Dateline
Ukraine at D+75: Phishing campaigns and defacements. (The CyberWire) Victory Day seems to have fallen short of everyone's expectations (especially Fleet Street's). Cyberattacks continue, but whether hacktivist, state-directed, or criminal are unclear. The EU, however, has reached some clarity about the attack on Viasat ground stations that opened Russia's war: Moscow did it.
Russia pounds Ukraine's vital port of Odesa, Mariupol plant (AP NEWS) Russian forces pounded away at the vital port of Odesa, Ukrainian officials said Tuesday, as part of an apparent effort to disrupt supply lines and weapons shipments. On the other end of the southern coast, they hammered a steel plant where Ukrainian fighters are denying Moscow full control of another critical port.
Ukraine morning briefing: Five developments as Joe Biden warns Vladimir Putin has 'no way out' (The Telegraph) Plus: Odesa's ports grind to a standstill and defiant troops say they are still defending Mariupol steelworks
Russia’s invasion of Ukraine: List of key events, day 76 (Al Jazeera) As the Russia-Ukraine war enters its 76th day, we take a look at the main developments.
Zelenskyy calls for international help to end Odesa blockade (Al Jazeera) Russian missiles hit a shopping centre and a depot in the key Black Sea port, killing one person and injuring five.
Putin's Victory Day speech gives no clue on Ukraine escalation (Reuters) Vladimir Putin exhorted Russians to battle in a defiant Victory Day speech on Monday, but was silent about plans for any escalation in Ukraine, despite Western warnings he might use his Red Square address to order a national mobilisation.
On Victory Day, Putin defends war on Ukraine as fight against ‘Nazis’ (Washington Post) President Vladimir Putin sought to justify his contentious war against Ukraine during a huge Victory Day parade on Monday, once again falsely calling Ukrainians “Nazis” and insisting without evidence that Kyiv was planning to build nuclear weapons.
In Speech, Putin Shows Reluctance in Demanding Too Much of Russians (New York Times) The Russian president, in a much-anticipated speech on his country’s most important holiday, did not proclaim an escalation of the fight in Ukraine.
Putin's parade shows he "is going to continue at whatever cost" in Ukraine (Newsweek) U.S. military and intelligence analysts saw signs of Russia's bleak future. But Biden has urged his own administration to tone down the triumphal rhetoric.
Russian Victory Day live: Putin spouting 'fairytale claims' about being forced to invade Ukraine, says Wallace (The Telegraph) Vladimir Putin is spouting "fairytale claims" when falsely alleging that Nato is preparing for an invasion of Russian land, Defence Secretary Ben Wallace has said.
Russia’s display of military might sent the West a strong message – just not the one Putin intended (The Telegraph) There was more than met the eye at the display of 'new' kit in Moscow’s muscle-flexing Victory Day parade
Russians 'rescue' Ukrainians from 'genocide,' turn them into cannon fodder (Newsweek) "We want to go back home someday, only to a different Donbas," an elderly couple told Newsweek, "one where they don't use people like us as human shields."
The Coup in the Kremlin (Foreign Affairs) Putin and the security services have captured the Russian state.
Vladimir Putin’s WWII victory cult is a recipe for international aggression (Atlantic Council) Vladimir Putin has transformed Russia's traditional Victory Day commemorations marking the defeat of Nazi Germany into a nationalistic celebration of militarism that helps justify Moscow's war of aggression in Ukraine.
Putin’s Perilous Imperial Dream (Foreign Affairs) Why empires and nativism don’t mix
Belarus dictator: Putin’s Ukraine invasion is not going according to plan (Atlantic Council) In a new Associated Press interview, Belarus dictator Alyaksandr Lukashenka has declared that the Russian invasion of Ukraine is not going according to plan and should be brought to an end as soon as possible.
Putin "realizes he's not going to win this war"—Retired Lt. General (Newsweek) Mike Pence's former national security adviser Keith Kellogg said Putin may be looking for "a way out of this thing."
