friends, they are my brothers in arms’
Russia trying to recruit Syrians to fight in Ukraine, says Pentagon (the Guardian) US defence official says it is ‘noteworthy that Putin believes he needs foreign fighters’
China touts ‘rock solid’ ties with Russia as it offers to mediate Ukraine conflict (Washington Post) Beijing’s efforts to play peacemaker come as it continues to blame the United States and NATO for instigating the war
How Ukraine could keep the lights on as Russia attacks its power supplies (MIT Technology Review) The nation is pushing to rapidly integrate its grid with the European Union, to keep electricity flowing if other major plants are taken down.
Why Vladimir Putin is losing the information war to Ukraine (Atlantic Council) Vladimir Putin has long enjoyed a reputation as a master of disinformation, but the Russian ruler is now clearly losing the global information war that is being waged alongside his invasion of Ukraine.
Russian War Report: Kremlin recycles old narratives to claim Ukraine is constructing dirty bombs and bioweapons (Atlantic Council) In a further attempt to justify its invasion of Ukraine, the Kremlin once again accused Ukraine of provoking Russia by developing dirty bombs and biological weapons.
Russia's War in Ukraine Is About So Much More Than Territory (19FortyFive) Sitting across the table from Sergey Lavrov, I listened, open-minded but unpersuaded by his attempts to paint Russia as a victim.
The West has finally woken up to the threat posed by Putin (The Telegraph) First Georgia, then Crimea, now Ukraine - it has taken more than a decade, but there is no way back for Russia now
Amid the death and rubble, Ukrainian teams hunt for evidence of possible war crimes (Washington Post) Ihor Mozhayev walked unsteadily atop the rubble of his destroyed house, a dazed look on his bruised face. In his path were the remnants of what was left of his life.
Analysis | Ukraine conflict signals a more dangerous cyberspace (Washington Post) The White House wants a cash infusion for Ukraine cyber efforts
Why Is Ukraine’s Internet Still Up? Perhaps Because the Invaders Need It (Defense One) As well, eight years of effort to harden IT infrastructure may be paying off.
Fake News of Cyberattacks in Russian-Ukraine Conflict (Australian Cybersecurity Magazine) Check Point Research (CPR) has identified three hacktivist groups peddling false or misleading information in the ongoing Russia-Ukraine conflict.
Hacktivism in the Russia-Ukraine War (Check Point Software) Hacktivism in the Russia-Ukraine War. Fake News of Cyber Attacks Fast-Spreads, as Conflict between Russia and Ukraine Escalates
Conti Ransomware Gang Claims 50+ New Victims including Oil Terminal… (eSentire) eSentire Warns Ukraine & its Western Allies of Conti’s Long History of Disrupting Critical Infrastructure. Could Conti Be the Perpetrator Who Attacked 3 Oil Storage & Transport Companies in January
Russia's Beloyarsk Nuclear Power Plant has been breached by a GURMO Cyber unit (Inside Cyber Warfare) Beloyarsk is the world's only commercial fast breeder reactor
Russian state TV channels and streaming services allegedly hacked to broadcast footage of Ukraine war (Computing) Anonymous group shows off footage that it says was broadcast on Russian channels
The Biggest Cyber Risk in Ukraine? (Foreign Affairs) If used, cyber-operations could lead to escalation in the war in Ukraine.
What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare (Harvard Business Review) And how organizations around the world can prepare
Russia-Ukraine: Threat of Local Cyber Operations Escalating Into Global Cyberwar (SecurityWeek) The entire globe is under threat of something that could start as a spreading global cyberwar and spill over into a global kinetic and even nuclear war
Chinese telecom giant Huawei reportedly helping Russia to stabilise internet network (WION) Russia has been slapped with multiple sanctions because of its actions in Ukraine ever since Russian President Vladimir Putin ordered "military operations" in the Ukrainian cities on February 24. The sanctions have left the economy crippled and reeling, however, the exodus of many top Western brands from Russia has left the market open for some of the countries, that are allies of Russia.
Peter Dutton accuses Huawei of helping Russia (Mail Online) Reports in China say the tech giant, which is the fourth largest mobile seller in Australia, has been helping Putin's efforts to stabilise Russia's internet network.
