Dateline Moscow, Kyiv, Brussels, London, and Washington: Widespread sympathy and aid for Ukraine, and warnings of possible Russian cyber escalation.
Ukraine at D+13: Looking for victory in rubble. (The CyberWire) Russia's advance remains stalled in the face of resistance and logistical failure, but bombardment of cities intensifies. Sanctions edge Russia closer to default, and the world remains wary of and alert for a cyber campaign against critical infrastructure.
Volodymyr Zelensky speech: Ukrainian President vows to fight Russians in 'forests, fields and on shores' as he channels Winston Churchill
(The Telegraph) Volodymyr Zelensky told MPs on Tuesday that Ukrainians will fight Russian invaders "in the forests, in the fields, on the shores, in the streets" in a rousing speech that channeled the spirit of Winston Churchill.
Ukrainians flee some besieged cities as conditions worsen (AP NEWS) Renewed efforts to rescue civilians from increasingly dire conditions in besieged and bombarded Ukrainian cities were underway Wednesday.
Ukraine makes fresh move to help civilians leave ‘apocalyptic’ Mariupol (the Guardian) Hundreds of thousands of residents have been sheltering for more than a week without water or power
Putin’s Endgame Starts to Look Like Reducing Ukraine to Rubble (Bloomberg) The Russian president envisioned a quick victory. If his history is any guide, destruction may be his fallback plan.
Russia Doesn't Train Troops for Urban Warfare. It's About to Learn the Consequences in Ukraine. (Military.com) "Russian combined-arms doctrine has generally advised against making cities primary objectives."
Russia facing setbacks in Ukraine, US intelligence officials say (Al Jazeera) CIA director says Putin’s assumptions about Ukraine before the invasion turned out to be ‘profoundly flawed’.
Russia-Ukraine latest news: Radioactive substances could be released from Chernobyl after power switched off (The Telegraph) Radioactive substances could be released from Ukraine's Chernobyl nuclear power plant after its power connection was severed, Ukraine’s state-run nuclear company Energoatom has said.
Live updates: Heineken, Universal Music join Russia exodus (AP NEWS) Dutch brewer Heineken, TV company Discovery and the Universal Music Group have joined the corporate exodus from Russia over the Ukraine invasion.
Live Updates: Biden Bans Russian Oil Imports and Major U.S. Brands Close Outlets (New York Times) McDonald’s, Coca-Cola, and Starbucks are among those suspending operations in Russia, and Pepsico is suspending soda sales. The U.S. average gas price hit $4.17 per gallon. The Ukrainian president spoke to the British Parliament by telelink, and the flow of refugees surpassed two million.
Western weakness is enabling Russian war crimes in Ukraine (Atlantic Council) The democratic world has loudly condemned Vladimir Putin's Ukrainian invasion but longstanding policies of Western weakness towards the Kremlin linger on and are now enabling Russian war crimes in Ukraine.
Kyiv Braces for the Onslaught (Foreign Policy) Ukraine’s capital still stands, even as its suburbs have been mauled by indiscriminate Russian strikes.
Seemingly stuck Russian convoy hides mysteries (Washington Post) Rather than striking fear in Ukrainians, the extended column of Russian vehicles has inspired Kyiv residents to join the resistance.
Spy Agencies Cite Russia’s Setbacks but Say Putin Is ‘Unlikely to Be Deterred’ (New York Times) Top U.S. intelligence officials told Congress that the Russian leader had underestimated Ukrainian resolve and Western cohesion but was “doubling down” to achieve his goals.
Second Russian general killed in Ukraine (The Telegraph) Details of death of Maj Gen Vitaly Gerasimov, the chief of staff of the 41st army, were intercepted on mobile telephone communications
Pentagon Estimates Thousands of Russian Troops Have Been Killed in Ukraine (Military.com) U.S. analysts believe as many as 4,000 Russian troops may have been killed in the 13 days since Russia invaded Ukraine.
Focus on Kyiv deadlock obscures Russia’s success in south Ukraine (the Guardian) Analysis: Advance of Putin’s war machine through key southern cities likely to have major impact on war’s outcome
NATO chief cites ‘credible reports’ of Russian war crimes in Ukraine (Stars and Stripes) NATO’s top official on Tuesday acknowledged indications that the Russian military is committing war crimes in Ukraine by targeting civilians, which is contributing to Europe’s worst refugee crisis since World War II.