Viewpoint: Putin now faces only different kinds of defeat (BBC News) Russia's Victory Day parade won't represent any sort of victory over Ukraine, writes defence analyst Michael Clarke.
Can Ukraine’s Military Keep Winning? (Foreign Affairs) As the Kremlin’s strategy shifts, so must Kyiv’s.
On possible nuclear strike, Russia says: it's all in our military doctrine (Reuters) Asked if Russia would rule out a preemptive tactical nuclear strike on Ukraine, Russia's deputy foreign minister said on Tuesday that a decision on the possible use of nuclear weapons was clearly set out in Russia's military doctrine, RIA reported.
Ukraine death toll 'thousands higher' than reported, U.N. rights official says (Reuters) Thousands more civilians have been killed in Ukraine during nearly 11 weeks of war there than the official U.N. death toll of 3,381, the head of the U.N. Human Rights Monitoring Mission for the country said on Tuesday.
Database of 231 videos exposes the horrors of war in Ukraine (Washington Post) Russia’s invasion of Ukraine is one of the most documented wars ever. Citizens, public officials and soldiers have posted videos every day that show the dead bodies in neighborhoods, the trails of missiles streaking through the skies and the smoldering ruins of entire towns.
‘I didn’t believe stories of atrocities in Ukraine. But then I saw the photos’ (the Guardian) Based over the border in Poland, one rights activist tells of her shock at hearing accounts of rape and murder in Ukraine
Ukraine war: 'If this is true, then I am also a Nazi' (BBC News) Holocaust survivors in the Ukrainian city of Uman feel insulted by Russian claims to be fighting Nazis.
Opinion Now we see, with Putin, why Nuremberg-style Soviet trials were needed (Washington Post) Immediately after the fall of the Soviet Union in 1991, longtime Soviet dissident and human rights activist Vladimir Bukovsky called for a trial of the leaders of the Communist regime. Bukovsky argued that, just as the Nuremberg trials had demonstrated the connection between Nazi ideology and Hitler’s murderous reign, so too a public trial of Soviet rulers could demonstrate the inextricable link between Soviet communist ideology and the starvation, persecution, torture and death of many millions.
Trudeau says Canada backs Ukraine in seeking justice for Putin's 'heinous war crimes' (CBC) Prime Minister Justin Trudeau is in Ukraine on Sunday, meeting with Ukrainian President Volodymyr Zelensky and showing support for the embattled country.
Ahead of Victory Day pageantry, destruction and visits by dignitaries (Washington Post) First lady Jill Biden and Canadian Prime Minister Justin Trudeau are the latest to visit Ukraine
Russian cyber operations against Ukraine: Declaration by the High Representative on behalf of the European Union (European Council) The EU issued a declaration strongly condemning the malicious cyber activity conducted by the Russian Federation against Ukraine, which targeted the satellite KA-SAT network, operated by Viasat.
CERT-UA warns of malspam attacks distributing the Jester info stealer (Security Affairs) The Computer Emergency Response Team of Ukraine (CERT-UA) warns of attacks spreading info-stealing malware Jester Stealer. The Computer Emergency Response Team of Ukraine (CERT-UA) has detected malspam campaigns aimed at spreading an info-stealer called Jester Stealer. The malicious messages spotted by the Ukrainian CERT have the subject line “chemical attack” and contain a link to a […]
Mass Distribution of Self-Destructing Malware in Ukraine (BankInfoSecurity) The Ukrainian CERT has issued a statement saying that a "massive" Jester Stealer malware distribution campaign, designed to steal authentication data, is
Russian TV Schedules Hacked on Victory Day to Show Anti-War Messages (HackRead) Hackers targeted Russian television channels’ program names right before Vladimir Putin’s speech on Victory Day to commemorate the defeat of Nazi Germany by the Soviet Union in WWII.
Russian TV hacked to say ‘blood of Ukrainians is on your hands’ (The Telegraph) Cyber attack comes as Vladimir Putin presides over annual Victory Day parade in Moscow’s Red Square
China’s pro-Russia propaganda exposed by online activists (the Guardian) Mistranslations falsely blame Ukrainians for atrocities perpetrated by Russian forces against civilians
Biden told officials media reports about U.S. intel sharing with Ukraine are counterproductive (NBC News) One official said Biden conveyed that the leaks should stop.