Twitter hears reports of service trouble in Russia (NYSE:TWTR) (SeekingAlpha) Amid some scattered reports of service difficulty in Russia, Twitter (TWTR -1.2%) says it's looking into the issue
'We Christians cannot stand idly by': Russia arrests priest over sermon against war in Ukraine (The Telegraph) Top clerics of the Russian Orthodox Church has supported Russia's war against Ukraine
'Our sons were sent to Ukraine as cannon fodder': Furious Russian mothers face down Kremlin (The Telegraph) Countrywide rallies on Sunday were met by police brutality in Russia but not even the threat of jail could restrain soldier's mothers
A photo apparently showing Russian troops stranded in an elevator is going viral (Task & Purpose) The photo shows five Russian soldiers stuck in an elevator, looking up with a bit of confusion at the security camera.
This war will be a total failure, FSB whistleblower says (Times) Spies in Russia’s infamous security apparatus were kept in the dark about President Putin’s plan to invade Ukraine, according to a whistleblower who described
Why Vladimir Putin may stay in power longer than we think (The Telegraph) The ‘coalition’ still propping him up means the West must be patient if we want to see the Russian president overthrown
It is wishful thinking to expect the
Russian people to topple Putin (The Telegraph) The Kremlin’s state media and canny propaganda is more effective than many in the West have realised
How Olena Zelenska, Ukraine’s First Lady, became its secret weapon (The Telegraph) It's clear the president's wife is close to those whose lives are being shattered by the war – and her social media has proven to be key
UK and France cut red tape to get aid to Ukraine faster (The Loadstar) As the logistics sector steps up efforts to aid the crisis in Ukraine, the UK and France have removed border controls and sanitary checks on humanitarian relief to keep trucks moving. Aid shipments for NGOs assisting in humanitarian relief now need only be cleared under sealed conditions, but sources have told The Loadstar a lack of clear information on what is required led to “serious delays” at Dover over the weekend. Morgan Cargo’s ...
Ukraine war highlights internal divides in Mideast nations (AP NEWS) In a neighborhood of Iraq’s capital, a gigantic poster of Vladimir Putin with the words, “We support Russia,” was up for few hours before a security force arrived and hurriedly took it down.
There Is a West (Foreign Policy) The crisis in Ukraine has reminded the United States and Europe that they have a purpose in the world.
EU to discuss Ukraine’s membership bid this week -EU's Michel (Reuters) European Union leaders will discuss Ukraine's application to join the 27-nation bloc in the coming days, the chairman of EU summits Charles Michel said in a tweet on Monday.
The U.S. Can Turn Europe Into Putin's Nightmare (Bloomberg) Fortress America: NATO expansion, permanent U.S. deployments in Eastern Europe and a fearsome Navy presence in the Black Sea.
Global Sanctions Dashboard: Special Russia Edition (Atlantic Council) The Global Sanctions Dashboard aims to inform economic statecraft policies by analyzing sanctions globally and identifying trends across lists in partnership with Castellum.AI.
Russia threatens Europe’s gas supplies as west mulls oil import ban over Ukraine invasion (the Guardian) Deputy prime minister raises prospect of closing Nord Stream 1 gas pipeline to Germany, and says rejecting Russian oil would be ‘catastrophic’ for world
Shell Pledges To Stop Buying Russian Oil And Gas (Forbes) The energy giant also apologized for purchasing discounted crude oil from Russia last week.
The West can endure an oil embargo: Putin can't (The Telegraph) The EU is fortifying itself with remarkable speed for a new era of 'zero gas' from Russia
The battle to keep the lights on without Russian oil and gas (The Telegraph) Bid to starve the Kremlin of cash could see a return of the comeback king, coal
Fortinet Announces It Has Suspended Operations in Russia (GlobeNewswire News Room) Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet “Like many...
This Russian Metals Giant Might Be Too Big to Sanction (Wall Street Journal) Norilsk Nickel is a key supplier of nickel and palladium, two metals that are key for electric-vehicle batteries and semiconductors.
