Dateline Moscow, Kyiv, Minsk, London, New York, and Washington: Russia's kinetic atrocities and tactical failures.
Ukraine at D+42: Cyclops blinked. (The CyberWire) Russia seeks to reconstitute maneuver forces after defeat and retreat in northern Ukraine, but the war's savagery continues unabated with air strikes and artillery used against civilians. The US says it preempted a major GRU cyber operation by taking down the Cyclops Blink botnet's command-and-control. The UN General Assembly will vote today on Russia's continued membership in the Human Rights Council.
What Happened on Day 42 of the War in Ukraine (New York Times) Civilians are leaving eastern Ukraine amid warnings of escalating fighting there. The Justice Department charges a Russian oligarch with violating U.S. sanctions, and the Pentagon trains Ukrainian soldiers to use armed drones against Russian forces.
Pentagon: Russia has fully withdrawn from Kyiv, Chernihiv (Washington Post) Russian forces have fully withdrawn from the Ukrainian capital, Kyiv, and the city of Chernihiv to its north, the Pentagon said Wednesday, as Moscow prepares to concentrate its invading forces in the eastern part of the country.
Russians preparing for new push as Ukraine gathers its dead (Military Times) The two sides are gearing up for what could become a climactic battle by Moscow’s forces to seize the country’s industrial east.
Eastern Ukraine braces for renewed assault as Russia regroups (Washington Post) As Moscow shifts focus from Kyiv, U.S. and allies add more sanctions and Ukrainian officials tell civilians to flee eastern provinces
Civilians Flee Eastern Ukraine as Signs Point to Stepped-Up Russian Attack (New York Times) Alarmed by reports of atrocities near Kyiv, many residents of Ukraine’s east, now suffering the brunt of Russian force, are getting out while they can.
Leave now or face death, Donbas residents told as Vladimir Putin looks for a victory in the east (The Telegraph) Ukraine’s military says Moscow pouring troops into region after abandoning attempt to take Kyiv, with Russian leader setting May 9 deadline
Russia Is Recruiting Mercenaries and Syrians to Ukraine, Western Officials Say (New York Times) The Kremlin is trying to find enough reinforcements to conduct the next phase of the war, according to military and intelligence officials.
West set to toughen sanctions on Russia; Ukraine urges more (AP NEWS) Western governments prepared Wednesday to toughen sanctions against Russia and send more weapons to Ukraine, after President Volodymyr Zelenskyy pointedly accused the world of failing to end Moscow’s invasion of his country and what he said was a campaign of murders, rapes and wanton destruction by Russian forces.
Ukraine can ‘absolutely’ win the war, says US (The Telegraph) The US has said that Ukraine can “absolutely” win the war against Russia, despite fears the conflict could drag on for months or even years.
Zelenskyy tells UN: Act now on Russia or dissolve yourself altogether (Atlantic Council) President Zelenskyy has called for the wholesale reform of the United Nations in an emotional address to the UN Security Council marked by scathing criticism of its toothless response to Putin’s invasion of Ukraine.
Russian War Report: Ukraine accuses Georgia of allowing Russian smuggling through its territory (Atlantic Council) Ukraine has accused Georgia of facilitating Russian smuggling out of Ukraine. Meanwhile, Alexei Navalny calls for Kremlin propaganda to be treated as a war crime.
Zelenskiy says Kremlin forces are trying to cover up evidence of atrocities – as it happened (the Guardian) This live blog is now closed
Russians ‘burning bodies in mobile crematoriums to cover up Mariupol war crimes’ (The Telegraph) Mayor accuses Russian soldiers of turning city into a death camp by incinerating the corpses of murdered civilians
‘What is this pit?’ I asked the Russians. They said: ‘This is a graveyard for you’ (The Telegraph) Evidence of war crimes mounts after invaders forced into a hasty retreat from towns outside Kyiv, as villagers reveal their chilling threats
More Russians Consider Costs of War in Ukraine as Casualties Mount (New York Times) Many Russians have been in the dark about their country’s losses. As news of more Russian deaths arrives, the reactions range from anger at the Kremlin to parroting the state’s messaging that blames “Nazis’’ in Ukraine.