Biden tells top national security officials leaks about intelligence sharing with Ukrainians must stop (CNN) President Joe Biden recently told his top national security officials that leaks about US intelligence sharing with Ukrainians aren't helpful and need to stop, according to an official familiar with the conversation.
US sending Ukraine electronic jamming gear in $150M package (C4ISRNet) The equipment will be siphoned from American defense stocks, marking the ninth drawdown for Ukraine since August 2021.
Biden Signs Bill To Accelerate Military Aid To Ukraine Using WWII-Era Lend-Lease Program (Forbes) In Ukraine, the U.S. is again employing a process it used to send arms to Great Britain and the Soviet Union during World War II while staying officially neutral.
Crucial NATO decisions expected in Finland, Sweden this week (AP NEWS) To join or not to join? The NATO question is coming to a head this week in Finland and Sweden where Russia’s invasion of Ukraine has shattered the long-held belief that remaining outside the military alliance was the best way to avoid trouble with their giant neighbor.
Hopes for EU ban on Russian oil despite Hungary comparing plan to ‘nuclear bomb’ (the Guardian) French minister says deal could come this week as Macron and Orbán try to break deadlock
Global Sanctions Dashboard: Russia and beyond (Atlantic Council) The Global Sanctions Dashboard aims to inform economic statecraft policies by analyzing sanctions globally and identifying trends across lists in partnership with Castellum.AI.
Russia admits it faces economic collapse over Putin’s war (The Telegraph) Russia's economy has plunged into its worst crisis for almost three decades as the country is battered by Western sanctions, a leaked copy of the Kremlin's own forecasts shows.
Sri Lanka on the Brink (Foreign Affairs) How the pandemic and war in Ukraine led to economic collapse.
Dell, Apple, Netflix face lawsuits for pulling services out of Russia (BleepingComputer) A Moscow Arbitration Court has reportedly seized almost $11 million belonging to Dell LLC after the company failed to provide paid-for services to a local system integrator.
Exclusive: Ukraine war spurs U.S. to ramp up security probe of software maker Kaspersky (Reuters) The Biden administration ramped up a national security probe into Russia's AO Kaspersky Lab antivirus software earlier this year amid heightened fears of Russian cyberattacks after Moscow invaded Ukraine, three people familiar with the matter told Reuters.
Attacks, Threats, and Vulnerabilities
Dirty Deeds Done Dirt Cheap: Russian RAT Offers Backdoor Bargains (BlackBerry) DCRat (also known as DarkCrystal RAT) is a commercial Russian backdoor sold predominantly on underground forums. It has a range of nefarious abilities, including surveillance, reconnaissance, information theft, and DDoS attacks, as well as dynamic code execution in a variety of different languages.
Beware: This cheap and 'homemade' malware is surprisingly effective (ZDNet) DCRat malware targets Windows devices. And it's cheap and popular, which makes it a problem.
REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence (Secureworks) Updated samples indicate access to original source code and active development, signaling that GOLD SOUTHFIELD has resumed operations.
CyRC Vulnerability Advisory: Reflected cross-site scripting in Black Duck Hub (Synopsys) CVE-2022-30278 is a reflected cross-site scripting (XSS) vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files.
Hackers are now hiding malware in Windows Event Logs (BleepingComputer) Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild.
Another Set of Joker Trojan-Laced Android Apps Resurfaces on Google Play Store (The Hacker News) A new set of trojanized apps spread via the Google Play Store has been observed distributing the notorious Joker malware on compromised Android phones
NFTs Emerge as the Next Enterprise Attack Vector (Dark Reading) Cybersecurity has to be a top priority as enterprises begin incorporating the use of nonfungible tokens into their business strategies, brand-awareness campaigns, and employee-communication efforts, experts say.