Boeing Halts Russian Titanium Buys (Defense Security Monitor) According to a report in the Wall Street Journal, Boeing has suspended buying titanium from Russia. Titanium producer VSMPO-Avisma has been a Boeing partner and supplier of raw material and titaniu…
WSJ News Exclusive | Boeing’s Big Bet on Russian Titanium Includes Ties to Sanctioned Oligarch (Wall Street Journal) The plane maker has suspended purchasing the key metal for airplane production but must still deal with ties with a company linked to Sergei Chemezov, a sanctioned oligarch and Putin ally.
Some companies find it easier to be woke than stand up to barbaric Putin (The Telegraph) After complaining about microaggressions, ethical investors must pressure businesses to leave Russia or risk becoming a laughing stock
Kaspersky says it's 'not affected’ by sanctions on Russia (CRN Australia) Said its business operations remain stable and haven’t been harmed.
Cloudflare co-launches project to protect critical infrustructure, but says it will not pull out of Russia (Computing) Ukraine had recently requested Cloudflare to stop protecting Russian sites from cyberattacks
Cloudflare, Akamai defend decision to stay in Russia (Register) Yanking connectivity would do more harm than good, they say
Coinbase Blocks Over 25,000 Addresses Linked to Illicit Russian Activity (Decrypt) Crypto exchange Coinbase has said it has blocked over 25,000 Russia-linked addresses it believes were associated with illicit activity.
Ukraine Update: Russian Official Threatens Europe Gas Pipeline (Bloomberg) Russia’s top energy official threatened to cut off the Nord Stream 1 pipeline as U.S. and European leaders worked to limit their reliance on Russian energy exports.
As the world shuns Russia over its invasion of Ukraine, Iran strengthens its ties with Moscow (Atlantic Council) Iran’s support for Russian actions reflects the improvement in bilateral ties, which have grown considerably at the political and military levels over the past decade.
Putin’s Ukraine War: Russian oligarchs must face tougher sanctions (Atlantic Council) Sanctions against Russian oligarchs are starting to work and have already caused some to speak out against Putin’s invasion of Ukraine. Their influence on the Kremlin is key and pressure on them must now continue.
Exclusive: California VC firm backed by Russia navigates a global crisis (PitchBook) Fort Ross Ventures, a Silicon Valley firm with strong ties to Russia, discusses the risk that further international sanctions could cut off its ability to call capital from its limited partners.
VC Firm Index Ventures Halts Russian Startup Investments (Bloomberg) It also won’t do deals with investors linked to Russian regime. Firm will exclude Russian investors from its future funds.
Apple Suspends Advertising on Company’s App Store in Russia (Bloomberg) Apple Inc. has suspended advertising on its App Store in Russia, a move that bars developers from placing ads in search results, after the country’s invasion of Ukraine last month.
Prosus Expects $769 Million Writedown on Its Stake in Russia’s VK (Bloomberg) Prosus NV expects to write off $769 million and asked its directors on the board of social media platform VK Co. Ltd. to resign following sanctions against the Russian firm’s chief executive officer.
Fears counter sanctions could hit aerospace and automotive manufacturers (The Loadstar) Aerospace and automakers are highly exposed should Russia’s Putin regime choose to retaliate against the sanctions imposed by the west and its allies. A report from Flexport contends that blocked tradelanes, reduced sales opportunities and restrictions of critical Russian metal exports are likely to hit some manufacturers hard, with firms already acting to shore up their capabilities to handle the pressure. “The automotive industry faces all three challenges – sales, sourcing and ...
‘Extremely Destructive’ Russian Cyberattacks Could Cost U.S. Billions Of Dollars In Economic Damage, Goldman Warns (Forbes) A high degree of dependence on digital technology makes the U.S. particularly susceptible to cyberattacks from Russia, the world’s biggest purveyor of state-sponsored cyberattacks, but the U.S. also has an economic upper hand.
The Invasion of Ukraine Is Causing Crisis at Sea (Foreign Policy) Russian ships have nowhere to dock, and supply chains will suffer.
As U.S. plots ban of Russian oil, talk of Saudi Arabia deal sparks anger (Newsweek) Axios has reported that Biden's advisers are discussing a possible visit to the Kingdom to help ease the economic pressure from Russian sanctions.
Banks in Europe Take Brunt of Market Selloff (Wall Street Journal) Most lenders on the continent have little direct exposure to Russia, but that hasn’t stopped investors from fleeing their shares.