Genocide in Ukraine: Putin will not stop until the world stops him (Atlantic Council) If Western leaders wish to defend the rules-based order that has served them all so well since WWII, they must urgently do so in Ukraine by supplying the country with the offensive weapons needed to defeat Russia.
How the world’s parliaments can team up against Russian aggression (Atlantic Council) As the sound of gunfire echoes across a surrounded Mariupol and horrific Russian attacks continue across Ukraine, the international community has united in condemning Russian President Vladimir Putin’s invasion and punishing him and his cronies. But there’s more to be done, and one way to maximize the impact of these global efforts would be an interparliamentary alliance against Kremlin aggression (IPAKA).
UN to vote on suspending Russia from Human Rights Council (Al Jazeera) Approval requires a two-thirds majority of the assembly members that vote ‘yes’ or ‘no’, with abstentions not counting.
War Crimes Trials Aren’t Enough (Foreign Policy) To protect civilians from war crimes, stop them from happening now.
Biden vulnerable to Putin attack over calls for war crimes trial (Newsweek) Leila Sadat, the ICC prosecutor's special adviser on crimes against humanity, told Newsweek: "It's a problem of double standards."
Trying Putin for Ukraine war crimes could keep him from leaving Russia (Newsweek) If the International Criminal Court issues a warrant for this arrest, he would not be able to travel to more than 100 countries.
Opinion: Is a coup against Putin possible? Russia’s history offers clues. (Washington Post) Vladimir Putin has never faced a serious challenge to his power. But his disastrous war in Ukraine could change that.
To defeat Putin's totalitarianism, work with Russians | Opinion (Newsweek) Putin has consolidated his turn to totalitarianism, sending his country back into the mid-1980s.
Russia to U.N. Members: You’re With Us or Against Us (Foreign Policy) Moscow will interpret a failure to vote against its ouster from the Human Rights Council as a show of support for the U.S.
Countries have expelled 120 Russian spies since the war in Ukraine started. (New York Times) Despite the purge of intelligence officers, former officials cautioned that Moscow would have other ways to collect information and that the efforts would have little impact on the war in Ukraine.
Ukraine says Russia will see new sanctions as ‘permission to attack’ amid warnings of fresh offensive (the Guardian) Volodymyr Zelenskiy says sanctions unveiled by west have ‘a spectacular look. But this is not enough’, as fears mount of large-scale Russian offensive
Zelenskyy wants Ukraine to be ‘a big Israel.’ Here’s a road map. (Atlantic Council) By adapting their mindset to mirror aspects of Israel’s approach to security challenges, Ukrainian officials can tackle their own critical challenges with confidence.
Ukraine pleads for weapons as fight looms on eastern front (AP NEWS) Ukraine told residents of its industrial heartland to leave while they still can and urged Western nations to send “weapons, weapons and weapons” Thursday after Russian forces withdrew from the shattered outskirts of Kyiv to regroup for an offensive in the country's east .
US answers Ukraine's call for more military kit to destroy Russian tanks (The Telegraph) White House to give £75m worth of weaponry as secretary of state announces new stream of sanctions
More Javelins for Ukraine amid questions about US supplies (Defense News) The U.S. has approved another $100 million in Javelin anti-tank weapons and training for Ukraine from U.S. military stocks, for a total of $1.7 billion in U.S. aid since Russia’s invasion, it was announced Tuesday.
Germany has satellite image indication of Russian involvement in Bucha killings -security source (Reuters) The German government has indications that Russia was involved in the killing of civilians in the Ukrainian town of Bucha based on satellite images, a security source said on Thursday.
Hackers flood internet with what they say are Russian companies' files (NBC News) The leaks are part of a larger ecosystem in which amateurs try to help Ukraine’s war efforts with their own keyboards.
Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts (The Hacker News) Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram.
U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks (New York Times) The operation is the latest effort by the Biden administration to thwart actions by Russia by making them public before Moscow can strike.
DoJ takes down Russian botnet that targeted WatchGuard and Asus routers (ZDNet) The Justice Department disrupted the Russian Federation's control over thousands of infected devices
FBI Disables "Cyclops Blink" Botnet Controlled by Russian Intelligence Agency (SecurityWeek) The U.S. government says it has disabled the "Cyclops Blink" botnet of hardware devices controlled by Russia’s main intelligence agency (GRU).
Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU) (US Department of Justice) Operation Copied and Removed Malware Known as “Cyclops Blink” from the Botnet’s Command-And-Control Devices, Disrupting the GRU’s Control Over Thousands of Infected Devices Worldwide. Victims Must Take Additional Steps to Remediate the Vulnerability and Prevent Malicious Actors From Further Exploiting Unpatched Devices.
US Charges Russian Oligarch, Dismantles Cybercrime Operation (SecurityWeek) The U.S. charged a Russian oligarch linked to the Kremlin with violating U.S. government sanctions and disrupted the "Cyclops Blink" botnet operation launched by a Russian military intelligence agency.
US authorities take down GRU-controlled Cyclops Blink botnet (Computing) Russia-backed Sandworm group was using the malware on WatchGuard Firebox firewall appliances and multiple ASUS router models
US disrupts prolific botnet controlled by Russian military, DOJ says (The Record by Recorded Future) US Attorney General Merrick Garland announced Wednesday that US officials have disrupted a global botnet of thousands of infected devices allegedly controlled by the Russian military.
Ukraine crisis shows effectiveness of Cyber Command's persistent engagement, Nakasone says (FedScoop) Working with partners early to bolster cybersecurity has demonstrated to be effective in the current Ukraine-Russia crisis, the head of U.S. Cyber Command said.
Ukraine Crisis to Influence Growth of US Cyber Force, Nakasone Says (Air Force Magazine) The cyber element in the Ukraine war underscores DOD's emphasis on this emerging capability. It also will likely impact future defense budgets.
Federal authorities urged to bolster intel sharing amid nation-state threats (Cybersecurity Dive) Current Russian cyber activity has been limited, but experts warn the threat may increase on short notice.
Facebook cracks down on covert influence networks targeting Ukraine (Washington Post) The social media giant says repeat offenders are returning to the platform to spread misinformation about the war
Russian-backed hackers broke into Facebook accounts of Ukrainian military officials (CBS News) Facebook's parent company, Meta, says they posted videos urging the Ukrainian army to surrender and filed as many as thousands of false reports against users, mainly in Ukraine and Russia, for policy violations.
Ukrainian soldiers' Facebook accounts targeted by hackers, Meta says (CNN) Facebook parent company Meta detailed Thursday an array of shady cyber tactics that it says groups linked to Russia and Belarus are using to target Ukrainian soldiers and civilians.
Nigerian social media accounts targeted in influence campaign centered on Ukraine invasion (The Record by Recorded Future) The Russian invasion of Ukraine is having ripple effects on digital communications around the world.
What is the risk of retaliation for taking a corporate stance on Russia? (CSO Online) Hacktivists, Russia and its proxies, and even partisan cybercriminals have taken cyber actions against organizations for their decisions regarding the attack on Ukraine.
U.S. government and energy firms close ranks, fearing Russian cyberattacks (Washington Post) The Ukraine war has put them on high alert
OP-ED: Eastern Michigan University professor on strengthening companies' cybersecurity posture in response to recent Russia-Ukraine war threats (Eastern Michigan University) President Joe Biden’s recent warning for U.S. companies to improve their cybersecurity underscores the significance of the emerging cyber threat landscape. Such a threat is real and it has been for quite some time. The Russia-Ukraine war may have exacerbated it, but critical infrastructure protection has been on the minds of many cybersecurity researchers, like me, for quite some time.
Cyberattacks are the new modern warfare model (The Washington Times) In the past two years, Russian hackers have attacked America’s fuel and food supply, and the software that underpins everything from how Americans get their paychecks to where they get their health care.
Defending Firmware in the Firmament (Eclypsium) The recent attacks against the ViaSat satellite network in February and March of this year have gone largely unnoticed amid the din of the Russian assault on Ukraine. And this is understandable: these attacks are cold and distant and in a sense unreal, not at all like the heartbreak we see on the ground in Kharkiv and Mariupol, or the sheer brutality we see in Irpin and Bucha.
