Dateline Moscow, Kyiv, Brussels, and Washington: Shifting momentum in a hybrid war?
Ukraine at D+29: Ukrainian counteroffensive appears in progress. (The CyberWire) As Ukrainian forces undertake a counteroffensive, Russian tactical, logistical, and leadership failures remain on display. Western governments continue to warn against the possibility of Russian cyberattacks, and fears of chemical escalation mount.
Ukrainian forces advance east of Kyiv as Russians fall back (Reuters) Ukrainian troops are recapturing towns east of Kyiv and Russian forces who had been trying to seize the capital are falling back on overextended supply lines, Britain said on Friday, one of the strongest indications yet of a shift in momentum in the war.
Counteroffensive in Ukraine Shifts Dynamic of War (New York Times) President Biden met with European leaders in Brussels to reinforce solidarity against Russia’s invasion and proposed excluding Russia from the G20. Ukraine said it had destroyed a Russian naval ship.
We had to eat a stray dog, admit people forced into fight for survival by Russia’s ‘Butcher of Mariupol’ (The Telegraph) In city carpet bombed by Kremlin’s forces, harrowing stories emerge of a stench of corpses and constant burning amid ‘utter destruction’
Russia-Ukraine latest news: ‘At least 300’ dead in Mariupol theatre bombing (The Telegraph) Some 300 people are now believed to have died in Russia’s bombing of a theatre sheltering civilians in the flattened Ukrainian city of Mariupol.
Putin's war in Ukraine nearing possibly more dangerous phase (AP NEWS) President Vladimir Putin's war in Ukraine is approaching a new, potentially more dangerous phase after a month of fighting has left Russian forces stalled by an outnumbered foe.
What we know — and don’t know — about how many people have been killed in the Russian invasion of Ukraine (Washington Post) As Russia’s invasion of Ukraine enters its third week, military and civilian casualties are mounting — but no one, not even the United Nations or the Ukrainian government, can provide an accurate count of how many people have been injured or killed.
The US and NATO disagree over an estimate of 40,000 Russian casualties in Ukraine (Task & Purpose) "We continue to have low confidence in those estimates"
Russia running out of precision munitions in Ukraine war- Pentagon official (Reuters) Russia is running out of precision guided munitions and it is more likely to rely on so-called dumb bombs and artillery, a senior Pentagon official said on Thursday.
Syrians watch in horror as Putin deploys the Aleppo playbook in Ukraine (CNN) Six years before its Ukraine war, Russia began another ruthless military operation thousands of kilometers away in Syria -- to prop up the Bashar al-Assad regime. Victims of that war say the scenes from Ukraine on their television screens look hauntingly familiar.
Belarusian Exiles in Ukraine Join the Fight Against a Common Foe: Russia (New York Times) Eager, but ill equipped, some of Belarus’s exiles have formed a battalion in their host country, saying its fight against Vladimir Putin’s domination is the same as their homeland’s.
Russia Crisis Military Assessment: Moscow’s increased threat against NATO intervention (Atlantic Council) Russia has abandoned its goals of rapid victory. Here's what it's focusing on instead, according to our military fellows.
U.N. General Assembly again overwhelmingly isolates Russia over Ukraine (Reuters) Almost three-quarters of the U.N. General Assembly demanded aid access and civilian protection in Ukraine on Thursday, and criticized Russia for creating a "dire" humanitarian situation after Moscow invaded its neighbor one month ago.
Ukraine War: G7 calls on Russia to stop military operations (Newsweek) President Joe Biden met with world leaders in Brussels to address Russia's invasion of Ukraine.
Russian spies in Brussels lie low ahead of Biden visit (POLITICO) Belgian state security says the Russians are ‘less active’ and are observing the rules.
What Will Putin Do If Russia Loses Ukraine? (Wired) As Russia's failures mount in its war against Ukraine, can Biden prevent an isolated Putin from doing the unthinkable?
Ukraine and Russia conduct soldier-for-soldier prisoner swap (Al Jazeera) Ukrainian government says this was first equal exchange of captured troops since Russia’s invasion began a month ago.
Ukrainian forces claim to destroy a Russian landing ship. (New York Times) The destruction of the ship would be a success for the Ukrainians as they seek to keep Russia from reinforcing and resupplying its forces as they struggle to gain momentum.
Watch: Ukrainians claim to have destroyed Russian navy ship after Kremlin gave away location (The Telegraph) Kyiv’s forces zeroed in on target after Russian state media filmed the vessel unloading cargo of armoured vehicles bound for Mariupol
Russian landing ship destroyed at Sea of Azov port, Ukrainian naval forces say (CBC) Ukraine's navy reported on Thursday that it had destroyed the Russian landing ship Orsk in the Sea of Azov, docked at the occupied Ukrainian port city of Berdyansk.
