Dateline
Ukraine at D+36: Russian difficulty adapting to events. (The CyberWire) Command rigidity and isolated leadership are seen as problems for Russian operations against Ukraine. Viasat service was affected by AcidRain wiper malware. Cyberattacks are expected as reprisals against sanctions.
Russia’s invasion of Ukraine: List of key events, day 37 (Al Jazeera) As the Russia-Ukraine war enters its 37th day, we take a look at the main developments.
Syrian Mercenaries Deploy to Russia en Route to Ukrainian Battlefields (New York Times) A first contingent has arrived in Russia for military training including members of a Syrian unit that worked with Russian officers in Syria, backing President Bashar al-Assad.
Russia forced into humiliating retreat from Ukraine airport key to their battle plans (The Telegraph) Taking over the Hostomel base, outside Kyiv, was integral to Vladimir Putin’s strategy of overthrowing Volodymyr Zelensky
Ukrainian Helicopters Reportedly Strike Fuel Depot Over Border In Russia (Forbes) Russia is also redeploying troops from Georgia to reinforce its invasion after suffering “unexpected losses,” the British defense ministry said.
Russia accuses Ukraine of helicopter attack on oil depot in Russian city (the Guardian) Ukraine refuses to confirm or deny its involvement amid fears it may be a ‘false flag’ operation
In bloodied front-line town, Ukrainian forces push Russians back (Washington Post) Sgt. Anton Kolumbet, his black rifle slung over his shoulder, walked along a damp road, past flattened houses and the burned carcasses of cars. With a steady beat, artillery shells thundered in the woods, a symphony of war the 35-year-old soldier embraced with a zeal he couldn’t have imagined five weeks ago.
Russians leave Chernobyl site as fighting rages elsewhere (AP NEWS) Russian troops handed control of the Chernobyl nuclear power plant back to the Ukrainians and left the heavily contaminated site early Friday, more than a month after taking it over, Ukrainian authorities said, as fighting raged on the outskirts of Kyiv and other fronts.
Some Russian troops still in Chernobyl exclusion zone, Ukraine says (Reuters) Some Russian troops were still in the "exclusion zone" around the Chernobyl nuclear power station on Friday morning, a day after ending their occupation of the plant itself, a Ukrainian official said.
UN nuclear watchdog to head mission to Chernobyl as Russians withdraw from site (the Guardian) Russians leaving Chernobyl have taken Ukraine soldiers with them, say officials
Mariupol officials say Russians blocking aid reaching besieged Ukraine city (the Guardian) Mayor’s aide says city remains closed for anyone trying to enter and ‘very dangerous’ for those trying to leave
Eastern Europe mulls iron curtain with Belarus to cut off Russia (Newsweek) Ukrainian officials are in talks with the Polish government to "completely close" the country's border with Belarus, Ukraine's ambassador to Poland said.
The Belarus ‘railway rebels’, who dare stop Vladimir Putin’s invasion in its tracks (The Telegraph) Under the cover of darkness, residents in crucial junction towns try to sabotage Russian supply trains from passing through to Ukraine
Hundreds of Belarusians join Ukraine’s fight against Russian imperialism (Atlantic Council) Hundreds of Belarusians have volunteered to fight for Ukraine in the war against Putin's Russia as anti-imperial forces across the former USSR seek to shake off authoritarian Kremlin influence.
A Belarusian battalion fights in Ukraine ‘for both countries’ freedom’ (Washington Post) For more than a decade, Pavel Kulazhanka has sought to overthrow the authoritarian regime of Alexander Lukashenko in his native Belarus.
Russia's "withdrawal" may foreshadow major new offensives in Ukraine (Newsweek) Russian forces leaving the northern battlefields around Kyiv and Chernihiv may end up fighting in the east and south as Moscow tries to win back momentum.
Russia drafts 134,500 conscripts but says they won't go to Ukraine (Reuters) President Vladimir Putin on Thursday signed a decree ordering 134,500 new conscripts into the army as part of Russia's annual spring draft, but the defence ministry said the call-up had nothing to do with the war in Ukraine.
War in Ukraine fuels fears among draft-age Russian youths (AP NEWS) As Moscow's forces bog down in Ukraine, many young Russians of draft age are increasingly jittery about the prospect of being sent into combat. Making those fears particularly acute is an annual spring conscription that begins Friday and aims to round up 134,500 men for a one-year tour of military duty.
Where is South Ossetia and why does it want to join Russia? (Washington Post) Russia’s war in Ukraine has rattled Europe, revived the NATO military alliance and helped rekindle conflicts from the post-Soviet era, including in places such as Nagorno-Karabakh, a disputed territory at the center of tensions between Armenia and Azerbaijan.