NATO Members Mount Huge Operation to Resupply Ukrainian Fighters (Wall Street Journal) Western countries are mobilizing aircraft, trains and automobiles to help Ukraine get missiles and rockets to fend off Russian forces.
Russia-Ukraine latest news: Poland offers its Mig-29 fighter jets for Ukraine (The Telegraph) Poland has announced it will immediately offer all its MiG-29 jets to the US, as it urged other NATO members with the same aircraft to do the same.
Poland offers fighter jets to help Ukraine repel Russians (The Telegraph) 'Rent-a-MiG' scheme would mean entire fleet put at disposal of the US but the Pentagon believes offer is not 'tenable'
Ukraine War News Live: Pentagon says Poland jet transfer idea not feasible (Newsweek) Russia issues oil price warning; Ukraine accuses Russia of violating ceasefire again; Zelensky defiant in videos. Follow Newsweek's liveblog for the latest.
Canada's MDA providing Ukraine with satellite imagery to fight Russia (Reuters) Canada's satellite builder and operator MDA Ltd. is providing Ukraine with near real-time satellite images to track Russian troop movements even at night or through cloud cover, Chief Executive Officer Mike Greenley said on Tuesday.
Satellogic and Astraea Enable Direct Collection Access for Emergency Response in Ukraine (SpaceRef) Satellogic Inc. (NASDAQ:SATL), a leader in sub-meter resolution satellite imagery collection, announced a collaboration with Astraea, a geospatial and AI analysis software company, to distribute critical Earth Observation (“EO”) data directly to the Ukrainian government, allied governments, and humanitarian organizations on the ground.
Russian military equipment, damaged bridge seen in satellite images (Military Times) Russian military vehicles and equipment are still moving near the Antonov Airport, according to satellite images released Tuesday by Maxar Technologies.
Ukraine’s Foreign Legion Is Ready for Battle (Foreign Policy) Thousands of fighters are already flooding into Ukraine from around the world.
Effort to relieve encircled Ukrainian port put in jeopardy (AP NEWS) An attempt to evacuate civilians from the besieged port of Mariupol was thrown into jeopardy by continued fighting Tuesday as conditions grew more desperate inside the city of 430,000, with corpses in the streets and hungry residents breaking into stores for food.
Former U.S. ambassador says no-fly zone would amount to declaration of war (Newsweek) "I think a no-fly zone is the wrong move. I support the president of the United States on that," the former ambassador said.
Ukraine government says Russian POWs will "work to revive" economy (Newsweek) The declaration has raised questions about whether Ukraine's current treatment of POWs violates international law.
Russia's military losses in Ukraine are a gold mine for US intelligence (Newsweek) "The gear is huge," retired U.S. Army Colonel Mike Jason told Newsweek. "It's like capturing an enigma machine."
A deep dive into U.S. intelligence in Russia and beyond (WBUR) While the U.S. has made it clear that American troops will not fight Russia in Ukraine, there is still a lot the U.S. government is doing behind the scenes.
The New York Times Pulls Its News Staff From Russia (New York Times) Other news organizations, like Bloomberg, have suspended their operations in Russia in response to a new law that effectively criminalizes independent reporting.
China Pushes Russia Conspiracy Theory About U.S. Labs in Ukraine (Bloomberg) Foreign Ministry urged U.S. to name viruses stored in labs. Beijing has yet to call Russia’s military action an ‘invasion’
In the Ukraine Conflict, Fake Fact-Checks Are Being Used to Spread Disinformation (ProPublica) Social media posts debunking purported Ukrainian disinformation are themselves fake. That doesn’t stop them from being featured on Russian state TV.
Russia’s Propaganda Machine Is Faltering Over Ukraine (Foreign Policy) A once well-oiled system has been shocked by the war.
Virality Isn’t Victory for Ukraine (Foreign Policy) Catchy stories can mislead the public about the war’s future.
