Dateline Moscow, Kyiv, and Washington: Cyber gangs and hacktivists converge in Russia's hybrid war against Ukraine.
Ukraine at D+19: Digging in, bringing up the guns, and recruiting hackers. (The CyberWire) Some Russian forces are reported to have paused their advance in order to dig in. The Russophone cyber underworld is feeling patriotic tugs in different directions. A new wiper is discovered in Ukrainian networks. Russia may face default as early as tomorrow.
Where things stand as Russia's invasion of Ukraine enters its third week (Task & Purpose) "It is time to stop the horror unleashed on the people of Ukraine."
Russia-Ukraine war: early morning strikes hit Kyiv hours before peace talks (the Guardian) Series of Russian strikes hit residential neighbourhood before Polish, Czech and Slovenian leaders head to Ukrainian capital
Russia’s invasion of Ukraine: List of key events from day 20 (Al Jazeera) As the Russia-Ukraine war enters its 20th day, we take a look at the main developments.
How Kyiv’s outgunned defenders have kept Russian forces from capturing the capital (Washington Post) The bodies of Russian soldiers were scattered by the wreckage of charred military vehicles and shelled buildings. Twenty feet away, behind tanker trucks, Ukrainian volunteers stood watch, their eyes on a cement mixer about 500 yards away. Behind it were Russian troops on the edges of Bucha, the next town over.
Zelenskyy predicts Ukraine victory; Russia-based cyberattacks well tested, expert says (Fox News) In an address early Tuesday, Ukrainian President Volodymyr Zelenskyy predicted victory over Russian President Vladimir Putin's forces in Ukraine and offered Russian troops a "chance to survive" by surrendering.
3 EU nation leaders to visit Kyiv as Ukraine refugees top 3M (AP NEWS) Russia’s relentless bombardment of Ukraine edged closer to central Kyiv as a series of strikes hit a residential neighborhood Tuesday, while the leaders of three European Union countries planned a bold visit to Ukraine’s capital and the number of people the war has driven from the country passed 3 million.
Russian forces have been pushed back slightly from Ukraine's Mykolayiv city, says governor (Reuters) The governor of Ukraine's southern region of Mykolayiv said the security situation was calmer in the area on Tuesday because Russian forces had been pushed back slightly from the regional capital, which they have been trying to seize.
Russia’s Road to Odesa Runs Through Mykolaiv (Foreign Policy) War is intensifying along the Black Sea coast, with one key city standing in the invaders’ way.
Ukraine-Russia morning briefing: Five developments as Chechen leader tells Ukrainian forces to surrender 'or you will be finished' (The Telegraph) Plus: US official says Russia asked China for military equipment, and UK announces it is providing cancer treatment for Ukrainian children
Russia’s operation in Ukraine proceeds according to plan — Kremlin spokesman (TASS) The operation will be completed on time and in full, Dmitry Peskov noted
Ukraine invasion ‘not moving as fast as we would like’, admits top Russian official (The Telegraph) Member of Vladimir Putin’s inner circle appears to contradict Kremlin claims of war ‘going according to plan’
What Happened on Day 19 of Russia’s Invasion of Ukraine (New York Times) Russian and Ukrainian representatives held talks, as did officials from the U.S. and China, but there were no breakthroughs. Hundreds of people escaped the southern city of Mariupol, though many thousands remained trapped.
Russia keeps up attacks in Ukraine as two sides hold talks (AP NEWS) Russia and Ukraine kept a fragile diplomatic path open with a new round of talks Monday even as Moscow's forces pounded away at Kyiv and other cities across the country in a punishing bombardment the Red Cross said has created “nothing short of a nightmare” for civilians.
Russia-Ukraine latest news: Three British former special forces officers ‘killed in air strike near Polish border’ (The Telegraph) The Foreign Office is urgently investigating reports that three British former special forces officers were killed in the Russian air strike at the Yavoriv base near the Polish border on Sunday.