Russia’s War Lacks a Battlefield Commander, U.S. Officials Say (New York Times) Poor logistics and flagging morale have plagued a disjointed military campaign in Ukraine, according to American officials and independent analysts.
Putin may be self-isolating from his military advisers, says White House (The Telegraph) It is unclear whether Russia’s 40-mile-long convoy of military vehicles to Kyiv still exists, the Pentagon has said.
Confronting Russian Cyber Censorship (Wilson Center) The Russian digital information space is becoming increasingly isolated as a result of the war in Ukraine, and Russian audiences are at risk of being cut off from reliable information altogether.
Russians Need VPNs. The Kremlin Hates Them (Wired) VPNs are divided between trying to help Russians stay connected to the global web and steering clear of Putin’s messy politics.
Putin’s Pyrrhic Victory (Foreign Affairs) Russia’s setbacks in eastern Ukraine show why it can’t win the wider war.
Putin Is Turning Grieving Mothers Into Propaganda (Foreign Policy) Russian fatalities in Ukraine threaten the Kremlin’s narrative.
Putin’s Choices, With Michael Kimmage (Council on Foreign Relations) Michael Kimmage, professor of history at the Catholic University of America and visiting fellow at the German Marshall Fund of the United States, sits down with James M. Lindsay to discuss the choices Russian President Vladimir Putin faces in Ukraine.
Putin may lose his war in Ukraine, but the West could still lose the peace (The Telegraph) The question of when – and on what terms – to stop the fighting is already causing cracks to appear
Zelensky Fires Two Generals (Wall Street Journal) Ukrainian President Volodymyr Zelensky stripped two generals of their rank for what he said was their failure to live up to their oath of allegiance. “I do not have time to deal with all the traitors. But gradually they will all be punished,” Mr. Zelensky said in an overnight address.
Cyber and Nuclear Threats Make for a Dangerous Mix in Ukraine (World Politics Review) Amid rising nuclear tensions surrounding the war in Ukraine, one dimension of potential escalation has not yet received much attention: a cyber-enabled nuclear event. It’s time for policymakers to consider the escalatory implications of cyber operations affecting elements of nuclear command systems in the current crisis.
Russia Prepares Destructive Cyberattacks (Foreign Policy) So far, Moscow’s forays in cyberspace have been as ineffective as its frontal assaults—but that could change.
Cyber War Talks Heat Up at UN With Russia at Table (Bloomberg.com) United Nations diplomats who are meeting this week to set ground rules and guidelines for how states interact in cyber space had choice words for Russia, the country that willed the working group into existence.
Foreign Ministry statement on continued cyberattack by the “collective West” (Ministry of Foreign Affairs of the Russian Federation) In the context of the special military operation launched to defend the Donetsk and Lugansk people’s republics and to demilitarise and denazify Ukraine, the United States and its satellites are waging a large-scale cyberattack against Russia.
Russia targeting Ukraine, countries opposing war in cyberspace (Jerusalem Post) Dozens of Ukrainian and Russian websites have also been taken offline during the conflict by legions of "hacktivist" volunteer hackers on both sides.
Conti Leaks: Examining the Panama Papers of Ransomware (Trellix) It isn’t often the whole world gets an inside look of the business operations of a top tier cybercriminal group. Very early on in the Russian-Ukrainian Crisis the predominantly Russian based ransomware group Conti made a public statement where they expressed their loyalty to the Russian Administration.
British intelligence agencies: Moscow continuously attacks Ukraine in cyberspace (The Times Hub) Head of the British Government Communications Center (GCHQ) Jeremy Fleming (file photo) British intelligence agencies: Moscow continuously attacks Ukraine in cyberspaceRussia is making efforts to actively sabotage the work of the government of Ukraine and its military departments in cyberspace, said Jeremy Fleming, head of the British intelligence service Government Communications Center (GCHQ). According […]
AcidRain | A Modem Wiper Rains Down on Europe (SentinelOne) As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.
SentinelOne finds ties between Viasat hack and Russian actor (SC Magazine) SentinelOne researchers discover malware likely designed to wipe modems — contradicting the legitimate commands explanation from Viasat.
New Modem Wiper Malware May be Connected to Viasat Hack (SecurityWeek) A destructive wiper malware dubbed "AcidRain" is hitting routers and modems and found digital breadcrumbs suggesting a link to the devastating Viasat hack that took down wind turbines in Germany.