Preventing Cyber Escalation in Ukraine and After (War on the Rocks) Editor’s note: Don’t miss our comprehensive guide to Russia’s war against Ukraine. With the world worried about the risk of nuclear escalation
Intel chiefs, lawmakers wait for other shoe to drop on Russian cyberattacks against Ukraine (The Record by Recorded Future) U.S. intelligence leaders and key congressional lawmakers on Tuesday signaled they remain on edge that Russia could unleash a digital salvo on the country, and its allies, as Moscow’s invasion of Ukraine escalates.
Putin’s invasion of Ukraine didn’t rely on cyberwarfare. Here’s why. (Washington Post) Cyber operations don’t win wars, our research finds.
Cyber attacks: logistics more likely to be 'collateral damage' than targeted - The Loadstar (The Loadstar) Despite the current paradigm affording unprecedented opportunities for catastrophic disruption, it seems that that the European logistics chain is not, so far, a prime target for Russian cyber attacks, as many had feared. Cybersecurity expert Christina Stevenson, director of governance, risk & compliance at CyberCX, told The Loadstar that the logistics chain would be more likely to be impacted by the fallout from cyber-warfare in Ukraine, rather than treated as a ...
Google: Russia, China, Belarus state hackers target Ukraine, Europe (BleepingComputer) Google says Russian, Belarusian, and Chinese threat actors targeted Ukrainian and European government and military organizations, as well as individuals, in sweeping phishing campaigns and DDoS attacks.
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says (Washington Post) The campaign indicates that the Russia ally has done more in the war against Ukraine than serve as just a staging area for Russian troops
Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks (The Hacker News) Google warns of Russian hackers targeting Ukraine and European allies through phishing campaigns.
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says (Washington Post) The campaign indicates that the Russia ally has done more in the war against Ukraine than serve as just a staging area for Russian troops
Conti Ransomware Group Diaries, Part IV: Cryptocrime (KrebsOnSecurity) Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies,…
How Much Damage Could a Russian Cyberattack Do in the U.S? (Government Executive) Russian information warriors have the capacity to damage critical infrastructure systems.
The U.S. is urging CEOs to prepare for more Russian cyberattacks (Fortune) CEOs cite cyber risk as their top concern in 2022.
NYC on ‘ultra-high alert’ amid increased risk of Russian retaliatory cyberattack (New York Post) New York state is facing “increased risk” of cyberattack from Russian retaliators, while city agents have seen more breach attempts amid heightened tensions that have arisen f…
South West businesses warned to prepare for Russian cyber attacks (Business LIve) South West Business Council and Cyber Resilience Centre for the South West link to create 'fortress mentality' among region's firms
Sainsbury's takes action over Ukraine war (Computing) Retailer’s Group CIO Phil Jordan tells Computing that the organisation is operating ‘at a heightened state of vigilance’ over cyber activity
How the War in Ukraine Could Get Much Worse (Foreign Affairs) The West and Russia may be entering into the terminal stages of an insecurity spiral, which could produce a larger European war even if it doesn’t go nuclear.
Ukraine urgently needs a multi-billion dollar international fund to survive (Atlantic Council) Ukraine urgently needs international financial support to prevent an economic collapse as a result of Vladimir Putin's invasion and in order to fund the future rebuilding of the country's devastated towns and cities.
IMF board to consider $1.4 bln in funding for Ukraine on Wednesday - Georgieva (Reuters) The International Monetary Fund's executive board is poised to approve on Wednesday $1.4 billion in emergency funding for Ukraine to help it respond to Russia's invasion, IMF Managing Director Kristalina Georgieva said on Tuesday.
Congress reaches deal on billions in Ukraine aid (TheHill) Congressional leaders have reached a deal to provide roughly $14 billion in Ukraine-related aid, which they expect to include in a massive government funding package.
Russia’s Menacing Mix of Religion and Nuclear Weapons (Foreign Affairs) In the Kremlin, faith and force go hand in hand.
Opinion: Putin needs to watch his back (Washington Post) No matter what the outcome, Vladimir Putin’s war on Ukraine spells bad news for his regime. Neither taking Kyiv and declaring victory nor beginning peace negotiations will save the Russian president from the serious, if not fatal, domestic repercussions of this war.
Putin's War on Ukraine Shows Xi the Dangers of Attacking Taiwan (Bloomberg) The fallout from Russia’s invasion may prompt China’s leaders to think twice about taking Taiwan by force.