Attacks, Threats, and Vulnerabilities
The Good, the Bad, and the Web Bug: TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates (Proofpoint) Proofpoint researchers have identified ongoing activity by the China-aligned APT actor TA416 in which the group is targeting European diplomatic entities, including an individual involved in refugee and migrant services
Armis Finds Three Critical Zero-Day Vulnerabilities in APC Smart-UPS Devices, Dubbed "TLStorm," Exposing More than 20 Million Enterprise Devices (PR Newswire) Armis, the leader in unified asset visibility and security, announced today the discovery of three zero-day vulnerabilities in APC Smart-UPS...
Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say (CyberScoop) A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of thousands of leaked chats between members of the Russia-based ransomware gang Conti hit the web. In the days after the leaks, many celebrated what they thought would be a devastating blow to Conti, which a Ukrainian security researcher had apparently punished by leaking the internal chats because the gang threatened to “strike back” at any entities that organized “any war activities against Russia.”
Hackers Targeted U.S. LNG Producers in Run-Up to Ukraine War (Bloomberg) 21 companies affected by two-week blitz in February, firm says. More than 100 workers hacked as tensions roiled energy markets.
FBI: Ransomware gang breached 52 US critical infrastructure orgs (BleepingComputer) The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware group has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors.
RagnarLocker Ransomware Indicators of Compromise (FBI) The FBI first became aware of RagnarLocker in April 2020 and subsequently produced a FLASH to disseminate known indicators of compromise (IOCs) at that time. This FLASH provides updated and additional IOCs to supplement that report.
SharkBot Banking Malware Spreading via Fake Android Antivirus App on Google Play Store (The Hacker News) A fake Android antivirus application distributed through the Google Play Store was found to have infected devices with SharkBot banking malware.
DDoSers are using a potent new method to deliver attacks of unthinkable size (Ars Technica) 100,000 misconfigured servers are creating a new way to knock sites offline.
Is Lapsus$ targeting Big Tech after Samsung breach? (Tech Monitor) Hacking gang Lapsus$ has struck two tech giants in the space of a week. Its motives appear financial, but a bigger agenda could be at play.
Samsung confirms data breach as Lapsus$ hackers leak its source code (HackRead) Follow us on Twitter @HackRead - Facebook @ /HackRead
Nvidia's stolen data is being used to disguise malware as GPU drivers (PC Gamer) Officially signed with Nvidia codes, RATs and Mimikatz are rife. Here are the signatures to look out for.
Stolen Nvidia certificates used to hide malware in driver downloads (PCWorld) Nvidia GeForce graphics card owners may be vulnerable to malware if they're not careful with their next GPU driver installation.
Samsung Says Hackers Stole Galaxy Smartphone Data (Wall Street Journal) The South Korean electronics company said it was recently made aware of the breach, which included some source code for Galaxy phones.
Samsung Smartphones ‘Safe’ Personal Data Not Affected After Hack Attack (Channel News) Samsung has moved to strengthen the security system of their Galaxy smartphones with the South Korean Company issuing a statement overnight following a recent hack attack. In good news the Company claims that customers personal data was not affected. A spoksperson for the Company said “We were recently made aware that there was a security breach... Read More
AutoWarp Microsoft Azure Automation Vulnerability (Orca Security) AutoWarp is a critical vulnerability in Microsoft Azure Automation Service that allows unauthorized access to other customer accounts using the service.
FBI Warns of the Impersonation of Law Enforcement and Government Officials (Internet Crime Complaint Center (IC3)) The FBI is warning the public of ongoing widespread fraud schemes in which scammers impersonate law enforcement or government officials in attempts to extort money or steal personally identifiable information.
Data collection through mobile app raises safety concerns (IAPP) U.S.-based mobile-phone application Premise’s data gathering for the U.S. military and others is raising safety concerns.
Rompetrol gas station network hit by Hive ransomware (BleepingComputer) Romania's Rompetrol gas station network has been hit by a ransomware attack. Rompetrol, owned by KMG International announced today that it was battling a "complex cyberattack." BleepingComputer has learned that the Hive ransomware gang is behind this attack.