Satellite Modems Nexus of Worst Cyberattack of Ukraine War (SecurityWeek) A malicious software command that immediately crippled tens of thousands of modems across Europe anchored the cyberattack on the Viasat satellite network used by Ukraine’s government and military
Attack on Viasat modems possibly came from wiper malware deployed through supply chain (CyberScoop) Researchers from SentinelOne say there are reasons to disagree with Viasat's most recent statement about the Feb. 24 attack.
Viasat Hack Tied to Data-Wiping Malware Designed to Shut Down Modems (PCMAG) Security firm SentinelOne says malware known as AcidRain was likely used to take down Viasat's satellite internet network during Russia's invasion of Ukraine.
Viasat confirms satellite modems were wiped with AcidRain malware (BleepingComputer) A newly discovered data wiper malware that wipes routers and modems has been deployed in the cyberattack that targeted the KA-SAT satellite broadband service to wipe SATCOM modems on February 24, affecting thousands in Ukraine and tens of thousands more across Europe.
State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage (Check Point Research) Introduction Geopolitical tensions often make headlines and present a golden opportunity for threat actors to exploit the situation, especially those targeting high-profile victims. In the past month while the Russian invasion of Ukraine was unfolding, Check Point Research (CPR) has observed advanced persistent threat (APT) groups around the world launching new campaigns, or quickly adapting... Click to Read More
China, Iran, North Korea, Russia and others using Ukraine invasion in phishing attacks: Google (The Record by Recorded Future) Google’s Threat Analysis Group said on Wednesday that it has seen evidence indicating a range of state-backed threat actors are using the recent invasion of Ukraine to steal credentials through malicious emails and links.
Texas power grid facing elevated Russian cyber threats during war in Ukraine (KABB) Russian hackers have been probing Texas’ energy infrastructure for weak points in digital systems that would allow them to steal sensitive information or disrupt operations, according to interviews with energy companies, state officials and cybersecurity experts.
ExtraHop CEO: Expect a Russian cyber response to sanctions (Register) 'We have this small moment in time where we can make improvements in our defensive posture'
Ukraine is inventing a new way to fight on the digital battlefield (NPR.org) Time magazine's Vera Bergengruen says Ukraine's citizen IT force, led by a 31-year-old minister of digital transformation, is blunting Russian disinformation and galvanizing international support.
New Protestware Found Lurking in Highly Popular NPM Package (Checkmarx.com) Two popular packages, “styled-components” and “es5-ext”, with millions of weekly downloads and thousands of dependent projects, released new Protestware versions. The new versions verify that the infected machine belongs to a Russian user and if so, alter their behavior in protest against Russian aggression in Ukraine.
EXCLUSIVE U.S. warned firms about Russia's Kaspersky software day after invasion -sources (Reuters) The U.S. government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Russian cybersecurity company Kaspersky to cause harm, according to a senior U.S. official and two people familiar with the matter.
Compliance Pros Rethink Use of IP Addresses to Enforce Sanctions Amid Russia-Ukraine Crisis (Wall Street Journal) Experts say IP addresses are susceptible to manipulation and need supporting tools to help ensure sanctions compliance.
Ukrainian civil society can help hold Russia accountable for war crimes (Atlantic Council) The quest for international justice over the ongoing Russian invasion of Ukraine is already underway and should seek to involve Ukrainian civil society, argues Danielle Johnson.
French intelligence chief Vidaud fired over Russian war failings (BBC News) Gen Eric Vidaud loses his job as military intelligence boss for not predicting Russia's invasion.
SECDEF Austin Extends Truman Deployment as Conflict in Ukraine Continues (USNI News) Secretary of Defense Lloyd Austin is extending the deployment of the Harry S. Truman Carrier Strike Group, its escorts and Carrier Air Wing 1 as a hedge against Russian aggression in Europe, two defense officials confirmed to USNI News on Thursday. USS Harry S. Truman (CVN-75) has spent almost four months operating in the Mediterranean …
UK will send long-range weapons to keep Russian troops on the run in Ukraine (The Telegraph) Further lethal aid announced as MoD calls for national effort to boost Britain's nuclear weapons stocks in light of Vladimir Putin’s threats
US soldiers are not training Ukrainians in Poland, Army chief says (Task & Purpose) “The United States Army is not training Ukrainian soldiers or units right now."
Putin will win unless the West sends Ukraine offensive weapons (Atlantic Council) Western weapons have played a key role in helping Ukraine to inflict punishing losses on Putin's invasion force but Russia may still secure a bloody victory if the democratic world fails to accelerate arms deliveries.
Singapore PM Says Ukraine War Poses ‘Awkward Questions’ for China (Bloomberg) Beijing’s close ties to Moscow won’t cost China in Asia. Lee says China unlikely to volunteer mediator role in Ukraine.