Ukraine sinks Russian ship as Moscow accused of forcible deportations from Mariupol (the Guardian) Orsk landing vessel destroyed as Russian soldiers accused of deceiving those hiding into leaving shelters
‘Unwell’ Russian defence minister Sergei Shoigu disappears from public view (The Telegraph) A close ally of the Russian president and potential successor, Sergei Shoigu gave his last public engagement on March 11
Russian military secrets could be laid bare after Ukraine captures electronic warfare systems (The Telegraph) The Krasukha-4 unit, which was recovered from the battlefield near Kyiv, will be flown to the US for examination
Live updates: Bulgarians protest Russia's war in Ukraine (AP NEWS) Thousands of people took to the streets of Bulgaria’s capital, Sofia, on Thursday to protest Russia’s invasion of Ukraine and to show solidarity with Ukrainians. The rally, organized on social networks, followed Ukrainian President Volodymyr Zelenskyy’s call on people around the world to protest the month-long war.
Ukraine says Moscow is forcibly taking civilians to Russia (AP NEWS) Ukraine accused Moscow on Thursday of forcibly taking hundreds of thousands of civilians from shattered Ukrainian cities to Russia, where some may be used as “hostages” to pressure Kyiv to give up.
Take Putin’s Nuclear Threats Over Ukraine Seriously, Not Literally (World Politics Review) While the risk of Russia’s invasion of Ukraine escalating into a nuclear conflict does exist, it is likely minimal. Even so, the war in Ukraine underscores the role that nuclear deterrence plays in conventional engagements, and the need for Western policymakers and strategists to think seriously about the dynamics that creates.
White House ‘Tiger Team’ ready to strike back if Vladimir Putin launches nuclear war on Nato (The Telegraph) Team of national security advisers plans different scenarios and how United States and its allies should respond
Deter Russia’s Use of Chemical Weapons in Ukraine (Defense One) How Biden handles threats will dissuade Moscow and other adversaries from using these weapons—or encourage it.
Putin’s Afghanistan (Foreign Affairs) Ukraine and the lessons of the Soviet’s Afghan war.
'All options are on the table' for eastern flank, says US Permanent Representative to NATO (Atlantic Council) At an Atlantic Council Front Page event, Julianne Smith laid out ways the United States and its allies can face up to Russia and strengthen European security.
NATO Boosts Forces in East Amid Chemical Incidents Warning (Bloomberg) G-7 plans to warn Moscow on using chemical, nuclear material. Russia suffering casualties, economic pain after month of war.
UK to double its troops in Eastern Europe as Nato strengthens defences (The Telegraph) Alliance signs off on the formation of four new battlegroups at an emergency summit in Brussels on the war in Ukraine
Joe Biden: We will respond in kind if Vladimir Putin uses chemical weapons in Ukraine (The Telegraph) Nato leaders say reaction to WMD would be ‘very severe’, but rule out boots on ground
Top Pentagon officials have not spoken to their Russian counterparts since invasion of Ukraine began (CNN) Senior Russian military leaders have declined calls from their US counterparts since before the invasion of Ukraine began, a Pentagon spokesman said Thursday.
Zelenskyy pleads for aid as Biden, allies begin summits (AP NEWS) Ukrainian President Volodymyr Zelenskyy called for “military assistance without limitations” as he addressed an emergency NATO summit on Thursday, the first of three urgent meetings U.S.
NATO Ignores Zelenskyy’s Plea For 1% of Its Tanks, Jets (Defense One) Alliance announces four new battlegroups as GOP calls for more direct aid to Ukraine.
Ukraine Starts Using Facial Recognition To Identify Dead Russians And Tell Their Relatives (Forbes) Ukraine’s deputy prime minister says the tech will help provide transparency about how many Russian soldiers are dying in the war. Critics say the use of facial recognition in war zones is a disaster in the making.
Ukraine uses facial recognition to identify dead Russian soldiers, minister says (Reuters) Ukraine is using facial recognition software to identify the bodies of Russian soldiers killed in combat and to trace their families to inform them of their deaths, Ukraine's vice prime minister told Reuters.
A month into the Russian invasion, Ukraine is still mostly online (The Record by Recorded Future) Heroic efforts by frontline technicians and a robust, competitive telecom market helped keep the country connected.
Researchers tie Ukraine cyber intrusion attempt to suspected Chinese threat actor ‘Scarab’ (The Record by Recorded Future) Ukraine’s Computer Emergency Response Team (CERT-UA) published evidence this week indicating that Chinese threat actors are targeting their systems publicly for the first time since Russia invaded Ukraine.
Russia's Factory of Superheavy Elements is GURMO's Latest Breach (Inside Cyber Warfare) Included is the new DC-280 Cyclotron Particle Accelerator
Is a nation‑state digital deterrent scenario so far‑fetched? (WeLiveSecurity) Why has the conflict in Ukraine not caused the much anticipated global cyber-meltdown? Is a nation-state digital deterrent scenario so far-fetched?
Russian military behind hack of satellite communication devices in Ukraine at war’s outset, U.S. officials say (Washington Post) U.S. intelligence analysts have concluded that Russian military spy hackers were behind a cyberattack on a satellite broadband service that disrupted Ukraine’s military communications at the start of the war last month, according to U.S. officials familiar with the matter.