Ukrainians hold advantage in defending Kyiv, but they remain vulnerable to Russian air strikes (The Telegraph) Urban fighting will put the Russians on the back foot, prompting fears Vladimir Putin will pulverise Ukraine's capital
'Hell on earth': Russian air strike on Ukrainian military base was aimed to deter foreign fighters (The Telegraph) Russia suspected the Yavoriv military centre 15 miles from Poland was moving defence material and personnel in and out of Ukraine
Dozens killed as Russian air strikes hit Ukrainian military base near Polish border (The Telegraph) At least 35 people have died, with more than 130 injured, in attack on Yavoriv military centre used by Nato forces before invasion
Kill me now, begs dying Mariupol mother as her newborn’s life slips away (The Telegraph) The death of a pregnant woman and her child following the hospital airstrike underscores the horror that the city continues to face
Ukrainian farmers tow away abandoned Russia tanks and missile launchers worth millions (The Telegraph) Videos of tractors tugging a range of 'confiscated' Russian military equipment have gone viral on social media
Cyber Troops Stretched Thin in Ukraine Response as NATO Builds Common Air Picture (Air Force Magazine) With the war in Ukraine serving as a wake-up call, US cyber troops in Europe face tough choices in deploying limited resources.
Researchers find new destructive wiper malware in Ukraine (The Verge) It’s at least the third strain of wiper since the conflict began.
Zelensky will address Congress in a virtual speech on Wednesday. (New York Times) The Ukrainian president’s speech will likely increase growing momentum on Capitol Hill to pressure President Biden to send fighter jets to Kyiv.
Zelenskiy Plans Rare Wartime Speech to Congress in Plea for Aid (Bloomberg) Ukrainian president requested chance to speak to lawmakers. Attendance limited to lawmakers, but feeds open to networks.
How Volodymyr Zelensky could convince Vladimir Putin to make peace in Ukraine (The Telegraph) Kyiv and the West will need to let the Russian president claim victory, even if he has really suffered defeat
Putin’s Thousand-Year War (Foreign Policy) The reasons for his anti-Western enmity stretch back over Russia’s entire history—and they will be with us for a long time.
Ukraine Live Updates: 3 European Leaders Head to Kyiv as Attacks Continue (New York Times) The leaders of the Czech Republic, Poland and Slovenia planned to express the European Union’s “unequivocal support” for Ukraine. Blasts shook the Ukrainian capital before dawn, killing at least four people, the mayor said.
Lithuania, a Vulnerable NATO Link, Readies for Putin (New York Times) The Baltics, wedged between Russia and Belarus, have been likened to a modern-day West Berlin. Many here worry that if Ukraine falls, they might be next.
Self-deterrence does not work (TheHill) If Putin is unwilling to change his aims, self-deterrence must be discarded for what Clausewitz called “other means.”
Sending Old Fighter Jets to Ukraine Is a Terrible Idea (Foreign Policy) The urge to do something is strong, but there are more practical ways to help.
Putin has brought threat of nuclear conflict ‘back within the realm of possibility,’ U.N. chief says (Washington Post) U.N. Secretary General António Guterres said Monday that the prospect of nuclear conflict is “now back within the realm of possibility” after Russian President Vladimir Putin raised the alert levels of the country’s nuclear forces last month.
China ‘willing to supply Russia’ with weapons and military support (The Telegraph) US claims that Beijing is open to providing aid to Moscow, which has admitted that the Ukraine invasion is not going to plan
U.S. doubles down on claims China will help Russia in Ukraine (Newsweek) China has been riled by U.S. intelligence reports suggesting Beijing responded positively to Moscow's request for military aid in Ukraine.
Ukraine Update: U.S. Warns China Over Support for Russia’s War (Bloomberg) U.S. National Security Adviser Jake Sullivan held talks in Rome with China’s top diplomat, the first of their kind since Russia’s invasion of Ukraine last month. The Biden administration is pressing China to use its influence in Moscow to help end the conflict, while warning that there’ll be consequences for supporting Russia.
U.S. Says China Talks on Russia Were a ‘Substantial Discussion' (Bloomberg) Russia had asked China for military aid, U.S. officials say. State department spokesman says U.S. raised concerns.