A new era for NATO has begun (Atlantic Council) On a political and on a military level, NATO is closer than ever—and readier than ever.
Opinion | Putin Has No Good Way Out, and That Really Scares Me (New York Times) He’s not a man to admit defeat, so he could just keep doubling down.
An International Relations Theory Guide to the War in Ukraine (Foreign Policy) A consideration of which theories have been vindicated—and which have fallen flat.
Economic Ties Among Nations Spur Peace. Or Do They? (New York Times) The Russian invasion of Ukraine strains the long-held idea that shared interests around business and commerce can deflect military conflict.
Tech and War (Stratechery by Ben Thompson) The reaction to the Ukraine invasion has been a demonstration of tech capabilities; those capabilities may be the key to compelling China to pressure Russia.
Putin orders a ban on some Russian exports amid sweeping Western sanctions and US energy import restrictions (Business Insider) Russia is a major exporter of commodities including oil, gas, wheat and metals. Prices have surged in part due to sanctions over the Ukraine war.
Russia warns oil prices could hit $300 a barrel if the US and Europe reject Russian oil, says the move would have 'catastrophic consequences' (Markets Insider) The message came a day after US Secretary of State Antony Blinken told NBC the US was discussing a ban on Russian oil with Europe.
Putin Clings to Russia’s Market Economy as Sanctions Wind Back the Clock (Bloomberg) Preserving the illusion of normalcy is paramount, even as the import-dependent country reels.
Fitch warns a Russian debt default is 'imminent' as it cuts the country's credit rating again (Markets Insider) A Russian default is 'imminent', the credit ratings agency said as it downgraded from to a C rating – its second downgrade since the Ukraine invasion.
Russia suspends foreign currency sales as sovereign default ‘imminent’ (The Telegraph) Putin makes drastic bid to steady economy and Fitch warns of risk to debt
EU commits to phasing out dependency on Russian fossil fuels (AP NEWS) The European Union is seeking to fully phase out its reliance on Russian energy “well before 2030” to ensure the 27-nation bloc no longer faces difficult decisions about hurting their own economies in geopolitical crises like the invasion of Ukraine .
How to sanction Russian energy, mitigate price spikes, and advance low-carbon energy security (Atlantic Council) An embargo on Russian oil may not have the intended effect on Putin's war chest, as a squeeze on global oil supply could inadvertently create more profits for Russian producers. But a punitive tax might work better, keeping prices at market level while setting aside profits to use for diversification, price shock mitigation, and support for Ukraine.
E.U. presents plan to cut Russian gas imports by two-thirds this year, stops short of boycott (Washington Post) The European Commission on Tuesday presented a plan to cut Russian gas imports by two-thirds this year, steeply reducing — but not severing — energy ties to Moscow.
U.S. to ban oil imports from Russia as White House explores drastic plans to buffer economy from energy shock (Wahington Post) President Biden on Tuesday acknowledged the pain higher costs were inflicting on Americans, but he said the U.S. and its allies had to economically isolate Russia
EXPLAINER: What does a US ban on Russian oil accomplish? (AP NEWS) With Russia intensifying its war on Ukraine , killing civilians and triggering a mass refugee crisis, President Joe Biden on Tuesday announced a U.S.
Most Americans are willing to pay more at the pump for Ukraine (Quartz) The majority of Americans are willing to pay the higher gas prices that would come with a ban on Russian oil, a new poll found.
China Considers Buying Stakes in Russian Energy, Commodity Firms (Bloomberg) Beijing’s talking with state-owned firms on opportunities. Any deal is to bolster energy, commodity imports: sources.
What to expect from Rishi the war chancellor (The Telegraph) The Chancellor, whether he likes it or not, will have to pay for energy and defence costs
Chinese firms that aid Russia may be cut off from U.S. equipment -commerce secretary (Reuters) Chinese companies that defy U.S. restrictions against exporting to Russia may be cut off from American equipment and software they need to make their products, U.S. Commerce Secretary Gina Raimondo told the New York Times.
Amazon Web Services blocks new sign-ups from Russia and Belarus. (New York Times) The policy change for Amazon Web Services started over the weekend but was not publicly announced until Tuesday.
Boeing suspends Moscow support to Russian airlines (Military & Aerospace Electronics) The U.S. jet maker said it is also suspending parts, maintenance and technical support services for Russian airlines, Dominic Gates reports for The Seattle Times.