Hackers Attacked Satellite Terminals Through Management Network, Viasat Officials Say (Air Force Magazine) The cyberattack of Viasat’s satellite broadband service was carried out by hackers compromising the system that manages customer terminals.
Russian & Ukrainian Cyber Warfare (TCecure) Russian & Ukrainian Cyber Warfare
Cyber warfare is a major tool of today’s warfare, and Russia’s invasion of Ukraine is no exception.
Russian Cyber Warfare
On the very first day of ground attacks, Ukrainian government officials were unable to access most government websites, including those for their Parliament,
As ransomware group declares support for Russia, expect more cyberattacks in Canada, security experts say (CBC) Municipalities, corporations and individuals should be on the lookout for cyberattacks as war in Ukraine rages on, online security experts warn.
Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector (CISA) Actions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts.
FBI, CISA advise 13,000 orgs to have 'low threshold' for reporting cyberattacks (The Record by Recorded Future) The Cybersecurity and Infrastructure Security Agency (CISA) held an informational call with 13,000 organizations on Tuesday night, highlighting the need for them to be prepared in light of U.S. government concerns about threats of a potential Russian cyberattacks.
Real-Life Hackers Reveal What You Can Do About The Threat Of Russian Cyberattacks (HuffPost) Biden warned this week that Russia may conduct cyberattacks in the U.S. Here's what you need to do ASAP.
Energy is going to be a target of cyber attacks, says CrowdStrike co-founder (YouTube) Dmitri Alperovitch, Crowdstrike co-founder [now no longer with Crowdstrike], joins 'TechCheck' to discuss how acute cybersecurity concerns are right now, who a prime cybersecurity target cou...
NetWitness Incident Response Team Urges Enterprises to Prepare for Potential Cyberattacks Related to Russia/Ukraine Conflict (NetWitness.com) Recent Warnings from the Biden Administration Point to Potential Cyber Threats Aimed at Critical Organizations
Practical Steps for Responding to the CISA Warning on Russian Cyber Attacks (CSO Online) On February 25, 2022, two days after Russia began its military invasion of Ukraine, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a rare ‘Shields Up’ warning for U.S.-based organizations, stating: "Every organization—large and small—must be prepared to respond to disruptive cyber activity."
How CEOs received Biden’s ‘very clear message’ on a looming Russian cyberattack (Yahoo) After weeks of relative public silence on the issue, President Biden went to business leaders Monday with a stark warning: he said Moscow is exploring cyberattacks, they could be coming soon, and businesses need to do more to be prepared.
Biden tells governors to 'take urgent action' to protect infrastructure from Russian hackers (POLITICO) "There are things that only you as governor can do," Biden told state leaders.
Shields Up: A CEO's Guidance for Corporate Leaders on Cybersecurity Readiness (CSO Online) What CISA is asking on behalf of every CISO and every security practitioner is this: Cybersecurity is essential to your business, and we have reached a moment when it is at incredibly high risk. Give your security teams your full support by resourcing them, and then let them do what they do best—defend your systems, your data, and your organization.
Biden's Russia Cyber Warning Befuddles Ill-Prepared Businesses (Insurance Journal) A day after U.S. President Joe Biden issued a stark warning that a Russian cyberattack "is coming," members of his administration hosted a three-hour call
Over 100 Building Controllers in Russia Vulnerable to Remote Hacker Attacks (SecurityWeek) A researcher has found more than 100 building controllers located in Russia that can be hacked remotely from the internet, but he claims his goal is not to cause damage.
Anonymous claims to have hacked the Central Bank of Russia (Security Affairs) The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. The popular hacker collective claims to have compromised the systems of the Central Bank of […]
War in Ukraine Highlights Security Concerns for NGSO Satcom (Satellite Today) The war in Ukraine, and the hack of Viasat’s KA-SAT network, has highlighted the long-standing geopolitical reality for Low-Earth Orbit (LEO) and Medium-Earth Orbit (MEO) operators who serve government and critical industry customers, and the security issues that come with it, according to panelists at a SATELLITE 2022 session on Monday.
Blacklisted by the U.S., pro-Russia accounts have still been posting propaganda on Twitter and YouTube (Washington Post) More than a dozen accounts across YouTube and Twitter were posting false narratives about the war in line with the Kremlin’s talking points, without labels or other limits
Russia bans Google News, Russians download Wikipedia before it becomes next target (Computing) Russia's crackdown on external news sources continues
Some prominent Russians quit jobs, refuse to support war (AP NEWS) The resignation of a senior Russian government official and his reported move abroad wasn't the first voluntary departure of a person from a state job since the start of Russia's war with Ukraine, but it certainly was one of the most striking.
Russian activists sign open letter calling for end to war in Ukraine (the Guardian) Campaigners write manifesto in broadest anti-war statement by Russian human rights supporters
Fed Up With Deadly Propaganda, Some Russian Journalists Quit (New York Times) At least four state television employees have publicly resigned, citing regret for their roles in promoting false narratives about Ukraine.
Putin Has Popped the EU Defense Bubble (Foreign Policy) No, the European Union cannot make the continent secure.