China’s global reputation in the balance as Beijing fears economic fallout from standing with Putin (The Telegraph) Assurances over its ‘rock-solid’ partnership with Moscow won’t allay concerns that China may have made a significant strategic blunder
Kalashnikov Concern Hacked By Cyber Forces of Ukraine (Inside Cyber Warfare) Records and Trade Secrets shared with Western Intelligence services
Researchers find new destructive wiper malware in Ukraine (The Verge) It’s at least the third strain of wiper since the conflict began.
CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks (The Hacker News) Researchers have discovered a new data wiper malware, dubbed CaddyWiper, delivered in cyberattacks against Ukraine.
Hackers Target German Branch of Russian Oil Giant Rosneft (SecurityWeek) The German subsidiary of Russian energy giant Rosneft has been hit by a cyberattack, but its pipelines and refineries continue to operate as normal
Kyiv’s hackers seize their wartime moment (POLITICO) Ukrainian cyber experts put their skills to use retaliating against Moscow.
Cloud Native Technologies Used in Russia-Ukraine Cyber Attacks (Aqua Security) Team Nautilus analyzed the Russia-Ukraine cyber attacks and how public repositories and containers are used to distribute cyber warfare to non-hackers.
Fake antivirus updates used to deploy Cobalt Strike in Ukraine (BleepingComputer) Ukraine's Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware.
Cyberattack on state organizations of Ukraine using malicious programs Cobalt Strike Beacon, GrimPlant and GraphSteel (CERT-UA # 4145) (CERT-UA) The Governmental Computer Emergency Response Team of Ukraine CERT-UA received a notification from the coordinating entities about the mass distribution of e-mails on behalf of the state bodies of Ukraine with instructions on how to increase the level of information security.
Financially motivated threat actors willing to go after Russian targets (Help Net Security) As Ukrainian organizations get hit with data-wiping malware, some financially motivated threat actors are willing to target Russian targets.
Leaked Chats Show Russian Ransomware Gang Discussing Putin’s Invasion of Ukraine (The Intercept) Chat logs reveal that members of the Conti ransomware gang repeated Putin’s lies about Ukraine — and bemoaned their inability to buy Apple products.
Global Incident Report: Threat Actors Divide Along Ideological Lines over the Russia-Ukraine Conflict on Underground Forums (Accenture) By and large, criminal underground forums—particularly ones associated with ransomware—on which the most-skilled and respected cybercrime actors operate are Russian-language forums. These forums previously employed a strict, “no work in CIS” policy, meaning that these forums prohibited membership by those involved in attacks targeting entities operating within the Commonwealth of Independent States (CIS) region. However, following Russia’s invasion of Ukraine on February 24, 2022, threat actors on the criminal underground are increasingly dividing themselves, sympathizing with either Russia or Ukraine, which is sending ripples through the Russian-language underground and beyond.
Political fallout in cybercrime circles upping the threat to Western targets (CyberScoop) Political motivations might be making the cybercrime undergound a more dangerous place, researchers say.
Cybersecurity attacks surge as Ukraine-Russia war rages on. Here's how to protect yourself (CNBC) Here are the best ways to protect yourself as cybersecurity attacks become a very real threat around the world.
Blue, yellow and gray zone: The cyber factor in Ukraine (C4ISRNet) Russia's combined air, land and sea assault on Ukraine was preceded by waves of cyberattacks, the sort of gray-zone meddling analysts and defense officials had foreseen. Websites were hamstrung. Malware coursed through computers. Communications were hampered. But the efforts were not crippling.
Destructive Russian Cyber Attacks Against The West Are Imminent, Experts Warn (TheStreet) Cyber criminals from Russia or other countries could retaliate and attack the energy infrastructure of the U.S.
Russia may be holding cyber capabilities in reserve, so US must keep its shields up: Experts (Breaking Defense) “We’re still in the relatively early days even though this has been several weeks now,” Chris Painter said. “It could well be that Russia is holding those capabilities in the reserve and haven’t used them yet.”
The U.S. could publicize any Russian election hacking plans much faster (Washington Post) Lawmakers want a briefing on Russian cyberthreats to critical infrastructure, and European banks are isolating computer networks from Russian employees.
War censorship exposes Putin's leaky internet controls (AP NEWS) Long before waging war on Ukraine, President Vladimir Putin was working to make Russia's internet a powerful tool of surveillance and social control akin to China's so-called Great Firewall .