Bold, effective and risky: The new strategy the U.S. is using in the info war against Russia (NBC News) “It doesn’t have to be solid intelligence,” one U.S. official said. “It’s more important to get out ahead of them [the Russians], Putin specifically, before they do something."
Apple restores opposition app to its App Store in Russia (Washington Post) The company had made it inaccessible in Russia last year after threats from the Russian government
Intel becomes latest Western tech firm to suspend business in Russia (Reuters) U.S. chipmaker Intel Corp said on Tuesday it has suspended business operations in Russia, joining a slew of companies to exit the country following its invasion of Ukraine.
Chinese hackers launch cyberattacks against Ukraine amid war (Nikkei Asia) Experts speculate strikes aimed at collecting information on refugees
India to Face Significant Cost If Aligned With Russia, U.S. Says (Bloomberg) Deese says U.S. ‘disappointed’ with some Modi moves on Ukraine. New Delhi continuing to buy Russian oil, weaponry despite war.
Pope Francis kisses Ukrainian flag from 'martyred' Bucha (AP NEWS) Pope Francis on Wednesday kissed a battered Ukrainian flag that he said was brought to him from the “martyred” Ukrainian city of Bucha as he denounced the “massacre” there and called again for an end to the war .
Bucha killings drive Russia sanctions forward in divided EU (Newsweek) "Bucha has been quite a trigger to get things moving," a European diplomatic official told Newsweek.
Britain slaps sanctions on Russia’s biggest bank (The Telegraph) The UK has slapped sanctions on Russia’s largest bank and pledged to end oil and coal imports in the latest escalation of measures against Moscow.
Russia hit with new round of U.S. sanctions as Biden decries 'major war crimes' (Reuters) The United States targeted Russian banks and elites with a new round of sanctions on Wednesday, including banning Americans from investing in Russia, in response to what President Joe Biden condemned as "major war crimes" by Russian forces in Ukraine.
U.S. to Sanction Putin Children, Banks Over Bucha Atrocities (Bloomberg) Sberbank, Alfa Bank targeted with full blocking penalties. U.S. moving in concert with European allies on new sanctions.
The Forbes Ultimate Guide To Russian Oligarchs (Forbes) For a quarter-century, Forbes has been investigating billionaire oligarchs, digging into their political connections, murky holdings and maze of offshore assets.
Russia says it sent $650 million bond payment in rubles after US Treasury blocked dollar transfers (Markets Insider) Ratings agencies have said that payment in rubles on dollar bonds would put Russia in a technical default.
Russia Skirts Nearer Default After Dollar Payment Blocked (Bloomberg) Nation says foreign banks rejected $649.2 million payment. Default probability over a year rises to 99%, CDS data show.
Russia’s Effort to Avoid Default Undermined by New U.S. Sanction (Bloomberg) Measure intended to deplete Russia’s financial resources. EU countries are also discussing option of further sanctions.
Attacks, Threats, and Vulnerabilities
Hamas's Facebook catfish operation on Israeli officials - report (Jerusalem Post) An extensive fake profile network was operated by Hamas to surveil and obtain sensitive information on Israeli security establishment officials.
Hamas-Linked Hackers Using Sexy 'Catfish' Lures, New Malware (SecurityWeek) The Hamas-linked APT-C-23 group is targeting high-ranking Israelis with new new malware including a fake messaging app (VolatileVenom), a downloader (Barbie Downloader) and a backdoor (BarbWire Backdoor).
Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials (Cybereason) Over the last several years, the Cybereason Nocturnus Team has been tracking different APT groups operating in the Middle East region, including two main sub-groups of the Hamas cyberwarfare division: Molerats and APT-C-23. Both groups are Arabic-speaking and politically-motivated that operate on behalf of Hamas, the Palestinian Islamic-fundamentalist movement and a terrorist organization that has controlled the Gaza strip since 2006.
China Hackers Tried To Hit Power Grid Near Ladakh, "Unsuccessful": Centre (NDTV.com) According to the intelligence firm Recorded Future, the Chinese hackers were trying to gather information surrounding critical infrastructure systems.
Chinese Hackers Collect Intelligence From India’s Grid (The Statesman) “The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities,” the Recorded Future report states. “We believe this is instead likely intended to enable information gathering surrounding critical infrastructure and/or pre-positioning for future activity.”