Treasury sanctions Russian research center blamed for Trisis malware (CyberScoop) The list also includes Evgeny Viktorovich Gladkikh, the researcher indicted for creating the malware, which targets industrial systems.
Treasury Targets Sanctions Evasion Networks and Russian Technology Companies Enabling Putin’s War (U.S. Department of the Treasury) Treasury also expands sanctions authorities to include aerospace, marine, and electronics sectors.
Evgeny Viktorovich Gladkikh – Rewards For JusticeArtboard 4Artboard 4 (Rewards for Justice) Rewards for Justice is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).
The Sanctions War Is Just Beginning (Foreign Affairs) Targeting Russia was the easy part.
The West is doing its best to cripple Russia's economy with sanctions, but the Kremlin is still making good on its debt (Business Insider) Russia averted a default again on Thursday when it made $447 million in payments for dollar-denominated debt.
Western Companies Should Do More to Stop Russia (Wilson Center) Russia’s war has been catastrophic for Ukraine. According to the United Nations, over four million Ukrainians have fled the country. Another seven million are internally displaced. These eleven million Ukrainians make up roughly 25 percent of Ukraine’s total population.
How to Keep Belarus Out of the War (Foreign Affairs) NATO should put the squeeze on Russia’s chief accomplice.
As Russia sees tech brain drain, other nations hope to gain (AP NEWS) Russia’s tech workers are looking for safer and more secure professional pastures. By one estimate, up to 70,000 computer specialists, spooked by a sudden frost in the business and political climate, have bolted the country since Russia invaded Ukraine five weeks ago .
Russia’s War Is the End of Magical Thinking (Foreign Policy) The Davos view of globalization is dead—and that’s a good thing.
Europe is preparing to be cut off from Russian natural gas (Quartz) Quartz is a guide to the new global economy for people in business who are excited by change. We cover business, economics, markets, finance, technology, science, design, and fashion.
IEA to hold emergency meeting to tackle soaring oil prices (Reuters) The International Energy Agency will hold an emergency meeting on Friday among consuming nations to discuss a new release of strategic reserves alongside a plan by the United States to pump massive supplies starting in May to cool soaring oil prices.
Where does the US stash its strategic oil reserves? (Quartz) Quartz is a guide to the new global economy for people in business who are excited by change. We cover business, economics, markets, finance, technology, science, design, and fashion.
Russia ‘Singling Out’ Americans for Harassment, State Dept. Warns (Wall Street Journal) Security experts also caution on the risks to staff at companies continuing to operate in Russia.
Here are some experts’ suggestions for donating to Ukrainian relief (Military Times) Interested in helping the Ukrainian people in their hour of need? Here are eight charities doing Ukrainian relief work, for starters.
Attacks, Threats, and Vulnerabilities
Ransomware Attacks Straining Local US Governments and Public Services (IC3) The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses.
Cybersecurity Vendors Assessing Impact of Recent OpenSSL Vulnerability (SecurityWeek) Cybersecurity, cloud, storage and other vendors are assessing the impact of a high-severity OpenSSL vulnerability on their products and services.
Analysis of BlackGuard - a new info stealer malware being sold in a Russian hacking forum (Zscaler) In this blog, ThreatLabz analyzes BlackGuard, an emerging an info stealer malware being sold as a service on a Russian hacking forum.
Hackers Got User Data From Meta With Forged Request (SecurityWeek) Facebook owner Meta gave user information to hackers who pretended to be law enforcement officials last year, a company source said Wednesday, highlighting the risks of a measure used in urgent cases.
VMware Confirms Zero-Day Vulnerability in Spring Framework Dubbed 'Spring4Shell' (Redmondmag) The Spring Framework can be subject to newly a disclosed 'zero-day' vulnerability (CVE-2022-22965) that's deemed 'Critical,' according to a Thursday announcement by Spring developer VMware.
Spring4Shell (CVE-2022-22965): Are you vulnerable to this Zero Day? (Cyber Security Works) CSW's analysis of Spring4Shell vulnerability, a zero-day RCE vulnerability in Java Spring Core library - predicted to be the next Log4j
Spring4Shell: Spring Flaws Lead to Confusion, Concerns of New Log4Shell-Like Threat (SecurityWeek) The disclosure of several vulnerabilities affecting the Spring Java framework, including one dubbed Spring4Shell, has led to confusion and concerns of a new Log4Shell-like threat.
Hackers Pushed Mars Stealer Malware via OpenOffice ads on Google (GBHackers On Security) Mars Stealer, a recently launched data-stealing malware variant, has recently gained massive popularity.