Sinclair losses mount as ransomware costs exceed insurance policy (Cybersecurity Dive) The group overhauled its internal security policies and named a board-level subcommittee as part of its ongoing attack recovery.
[Update from Expeditors on its recent cyber incident] (Expeditors) Our response teams have made meaningful progress in restoration efforts after our recent cyber-attack. While at present we are operating within our business continuity plan, Expeditors anticipates our enterprise brokerage system will begin to come online this week, allowing our employees to support our clients using this system.
Vulnerability Summary for the Week of February 28, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Emergency Firefox Update Patches Two Actively Exploited Zero-Day Vulnerabilities (SecurityWeek) Mozilla over the weekend issued an emergency security update for Firefox to address two zero-day vulnerabilities that have been exploited in attacks.
Mozilla Fixes Two Firefox Flaws Under Attack (Decipher) Two critical Firefox use-after-free zero-day vulnerabilities have been fixed.
2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP! (The Hacker News) Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says
Google Fights Phishing With Updated Workspace Notifications (SecurityWeek) Google has made some changes to Google Workspace comment notifications in an effort to protect users against malware and phishing attacks.
Trends
New Specops Report Reveals Passwords Are Weakest Link For Networks (PRWeb) Password-related attacks are on the rise. Stolen user credentials including name, email and password were the most common root cause of breaches in 2021 with seve
Organizations Take an Average of 60 Days to Patch Critical Risk Vulnerabilities (PR Newswire) Edgescan, the provider of smart vulnerability management, today announces the findings of its 2022 Vulnerability Statistics Report, which for...
Ransomware: Das haben wir gelernt (SoftwareONE Deutschland) Jeder Ransomware-Angriff ist eine gute Gelegenheit, Lehren daraus zu ziehen. Das haben uns die größten Ransomware-Angriffe der Vergangenheit gelehrt.
A third of mid-market firms were whacked by hacker outages in 2021 (CityAM) New research has revealed that one in three mid-market firms suffered from a hacker induced outage in 2021. According to a report by cyber firm Censornet,
Marketplace
AppSec Firm Cider Security Emerges From Stealth With $38 Million in Funding (SecurityWeek) Application security startup Cider Security today emerged from stealth mode with $38 million in funding, which includes $6 million raised in a seed round and $32 million in Series A funding.
Espresso Systems Raises $32M to Bring Scaling and Privacy to Web 3 (CoinDesk) The funding was led by Greylock Partners and Electric Capital, with participation from Sequoia Capital.
CardinalOps Raises $17.5M Series A for Threat Coverage Optimization (Dark Reading) CardinalOps takes on the challenge of identifying and remediating riskiest gaps in threat detection coverage, powered by AI and crowd-sourced best practices.
Google Announces Intent to Acquire Mandiant (Google Cloud Press Corner) Google LLC today announced that it has signed a definitive agreement to acquire Mandiant, Inc., a leader in dynamic cyber defense and response, for $23.00 per share, in an all-cash transaction valued at approximately $5.4 billion, inclusive of Mandiant’s net cash. Upon the close of the acquisition, Mandiant will join Google Cloud.
Google to Acquire Mandiant (Mandiant) Mandiant has entered into a definitive agreement to be acquired by Google.
Google in Talks to Buy Mandiant, a $4.5 Billion Cybersecurity Firm (The Information) Google is in talks to buy cybersecurity consultancy Mandiant, which two years ago discovered the infamous SolarWinds hack, according to a person with knowledge of the discussion. A deal could bolster Google’s cloud computing business, which generates more than $19 billion annually but has been ...
Google in talks to buy cybersecurity firm Mandiant: The Information (Reuters) Alphabet Inc's Google is in talks to buy cybersecurity firm Mandiant, the Information reported on Monday, citing a person with knowledge of the discussion.
Mandiant jumps on report Google in talks to buy (NASDAQ:GOOGL) (SeekingAlpha) Mandiant (MNDT) advanced 10% on a report that Google (GOOGL) is in talks to buy the cybersecurity company.Bid for Mandiant were due at the end of last month, according to a The...
Google's deal for Mandiant 'shot across the bow' to Microsoft, Amazon: Ives (NASDAQ:GOOG) (SeekingAlpha) Google's (GOOG, GOOGL) purchase of Mandiant (MNDT) for $5.4 billion is likely to be a 'major ripple' in the cyber security space and result in more mergers...