Suspected Chinese Hackers Collect Intelligence From India’s Grid (Bloomberg) Suspected state-sponsored Chinese hackers have targeted the power sector in India in recent months as part of an apparent cyber-espionage campaign, the threat intelligence firm Recorded Future Inc. said in a report published Wednesday.
Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group (Recorded Future) Insikt Group's report details a campaign conducted by a likely Chinese state-sponsored threat activity group targeting the Indian power sector.
Hackers use malicious apps to target customers of 8 Malaysian banks, researchers say (The Record by Recorded Future) Researchers at Slovak security firm ESET said they have found that three malicious Android apps are still targeting the customers of eight different Malaysian banks in a campaign that began late last year.
Google Bans Apps With Hidden Data-Harvesting Software (Wall Street Journal) Code placed in consumer-facing apps is tied to U.S. national-security contractors, documents show.
Denonia: First Malware Targeting AWS Lambda (SecurityWeek) Denonia is the name given to what appears to be the first piece of malware designed to specifically target AWS Lambda environments.
Denonia malware may be first to target AWS Lambda (ComputerWeekly) The newly-discovered Denonia malware appears to be custom-designed to target AWS Lambda environments, and may be the first of its kind
Cado Discovers Denonia: The First Malware Specifically Targeting Lambda (Cado Security | Cloud Investigation) Cado Labs routinely analyses cloud environments to look for the latest threats. As part of ongoing research, we found the first publicly-known case of malware specifically designed to execute in an AWS Lambda environment. We named this malware Denonia, after the name the attackers gave the domain it communicates with.
Microsoft Offers Detection Guidance on Spring4Shell Vulnerability (Redmondmag) Microsoft on Tuesday offered guidance on the so-called 'Spring4Shell' vulnerability in the Spring Framework overseen by VMware, while also indicating that its own services were unaffected.
“CloudSquatting”: Taking Over Abandoned Cloud Storage Locations (Medium) 10,000+ Affected Applications
Europe Warned About Cyber Threat to Industrial Infrastructure (SecurityWeek) Malicious cyber actors pose a serious threat to Europe’s industrial infrastructure, with at least 10 hacker groups known to target European organizations.
Conti ransomware leaks show a low-tech but effective model (SearchSecurity) Conti ransomware relies heavily on hackers doing things the old-fashioned way, according to a new analysis from Akamai Technologies.
Team A vs Team B: What is Motivating Lapsus$? (Digital Shadows) In the past few weeks, the Lapsus$ threat group captured the security community’s attention with a series of brazen and controversial cyber attacks against some of the world’s largest organizations, including Microsoft, Okta, and Samsung. These attacks resulted in sensitive data being leaked on their Telegram channel, thus granting the group a significant notoriety boost
Tax Customer Campaign Attempts to Infect Victims with RAT (Abnormal) Threat actors are posing as prospective clients seeking tax preparation services and using the Sorillus remote access tool (RAT) to steal information.
IRS Scams 2022 - Cyren (Cyren) Tax scams are so prevalent that the United States Internal Revenue Service has published a very long FAQ page to warn people of the risks.
Tax Scams / Consumer Alerts (US Internal Revenue Service) Thousands of people have lost millions of dollars and their personal information to tax scams. Scammers use the regular mail, telephone, or email to set up individuals, businesses, payroll and tax professionals.
Vevo announces investigation after YouTube accounts for Rihanna, Justin Beiber, Taylor Swift, Kanye and more hacked (The Record by Recorded Future) Multinational video hosting service Vevo said it will be investigating a recent incident where someone took over the YouTube pages for several high-profile artists and either uploaded music videos or changed the names of popular videos.
Greek Post Restarts Services After Cyber-Attack Downs System (Balkan Insight) Hellenic Post said it was resuming operations after a serious cyber-attack in late March brought down the computer systems with use of malware.
The Nigerian Prince Scam, with a Russian Twist (Avanan) A new attack is putting a Russian spin on the classic Nigerian Prince scam.
The Works forced to shut some shops after cyber-attack (BBC News) The retailer said that five of its 526 shops have temporarily been shut since the attack last week.