A protester storms a live broadcast on Russia’s most-watched news show, yelling, ‘Stop the war!’ (New York Times) The intervention by a state TV employee underscored how dissent is seeping into the public sphere in Russia, despite the Kremlin’s crackdown on anyone who challenges its official narrative of the invasion.
Russian state television employee disrupts news broadcast with 'no war' protest (The Telegraph) Marina Ovsyannikova ran on to a prime-time show, which is the main source of news for many millions of Russians
Russians' demand for VPNs skyrockets after Meta block (Reuters) As Russia blocked access to Meta Platforms Inc's flagship social media platforms, Facebook and Instagram, demand from internet users for tools to skirt the restrictions skyrocketed, data from a monitoring firm showed.
Opinion | How Ukraine Won The #LikeWar (POLITICO) By effectively employing 10 essential messaging themes, Ukraine beat Russia in shaping the early narrative of the conflict, helping to keep themselves in the real-world fight.
Ukraine Live Updates: 3 European Leaders Head to Kyiv as Attacks Continue (New York Times) The leaders of the Czech Republic, Poland and Slovenia planned to express the European Union’s “unequivocal support” for Ukraine. Blasts shook the Ukrainian capital before dawn, killing at least four people, the mayor said.
University lecturers accused of spreading pro-Putin propaganda (The Telegraph) Academics acting as 'useful idiots' for Russia’s atrocities, claims senior Tory MP
Ukraine Partners With FTX, Everstake to Launch New Crypto Donation Website (CoinDesk) FTX is converting crypto contributions to Ukraine’s war effort into fiat for deposit at the National Bank of Ukraine.
This Massive Game Bundle Costs $10 and Benefits Ukraine Charities (Wired) The collection spans hundreds of games, and donations go straight to organizations assisting Ukraine.
Ukrainian hackers say HackerOne is blocking their bug bounty payouts (TechCrunch) HackerOne apologies for restricting Ukrainian bug bounty accounts in the wake of sanctions.
EU approves new round of Russia sanctions targeting energy, steel, defence sectors (Reuters) The European Union formally approved on Tuesday a new barrage of sanctions against Russia for its invasion of Ukraine, which include bans on investments in the Russian energy sector, luxury goods exports and imports of steel products from Russia.
International investors prepare to force Russian default this week (The Telegraph) Fund managers say they will reject payment of a $117m bill with roubles on Wednesday
Rethinking the U.S.-EU Trade and Technology Council After Ukraine (The National Interest) One thing is already clear: as Russia’s aggression in Ukraine is changing the American and European economies, there must also be changes in the primary forum for U.S.-EU cooperation.
What does Russia’s removal from SWIFT mean for the future of global commerce? (Foreign Policy) Removing Russian banks from the SWIFT system is accelerating a global economic realignment
Oligarch who founded Russia's largest fertilizer and coal companies warns the world faces food crisis without an end to the conflict in Ukraine (Business Insider) Andrey Melnichenko said soaring fertilizer prices could trigger a worldwide food crisis.
Ukraine War Has Insurers Worried About Cyber Policies (Wall Street Journal) The industry tries to protect itself after a judge rules that wartime exclusions don’t apply to cyberattacks.
Police Move to Clear Russian Billionaire’s Occupied Mansion (Bloomberg) Police break down door to home after occupiers moved in. Protesters moved on home after Russian billionaire sanctioned.
Attacks, Threats, and Vulnerabilities
Denial-of-service attack knocked Israeli government sites offline (CyberScoop) Sites were restored Monday afternoon, the Israeli government said.
Israel says government sites targeted by cyberattack (Al Jazeera) Israel says it is not immediately clear who was behind what may be the largest ever cyberattack on the country.
Cyberattack takes down Israeli government websites (Engadget) Israel has faced a large-scale cyberattack that knocked down multiple government websites..
China claims it captured NSA spy tool that already leaked (Register) Not now with your mischief, Beijing
Researchers Find New Evidence Linking Kwampirs Malware to Shamoon APT Hackers (The Hacker News) Researchers find new evidence linking the Kwampirs malware to the Shamoon APT hacker group.
Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups (The Hacker News) A Russian-speaking ransomware outfit is targeting entities in Europe and Central America by repurposing custom tools developed by other APT groups.
Ransomware Variants Q4 2021 (Intel471.com) This report examines the leading ransomware variants related events for Q4 2021 specifically observed by Intel 471.
Intel, Arm hit with another data-leaking Spectre chip bug (Register) Your processor design fell off the vulnerability tree and hit every branch on the way down
New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access (The Hacker News) A newly discovered vulnerability in the Netfilter Firewall module of the Linux kernel could be exploited to gain root privileges on vulnerable systems
Rooftop solar, smart appliances increasing risk of cyber attack on Australia's power grid (ABC) The widespread adoption of rooftop solar panels and smart appliances is increasing the risk of cyber attacks on Australia's electricity grid that could cripple the economy, experts warn.
Kryptowire Identifies Security and Privacy Vulnerability in Mobile Device Chipset from China (PR Newswire) Kryptowire Inc., a mobile security and privacy solutions company, today announced that they have identified a critical security and privacy...
Ransomware Gang Threatens to Leak Files Stolen From Tire Giant Bridgestone (SecurityWeek) The LockBit 2.0 ransomware gang is threatening to leak files stolen from Bridgestone during an attack that forced the company to shut down some plants.
Hacktivism: Does It Do More Harm than Good? (IGI) Experts at IGI share their take was on hacktivism and the implications of some of these recent attacks surrounding the Russia-Ukraine conflict.
Ubisoft Resets Employee Passwords Following Cyberattack (SecurityWeek) Ubisoft says it has initiated a company-wide password reset operation after learning that it fell victim to a cyberattack.
Spam filters blocked 70,000 emails to lawmakers opposing Indiana CRT-inspired bill (Indianapolis Star) The Indiana State Teachers Association says 70,000 emails were blocked by the General Assembly's spam filter.
Filter Blocked 70,000 Emails to Indiana Lawmakers on Bill (SecurityWeek) A spam filter blocked as many as 70,000 emails sent to Indiana legislators about a contentious bill that aimed to place restrictions on teaching about racism and political topics.
Over 500,000 Patients Hit by Data Breaches at Healthcare Firms in Alabama, Colorado (SecurityWeek) The information of more than half a million individuals was likely compromised after three healthcare services providers in Alabama and Colorado suffered cybersecurity breaches.
South Denver Cardiology Associates Confirms Data Breach Affecting 287,000 Patients (HIPAA Journal) South Denver Cardiology Associates (SDCA) has recently announced it was the victim of a cyberattack in January 2022 in which files containing patient South Denver Cardiology Associates has suffered a cyberattack that has potentially affected up to 287,000 patients. Memorial Village ER has suffered a data breach affecting up to 80,000 individuals.
Notice to Our Patients of a Privacy Incident (South Denver Cardiology Associates) South Denver Cardiology Associates is committed to protecting the security and privacy of our patients’ information. Regrettably, this notice explains an incident that may have involved some of that information.
Who's who in the cybercriminal underground (CSO Online) Cybercriminal groups are specializing as malware developers, initial access brokers, ransomware-as-a-service providers, data brokers, and other roles.
Vulnerability Summary for the Week of March 7, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Apple Patch Day: Gaping Security Holes in iOS, macOS, iPadOS (SecurityWeek) Apple released fixes for at least 39 security defects iOS/iPadOS, warning that the most serious of the flaws could expose users to remote code execution attacks
Apple security updates (Apple Support) This document outlines security updates for Apple products. For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available
AMD Updates Spectre Mitigations Following Intel Research (SecurityWeek) Intel researchers have found a way to bypass one of AMD’s mitigations for Spectre v2 attacks.
Critical Vulnerabilities Patched in Veeam Data Backup Solution (SecurityWeek) Two severe vulnerabilities in Veeam Backup & Replication could lead to unauthenticated remote code execution.
Trends
How AI is shaping the cybersecurity arms race (RAPPLER) Defending against cyberattacks increasingly means looking for patterns in large amounts of data – a task AI was made for
Cequence Security Releases Report Revealing Top 3 Attack Trends in API Security (Cequence) API Security Threat Report: Bots and Automated Attacks Explode, data from F500 financial services, retail, and telecom organizations.