Ransomware hits global farm machinery giant AGCO (Register) John Deere rival says it may be days or 'potentially longer' before some production facilities are back in action
Hackers Hijacked Official Ferrari Subdomain to Host NFT Scam (HackRead) After the hijacking, hackers hosted the Mint Your Ferrari NFT scam on the luxury automaker’s official website.
DeFi protocol Fortress announces $3 million hack 'draining all funds' (The Record by Recorded Future) Decentralized Finance lending and credit protocol Fortress announced on Sunday that about $3 million worth of cryptocurrency was stolen during an “oracle manipulation attack.”
Victims of Horizon Actuarial data breach exceed 1M (SearchSecurity) Since the Horizon Actuarial data breach was first disclosed in March, the number of victims has increased to over 1 million individuals.
State Bar notifies 1,300 people identified in data breach (AP NEWS) The State Bar of California has begun notifying individuals whose names appeared in more than 322,000 confidential attorney discipline records published online in a massive data breach.
Cyber attack prompts security response by Oregon secretary of state (KTVZ) A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state's online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency's systems have not been hacked.
Trends
Malware Mayhem: Netskope Research Finds Sharp Increase in Phishing Downloads, as Cybercriminals Leverage SEO to Lure Victims (PR Newswire) Netskope, the leader in Security Service Edge (SSE) and Zero Trust, today published new research which found that phishing downloads saw a...
Cloud and Threat Report (Netskope) Download the latest Netskope Threat Labs Report for new cybersecurity research that highlights cloud threats, usage, and security trends.
Marketplace
Abnormal Security Raises $210 Million in Series C Funding Round (Wall Street Journal) Email security company Abnormal Security Corp. has raised $210 million in a Series C funding round led by Insight Partners.
YL Ventures Announces $400M Fifth Fund to Champion Israeli Cybersecurity Innovation (Business Wire) YL Ventures, the early-stage, cybersecurity-focused venture capital firm, today announced the launch of its new $400M fund, YLV V, bringing its total
The Purple Guys Announces Acquisition of Accelerate (Business Wire) The Purple Guys, a leading provider of managed IT services to small and mid-sized organizations, completed the acquisition of Accelerate, an Indianapo
Funding women-led cybersecurity startups: Where are we at? (Help Net Security) In this video for Help Net Security, Lisa Xu, CEO at NopSec, talks about the cybersecurity funding landscape and its lack of diversity.
Peter Thiel's surveillance firm thinks the world 'significantly underestimates' the risk of nuclear conflict in Europe. It wasn't the only eyebrow-raising quote in its shareholder letter (Fortune) Palantir Technologies CEO Alex Karp warned that the world "significantly underestimates the threat of nuclear conflict in Eastern Europe" in his latest letter to shareholders on Monday. The letter comes as shares of the company reached record lows Monday.
CyberGRX Redefines Third Party Cyber Risk Management with Unmatched Capabilities (Business Wire) CyberGRX announces significant customer and revenue growth from the first quarter of 2022, positioning the company for future growth and innovation.
Contract Award: Forcepoint Federal LLC Herndon (Virginia, was awarded a competitive) - $89,145,587 (Defense Daily) Forcepoint Federal LLC, Herndon, Virginia, was awarded a competitive, firm-fixed-price contract with a total cumulative face value of $89,145,587 for a user activity monitoring enterprise solution for the Department of Defense combatant commands and Fourth Estate agencies. The base period…
BNamericas - UK-based Sophos negotiates Brazil govt contr... (BNamericas.com) The cybersecurity group just activated local data operations, with services hosted on Amazon Web Services' local datacenter.
Radware Announces New Appointment to its Board of Directors (GlobeNewswire News Room) Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions,...
Products, Services, and Solutions
GuidePoint Security Launches GuidePoint Security University (GPSU) to Address the Cybersecurity Skills Gap (GuidePoint Security) Cybersecurity Solution Provider’s Training and Development Pipeline is Designed to Help Develop and Advance Cybersecurity Skills
Kroll Partners with Armis to Extend Preparedness and Response (Kroll) Kroll partners with Armis, to expand Kroll’s cyber preparedness and response services for operational technology (OT) and industrial control systems (ICS) to secure clients far beyond the traditional endpoint. Read more.