Maker of ‘Axie Infinity’ Game Raises Funds to Reimburse Victims of Crypto Hack (Wall Street Journal) The cryptocurrency startup behind the popular online game has raised $150 million to help it reimburse users after hackers last month stole $500 million worth of cryptocurrency.
Security Patches, Mitigations, and Software Updates
Microsoft: Here are the key Windows 11 security upgrades coming your way (ZDNet) Microsoft has detailed a number of security upgrades coming to Windows 11, from the chip to the cloud.
VMware warns of critical vulnerabilities in multiple products (BleepingComputer) VMware has warned customers to immediately patch critical vulnerabilities in multiple products that could be used by threat actors to launch remote code execution attacks.
VMSA-2022-0011: Questions & Answers (VMware: The Cloud Platform Tech Zone) VMSA-2022-0011 outlines several critical security vulnerabilities in multiple VMware products. This is a corollary to the VMSA itself with Q&A, links, and additional analysis.
Citrix Releases Security Updates for Hypervisor (CISA) Citrix has released security updates to address a vulnerability in Hypervisor. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX390511 and apply the necessary updates.
Google Releases Security Updates for Chrome (CISA) Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates as soon as possible.
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird (CISA) Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
Trends
Government Social Media Spying Powers: 50 countries ranked on social media surveillance (Comparitech) Social media often provides a window into our private lives, personal communications, and individual thoughts.
The government isn't great at explaining cyberthreats to Americans (Washington Post) The Biden administration took a big step forward in its cybersecurity efforts this week as the State Department launched a cyberspace and digital policy bureau with more than 60 staffers and plans to hire more.
Cyber Round-Up Q1 2022: Precise Underwriting for SMEs (Cowbell Cyber) According to the World Economic Forum’s (WEF) Global Cybersecurity Outlook 2022, “88% of global cyber leaders indicate that they are concerned about cyber resilience of small- and mid-sized enterprises (SMEs) in their ecosystem.”
Report: Australian businesses facing significant security challenges (SecurityBrief Australia) A recent survey report by Sophos has revealed many significant security challenges that Australian businesses are facing and will continue to face going forward.
Marketplace
Nord Security raises its first-ever funding, $100M (TechCrunch) Nord Security is announcing funding at a "unicorn" valuation to build out both its consumer and enterprise business lines to capitalize on VPN growth.
Cybersecurity company Tufin acquired by Turn/River Capital for $570 million (CTech) The deal represents a premium of approximately 44% over Tufin’s latest closing share price on the NYSE
Tufin Agrees to $570 Million Acquisition With 30-Day 'Go Shop' Option (SecurityWeek) Tufin (NYSE: TUFN) has agreed to be acquired by investment firm Turn/River Capital for approximately $570 million in cash, subject to a 30-day "go shop" period which the company could fetch a larger amount.
Booz Allen Hamilton to sell Middle East consulting unit (Washington Technology) The firm is maintaining a presence in that region but focused on supporting U.S. government operations.
How Many Venture-Backed Cybersecurity Startups Are Led By Women? (NopSec) NopSec collected and analyzed 654 cybersecurity startups that raised more than $1,000,000 in funding to see how many are led by women. Read the results now!
IronNet Reports Preliminary Fourth Quarter and Fiscal Year 2022 Financial Results (Business Wire) IronNet, Inc. (NYSE: IRNT) (“IronNet”), a leading provider of solutions Transforming Cybersecurity Through Collective Defense℠, announced today its fi
Industry Veteran Shawn Wells Appointed to Accenture Federal Cybersecurity Function; MG Aaron Faulkner Quoted (Executive Gov) Former CrowdStrike executive Shawn Wells has been added to the cybersecurity division at Accenture’s federal business.
Expel Appoints Former NHL CISO Greg Notch to Top Security Post (Yahoo) Expel, the managed detection and response (MDR) provider that aims to make great security accessible, today announced the addition of Greg Notch to the company’s leadership team as Chief Information Security Officer (CISO).
A Long Way in 11 Years: I'm Passing the Torch at ThreatConnect (ThreatConnect) After 11 years the time has come for me to pass the torch as ThreatConnect’s CEO. This decision, although hard, is one that I make with great pride for how far the company has come from founding through startup, to what it is today.