What to Make of Microsoft’s Year in Cybersecurity (Lawfare) Microsoft simultaneously combats, profits from and contributes to cybersecurity problems.
Darktrace announces formation of new U.S. Federal division (Security Systems News) Darktrace, a global leader in cyber security AI, has announced Darktrace Federal, a new division to serve the Department of Defense (DoD), the intelligence community, federal civilian
Exabeam Achieves ISO 27001 Certification (Exabeam) Certification a testimony to Exabeam’s commitment to the highest level of integrity for employee, customer, and partner data in the cloud FOSTER CITY, Calif., March 8, 2022 – Exabeam, the leader in Next-gen SIEM and XDR, today announced the completion of an assessment from the Certification Body of Schellman & Company, LLC. The assessment certifies... Read more »
Banyan Security Registers Dramatic Growth to Kick Off New Year (GlobeNewswire News Room) Phenomenal user growth, new funding, key hires, and the launch of a free product tier underscore the market’s demand for best-in-breed zero trust network...
Keyfactor Opens France Office to Further Accelerate Regional Market Traction (Business Wire) Keyfactor Establishes Presence on French “Cyber Campus” Amid Record Growth on Global Scale
Products, Services, and Solutions
Humio Unveils New Streaming Benchmark 1+ Petabyte of Data a Day (CrowdStrike) At this unprecedented rate of data intake, Humio can uncover insights from IT infrastructure through real-time visibility of log data at massive scale.
Data Integrity, Security, and Confidentiality - The Building Blocks of Data Migrations with Datadobi (Datadobi) Datadobi achieves KPMG’s SOC2 Type 1 Attestation for DobiMigrate Research firm IDC predicts there will be 175 zettabytes (ZB) of data worldwide by 2025 compared to 65 ZB in 2020. With the exponential growth of unstructured data over the past few years, data is being migrated at a maddening pace.
Three cybersecurity companies to offer free protection to U.S. hospitals and utilities amid concerns of hacking attacks (Washington Post) Cloudflare, CrowdStrike and Ping Identity say the offer is in response to security concerns raised by the federal government
Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light of Increased Cyber Threats (Business Wire) Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, CrowdStrike Holdings, Inc. (Nasda
Medigate Launches Partner-Ready Operational Services (PROS) (PR Newswire) Medigate by Claroty, healthcare's leading clinical device data security and integration platform, today announced the launch of its new...
ESET partners with Intel to enhance endpoint security with hardware-based ransomware detection (MENAFN) ESET, the leading endpoint protection platform vendor headquartered in Europe, has set out to integrate Intel® Threat Detection Techn
Mandiant Deepens Commitment to Public Sector, Achieves FedRAMP Ready Designation at the High Impact Level (StreetInsider.com) Mandiant, Inc. (NASDAQ: MNDT) today announced that it has earned Federal Risk and Authorization Management Program (FedRAMP) Ready designation at the High Impact level for Mandiant Advantage Automated Defense.
Votiro Cloud Now Available for Purchase in AWS Marketplace (Business Wire) Votiro announced its availability in the AWS Marketplace, expanding access to its file sanitization solution.
Technologies, Techniques, and Standards
Applying Zero Trust Principles to Enterprise Mobility (CISA) The concept of zero trust (ZT) has been circulating for a number of years, however recent advanced and persistent cyberattacks1 have brought the need for implementing zero trust architectures (ZTA) to the forefront. The May 2021 Executive Order 14028 on Improving the Nation’s Cybersecurity2 stipulates greater impetus for Departments and Agencies to prepare their ZTA plans.
Anti-SMS spoofing registry shut and replaced by full-fledged system: IMDA (CNA) A registry meant to combat SMS spoofing has been shut down and replaced by a full-fledged system in response to the recent spate of SMS phishing scams, said the Infocomm Media Development Authority (IMDA) on Monday (Mar 7).
The SMS SenderID Protection Registry, 
Celebrating 50 Years of Cybersecurity at NIST! (NIST) With each day bringing new cybersecurity challenges and advances, it is easy to understand why people feel like it’s hard to keep up.