U.S. Hits Russian Lawmakers, Defense Sector With New Sanctions (Bloomberg) Move includes penalties on more than 400 individuals, entities. Putin adviser Herman Gref among sanctioned individuals.
U.S. Targets Russia’s Giant Stash of Gold in New Sanctions (Bloomberg) The ban on business with Russia is the first for gold markets. Announcement comes as U.S. announces new Russian sanctions.
EU Leaders to Agree on Modest Tightening of Sanctions on Russia (Bloomberg) Countries remain divided on tackling Russian energy supplies. European Union chiefs to stop short of big new package for now.
Prime Minister concludes successful visit to Belgium and announces additional support for Ukraine (Prime Minister of Canada) To further build on Canada‘s coordinated response to Russia’s illegal, unprovoked, and unjustifiable aggression against Ukraine, the Prime Minister today announced additional measures to support Ukraine and hold Russia accountable for its invasion
Russian cyber threat to US could invoke ANZUS Treaty (The Sydney Morning Herald) Such a decision could draw Australia into a retaliatory American cyber assault on Vladimir Putin’s regime, drawing Australia directly into any confrontation.
Biden Calls for Russia to Be Removed From G-20 Over Ukraine (Bloomberg) Russia should be removed from the Group of 20 over its actions in Ukraine, President Joe Biden said.
Western sanctions won't sway Kremlin, says Russia's former president Medvedev (Reuters) It is "foolish" to believe that Western sanctions against Russian businesses could have any effect on the Moscow government, Russian ex-president and deputy head of security council Dmitry Medvedev was quoted as saying on Friday.
Russia moves to expel U.S. diplomats in tit-for-tat move (Reuters) The United States Embassy in Moscow on Wednesday received a list of its diplomats that were declared "persona non grata", a State Department spokesperson said, in what Russian media said was a response to a U.S. move ousting Russian staff at the United Nations.
Putin’s War to Wipe Out 15 Years of Russian Economic Growth (Bloomberg) IIF economists see Russian GDP contracting by 15% in 2022. ‘Brain drain,’ technology bans to hurt economy in longer-term.
Panicked Russians Don’t Believe Official Advice That Economy Is Fine (Bloomberg) Sugar, diapers, pet food among items in high demand in Russia. Economy is headed for deep recession after war, sanctions.
ICC prosecutor calls for international support in Ukraine war-crimes probe (Reuters) The chief prosecutor of the International Criminal Court on Thursday asked a coalition of countries to back his war crimes investigation in Ukraine, saying "things can get worse" unless the international community acts now.
Prosecuting Putin (Foreign Policy) Bringing the Russian president to trial will be a challenge. But war crimes lawyers are raring to go.
Russian Central Bank Chief Tried to Quit Over Ukraine War (Wall Street Journal) Elvira Nabiullina is left to steer the nation’s economy through harsh sanctions.
Action must be taken to award reparations to victims of Russian war crimes (Atlantic Council) The international community is overdue for an overhaul of the legal tools accessible to victims of state-sponsored crimes in the twenty-first century. Perhaps justice mechanisms for Ukraine and Syria can stymie such impunity once and for all.
Russian stock market, crushed by war, opens with big limits (AP NEWS) The Russian stock market opened Thursday for limited trading under heavy restrictions for the first time since Moscow invaded Ukraine , coming almost a month after prices plunged and the market was shut down as a way to insulate the economy.
Russia Puts Floor Under Stock Market Selloff as Trading Resumes (Bloomberg) Foreigners banned from selling as market reopens after closure. Share of individual investors in today’s trading was 58%: MOEX.
U.K. Says Russian Mercenary Group Aims to Assassinate Ukraine’s President (Wall Street Journal) Wagner Group, which the EU calls a proxy force for Russia’s Defense Ministry, is being used to try to assassinate Ukrainian leader Volodymyr Zelensky.
Who are the Wagner Group mercenaries and why are they being sanctioned? (The Telegraph) With an estimated 6,000 members, the mercenary organisation is notorious for entering conflict zones where plausible deniability is needed
‘Vladimir Putin’s superyacht’ faces seizure from Italian marina (The Telegraph) The £500m vessel, called Scheherazade, could be sanctioned as investigation reveals staff are from Russia’s security service
Sergei Lavrov’s ‘stepdaughter’, Polina Kovaleva, hit by new sanctions against Vladimir Putin’s cronies (The Telegraph) The daughter of the Russian foreign minister’s mistress has been added to the list alongside the paramilitary Wagner Group
Spare Roman Abramovich from sanctions – he might be the key to peace, says Volodymyr Zelensky (The Telegraph) Kyiv said to have asked Washington to hold off on punishing oligarch in the hope of him acting as intermediary in talks to end Ukraine war
Distributor dumps Kaspersky to show solidarity with Ukraine (Register) Security software vendor saddened but says its channel is holding firm
Want to hurt Putin? Back a brain drain from Russia. (Atlantic Council) A low-cost policy option with a high impact on Russia, welcoming high-skill immigrants into the United States would dent Russia’s economy and fight propaganda.