Owners Outfoxed as Russia Absconds With $10 Billion of Jets (Bloomberg) Lessors have retrieved only a couple dozen of 500 aircraft. Repo man’s biggest fear: ‘These aeroplanes are gone forever’.
Lumen, a second major American Internet carrier, pulling out of Russia (Washington Post) The move is certain to increase Russia’s isolation from outside information
Internet backbone provider Lumen quits Russia (Register) Disconnects small group of customers to protect 'integrity of the global internet'
Twitter Launches Tor Onion Service Making Site Easier to Access in Russia (Vice) The site may become the most significant onion service created if it allows people to access Twitter from censored countries.
Coca-Cola Announces Suspension of Operations in Russia (Bloomberg) Coca-Cola Co. is suspending its business in Russia, joining a flood of U.S. and European companies abandoning the nation following its invasion of Ukraine.
‘Where Is Everybody?’ Some Public Colleges Cut Ties With Russia Over Ukraine War (Chronicle of Higher Education) Public universities in Arizona this week joined a handful of others nationwide that said they would sell their Russian assets after an Arizona Board of Regents vote on Monday. The move is largely symbolic, but board members see it as an important demonstration of their disapproval of President Vladimir V. Putin’s war in Ukraine.
War Is Calling Crypto’s ‘Neutrality’ Into Question (Wired) War in Ukraine and Western sanctions against Russia have made cryptocurrency a hot potato for international politics.
Russian soccer federation appeals against FIFA, UEFA bans (AP NEWS) The Russian soccer federation appealed Tuesday to have its FIFA and UEFA bans frozen and other punishments overturned. Russian teams were expelled from competition on Feb.
Attacks, Threats, and Vulnerabilities
U.S. State Governments Hit in Chinese Hacking Spree (Wall Street Journal) The hacks, which took advantage of vulnerable internet-facing web applications, date to at least May 2021, according to findings made public by cybersecurity firm Mandiant.
U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool (SecurityWeek) The China-linked threat group APT41 has breached several US state government networks, including by exploiting a zero-day in a tool used by agriculture departments.
China-backed APT41 compromised ‘at least’ six US state governments (TechCrunch) The state-sponsored hacking group was discovered stealing credentials.
Chinese Spies Hacked a Livestock App to Breach US State Networks (Wired) Vulnerabilities in animal tracking software USAHERDS and Log4j gave the notorious APT41 group a foothold in multiple government systems.
A Summary of APT41 Targeting U.S. State Governments (Mandiant) APT41’s persistent effort allowed them to successfully compromise at least six U.S. state government networks.
Mobile Malware is Surging in Europe: A Look at the Biggest Threats (Proofpoint) Starting in early February, our researchers detected a 500% jump in mobile malware delivery attempts in Europe. This is in keeping with a trend we’ve observed over the past few years where mobile messaging abuse has steadily increased as attackers ramp up attempts at smishing (SMS/text-based phishing) and sending malware to mobile devices. In 2021 alone, we detected several different malware packages across the globe. Although volume fell sharply toward the end of 2021, we’re seeing a 2022 resurgence.
Critical Bugs Expose Hundreds of Thousands of Medical Devices and ATMs (Wired) The so-called Access:7 vulnerabilities are the latest high-profile IoT security fumble.
Medical, IoT Devices From Many Manufacturers Affected by 'Access:7' Vulnerabilities (SecurityWeek) Critical supply chain vulnerabilities in PTC’s Axeda agent affect 150 device models from more than 100 manufacturers.
Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses (The Hacker News) Multiple critical remote code execution flaw was found in the Pascom cloud phone system used by businesses.
Beware of malware offering "Warm greetings from Saudi Aramco" (Malwarebytes Labs) A new Formbook campaign is targeting oil and gas companies.
“Dirty Pipe” Linux kernel bug lets anyone write to any file (Naked Security) Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.
Researchers Warn of Linux Kernel ‘Dirty Pipe’ Arbitrary File Overwrite Vulnerability (The Hacker News) Researchers warn of a new vulnerability in the Linux kernel, dubbed "Dirty Pipe," which could allow an attacker to overwrite arbitrary data.