Drawing the RedLine - Insider Threats in Cybersecurity (LogicHub) Examining the recent RedLine password theft malware as it pertains to Microsoft’s employee compromise and how to mitigate insider threats.
IT Giant Globant Confirms Source Code Repository Breach (SecurityWeek) Globant has confirmed that some of its source code repositories have been breached after Lapsus$ leaked code allegedly belonging to the company.
Sitel blames Okta breach on ‘legacy’ network from acquisition (The Record by Recorded Future) Sitel, the company at the center of a wide-ranging data breach affecting popular access management provider Okta, cited a legacy network from a recent acquisition as the cause of the security incident.
Public warned of 'sinister' Cadbury Easter basket scam circulating on WhatsApp (Irish Mirror) The scam message is being spread on social media platforms Facebook and WhatsApp
Wyze Cam flaw lets hackers remotely access your saved videos (BleepingComputer) A Wyze Cam internet camera vulnerability allows unauthenticated, remote access to videos and images stored on local memory cards and has remained unfixed for almost three years.
Report Reveals Surveillance Abuses In Educational Technology (Nextgov.com) The report was commissioned by Democratic Senators Elizabeth Warren, Richard Blumenthal and Edward J. Markey.
Security Patches, Mitigations, and Software Updates
CISA orders agencies to patch actively exploited Sophos firewall bug (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies on Thursday to patch a critical Sophos firewall bug and seven other vulnerabilities within the next three weeks, all exploited in ongoing attacks.
Spring confirms ‘Spring4Shell’ zero-day, releases patched update (The Record by Recorded Future) Earlier this week, experts released details on a remote code execution (RCE) vulnerability affecting the Spring Framework.
SpringShell: Patches released for critical zero-day (Computing) Initial analysis indicates that the bug may not be as severe as Log4Shell
Apple Ships Emergency Patches for 'Actively Exploited' macOS, iOS Flaws (SecurityWeek) Apple’s security response team on released emergency patches on March 31, 2022 to cover a pair of “actively exploited” vulnerabilities affecting macOS, iOS and iPadOS devices.
Rockwell PLC Vulnerabilities Could Allow Hackers to Hide Code (Claroty) Vulnerabilities in Rockwell Logix Controllers and Logix Designer Application could allow attackers to hide code on vulnerable PLCs.
Schneider Electric SCADAPack Workbench (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: SCADAPack Workbench Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could result from exfiltration of data from local files to a remote system controlled by an attacker.
Hitachi Energy e-mesh EMS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: e-mesh EMS Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Use After Free, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition.
Fuji Electric Alpha5 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Alpha5 Vulnerabilities: Access of Uninitialized Pointer, Out-of-bound Read, Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information and execute arbitrary code.
Mitsubishi Electric FA Products (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: FA products Vulnerabilities: Use of Password Hash Instead of Password for Authentication, Use of Weak Hash, Cleartext Storage of Sensitive Information, Authentication Bypass by Capture-replay 2.
Rockwell Automation Logix Controllers (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to modify user programs.
General Electric Renewable Energy MDS Radios (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: General Electric Renewable Energy Equipment: MDS iNET/iNET II/SD/TD220/TD220MAX Radios Vulnerabilities: Improper Input Validation, Hidden Functionality, Inadequate Encryption Strength, Uncontrolled Resource Consumption, Plaintext Storage of a Password, Download of Code Without Integrity Check 2.
Rockwell Automation Studio 5000 Logix Designer (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to download a modified program to the controller.
PTC Axeda agent and Axeda Desktop Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: PTC
Equipment: Axeda agent, Axeda Desktop Server
Vulnerabilities: Use of Hard-coded Credentials, Missing Authentication for Critical Function, Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal, Improper Check or Handling of Exceptional Conditions
Mitsubishi Electric MELSEC iQ-R, Q and L Series (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, Q and L Series Vulnerability: Uncontrolled Resource Consumption 2.
Trends
Cyber warfare will continue to evolve, and cybersec needs to keep up - Nir Zuk (Jerusalem Post) “We need to start being very practical and very concrete about how we do cybersecurity," said Nir Zuk, founder and CTO of cybersecurity company Palo Alto Networks.
Cybersecurity managers with a direct line to executive boards set the tone for investment: Study (ZDNet) Moody's examines how incident response and defense have implications for the market.
76% of organizations suffered downtime and data loss in 2021, system crashes, human error and cyberattacks to blame (Acronis) For information about Acronis and Acronis' products or to schedule an interview, please send an email or get through to Acronis' representative, using media contacts.
