Dateline
Ukraine at D+68: Cyber skirmishing and outrageous info ops. (The CyberWire) Russia appears to have revised its war aims to concentrate on the annexation of the Donbas and the Azov coastal regions it's currently fighting for. Microsoft sees additional signs of increasing Russian cyber operations.
Ukraine morning briefing: Five developments as Russia loses 65 per cent of ground combat strength (The Telegraph) Plus: Pelosi and other US lawmakers visit Kyiv and Russia strikes US weapons at airfield near Odesa and
Russia planning to annex new areas of Ukraine, U.S. intelligence finds (Washington Post) Claiming Donetsk, Luhansk, Kherson would be an attempt to control of much of the country’s east despite setbacks on battlefield
Mariupol Civilians Flee as Russia Attacks Eastern Ukraine (Bloomberg) About 100 civilians have been evacuated from the besieged Azovstal steel plant in the eastern port city of Mariupol, President Volodymyr Zelenskiy said, in an operation involving the United Nations and Red Cross.
Sergey Lavrov claims Hitler had 'Jewish blood' (The Telegraph) Russian foreign minister sparks outrage with 'unforgivable' statement that 'some of the worst anti-Semites are Jews'
Lavrov’s anti-Semitic outburst exposes absurdity of Russia’s “Nazi Ukraine” claims (Atlantic Council) Russian Foreign Minister Sergei Lavrov has sparked a diplomatic scandal with an anti-Semitic outburst that underlines the absurdity of Russia’s relentless “Nazi Ukraine” propaganda claims.
Russia likens Zelensky to Hitler as Mariupol says Russia worse than Nazis (Newsweek) "The fact that Zelensky is Jewish does not negate the Nazi elements in Ukraine," the Russian foreign minister said.
Russia reroutes internet in occupied Ukrainian territory through Russian telcos (The Record by Recorded Future) Ukrainian officials and internet access monitor Netblocks said there was a near-total internet blackout across Kherson over the weekend.
Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine (Trustwave) As part of our regular Dark Web and cybercriminal research, Trustwave SpiderLabs has uncovered and analyzed postings from a politically motivated, pro-Russian ransomware group named Stormous.
Zhadnost ‘stamps’ out Ukrainian National Postal Service’s website. (SecurityScorecard) Zhadnost ‘stamps’ out Ukrainian National Postal Service’s website.
Microsoft sees Russian cyberattacks on Ukraine 'getting more and more disruptive' (Inside Defense) In the days after Microsoft revealed it has identified more than 237 cyberattacks perpetuated by Russian actors in Ukraine alone over the course of the invasion, the company's executive vice president of strategic missions and technologies said today the operations are "only getting more and more disruptive."
The UN Must Do More for Ukraine—and Itself (Defense One) Russia’s invasion of a sovereign state is also an attack on the basic principle the international body was founded to prevent.
Europe prepares fresh Russia sanctions as US warns Moscow plans to annex parts of east Ukraine (the Guardian) European Commission expected to propose sixth package of sanctions this week as hopes rise of more Mariupol evacuations
EU Prepares Ban on Russian Oil (Wall Street Journal) The bloc’s executive is expected to propose a phased-in embargo on Russian oil, taking effect by year-end, after Germany came out in support of a ban.
Estonia hosts NATO-led cyber war games, with one eye on Russia (NPR.org) Estonia is host to one of the world's largest annual interactive cybersecurity drills. Russia is always considered the main threat, but this year, the war in Ukraine has only added to the stakes.
Ukraine formally closes seaports captured by Russia (Reuters) Ukraine has formally closed its four Black and Azov sea ports, which Russian forces have captured, the Ukrainian agriculture ministry said on Monday.
'The king of battle' — How US artillery in the hands of Ukrainians may reshape the war with Russia (Task & Purpose) We’ve always called it ‘the king of battle'"
Finally! German MPs back heavy weapons for Ukraine in historic vote (Atlantic Council) The German Bundestag on April 28 finally agreed to supply heavy weapons to Ukraine in an historic vote that marked a departure from months of caution in Berlin and efforts to avoid confrontation with the Kremlin.
As support for Ukraine accelerates, key US senators explore the next moves to prevent a Russian victory (Atlantic Council) Sens. John Cornyn (R-TX) and Ben Cardin (D-MD) spoke at an Atlantic Council Front Page event on Friday to discuss the Lend-Lease Act and the US response to the war.
Risk of Putin using nuclear weapons rises as Ukraine succeeds: Menendez (Newsweek) Senator Bob Menendez said he fears Putin deploying nuclear, chemical or biological weapons in the near future as he seeks to "save face."