Paying a Ransom Doesn’t Put an End to the Extortion (HIPAA Journal) The healthcare industry has been extensively targeted by ransomware gangs and victims often see paying the ransom as the best option to ensure a quick The healthcare industry has been targeted by ransomware gangs and paying the ransom may seem the best option, but payment does not always put an end to extortion.
Fraud Is Flourishing on Zelle. The Banks Say It’s Not Their Problem. (New York Times) Zelle, the payments platform used by millions of customers, is a popular target of scammers. But banks have been reluctant to make fraud victims whole — despite owning the system.
Hapag-Lloyd flags spear phishing attack (Splash247) German liner Hapag-Lloyd has notified the market that the company is possibly the target of a spear phishing attack after its IT security team found a copy of its website. “This means that e-mails are used to redirect users to this site and when they log in with their personal access data, which are then …
E-commerce giant Mercado Libre confirms source code data breach (BleepingComputer) E-commerce giant Mercado Libre has confirmed "unauthorized access" to a part of its source code this week. Mercado additionally says data of around 300,000 of its users was accessed by threat actors.
Security Patches, Mitigations, and Software Updates
VERT Threat Alert: March 2022 Patch Tuesday Analysis (The State of Security) This VERT Alert addresses Microsoft’s March 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities.
Patch Tuesday: Microsoft Fixes Multiple Code Execution Flaws (SecurityWeek) Microsoft’s Patch Tuesday bundle for this month is a big one: 74 documented vulnerabilities in multiple Windows products and components, some serious enough to lead to remote code execution attacks.
Adobe Patches 'Critical' Security Flaws in Illustrator, After Effects (SecurityWeek) Software maker Adobe has shipped urgent security updates to fix code execution vulnerabilities in the Illustrator and After Effects products.
Zero Day Initiative — The March 2022 Security Update Review (Zero Day Initiative) It’s once again Patch Tuesday, which means the latest security updates from Adobe and Microsoft have arrived. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for March 2022 The Adobe release for March is
CISA Urges Organizations to Patch Recent Firefox Zero-Days (SecurityWeek) CISA on Monday announced the inclusion of 11 security holes in its Known Exploited Vulnerabilities Catalog.
PTC Axeda agent and Axeda Desktop Server | (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: PTC
Equipment: Axeda agent, Axeda Desktop Server
Vulnerabilities: Use of Hard-coded Credentials, Missing Authentication for Critical Function, Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal, Improper Check or Handling of Exceptional Conditions
AVEVA System Platform (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: System Platform Vulnerability: Cleartext Storage of Sensitive Information in Memory 2. RISK EVALUATION Successful exploitation of this vulnerability could expose cleartext credentials for the network user account or for logged-in users to an authorized, low privilege user.
Sensormatic PowerManage (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc Equipment: PowerManage Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain remote code execution.
Trends
Large organizations left exposed by three-month gap in human cyber capabilities after threats break (Immersive Labs) Analysis of 35,000 cybersecurity team members at 400 global organizations lays bare 96-day lag in knowledge, skills and judgment after attacks are out in the wild
PerimeterX Annual E-Commerce Report Shows 106% Increase in Bot Attacks Plus Sharp Increases in Scraping and Carding, Fueling the Web Attack Lifecycle (PerimeterX) Automated Fraud — including Sneaker bots and Hype Sales Attacks, Credential Stuffing, and Account Takeover (ATO) Attacks — on the Rise
Over half of London councils lack cyber insurance (IT PRO) One council representative called the cyber insurance market “very challenging”
Marketplace
Axonius Valued at $2.6 Billion After New $200 Million Funding Round (SecurityWeek) Cybersecurity asset management company Axonius has been valued at $2.6 billion after raising another $200 million in funding.
Cybersecurity startup Axonius valued at $2.6 bln after latest funding (Reuters) Axonius has raised $200 million from investors led by venture capital firm Accel at a valuation of $2.6 billion, in what the cybersecurity startup says could be its last funding before a public listing.
Netsparker is now Invicti, signaling new era for modern AppSec (PR Newswire) Invicti Security™ today announced it is consolidating the Netsparker brand into Invicti as the company continues to deliver on its strategy to...