Ukraine war reverberates on Taiwan's 'frontline of democracy' (Reuters) Lin Jih-shou was brewing tea last month in his popular breakfast joint when he heard the buzz of a plane – a rare sound on the remote Taiwanese-held island of Dongyin near China's coast, which does not have an airport.
Attacks, Threats, and Vulnerabilities
North Korean hackers exploited Chrome zero-day bug for six weeks (SearchSecurity) Google said a Chrome zero-day flaw was exploited for multiple state-sponsored operations between January and February of 2022.
North Korean hackers exploit Chrome zero-day weeks before patch (BleepingComputer) North Korean state hackers have exploited a zero-day, remote code execution vulnerability in Google Chrome web browser for more than a month before a patch became available, in attacks targeting news media, IT companies, cryptocurrency and fintech organizations.
North Korean Actors Exploited Chrome Flaw to Target U.S. Orgs (Decipher) Google researchers have detailed campaigns by two North Korean government-backed groups that exploited a now-fixed Chrome flaw to target organizations across various industries.
Countering threats from North Korea (Google) On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609.
New Mustang Panda hacking campaign targets diplomats, ISPs (BleepingComputer) An ongoing Mustang Panda campaign that has started at least eight months ago has been uncovered by threat analysts who also managed to sample and analyze custom malware loaders and a new Korplug variant.
Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection (Threatpost) Mustang Panda’s already sophisticated cyberespionage campaign has matured even further with the introduction of a brand-new PlugX RAT variant.
Mustang Panda hacking group takes advantage of Ukraine crisis in new attacks (ZDNet) Just as criminals seized on the pandemic, this group is trying to capitalize on Russia's invasion of Ukraine.
Chinese 'Mustang Panda' Hackers Spotted Deploying New 'Hodur' Malware (The Hacker News) Hackers from China's Mustang Panda hacker group spotted deploying a new variant of Korplug malware, dubbed Hodur.
New cyberespionage campaign targeting ISPs, research entities (Help Net Security) A still-ongoing cyberespionage campaign uses a previously undocumented Korplug variant by the Mustang Panda APT group.
Italy Rail Operator Detects Signs of Hacking in System (Bloomberg) Ferrovie dello Stato halts in-station sales on possible breach. Attacks resembling CryptoLocker detected in company’s network.
Vidar Malware Launcher Concealed in Help File (Trustwave) Appending a malicious file to an unsuspecting file format is one of the tricks our adversaries use to evade detection. Recently, we came across an interesting email campaign employing this technique to deliver the info stealer Vidar malware.
New Vidar Infostealer Campaign Hidden in Help File (SecurityWeek) An email malware campaign is delivering the Vidar infostealer by hiding the malware in a Help file mechanism in order to avoid detection.
Mēris and TrickBot standing on the shoulders of giants (Avast Threat Labs) This is the story of piecing together information and research leading to the discovery of one of the largest botnet-as-a-service cybercrime operations we’ve seen in a while. This research reveals that a cryptomining malware campaign we reported in 2018, Glupteba malware, significant DDoS attacks targeting several companies in Russia, including Yandex, as well as in […]
Okta names Sitel in Lapsus$ security incident impacting up to 366 customers (ZDNet) The analogy "walking away from your computer at a coffee shop" has been used to describe the incident.
Okta breach leads to questions on disclosure, reliance on third-party vendors (CyberScoop) Security experts questioned how long it took Okta to disclose the Lapsus$ breach and worried about a domino effect.
Okta says security protocols limited hack, but response came too slow (The Verge) CSO David Bradbury called the hack "an embarrassment" for the Okta team
All About LAPSUS$: What We Know About the Extortionist Group [Updated] (Flashpoint) Updated March 24, 2022: The City of London Police arrested seven individuals today, March 24, in connection with the extortionist group LAPSUS$, allegedly
Who is Lapsus$, the theatrical cyber gang that hit Okta and Microsoft? (TNW | Security) A cybercrime gang called Lapsus$ has recently attacked some of tech's biggest companies. We investigated who they are and what they're doing.
Lapsus$ Group - an emerging dark net threat actor leveraging insider threats-or was it? (Silent Push) Lapsus$ Group is an extortion group that gained public recognition in the last few weeks due to its attacks to NVIDIA and Samsung where they stole and leaked critical information from the companies.
A Closer Look at the LAPSUS$ Data Extortion Group (KrebsOnSecurity) Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here's a…
Greece’s national postal service restoring systems after ransomware attack (The Record by Recorded Future) Greece’s national postal service, ELTA, said it is in the process of fully restoring its systems following a ransomware attack that took place on Sunday night.
Crypto scammers are filling inboxes with fake 'donate to Ukraine' emails (Mashable) Hundreds of thousands of these scam emails are being sent each day.
Cybercriminals Unleash Ukrainian Crypto Scams (Cyren) Over 100K daily fake donation emails uncovered by the Cyren research team
Information pollution significantly impacts online debates on COVID-19 in Latin America and the Caribbean, UNDP and Constella study warns (PR Newswire) Today, the United Nations Development Programme (UNDP) and Constella Intelligence released a first-of-its-kind joint publication that details...