SecZetta and SailPoint Expand Identity Security Support for Large and Complex Populations of Non-Employees (Business Wire) SecZetta, the leading provider of third-party identity management solutions, and SailPoint, the leader in identity security for the modern enterprise,
eSentire Introduces e3 Partner ecosystem Transforming How Value Is… (eSentire) Learn what the e3 ecosystem is, what it means to be an e3 ecosystem partner and how you can apply today.
Technologies, Techniques, and Standards
SHIELDS UP in bite sized chunks (The Hacker News) The Cybersecurity and Infrastructure Security Agency (CISA) provides guidance to US federal agencies in their fight against cybercrime.
What Is The CCPA? Here’s How To Comply (Forbes Advisor) The CCPA is a privacy law enacted in 2018 by the state of California to regulate the way businesses all over the world can collect, use and share the personal information of California residents. Irrespective of where you are located or operate, if you have consumers in California, you must know abo
Here are Federal Agencies' Steps to IOT Adoption (Government CIO) Connected capabilities can improve mission activities, but requires the right infrastructure, security and governance.
Litigation Minute: Creating an Incident Response Plan Data Breach Series: Part One of Three (The National Law Review) Reported incidents of data breaches have reached record levels over the last two years.1 Given this undeniable reality, a data security incident respo
Tabletop exercises to put CMMC 2.0 through the paces (Federal News Network) As part of the Cybersecurity Maturity Model Certification exercise, DoD will figure out which data under Level 2 will require self-assessments and which will require third-party assessments.
How the Colonial pipeline hack galvanized a nation at risk (E&E News) The attack on the 5,500-mile pipeline that shut down gasoline shipments to the East Coast a year ago was a turning point for U.S. cybersecurity policy.
Design and Innovation
OpenSSF Announces 15 New Members To Further Strengthen Open Source Software Supply Chain Security (PR Newswire) The Open Source Security Foundation (OpenSSF) a cross-industry organization hosted at the Linux Foundation that brings together the world's...
Academia
Lincoln College to close after 157 years due ransomware attack (BleepingComputer) Lincoln College, a liberal-arts school from rural Illinois, says it will close its doors later this month, 157 years since it was founded and following a hard hit on its finances after the COVID-19 pandemic and a recent ransomware attack.
A Predominantly Black College Is Closing Due to a Ransomware Attack (Gizmodo) Lincoln College, established in 1865, announced that it will be closing its doors because of a cascade of problems brought on by a recent cyberattack.
'A tragedy': Closure of 150-year-old college underscores toll of ransomware attacks (NBC News) Lincoln College, which broke ground in 1865, is one of only a handful of rural American colleges that qualify as predominantly Black institutions by the Department of Education.
NSA recognizes Codebreaker challenger winners in ceremony shedding light on cybersecurity (National Security Agency/Central Security Service) In recognition of Georgia Tech
Legislation, Policy, and Regulation
Spain fires intelligence chief amid phone hacking scandals (Washington Post) Spain’s government fired the director of the country’s top intelligence agency Tuesday following the hacking of politicians’ cellphones, including the devices of the prime minister and several supporters of the Catalonia region’s secession.
Costa Rica declares national emergency after Conti ransomware attacks (BleepingComputer) The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies.
Tech trade group comes out against Indian cybersecurity law over reporting mandate (The Record by Recorded Future) One of the world’s biggest technology trade groups has come out against a new directive from the Indian government mandating companies report cybersecurity incidents to CERT-IN within six hours of an incident.
Biden Signs Metrics Bill to Combat Cybercrime into Law (Virtualization Review) President Joe Biden signed into law the Better Cybercrime Metrics Act, enlisting the FBI and other government agencies to spearhead a metrics reporting initiative.