The War in Ukraine Will Complicate U.S.-China Relations Even More (World Politics Review) It has not even been three months since Russia invaded Ukraine, and it remains far from clear as to when and how this conflict will end. Nevertheless, a robust discussion is already underway over the potential impact of Moscow’s aggression on U.S. foreign policy toward China as well as on Washington’s broader strategic outlook.
Attacks, Threats, and Vulnerabilities
New Black Basta Ransomware Possibly Linked to Conti Group (SecurityWeek) A dozen companies have been targeted by the new Black Basta ransomware and researchers say there may be some links to Conti.
Chinese "Override Panda" Hackers Resurface With New Espionage Attacks (The Hacker News) Chinese state-sponsored "Override Panda" hackers have resurfaced in recent weeks with new cyber espionage attacks aimed at stealing sensitive data.
Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector (The Hacker News) China-aligned "Moshen Dragon" cyberespionage group has been caught using abusing popular antivirus products to sideload malware.
New 'Bumblebee' Malware Loader Used by Several Cybercrime Groups (SecurityWeek) Cybersecurity companies have analyzed “Bumblebee,” a relatively new custom malware downloader that appears to have been used by several cybercrime groups.
The Gmail SMTP Relay Service Exploit (Avanan) Hackers are using the Gmail SMTP Relay Service to spoof companies and get into the inbox.
Industrial cybersecurity researchers, looking for help, go public with unpatched IoT bug (The Record by Recorded Future) A flaw in a commonly used library for the C programming language could allow attackers to take over some IoT devices, Nozomi Networks said.
Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk (Nozomi Networks) Nozomi Networks Labs has disclosed an unpatched vulnerability affecting the DNS of popular C standard libraries potentially in use by millions of IoT devices: uClibc and uClibc-ng.
Experts Analyze Conti and Hive Ransomware Gangs' Chats With Their Victims (The Hacker News) Researchers analyze dozens of communications between Conti and Hive ransomware operators and victims.
Conti and Hive ransomware operations: What we learned from these groups' victim chats (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Conti and Hive ransomware operations: (Cisco Talos) Leveraging victim chats for insights
Curl Flaw Could Allow Authentication Bypass (Decipher) Several versions of curl and the curl library contain a pair of security flaws.
#ASDailyScoop: INSA says cyber attack on GERD, financial institutions foiled (Addis Standard) Shumete Gizaw (PhD). Picture: INSA Addis Abeba - Shumete Gizaw (PhD), Director General of Information Network Security Agency (INSA) said that the Agency as thwarted planned cyber attacks targeting the Grand Ethiopian Renaissance Dam (GERD) and major financial institutions. The failed cyber attacks include attempts […]
Lockbit ransomware attack cripples parts of German library service (Hot for Security) One of the largest library services in Germany, EKZ Bibliotheksservice, has been
impacted by a ransomware attack that has left book lovers unable to rent and
borrow eBooks, audio books, and electronic magazines.
Disgruntled employees cashing in on confidential information over dark web (The Telegraph) Staff using new platform to leak data to competitors, researchers claim
Mental health apps have terrible privacy protections, report finds (The Verge) They’re responsible for deeply personal information.
Health startup myNurse to shut down after data breach exposed health records (TechCrunch) The company announced it would shutter at the end of May, two months after a data breach of patients' health information.
Applied for Student Aid Online? Facebook Saw You (Markup) The FAFSA form included code that sent personal information back to Facebook
Vulnerability Summary for the Week of April 25, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Trends
Identity Is the New Battlefield in Cyberspace (SIGNAL Magazine) Who you are, or more importantly, who your IT network thinks you are and what it allows you to do, is a crucial part of cybersecurity.
Opinion: The Great Resignation's title cybersecurity risk (HousingWire) While retention, engagement and automation are the hottest topics coming out of a growing labor shortage, employee turnover can also cause cyber risk and other operational issues for title companies.
Trellix ATR Report | April 2022 (Teellix) Trellix's advanced threat research report for April 2022, providing insignt into ****, ****, and other top threats.
Marketplace
Cybersecurity M&A Roundup: 42 Deals Announced in April 2022 (SecurityWeek) 42 cybersecurity-related merger and acquisition (M&A) deals were announced in April 2022.
Cybersecurity Providers Facing Partner Anxiety Amid M&A Frenzy (Channel Futures) Partners are concerned even when there's no indication of M&A on the horizon
Network Perception Secures $13 Million Series A Funding Round (Business Wire) Network Perception, innovators of operational technology (OT) solutions which protect mission-critical assets, announced today that it has raised $13
Smallstep Raises $26 Million for Automated Certificate Management Platform (SecurityWeek) Certificate management startup Smallstep Labs announced that it has raised $26 million in funding from several venture capital firms.