FBI warns of online ‘sextortion’ cases targeting teens (Washington Post) FBI officials issued a warning Thursday following an increase in “sextortion” reports of teenage boys being targeted online by scam artists who entice them to share explicit content and then later extort money from the victims, officials said.
HubSpot Data Breach Ripples Through Crytocurrency Industry (Threatpost) ~30 crypto companies were affected, including BlockFi, Swan Bitcoin and NYDIG, providing an uncomfortable reminder about how much data CRM systems snarf up.
Spokane Regional Health District warns of data breach (KXLY) Some of your personal information could have been affected by a data breach at the Spokane Regional Health District. SRHD said the information was accessed through a phishing email on Feb. 24. IT workers were alerted to the situation. Then, an internal investigation showed files with clients’ protected health information might have been “previewed” by the data thief....
RTÉ on alert for cyber attack after delivery of two suspicious packages (independent) RTÉ is on high alert for a possible cyber attack after two suspicious packages were delivered to their regional offices this week.
Legal Stakes Rise As Court Data Breach Grows (Law360) It was about 11 p.m. when a restless software developer in Texas discovered that his hobby website, a free public records search engine, had been mentioned in a news story about a massive data breach.
Grimes Said She Orchestrated Cyberattack That Shut Down ‘Hipster Runoff’ (Vice) In a Vanity Fair interview, Grimes tells the story of committing a federal crime and blackmailing the iconic one-man blogging machine.
Security Patches, Mitigations, and Software Updates
VMware fixes Carbon Black command injection, upload bugs (Register) Miscreants can exploit these to make a bad situation much worse
Juniper pushes out monster patch (iTnews) Some third party bugs went back to 2003.
mySCADA myPRO (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary operating system commands injection.
Yokogawa CENTUM and Exaopc (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: CENTUM and Exaopc Vulnerabilities: Use of Hard-coded Credentials, Relative Path Traversal, Improper Output Neutralization for Logs, OS Command Injection, Permissions, Privileges, and Access Controls, Uncontrolled Search Path Element 2.
Trends
IT executives unprepared for cybersecurity risks, according to KnowBe4 research (iTWire) IT decision-makers are complacent about risks from phishing and business email compromise, also known as CEO fraud, according to research by KnowBe4. Fewer than four in ten (38%) Australian IT decision makers say they are concerned about phishing as a risk to their organisation while even fewer are...
FBI: $6.9 billion lost through internet crimes in 2021 (The Record by Recorded Future) Nearly $7 billion was lost through internet crimes in 2021, surpassing a record set in 2020 by about $1.7 billion, according to the FBI’s annual Internet Crime Report.
Truecaller Insights 2021 U.S. Spam & Scam Report (Truecaller Blog) Truecaller Releases its Seventh Annual “Insights U.S. Spam & Scam Report,” Showing $29.8 Billion Lost to Scam Calls in Past Year
Report Paints Bleak Picture of Cyber Threat Prevention (ITPro Today) One in five businesses have paid or would pay a ransom for their data, according to a new threat report from Thales.
The Games We Play: Understanding Strategic Culture Through Games (Modern War Institute) This article is part of the contribution made by the US Army War College to the series “Compete and Win: Envisioning a Competitive Strategy for the Twenty-First Century.” The series endeavors to present expert commentary on diverse issues surrounding US competitive strategy and irregular warfare with peer and near-peer competitors in the physical, cyber, and […]
1 in 5 businesses have paid or would pay a ransom for their data (ChannelLife New Zealand) Malware, ransomware and phishing are continuing to plague global organisations, 21% experiencing a ransomware attack in the last year.
Marketplace
Nucleus Security Raises $20M in Series B Funding to Accelerate Industry Adoption of Unified Vulnerability Management (Business Wire) Nucleus Security today announced that it has secured $20 million in Series B funding led by Lead Edge Capital, including Arthur Ventures.
Clear Skye Raises $14 Million in Series A Funding to Power Next-Generation Cloud-Native Identity Security and Governance (Business Wire) Clear Skye closes $14M Series A funding to expand its team, global footprint, and reimagine the approach to enterprise identity governance & security.
A Palo Alto Networks Exec Emerges With Her Own Cybersecurity Startup, Just As The Wartime Stakes Are Rising (Forbes) Cybersecurity companies are increasingly under a spotlight in an era ushered in by the Ukraine war. This is one company, led by a woman founder.
The Remaking of Verisk as an Insurance-Focused Firm (Again) Is Underway (Insurance Journal) Last week, information services firm Verisk said it had taken steps that align with one investor's call for the firm to commit to being a standalone
Dell’Oro Group: 2021 Market Share Leader Award (Versa Networks) With SASE initiatives becoming a high priority for many Gartner customers, this short report helps guide networking leaders to make the appropriate investments for both SASE and SD-WAN.