Exclusive: SolarWinds CEO calls for an end to 'victim shaming' (TechRadar) Shaming the victims of cyberattacks is counterproductive, says SolarWinds CEO
XM Cyber Research Finds That Hackers Can Claim 'Checkmate' on 94% of Critical Assets in Just Four Moves (PR Newswire) XM Cyber, the multi-award-winning hybrid cloud security company, today announced findings from its first annual Impact Report. Attack Path...
Cyber Risk Insight Index - Q1 2022 (Corvus) Welcome to the second edition of the Corvus Risk Insights Index, where we provide an in-depth look at cybersecurity — the market, landscape, and where we see trends moving.
Marketplace
Antimatter Announces $12M Series A Led by NEA and First Cryptographic Infra Solution for Data Security (PR Newswire) Antimatter, the world's first provable data security for SaaS applications, today announced its emergence from stealth along with $12M in...
Cybersecurity startup HackEDU moves its HQ from Santa Monica to Pittsburgh, looks to double employee count in next year (Pittsburgh Inno) Cybersecurity startup HackEDU announced it has moved its headquarters from Santa Monica, California, to the Strip District in Pittsburgh, as the 43-person company looks to double its headcount over the next year. It currently employs just under half of its total workforce locally, with 21 reporting out of its Strip District HQ office in the Crane Building on 24th Street.
Google Cloud security survey is ‘aggressive’ move vs. Microsoft (VentureBeat) Google Cloud's new government security survey is another sign that the cybersecurity battle vs. Microsoft is heating up.
US unions condemn ‘unacceptable’ Oregon pension fund link with NSO (the Guardian) AFL-CIO in Oregon calls for urgent divestment from fund that owns Israeli spyware company alleged to have targeted union members
CyberArk Siphoning From Okta After Mishandled Hack (Nasdaq) What happens if there is a security breach at one of the biggest cybersecurity companies? Its closest peer stands to benefit.
Resistant AI Awarded ‘Digital Crime Fighter of the Year’ for Winning Inaugural Hackathon at ACAMS Hollywood (PRWeb) Resistant AI, a company dedicated to protecting and safeguarding automated financial services, was awarded ‘Digital Crime Fighter of the Year,’ for winning the ina
SPHERE Launches SP(HER)E Program to Address Lack of Diversity in Cybersecurity (PR Newswire) SPHERE, a woman-owned cybersecurity business focused on providing best-of-breed software and services for access governance across data,...
CentralSquare Technologies Invests in its Customers, Communities and Colleagues (Business Wire) CentralSquare Technologies, an industry leader in public sector technology, hosted its CentralSquare ENGAGE 2022 user-community conference on March 27
Our $100,000 Bug Bounty for Server Vulnerabilities (ExpressVPN Blog) The first person to find and demonstrate a security-critical bug on our VPN server technology, TrustedServer, will receive the bonus award.
Versa Networks Announces Headquarters Office Move to Accommodate Continued Rapid Growth (Yahoo) SASE Market Leader Continues to Grow Headcount to Meet Escalating Global Demand as Industry Recognizes Advantages of Versa’s Differentiated SASE Architecture
IGI’s Jim Ambrosini Recognized for Achievements in Cybersecurity with ISACA’s 2022 Joseph J. Wasserman Award (Yahoo) Jim is a CISO and Cybersecurity Consultant with IGI and the former President of the ISACA New York Metropolitan Chapter BoardPITTSFORD, NY / ACCESSWIRE / March 31, 2022 / IGI, or Infinite Group, Inc. (OTCQB:IMCI), is thrilled to announce that IGI's Jim Ambrosini has been named the 2022 Joseph J.
Vectra Appoints Bonnie Simmons as Vice President of Partner Sales, Americas (PR Newswire) Vectra AI, a leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises, today announced the appointment of...
Red Canary Appoints Carbon Black Co-Founder Mike Viscuso to its Board of Directors (PR Newswire) Red Canary, the Managed Detection and Response (MDR) provider that has helped define the category, today announced that Carbon Black co-founder...
ID.Me Announces New Chief People Officer (ID.me Insights) Newest C-Suite addition joins to drive continued hiring of elite tech talent while supporting culture of innovation.
Products, Services, and Solutions
Banyan Security Accelerates Zero Trust Journey for Organizations with Free Version of Company’s Industry-Leading Secure Remote Access Solution (GlobeNewswire News Room) Team Edition is a no cost solution for up to 20 users and can be deployed in less than 15 minutes...