Products, Services, and Solutions
CrowdStrike & Mandiant Partner to Protect Organizations Against Cyber Threats (CrowdStrike) CrowdStrike today announced a strategic partnership that will help joint customers investigate, remediate and defend against increasingly sophisticated cybersecurity events that plague organizations globally.
Leading security companies Mandiant and CrowdStrike vow to collaborate (Washington Post) The arrangement, announced Thursday, aims to improve cooperation in probing and preventing computer hacks
GBG increases focus on global products and creates the largest pure play identity verification and fraud prevention provider in the Americas (PR Newswire) Company builds on recent acquisitions of Acuant and IDology and creates a global product group to further deliver greater benefits for current and future...
ForAllSecure Launches $2 Million Mayhem Heroes Program to Make Open Source More Secure (PR Newswire) ForAllSecure, a leader in modern application security testing, today announced that it is investing $2 million to make open source software...
Bluescape Achieves DoD Impact Level 5 Authorization (PR Newswire) Underscoring its commitment to the highest security standards, Bluescape announces its online whiteboard and virtual workspace has achieved an...
MOXFIVE Announces Priority Controls Bundle to Protect Organizations from Evolving Cyber Threats (MOXFIVE) MOXFIVE, a technical advisory firm specializing in cybersecurity and information technology, today announced the launch of their MOXFIVE Priority Controls bundle to support organizations in more efficiently securing and hardening IT environments.
Zimperium and Carahsoft Partner to Provide Mobile Security Protection to the Public Sector (Business Wire) Zimperium's new partnership with Carahsoft will make its FedRAMP authorized mobile threat defense solution more accessible to the public sector.
Stay protected against scams and online fraud with Avast One’s newest features (Avast) The newest additions to the Avast One service help keep scammers away and sensitive data safe.
Tanium Now Available in the Microsoft Azure Marketplace (Business Wire) Tanium, the industry’s only provider of converged endpoint management (XEM), today announced the availability of Tanium in the Microsoft Azure Marketp
Technologies, Techniques, and Standards
A Peek at Privacy: Where We Started, Where We are Now, and What’s Next (NIST) As part of NIST’s 50th anniversary of cybersecurity, this month’s blog post is centered on privacy at NIST.
New PCI Data Security Standard v4.0 receives kudos for flexibility (CSO Online) Customization, multi-factor authentication are key features in PCI DSS v4.0 global payment benchmark.
Best practices for secure data warehouse in Google Cloud (Google Cloud Blog) Introducing our new security blueprint that helps enterprises build a secure data warehouse.
Improving software supply chain security with tamper-proof builds (Google Online Security Blog) Posted by Asra Aliand Laurent Simon, Google Open Source Security Team (GOSST) Many of the recent high-profile software attacks that have ala...
The 6 Pillars of DevSecOps: Pillar One-Collective Responsibility (DevOps.com) Pillar one reinforces the idea that security responsibility cannot be limited to a few people and is no longer just a compliance activity.
Why rip and replace is a once-in-a-lifetime opportunity to build a better broadband system (Data Center Dynamics) US telcos should consider network disaggregation when replacing banned Huawei and ZTE equipment
Design and Innovation
Pentagon’s Outgoing Data Boss Warns of Quantum Cyber Threats (Yahoo Finance) The U.S. Department of Defense’s outgoing chief data officer called for the Pentagon to make urgent investments to defend against potential espionage from quantum computers -- nascent technology that could one day break the encryption that protects American secrets. Most Read from BloombergCanada to Ban Foreigners From Buying Homes as Prices SoarMocked as ‘Rubble’ by Biden, Russia’s Ruble Comes Roaring BackRussia Skirts Nearer Default After Dollar Payment BlockedU.S. Drones for Uk
Complex Chips Make Security More Difficult (Semiconductor Engineering) Why cyberattacks on the IC supply chain are so hard to prevent.
Lockheed Martin pushes USB-like universal plug-in for satellites (Breaking Defense) Defense giant hopes other firms will adopt the open-source interface system allowing plug-and-play in orbit.