ShiftLeft Announces $29 Million Expansion Capital to Accelerate GTM and Platform Development (Business Wire) ShiftLeft, an innovator in automated application security testing, announced an additional $29 million in funding from cybersecurity-focused investor
Teleport Raises $110 Million Series C at $1.1 Billion Valuation Led by Bessemer Venture Partners with Participation from New Investor Insight Partners (PR Newswire) Teleport, the leading provider of Identity-based Infrastructure Access Management, today announced it has raised $110 million in Series C...
Google Offering Up to $1.5 Million for Android 13 Beta Exploits (SecurityWeek) In an effort to improve the security of its mobile operating system, Google has temporarily increased the bug bounty payouts for vulnerabilities identified in Android 13 beta.
Cybersecurity firm Cerberus Cyber Sentinel sees shares rally 20% (SeekingAlpha) Shares of cybersecurity firm Cerberus Cyber Sentinel (CISO) rallied 20% in afternoon trading Monday
API Security Innovator Traceable AI Lands $60 Million Series B (PR Newswire) Traceable AI, the API security & observability company, today announced it has raised $60 million in Series B funding. This new funding values...
Exabeam offering gives customers 245% ROI over three years (IT Brief Australia) Exabeam has announced the results of a commissioned Total Economic Impact (TEI) study, which shows its Fusion SIEM offering has achieved a 245% return on investment (ROI).
MEF Establishes Technology Advisory Board (GlobeNewswire News Room) Senior executives from Blue Planet, Cisco, Fortinet, Netcracker Technology, Salesforce, ServiceNow, Spirent, Versa Networks, and VMware tapped to bring...
Sumo Logic Names Tej Redkar Chief Product Officer and Sophie Kitson Chief Human Resources Officer (GlobeNewswire News Room) Seasoned Leaders Join Sumo Logic to Help to Drive its Next Stage of Growth...
Incode Makes Strategic Business Development Hire to Further Accelerate Growth and Global Adoption (Business Wire) Incode, the next-generation identity verification and authentication platform for global enterprises, today announced the appointment of Allen Ganz as
Zscaler Appoints Brendan Castle as Chief People Officer (Zscaler) Former Google Global Head of Recruiting joins Zscaler to lead People and Culture Team and accelerate the acquisition of top talent
Former FBI Cyber Expert Jason Fickett Joins Booz Allen (WashingtonExec) Booz Allen Hamilton announced that former FBI cyber expert Jason Fickett has joined the firm as a leader of national cyber strategy, with the goal of
NeoSystems Strengthens Channel Program; Names Kathlyn Gibbs to Lead Effort as VP, Partners and Alliances (PR Newswire) NeoSystems, a full-service strategic outsourcer, IT systems integrator and managed services provider to the government contracting market, is...
Products, Services, and Solutions
'Right to be Forgotten': Israel Firm Promises to Purge Digital Footprint (SecurityWeek) Mine, an Israeli startup, says it uses artificial intelligence to show users where their information is being stored -- like whether an online shoe store kept your data after a sneaker purchase three years ago.
Akamai announces new products across security, computing (ChannelLife New Zealand) Akamai has announced a series of new products and updates to existing products across its security and compute product lines, including its entry into the infrastructure as a service (IaaS) market.
SOC Prime Accelerates Threat Hunting Velocity with Detection as Code On-Demand (Business Wire) SOC Prime, provider of the world’s largest and most advanced threat detection marketplace, today announced the availability of Detection as Code On-De
nVisium Expands Cloud Security Services to Meet Growing Demands (PR Newswire) nVisium, a leader in application security, today announced that the company has expanded and enhanced its range of cloud security service...
Egnyte Simplifies CMMC 2.0 Compliance for Government Contractors (PRWeb) Egnyte, a leader in cloud content security and governance, today introduced a powerful, yet easy-to-use solution that makes CMMC 2.0 compliance attainab
Votiro Collaborates With Thales to Enhance Zero Trust Solutions for Enterprises (Business Wire) Votiro announces a joint solution combining Votiro Cloud with Thales CipherTrust Data Security Platform to deliver enhanced zero trust security.
OccamSec Unveils Revolutionary Cybersecurity Platform Set to Change the Industry (PR Newswire) OccamSec, a leading cybersecurity provider, announced today the launch of their Incenter platform. Incenter identifies the security weaknesses...
Performance Test April 2022 (AV-Comparatives) Performance Test April 2022 for Microsoft Windows 10 security products released, 17 products' impact on system performance was tested.
Technologies, Techniques, and Standards
DOD expands vulnerability disclosure program to contracting base in pilot (FedScoop) Much like the Department of Defense has increasingly looked to white-hat ethical hackers to seek out vulnerabilities in its systems over the past five years, the department also believes those independent researchers can help in shoring up the security of the defense industrial base. DOD’s Cyber Crime Center, in partnership with HackerOne, just concluded a […]
Researchers find over 400 vulnerabilities in defense industrial base bug bounty effort (The Record by Recorded Future) A year-long bug bounty program that scrutinized a fraction of the massive U.S. defense industrial base turned up more than 400 valid vulnerabilities, the effort’s organizers announced Monday.