KnowBe4 Compliance Audit Readiness Assessment (CARA) Helps Organizations Assess Their Ability to Meet Compliance Requirements (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its Compliance Audit Readine
Swimlane + CyberSecurity Malaysia Address the Global Skills Gap (Swimlane) Anyone who works in cybersecurity is painfully aware of the industry’s skills shortage. It’s one of the most difficult industries to find and retain qualified talent. Those who already work in the industry experience burnout at a rapid pace due to the high volume of manual work, task switching,…
Axonius Cybersecurity Asset Management Platform Receives NIAP Certification for Common Criteria Validation (Yahoo) By collaborating with the Leidos Accredited Testing & Evaluation Laboratory, Axonius helps set a new precedent for future vendor software assessments
Top 5 things to know about Microsoft's Pluton Security Processor (TechRepublic) Microsoft has a new security processor that’s getting some buzz. Tom Merritt explains.
Darktrace Extends Coverage to Zero Trust Architectures, Complete with Autonomous Response Capability (PR Newswire) Darktrace, a global leader in cyber security AI, today announced its ability to extend its detection and Autonomous Response capabilities to...
Unifire Signs Agreement with Best-In-Class Cybersecurity Tech Company to Support President Biden's Call for Stronger Cyber Defense (Yahoo) Unifire, Inc., a wholly-owned subsidiary of Mission Ready Solutions Inc. ("Mission Ready") (TSXV:MRS) (OTC:MSNVF), proudly announces that it has entered into an exclusive distribution agreement with QRC Americas SA (QRCrypto) for their quantum-safe cryptography solutions and other related technologies.
Dynatrace Expands Strategic Partnership with AWS (Dynatrace news) Software intelligence company Dynatrace today announced an expanded strategic partnership with Amazon Web Services, Inc. (AWS)
Rewind Expands Cloud Backup Solution Portfolio with Addition of Backup (PRWeb) Rewind today announced the launch of Backups for Jira, an automated backup and on-demand data recovery tool that protects a Jira Cloud Instance and all asso
SnapAttack Launches Community Edition to Drive Collaboration Across Cybersecurity Community (Business Wire) SnapAttack launches free platform providing access to attack and detection content, including the latest threats from Russian state-sponsored actors.
CleanMyMac X now detects apps that may endanger the privacy of your data (MacPaw) If any of the applications installed on your Mac are developed by or hosted in Russia or Belarus, CleanMyMac X marks them as suspicious.
Data Theorem Provides Security Notifications for Modern Cloud Applications Running on AWS Security Hub (Business Wire) Data Theorem, Inc., a leading provider of modern application security, today announced it is running on Amazon Web Services (AWS) Security Hub to prov
Introducing Game-changing Visualization Capabilities for Cloud Migrations in a Cyber Asset Management Platform (CloudSphere) Combining continuous cyber asset management and discovery with real time visibility and automated business service graphing is changing the game for cloud migrations. Our new dashboards visualize complex data to accelerate cloud migration and reduce migration risk for even the most complex business services. Cloud migration assessments have traditionally started with a budgetary evaluation, typically […]
Orca Security Launches First Attack Path Analysis and Business Impact Score for Cloud-Native Applications (Business Wire) Orca Security, the cloud security innovation leader, today announced the industry’s first Attack Path Analysis and Business Impact Score for Cloud-Nat
Detect SaaS Session Hijacking with Obsidian (Obsidian) Identify and mitigate SaaS session hijacking attempts with Obsidian’s industry-first detection capabilities.
OPSWAT Launches World’s First Interactive Mobile Lab for Critical Infrastructure Organizations (OPSWAT) OPSWAT CyberTrailer will offer hands-on education and demonstration for critical infrastructure organizations on the risks of cyberattacks caused by malware
Diligent Announces Diligent Community to Transform Governance Solutions for Mission-Driven Organizations (Yahoo) Diligent, the global leader in modern governance providing SaaS solutions across governance, risk, compliance and ESG, today announced Diligent Community, a next-generation governance and civic engagement solution for public organizations that simplifies the end-to-end agenda and meeting management process. Representing significant updates to the company’s platform, Diligent Community enables organizations to easily manage complex governance tasks in any environment and
Technologies, Techniques, and Standards
Securing the Future of Payments: PCI SSC Publishes PCI Data Security Standard v4.0 (PR Newswire) Today, the PCI Security Standards Council (PCI SSC), a global payment security forum, published version 4.0 of the PCI Data Security Standard...
Design and Innovation
Why artificial intelligence design must prioritize data privacy (The European Sting) Artificial intelligence is integral to developments in healthcare, technology, and other sectors, but there are concerns with how data privacy is regulated. Data privacy is essential to gain the trust of the public in technological advances.
How cybercrime remixed the Nigerian Music scene (The Record by Recorded Future) The economics of Afrobeats, like many things in Nigeria, is tied to the economics of cybercrime.