White hat hacking pays bank — could it be right career for you? (TNW | House-Of-Talent) Thinking of a career change? White hat hackers are in high demand right now meaning plenty of career growth and handsome salaries.
Products, Services, and Solutions
Attivo Networks Extends Active Directory Assessment Capabilities to Azure Active Directory Covering Hybrid and Cloud Deployments (Business Wire) Attivo Networks Extends Active Directory Assessment Capabilities to Azure Active Directory Covering Hybrid and Cloud Deployments
SCL Health Selects S3 Consulting to Modernize Identity Governance (Yahoo Finance) Strategic Security Solutions (S3), the leading provider of information security consulting services for identity and access management (IAM), governance, risk and compliance, and SAP Security, announced its successful partnership with SCL Health, to strengthen company-wide identity management. SCL Health is a faith-based, nonprofit healthcare organization dedicated to improving people's health to offer guidance and support in identity and access management.
Virtru and Nightfall Partner to Launch Next-Gen HIPAA Compliance Solution for Email (GlobeNewswire News Room) Healthcare organizations can now protect, control, and audit protected health information (PHI) and other sensitive data shared via email, improving data...
Crowdstrike’s Humio Platform Wins Data Technology Innovation Award for (PRWeb) Data Breakthrough, an independent market intelligence organization that recognizes the top companies, technologies and products in the global data technology ma
Semperis Extends Breach Preparedness and Incident Response Services for Identity-Based Cyberattacks to Broader Customer Set (Business Man) Semperis extends its Breach Preparedness and Response services; Simon Hodgkinson joins the company's strategic advisory board.
Praetorian's Nosey Parker detects secrets in code (ITWeb) Offensive cyber security company has added a new module for its recently announced Chariot Platform.
WISeKey and Turing Cryptography Start Joint Sales Operations of Cybersecurity & Trust Services (Yahoo Finance) WISeKey and Turing Cryptography Start Joint Sales Operations of Cybersecurity & Trust Services WISeKey and Turing Cryptography join forces to roll out a full suite of TuringSign SSL/TLS services in the Asia-Pacific region secured by the OISTE/WISeKey Root of Trust. Turing Cryptography is a subsidiary of CrossCert, Inc. (“CrossCert” KOSDAQ: 041460), the only Global Certification Authority in South Korea. During the first quarter of 2022, commercial operations have ramped-up, with the launch in Ko
Endace partners with Cubro to eliminate network blind spots and accelerate event investigation (Help Net Security) Endace and Cubro announced a partnership to deliver accurate and robust network security to their customers.
Technologies, Techniques, and Standards
VPNs are increasingly common - how much can you see? (Corelight) New Corelight VPN Insights package shines the light on a growing blindspot
How we’re supporting the 2022 U.S. midterm elections (Google) How we're helping voters find election information, equipping campaigns with security tools, and protecting our platforms from abuse in the 2022 U.S. elections.
A Sheep in Wolf's Clothing: Technology Alone is a Security Facade (SecurityWeek) Vendor agnostic technology, along with actionable, globally-sourced, and continually evolving threat intelligence augmented by humans, is needed to defend our enterprises.
What is a SQL Injection Attack? (CrowdStrike) SQL injection is a code injection technique used by hackers to gain access to and modify information in your back-end database.
Academia
NJCU and Hudson County Community College Enter into Cybersecurity Degree Transfer Articulation Agreement
(NJCU) New Jersey City University (NJCU) and Hudson County Community College (HCCC) have announced the signing of an articulation agreement for a Dual Admissions program in Cybersecurity. Beginning in September 2022, HCCC students can complete an Associate of Science in Computer Science-Cybersecurity at HCCC and move seamlessly onto attaining a Bachelor of Science in Cybersecurity at NJCU.
Legislation, Policy, and Regulation
Shlomo Kramer: “Governments will need to increase their cybersecurity budgets” (CTech) The Cato Networks CEO and former co-founder of Check Point was speaking at Calcalist’s Mind the Tech London 2022 conference
EU negotiators agree new rules to rein in tech giants (POLITICO) ‘The Digital Markets Act puts an end to the ever-increasing dominance of Big Tech companies,’ says lead MEP.
E.U. Takes Aim at Big Tech’s Power With Landmark Digital Act (New York Times) The European Union was expected to finalize the Digital Markets Act, the most sweeping legislation to regulate tech since a European privacy law was passed in 2018.
U.S., EU Reach Preliminary Deal on Data Privacy (Wall Street Journal) The U.S. and the European Union reached a preliminary deal to allow data about Europeans to be stored on U.S. soil, heading off a growing threat to thousands of companies’ trans-Atlantic operations.
Following cyberattack, communication satellite operators want more guidance on reporting (C4ISRNet) Satellite communications companies say new guidance for companies to increase their cyber incident reporting is a win for the industry and could help raise awareness about attacks.
White House ‘driving fast’ to issue software security guidance for agencies (Federal News Network) Nearly a year after the cybersecurity executive order, officials are grappling with how to implement secure software guidelines.