Purifying Water of Cybersecurity Threats (Startup Hub) Potable water and wastewater management is a top priority for cybersecurity professionals and the Biden administration alike. With new regulations and funding, companies must find the best way to implement and manage cybersecurity to protect these systems.
RASP: The World Cup’s Last Line of Cyber Defense (Imperva) No greater sporting event exists that brings the peoples of the world together more effectively than the FIFA World Cup, with the first match kickoff set for Monday, 21 November 2022, in Doha, Qatar, at the Al Bayt stadium in Al Khor. Football fans from all across the globe will pour into the Gulf country […]
NSA: This Is How Admins Should Do Network Security (My TechDecisions) The NSA has released a detailed network security guide to help administrators better defend against threat actors.
Design and Innovation
Stanford cryptography researchers are building Espresso, a privacy-focused blockchain (TechCrunch) Greylock led an investment in Espresso, a privacy and scalability-focused blockchain being built by Stanford researchers.
KnowBe4 asks security pros for input on its Security Culture Maturity Model (SC Magazine) The five-level program looks to measure the security cultures of companies.
Legislation, Policy, and Regulation
EU Parliament Monetary Committee to Vote on MiCA Next Week (CoinDesk) Wording that would have banned proof-of-work cryptos like bitcoin has been removed.
Cyber defence policy needs rethink (The Express Tribune) Govt fears data sharing with foreign agencies will infringe on national sovereignty
Singapore reviews cybersecurity laws to enhance resilience of Singapore’s cyberspace (Lexology) Singapore's Cybersecurity Agency will conduct a review of the Cybersecurity Act to better reflect today's fast-changing digital economy. There will be…
Google and Meta Mount Offensive Against Australian Privacy Law, Touting the Benefits of Ad-Supported Services (CPO Magazine) Google and Meta have weighed in on the current review of Australia’s Privacy Act with arguments for the benefits of ad-supported apps and cloud services, in a bid to soften data collection rules and have location data excluded from the category of protected “sensitive” data. The Privacy Act 1988, the primary Australia privacy law, has been under review since 2020 as lawmakers seek to modernize it.
GDPR: EDPB’s New Breach Guidelines Present Additional Challenges for Legal & Security Professionals (JD Supra) To close out 2021, the European Data Protection Board (EDPB) adopted additional General Data Protection Regulation (GDPR) data breach notification...
Four Takeaways from the SEC’s Proposed Cybersecurity Rules (The Harvard Law School Forum on Corporate Governance) Read our latest post from Debevoise counsel Charu Chandrasekhar and partners Avi Gesser and Julie M. Riewe.
Why the World Needs a Global Collective Cyber Defense (Dark Reading) This sort of approach would enable cross-company and cross-sector threat information sharing, an effort that would allow companies to easily turn data into actionable insights.
Haines names policy veteran as intel community’s new CIO (The Record by Recorded Future) Director of National Intelligence Avril Haines on Monday announced a longtime cyber policy expert as the clandestine community’s new chief information officer.
NSA Cybersecurity Director Rob Joyce Presented With 2022 Wash100 Award for Driving Cyber Initiatives, Critical Infrastructure Security (ExecutiveBiz) Looking for the latest Government Contracting News? Check out our story: NSA Cybersecurity Director Rob Joyce Presented With 2022 Wash100 Award for Driving
Litigation, Investigation, and Law Enforcement
NSO Group Asks Court to Toss Apple’s Lawsuit Over Malicious Cyber Activities - Tech (Law Street Media) Last Thursday, NSO Group Technologies Limited and corporate relative, Q Cyber Technologies Limited sought dismissal of the Computer Fraud and Abuse Act
ZTE faces US court for probation revocation (Register) Case relates to alleged conspiracy to illegally bring over Chinese nationals
FTC's COPPA settlement brings first-of-its-kind order (IAPP) FTC commissioners voted 5-0 on a $1.5 million settlement order stemming from alleged COPPA violations.
Thomas Targets Immunity Issue As Court Skips Facebook Row (Law360) Although the U.S. Supreme Court passed Monday on hearing the case of a woman who accuses Facebook of facilitating and benefiting from child sex trafficking, Justice Clarence Thomas said that the immunity afforded to online platforms should be revisited under the right circumstances.