Bots and Automated Attacks Explode (Cequence) Looking back on 2021, we found that attackers and legitimate businesses have similar characteristics in that both groups are opportunistic, making the best out of what they have.
Netacea | Bot myths and fallacies leave two-thirds of businesses at higher risk of malicious attacks (RealWire) New report from Netacea uncovers the bot myths believed by businesses —leaving them vulnerable
Manchester, UK—15th March 2022—Netacea, the bot detection and mitigation specialist, today announced results from a new report showing that most businesses do not fully understand the threat bots pose, leaving those organisations vulnerable to threats
Marketplace
Fresche Solutions Acquires Linux and IBM Security Services Company Trinity Guard (MSSP Alert) Fresche Solutions, backed by two private equity firms, acquires Trinity Guard to further secure & protect IBM i & Linux servers from cyberattacks.
CyberRes Completes Acquisition of Debricked to Further Expand Software Supply Chain Security | Micro Focus (Micro Focus) CyberRes Completes Acquisition of Debricked to Further Expand Software Supply Chain Security
SentinelOne to Acquire Attivo Networks, Bringing Identity to XDR (Business Wire) SentinelOne Adds Leading Identity Threat Detection and Response (ITDR) Technology for Enterprise Zero Trust Adoption
CSW Acquires Early Warning Vulnerability and Threat Intelligence Organization for Predictive, Pre-Breach Insights Into Exploitable Vulnerabilities (Business Wire) Cyber Security Works, recently acquired CYR3CON IP to give CSW a robust set of ‘early warning’ vulnerability and threat intelligence capabilities.
Cowbell Cyber Raises $100M As Cyberattacks Rise (Crunchbase News) Just about a year after raising its Series A, Pleasanton, California-based Cowbell Cyber closed a $100 million Series B as cyberattacks continue to dominate news headlines.
Products, Services, and Solutions
Secureworks Hands-on-Keyboard Detector Identifies Malicious Threat Actors (Secureworks) Patent-pending Taegis™ platform detector uncovers “hands-on” cybercriminal activity even as the actors attempt to evade detection
Netskope unwraps global partner program (CRN Australia) To drive services revenue.
Guardian Eagle Adds Nubeva's Ransomware Reversal Technology to Trusted Suite of Data Recovery Services (PR Newswire) Guardian Eagle has partnered with a leading software developer of B2B solutions to offer a new line of defense in the fight against ransomware....
Honeywell launches new global channel partner program (Security Info Watch) Initiative to streamline channel partner program experience across product businesses
Trulioo expands identity verification services in EMEA Region (PRWeb) Trulioo today announced it now offers coverage in Greece and Israel via Trulioo GlobalGateway, the leading global identity verification platform. With Globa
Allgress Announces ComplianceVision - Free Tool for Mapping Compliance Posture to Over 1,500 Different Security Solutions (PR Newswire) Allgress, an industry-leading provider of Integrated Risk and Compliance Management solutions, today announced ComplianceVision and a...
Adaptive Shield Partners With CrowdStrike to Introduce Zero Trust SaaS Security Posture Solution to CrowdStrike Store (Adaptive Shield) Adaptive Shield, the leading SaaS Security Posture Management (SSPM) company, announced it will partner with CrowdStrike, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, to introduce a new Zero Trust Software-as-a-Service (SaaS) Security Posture solution to the CrowdStrike Store, a cybersecurity app marketplace. The solution makes it easy for security teams to quickly identify and manage risks coming from SaaS users and their associated devices.
Incognia Introduces New Location Identity Fraud Detection Tools (GlobeNewswire News Room) Location Spoofing Detection, Global Mobile Address Validation and Trusted Device Intelligence modules allow customers to easily deploy advanced mobile app...