Afrobeats artist Steven Adeoye on the cybercrime-inspired TikTok hit “Ali” (The Record by Recorded Future) A Q&A Steven Adeoye on the line between art and its inspiration.
Academia
Securing the microelectronics supply chain (ASU News) Michel Kinsy and the STAM Center at ASU are researching microelectronics security advances and developing the next generation of industry professionals.
Legislation, Policy, and Regulation
EU Parliament Passes Privacy-Busting Crypto Rules Despite Industry Criticism (CoinDesk) Lawmakers are set to end even the smallest anonymous crypto transactions, and plan measures that could see unregulated exchanges cut off.
Key Lawmaker Defends SEC’s Cyber Incident Reporting Proposal (Nextgov.com) Rep. Jim Langevin was responding to an industry assertion that the SEC proposal undercuts the will of Congress, given recently enacted legislation.
Readout from CISA’s Second Cybersecurity Advisory Committee Meeting (CISA) Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its second Cybersecurity Advisory Committee meeting. The Committee, which held its inaugural meeting in December 2021, includes a diverse slate of leaders from across industry, academia, and government. Through their unique insight, the Committee members will ultimately provide recommendations on the development and refinement of CISA’s cybersecurity programs and policies. During today’s meeting, subcommittee chairs provided Director Jen Easterly with an update on the progress being made on key objectives outlined by the Director during the Committee’s inaugural meeting.
Senate confirms new Army Cyber Command chief (The Record by Recorded Future) The Senate has confirmed President Joe Biden’s nominee to helm the U.S. Army’s digital warfighting branch.
Crypto Miners in Texas Need ‘Approval to Energize’ in New Grid Hurdle (Bloomberg) Big power users now need to clear review from grid operator. Ercot members set to create task force to evaluate big users.
Litigation, Investigation, and Law Enforcement
Senate’s Wyden Probes Use of Forged Legal Requests by Hackers (Bloomberg) Senator requests information from tech companies, government. Hackers masqueraded as law enforcement to obtain the data.
NSA Employee Charged with Mishandling Classified Material (Military.com) A National Security Agency employee has been charged with emailing classified national security information to someone no longer authorized to receive it.
National Security Agency Employee Indicted for Willful Transmission and Retention of National Defense Information (US Department of Justice) A Maryland man is charged with willful transmission and retention of highly classified National Defense Information (NDI) in an indictment unsealed today in the District of Maryland.
National Security Agency Employee Facing Federal Indictment for Willful Transmission and Retention of National Defense Information (US Department of Justice) A federal grand jury has returned an indictment charging Mark Robert Unkenholz, age 60, of Hanover, Maryland, for willful transmission and retention of National Defense Information (NDI). The indictment was returned on March 29, 2022 and unsealed today upon the arrest of the defendant.
Post Office Cops Used Social Media Surveillance Program Illegally (Vice) The Office of Inspector General found the agency did not have legal authority for searches in its "iCOP" surveillance program.
Ransomware Enforcement Operations in 2020 and 2021 | Recorded Future (Recorded Future) This report looks at international law enforcement operations focused on ransomware and is based on data collected over the last 2 years.
Watch out for fraudulent calls from alleged Europol employees (Avast) The German Federal Criminal Police Office (BKA) is currently warning against fraudulent calls in the name of Europol or alleged international investigation teams. The perpetrators falsely claim that victims’ personal data or identity has been stolen s and that criminals are now using that information.
SolarWinds Loses Bid to Toss Investor Server Hack Risk Suit (1) (Bloomberg Law) SolarWinds Corp. must face accusations it misled investors about vulnerabilities ahead of a massive cyberattack after a federal judge in Texas said the complaint sufficiently alleged materially misleading statements caused stock drops.
Texas tech company can’t dodge investor suit over massive cyberattack (Courthouse News) A federal judge refused to dismiss claims from investors that SolarWinds lied about its security procedures prior to a 2020 cyberattack linked to Russia.
Former AP Intelligence Chief Says NSO Offered to Sell Pegasus, Govt Turned It Down (The Wire) Mamata Banerjee had claimed that the Andhra Pradesh government, under Chandrababu Naidu, had purchased the intrusive spyware.
Opposition Concerned with Lack of Transparency in Health Care Cyber Attack (VOCM) The PC Party is raising concerns about transparency following yesterday's update on the cyber attack that stru...
11 years, 10 arrests, at least 62 women: how did Britain’s worst cyberstalker evade justice for so long? (the Guardian) Matthew Hardy so frightened some of his victims that they slept with weapons. Although he was known to the police – and even prosecuted – it was more than a decade before he was jailed