Google to Buy Cybersecurity Firm Mandiant in $5.4 Billion Deal (Wall Street Journal) Google said the acquisition of the cybersecurity company would complement its Google Cloud business.
Google’s Mandiant Deal Aims to Automate More Cybersecurity Services (Wall Street Journal) Google’s nearly $5.4 billion acquisition of Mandiant Inc. aims to better automate cyber defenses by injecting specialized intelligence into one of the world’s largest platforms for cloud-based tools.
CentralSquare Expands and Solidifies its Executive Leadership for Continued Growth (CentralSquare) CentralSquare Technologies, an industry leader in public sector technology, announced the appointment of Dara Brenner as its Chief Product Officer (CPO), Weston Helms as its Vice President (VP) of Corporate Development and Janet Haugen, former Chief Financial Officer of Unisys, as a new independent member of the Board of Directors.
CyberMap (YL Ventures) CyberMap by YL Ventures is the first open, interactive, comprehensive, live map of Israel’s Cybersecurity startup landscape
Forter Recognized as the “Clear Leader” in Frost and Sullivan Radar Report in e-Commerce Fraud Prevention for Second Consecutive Year (Business Wire) Forter passes $500 billion in gross merchandise value since its founding and secures funding from strategic investors
Yellowbrick Data Appoints Tim Young as New CMO (Business Wire) Yellowbrick Data, the leader in Distributed Data Cloud architecture for data warehousing, has appointed Tim Young as Chief Marketing Officer. Leading
Query.AI Names Neal Bridges as Chief Information Security Officer (Query.AI) Seasoned cybersecurity executive and hands-on practitioner to spearhead security strategy and operations, and guide product development efforts BROOKINGS, S.D. – March 8, 2022 – Query.AI, the provider of the market’s only security investigations control plane for modern enterprises, today announced Neal Bridges as the company’s chief information security officer (CISO), further expanding the company’s talented executive roster. […]
Products, Services, and Solutions
C Series SEDs extend DIGISTOR’s industry-leading ability to eliminate the need for complex, costly customized systems to secure Data at Rest (DAR) (DIGISTOR) DIGISTOR®, a leading provider of secure data storage for military and critical infrastructure Data at Rest (DAR) solutions, announced that its C Series Self-Encrypting Drives (SEDs) are available beginning now. The C Series SEDs, powered by Cigent®, are available for retrofit or integration through DIGISTOR OEM and integrator partners.
Asigra Cyber-Secure Backup Platform Defending Data Against Persistent Log4j Vulnerability (EIN) Long Term Data Security Threat Mitigation Plans for Fast Remediation Include Protected Backup Environments that Ensure Recovery
Reciprocity Introduces Industry’s First AI-Powered, Integrated Cyber Risk Platform (Reciprocity) Reciprocity’s Pioneering New Approach to Risk Management Enables Companies to Avoid, Control, and Mitigate Risk in Business Processes While Providing Clear, Executive-Level Visibility Into Risk
CyberGRX Delivers Instant Alerts to Third-Party Breaches to Assess Business Impact (Business Wire) CyberGRX extends its predictive risk intelligence capabilities through the announcement of a Breach Monitoring & Alerting feature.
Blog: What’s New in the Area 1 Horizon Portal - February 2022 (Area 1 Security, Inc.) At Area 1, we are always looking for better ways to communicate important key phishing detection metrics. Our latest product update is the first of several new visualizations and dashboard enhancements coming this year.
Canonic Security Launches AppTotal, a Free Sandbox for Enterprise SaaS Apps (PR Newswire) Canonic Security, a cybersecurity startup protecting SaaS business applications, today announced the launch of AppTotal, a free community...
Censinet Delivers First and Only Enterprise Risk Management Product With Support for Health Industry Cybersecurity Practices (HICP) (Censinet) Censinet, a leading provider of risk management solutions for healthcare, today announced Censinet RiskOps™ for HICP, the industry’s first and only enterprise risk management solution built for Health Industry Cybersecurity Practices (HICP).
Cybrary Welcomes Four New Executives to Leadership Team (PR Newswire) Cybrary, the leading training platform for cybersecurity professionals, today announced the addition of four new leaders to their executive...