Deepfence Adds Secret Scanning and Runtime SBOMs with Launch of ThreatMapper 1.3 (Business Wire) Deepfence, a pioneer in the emerging security observability and protection space, today announced the release of ThreatMapper 1.3.0, the latest versio
Technologies, Techniques, and Standards
CISA Hosts Eighth Cyber Storm Exercise with More than 200 Organizations (CISA) Last week, the Cybersecurity and Infrastructure Security Agency (CISA) hosted a three-day cyber exercise, Cyber Storm VIII, which included more than 2,000 private sector, government, and international participants from approximately 200 organizations.
CISA ‘Cyber Storm’ exercise simulated response to critical infrastructure attack (The Record by Recorded Future) The Secret Service partnered with the Cybersecurity and Infrastructure Security Agency (CISA) last week to host a three-day cyber response program, gathering 2,000 participants from international, federal, state, and local governments as well as the private sector.
Why Enterprise Threat Mitigation Requires Automated, Single-Purpose Tools (The Hacker News) Why Enterprise Threat Mitigation Requires Automated, Single-Purpose Tools
Healthcare's ultimate multitool for defense against phishing and ransomware (Red Sift Blog) Why DMARC & BIMI with VMC is the ultimate multitool to help healthcare providers defend against phishing and ransomware in 2022.
States Working with StateRAMP to Validate Supplier Cybersecurity Compliance (PR Newswire) Today StateRAMP announced its growing list of states who are working with StateRAMP to validate the cybersecurity posture of their third-party...
Design and Innovation
Inheriting bitcoin is harder than it sounds (Vox) Your bitcoin can live on, even if you don’t.
What is the difference between an NFT and cryptocurrency? (Interesting Engineering) If you've ever wanted to know the difference between NFTs and cryptocurrencies, then we recommend you check out this brief guide.
Academia
The Ukraine Dilemma: U.S. Colleges Debate Whether to Sever or Sustain Ties With Russia (Chronicle of Higher Education) Apple, Netflix, McDonald’s, General Motors — these American brands are among nearly 400 companies to announce they are pulling out of Russia in protest of its invasion of Ukraine.
Legislation, Policy, and Regulation
Finland strengthens cybersecurity defences, mulls joining NATO (The Globe and Mail) Russia’s neighbour has been militarily non-aligned since the Second World War but is now buying more fighter jets, missiles and rocket-launcher ammunition from the West
Does the Free World Need a Global Cyber Alliance? (SecurityWeek) Creating a global cyber intelligence organization would likely drive Russia and China closer together – perhaps including Iran and North Korea and Russian and Chinese satellite nations – into their own special relationship.
Proposal Limiting Proof-of-Work Is Rejected in EU Parliament Committee Vote (CoinDesk) The provision could have required cryptocurrencies like bitcoin to shift to more environmentally friendly mechanisms.
“It’s a mess”: How crypto mining went from boom to bust in Kazakhstan (Rest of World) Bitcoin fugitives from China made the country a crypto power. Now, they’re being forced to flee — again.
Reconciliation of China bills in Congress could produce big cybersecurity wins (TheHill) Conference committee to adjudicate USICA and the COMPETES Act could build upon important but insufficient cybersecurity provisions in recent legislation.
Digital Human Rights Need a Single Home in U.S. Government (Foreign Policy) If everybody is responsible for countering digital authoritarianism, no one is responsible.
The Central Intelligence Agency has a new CIO (The Record by Recorded Future) The Central Intelligence Agency recently tapped La’Naia J. Jones, a veteran cybersecurity leader in the U.S. spy community, to be its new chief information officer.
Litigation, Investigation, and Law Enforcement
WikiLeaks' Assange denied permission to appeal extradition decision at UK Supreme Court (Reuters) WikiLeaks founder Julian Assange has been denied permission to appeal at Britain's Supreme Court against a decision to extradite him to the United States, the court said on Monday.
Julian Assange denied US extradition appeal by UK’s top court (Al Jazeera) The WikiLeaks founder’s case is now expected to be formally sent to British Home Secretary Priti Patel for approval.
NASA in 'serious jeopardy' due to big black hole in security (Register) Auditor finds space agency defends Classified info well, isn't paying attention to valuable Unclassified data
Kronos Ransomware Payroll Violations Class Action Lawsuit Investigation (Top Class Actions) A 2019 Kronos ransomware attack affected timekeeping and payroll at many companies. See if you qualify to join a class action lawsuit!