Pentagon contractors go looking for software flaws as foreign hacking threats loom (CNN) A year-long Pentagon pilot program found an array of software vulnerabilities at dozens of defense contractors as Russian and Chinese hackers continue to try to steal sensitive data from the US defense industrial base.
Design and Innovation
RSA Conference Announces Finalists for RSAC Innovation Sandbox Contest 2022 (PR Newswire) RSA Conference, the world's leading information security conferences and expositions, today announced the 10 finalists for its 17th annual RSAC...
Michael Dell talks ‘embracing developers’ and multi-cloud vision (CRN Australia) Dell founder delivers keynote at Dell Technologies World 2022.
Academia
Aryaka Announces Security Research Partnership with Carnegie Mellon’s CyLab (Business Wire) Aryaka®, the leader in fully managed SD-WAN and SASE solutions, today announced it has formed a strategic partnership with CyLab, Carnegie Mellon Univ
University of Central Florida wins national cybersecurity competition (Security Magazine) The University of Central Florida is the champion of the 2022 National Collegiate Cyber Defense Competition.
Legislation, Policy, and Regulation
10 Data Privacy Laws Every Business Should Know (Techopedia.com) Nearly all nations have, or are legislating, data protection laws. But some are harsher th
Israel wants cyber ‘Iron Dome’ system to fight off attacks, minister says - National (Global News) There was a 137 per cent annual jump in average weekly attacks on Israeli companies, to nearly 1,500 per week, in the first three months of 2022, a security firm says.
How Cyber Restraint Makes Us All Safer (The National Interest) Avoiding cyber doom takes the dedicated work of a restrained power.
Nobody Knows Where the Red Line Is for Cyberwarfare (Bloomberg Law) A common explanation for why the Soviet Union never used nuclear weapons during the Cold War was the expectation that any attack would likely prompt a devastating nuclear response. The fear of mutually assured destruction was enough to keep both the USSR and the U.S. from launching a nuclear attack, even as they spent decades building up huge stockpiles of weapons.
To Win the Next War, the Pentagon Needs Nerds (Wired) Data scientists, coders, and other techies could prove decisive in future conflicts—if Uncle Sam can recruit them.
Homeland Security Sets Up Board to Tackle Disinformation (CNET) It will monitor Russia for misinformation regarding the Ukraine war and upcoming midterm elections.
Partisan Fight Breaks Out Over New Disinformation Board (New York Times) The board, an advisory group with the Department of Homeland Security, has become embroiled in the debate over the government’s role in policing online content.
Litigation, Investigation, and Law Enforcement
Twitter may have given user's private data to a ransomware hacker, who then ran a researcher offline (CyberScoop) If true, it's just the latest example of phony data requests used for illicit purposes.
Spain: 2021 Spyware Attack Targeted Prime Minister's Phone (SecurityWeek) Spain Prime Minister Pedro Sánchez’s mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles’ device was targeted once by Pegasus spyware.
Spyware attack targeted Spanish prime minister’s phone (The Record by Recorded Future) Mobile phones used by Spain’s Prime Minister Pedro Sanchez and Defense Minister Margarita Robles were infected with Pegasus spyware, a well-known surveillance tool made by Israel’s NSO Group, government officials said in a press conference on Monday.
Spanish prime minister's mobile phone infected by Pegasus spyware, govt says (Reuters) Spanish authorities have detected "Pegasus" spyware in the mobile phones of Prime Minister Pedro Sanchez and Defence Minister Margarita Robles, the government minister for the presidency, Felix Bolanos, said on Monday.
Hack of Spanish PM’s phone deepens Europe’s spyware crisis (POLITICO) Pedro Sánchez is first EU head of state confirmed to have fallen victim to Pegasus.
NSO Group’s Financial Backers Tried To Undermine Citizen Lab’s Investigative Work (Techdirt) NSO Group’s reputation continues to decline, tracked inversely by the rise of Citizen Lab, a team of Canadian security researchers working out of the University of Toronto. Citizen Lab has ex…
Kansas City, Kan., Remains Relatively Silent on Cyber Attack (GovTech) A press conference lasting less than 10 minutes was held Friday to address the April 16 cyber attack, but it remains unclear if any data was breached or when all city services will come back online.
U.S. DoD tricked into paying $23.5 million to phishing actor (BleepingComputer) The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD).
Jury says NortonLifeLock owes Columbia U. $185 million over cybersecurity patents (Reuters) A jury in Virginia federal court on Monday said cybersecurity company NortonLifeLock Inc must pay New York's Columbia University $185 million for violating its rights in two patents related to fighting malware.