Guest opinion: Latest CIA revelations show clear need for privacy protections (Standard-Examiner) In an often overlooked attempt to restore the foundational principles of liberty, it’s states that are leading the way. In particular, Utah has emerged as a leader by working to ensure citizens are free from the unconstitutional searchers and invasive law enforcement investigative techniques. Federal norms involving bulk data collection highlight the need for states […]
NSA Urges Agencies to Diversify Vendors as They Segment Their Networks (Technology Solutions That Drive Government) The National Security Agency recently offered agencies guidance on enhancing the security of their networks.
The development of warfare cyberspace in the United States (Modern Diplomacy) Weapons and equipment are the foundation of military combat capability and an important factor in determining the outcome of wars. In the current situation of increasingly fierce competition among major powers and of increasingly evident militarization of cyberspace, all countries have increased capital investment; strengthened the development and deployment of cyberspace weapons and equipment; promoted […]
Want to talk? FBI trolls Russian Embassy for disgruntled would-be spies (Washington Post) Recruitment ad hits social media feeds of mobile phones located outside or inside the diplomatic compound
Bill Would Prohibit TSP From Investing In Russia | FedSmith.com (FedSmith.com) Recently introduced legislation would bar future TSP investments in Russian companies.
It’s the beginning of a new era in Washington – and Putin is responsible | Robert Reich (the Guardian) There has been a quiet understanding that we’re on the brink of a new cold war, potentially even a hot one – which requires that we join together to survive
Senate Armed Services advances Army Cyber Command nominee (The Record by Recorded Future) The Senate Armed Services Committee on Thursday advanced President Joe Biden’s pick to helm U.S. Army Cyber Command.
Litigation, Investigation, and Law Enforcement
Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide (US Department of Justice) The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.
U.S. charges 4 Russian government workers with hacking energy sector (Washington Post) Deputy attorney general: Russian state-sponsored hackers ‘pose a serious and persistent threat to critical infrastructure’
DOJ unseals charges against Russians in attempted hacks of infrastructure, including Trisis case (CyberScoop) One indictment refers to infamous hacking attempts on industrial control systems in 2017, and the other involves a spree from 2012-17.
US charges four Russian hackers over cyber-attacks on global energy sector (the Guardian) Quartet accused in two major hacking campaigns between 2012 and 2018, indictment unsealed by justice department reads
DOJ unseals indictments of four Russian gov’t officials for cyberattacks on energy companies (The Record by Recorded Future) The indictments of four Russian nationals were unsealed by the Justice Department on Thursday, revealing a widespread hacking campaign against energy companies around the world.
US Charges Russian Hackers Over Infamous Triton, Havex Cyberattacks on Energy Sector (SecurityWeek) The U.S. Government has charged four Russian hackers said to be behind the high profile attacks known as Triton/Trisis and Dragonfly/Havex that targeted energy firms.
Senate report examines REvil ransomware attacks on US firms (The Record by Recorded Future) The Senate Committee on Homeland Security and Governmental Affairs (HSGAC) released a ransomware report early Tuesday examining the approaches of three unnamed U.S. companies who were the targets of cyberattacks carried out by the Russia-based ransomware group REvil.
Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC News) Police say they've arrested seven teenagers as part of their investigation into a hacking group.
Okta hackers arrested amid Lapsus$ crackdown (CRN Australia) Seven teenagers arrested in England.
The Chaos (and Cost) of the Lapsus$ Hacking Carnage (SecurityWeek) Security experts say the Lapsus$ gang’s “extortion and destruction” hacking spree is the work of an amateur gang allegedly led by a British teenager. What does this say about the state of cybersecurity?
Move aside, Conti, Lapsus$ coming through! (Security Scorecard) The new cybercrime group is claiming some big victims. Is it a sophisticated threat actor…or just script kiddies?
Two men arrested for $1.1 million NFT ‘rug pull’ scam (The Verge) The Frosties project shut down immediately after launch.
Pair Charged for Orchestrating $1.1M Frosties NFT Rug Pull, Plotting Another (Vice) Two 20-year-old men have been charged for allegedly running the Frosties NFT rug pull scam, and U.S. prosecutors say they planned another.
The Scandal in Denmark’s Military Intelligence: Too Much Transparency? (Modern Diplomacy) The participation of Denmark in all the key U.S. and NATO interventions in 1991–2020 did not free the country from reputational risks due to the persistent problems of equipping the Danish armed forces in accordance with the requirements of the North Atlantic Alliance. The recent news about a growing shortage of ammunition and shells in […]
Scripps Health Faces Lawsuit Over Kronos Data Breach (Health IT Security) Employees claimed that Scripps Health failed to keep accurate records of hours worked following the Kronos data breach in December.
Netskope Sues Fortinet To Thwart Patent Infringement Claims (CRN) Netskope sued fellow cybersecurity vendor Fortinet Thursday to shoot down patent infringement allegations Fortinet has been making in correspondence with Netskope.
FBI Warns Payroll Professionals of Cyberattacks, Legal Liability (Bloomberg Tax) Following practical IT protocols can prevent payroll security breaches, a Federal Bureau of Investigation agent told payroll professionals on March 21.