IDC says a Data Mobility Engine Can Serve as the Core of an Effective Data Management Strategy (Datadobi) Research firm IDC predicts that, over the next five years, more than 80% of the data collected by organizations will be unstructured data, and that will only continue to grow 40-50% per year for most enterprises. With the sheer volume of unstructured data yet to be created and used in the years ahead, it’s safe to say that the way organizations manage their data will need to evolve.
Orange Business Services and Fortinet Partner on SASE to Create a Secure, Seamless and Scalable Cloud-native Network, Delivering Improved User Experience (Business Wire) Orange Business Services, a global network-native digital services company, and Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and au
Buoyant Announces Automated Multi-Cluster Failover Capabilities in Linkerd (PR Newswire) Buoyant, creator of the widely-used open source Linkerd service mesh and of the Buoyant Cloud managed Linkerd service, today announced the...
Noetic Cyber and Rumble partner to provide complete visibility into organizations' cyber assets and attack surface (PR Newswire) Noetic Cyber, a cloud-based continuous cyber asset management and controls platform, today announced an integration with Rumble Network...
Technologies, Techniques, and Standards
Understanding US Defense Department’s relaxed cybersecurity protocols under CMMC 2.0 (Help Net Security) The DoD has announced its intent to release CMMC 2.0, with promises to streamline the certification process and ease security regulations.
Responding to heightened cyberattack risk: Focus on the basics (CSO Online) The Russia-Ukraine crisis has raised alarms about heightened risk of cyberattacks. Don't panic, but do make sure you're on top of these fundamental security best practices.
Legislation, Policy, and Regulation
EU Ministers Assess Cyber Priorities Amid Ukraine War (Wall Street Journal) European Union telecommunications ministers are meeting in Paris this week to discuss cyber and technology strategy amid the war in Ukraine.
EU countries call for cybersecurity emergency response fund -document (Reuters) Telecoms ministers from the 27 EU countries want the European Commission to set up a cybersecurity emergency response fund to counter large-scale cyberattacks, citing the recent attacks against Ukraine, according to an EU document.
#DSbD: UK Could Face a “Cyber Disaster” on its Current Security Trajectory (Infosecurity Magazine) DSbD initiative aims to put more responsibility in the hands of those who build it, creating a culture of secure by default
Annual Threat Assessment of the U.S. Intelligence Community (Office of the Director of National Intelligence) This annual report of worldwide threats to the national security of the United States responds to Section 617 of the FY21 Intelligence Authorization Act (P.L. 116-260). This report reflects the collective insights of the Intelligence Community (IC), which is committed every day to providing the nuanced, independent, and unvarnished intelligence that policymakers, warfighters, and domestic law enforcement personnel need to protect American lives and America’s interests anywhere in the world.
Estimated Costs for Protecting Election Infrastructure Against Insider Threats (Brennan Center for Justice) We estimate that the nationwide five-year cost for basic security measures is approximately $316 million dollars.
The Cyberspace Solarium Commission pushed some major policies into law. So what now? (CyberScoop) The Cyberspace Solarium Commission plans to track what happened to is recommendations and study issues where it only scratched the surface.
Litigation, Investigation, and Law Enforcement
Police Use of Google Location Data to Find Robbery Suspect Is Ruled Unconstitutional (Wall Street Journal) The decision deals a blow to a fast-growing policing tactic known as geofence warrants
Phones of former ministry heads were hacked by foreign state, not police – report (Times of Israel) ZecOps finds Shai Babad, Keren Terner Eyal and Emi Palmor — all named in bombshell Calcalist wiretapping report — were never targeted by police or with NSO Group's Pegasus spyware
Siblings Accused of $124 Million Crypto Scam Ran Times Square Ad (Bloomberg) Brother and sister fined by SEC for fraudulent token offering. John Barksdale criminally charged by Justice Department.
DHS Surveilled US Citizens' Money Transfers, Sen. Says (Law360) The U.S. Department of Homeland Security secretly collected "a massive trove of ordinary Americans' financial records" without a warrant, Sen. Ron Wyden, D-Ore., said Tuesday in a letter to the agency's inspector general.
WSJ News Exclusive | Amazon Flagged to Justice Department for Possible Criminal Obstruction of Congress (Wall Street Journal) A letter from bipartisan members of the House Judiciary Committee accuses the tech giant of withholding information during an antitrust probe. Amazon has denied any attempts to mislead.