Academia
School News | $125,000 DeFi Education Fund Research Grant Awarded to the NYU Stern Fubon Center for Technology, Business and Innovation (NYU Stern) $125,000 DeFi Education Fund Research Grant Awarded to the NYU Stern Fubon Center for Technology, Business and Innovation
Legislation, Policy, and Regulation
Australian spy chiefs meet with Solomon Islands PM over China deal (RNZ) Two of Australia's top intelligence chiefs have met Solomon Islands' Prime Minister Manasseh Sogavare to raise Canberra's concerns over the security agreement the Solomons is due to sign with China.
Gen. Paul Nakasone Talks US Cyber Command’s Priorities at Congressional Hearings (Executive Gov) Gen. Paul Nakasone, head of U.S. Cyber Command and a 2022 Wash100 Award recipient, on Tuesday appeared before House and Senate lawmakers to discuss five priorities that will help USCYBERCOM improve its capabilities to counter cybersecurity threats and other national security challenges.
Cyber Mission Force Set to Add More Teams (U.S. Department of Defense) U.S. Cyber Command has about 133 cyber mission teams spread across the services, which make up its Cyber Mission Force — the "action arm" of Cybercom, its commander, Army Gen. Paul M. Nakasone, said.
Government Needs to be 'Postured for the Future' of Cyber Threats (Decipher) The U.S. government and military is looking to attract and retain more talented cyber operators to keep pace with the evolving threat landscape.
Partisan Rift Stalls Efforts to Secure Critical Infrastructure from Cyberattack (Nextgov.com) U.S. Cybersecurity Policy heads back to square one as a public-private bargain that emerged from the Congressionally mandated Solarium Commission breaks down.
Commerce CIO: Solarwinds pushed agency to abandon siloed approach to cybersecurity (FedScoop) The 2020 SolarWinds attack was a turning point for the Department of Commerce that pushed IT leaders at the agency to put together a unified cybersecurity plan, according to CIO André Mendes. The breach led senior leaders from across the organization to abandon a previously siloed approach and work together more closely, Mendes said Wednesday during […]
Litigation, Investigation, and Law Enforcement
DOJ charges Russian national with operating world’s ‘largest darknet market’ (The Record by Recorded Future) The US Justice Department on Tuesday filed charges against Dmitry Olegovich Pavlov, a 30-year-old Russian national accused of a range of crimes connected to “his operation and administration of the servers used to run” Russian dark web marketplace Hydra.
Justice Department Investigation Leads To Shutdown Of Largest Online Darknet Marketplace (Department of Justice, U.S. Attorney’s Office, Northern District of California) ussian Resident Indicted on Conspiracy Charges Related to Operating Hydra Market
UNITED STATES OF AMERJCA,, Plaintiff, V. DMITRY OLEGOVICH PAVLOV, ) a/k/a "Dmitrii Pavlov," ) a/k/a"Dmitriy PJvlov," ) a/k/a ДМИТРИЙ ОЛЕГОВИЧ ПАВЛОВ, Defendant (US District Court for the Northern District of California) The Grand Jury charges: At times relevant to this Indictment: Defendant DMITRY OLEGOVICH PAVLOV was a Russian citizen residing in Russia. Hydra Marketplace ("Hydra") was the largest and longest-running darknet market in the world.
US sanctions Garantex for laundering over $100M (SearchSecurity) The U.S. Treasury Department has sanctioned virtual currency exchange Garantex for money laundering.
Russia-linked darknet marketplace Hydra shut down in joint operation (Computing) Hydra has collected about $5.2 billion in cryptocurrency since 2015, according to the US Department of Justice
Hydra: How German police dismantled Russian darknet site (BBC News) German police say illegal sales on the site amounted to at least £1bn a year
Palantir demands foe’s communication with Williams & Connolly counsel (Reuters) Palantir Technologies Inc has escalated its international feud with an early investor in dramatic fashion, petitioning a U.S. court on Tuesday to order the investor to turn over privileged communications with his lawyers from Williams & Connolly because the material is needed in a German criminal investigation.
Danske Bank reported to police over data privacy violations (Reuters) Denmark's data protection watchdog has reported Danske Bank , the country's biggest lender, to the police over a failure to erase customers' personal data in its systems, the bank said on Tuesday.