Biden signs cybercrime tracking bill into law (Register) All part of a larger push by the Feds to improve cybersecurity reporting
First on CNN: White House bolsters cyber office with hires from Microsoft and CIA (CNN) The Biden administration is building out a nascent White House office for strengthening federal cybersecurity policy and strategy by hiring a prominent Microsoft executive and a former CIA official, multiple people familiar with the matter told CNN.
US Brings Back Cyber Team to Combat Possible Election Meddling (Data Center Knowledge) The effort comes amid warnings from U.S. officials that Russia could seek to sway voters during the midterms.
The development of cyber warfare in the US – part 7 (Israel Defense) This chapter focuses on major contracts awarded by the DoD to various cyber companies, whose products serve to place the US as the international race winner
Public Company Cybersecurity; Proposed Rules (US Securities and Exchange Commission) The Securities and Exchange Commission proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies (“registrants”) that are subject to the reporting requirements of the Securities Exchange Act of 1934.
Proposed Rule: Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure File Number S7-09-22 (ACLI) Dear Ms. Countryman, Thank you for the opportunity to provide comments to the Securities and Exchange Commission (“SEC”) on the Proposed Rules for public companies regarding cybersecurity requirements. We previously submitted comments on the recent proposal related to Advisors, and many of the points we raised in that comment letter are relevant to this Proposed Rule as well. We will be brief in this letter and limit comments to a few items relevant to both proposals we deem of most importance, plus several items introduced in the Proposed Rule for public companies
File Number S7-09-22 (BSA) Dear Ms. Countryman: BSA | The Software Alliance (“BSA”) appreciates the opportunity to provide the below comments to the Securities and Exchange Commission’s (“Commission” or “SEC”) Proposed Rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (“Proposed Rule”).1
FILE NUMBER S7-09-22 — COMMENTS ON CYBERSECURITY RISK MANAGEMENT, STRATEGY, GOVERNANCE, AND INCIDENT DISCLOSURE (Digital Directors Network) Ladies and Gentlemen of the Commission, We are pleased to provide our comments on the proposed rules referenced in FILE NUMBER S7-09-22.
Idaho maps out cybersecurity strategy (GCN) Successful defense against cybersecurity threats will require more resources, partnerships and meaningful information-sharing between public and private sector organizations, a new report says.
Silicon Valley rallies behind New York ban on geofence and keyword search warrants (TechCrunch) Eleven tech giants, including Google, Microsoft and Yahoo, support the state bill to ban the controversial warrants.
Litigation, Investigation, and Law Enforcement
Regulator Proposes $1 Million Fine for Colonial Pipeline One Year After Cyberattack (SecurityWeek) One year after the ransomware attack, the US Department of Transportation has proposed a fine of nearly $1 million to Colonial Pipeline over control room management failures.
Cybersecurity and Individual Liability: ‘U.S. v. Sullivan’ and the Criminalization of a Cyber Attack Response (New York Law Journal) The prosecution of Sullivan cuts against the grain of prevailing regulation.
OPM Data Breach Victims Could Share $63M In Proposed Deal (Law360) Current, former and prospective government workers who can show economic harm stemming from the notorious 2015 cyberattack on the U.S. Office of Personnel Management would split $63 million under terms of a proposed settlement filed in D.C. federal court.
Class action lawsuit alleges NorCal health care provider’s negligence led to data breach (Times-Standard) On Thursday, a Eureka-based law firm filed a class-action lawsuit against a Northern California healthcare provider, accusing it of failing to protect sensitive user data and neglecting to disclose…
Data Breach Results in Lawsuit Against Actuarial Firm (PLANSPONSOR) The plaintiff suggests an actuarial and administrative services firm did not take sufficient care to protect certain clients’ personally identifiable information.
Americold Logistics Will Fight Data Breach Suit in Federal Court (Bloomberg Law) Americold Logistics LLC will be allowed to face a lawsuit over a data breach in federal court in Illinois, after a judge rejected an affected employee’s motion to remand the case back to state court.
Clearview AI to stop selling facial recognition tool to private firms (Washington Post) Clearview AI has agreed to stop providing its facial recognition software to private businesses in the United States.
Clearview AI agrees to block US commercial access to its facial recognition database (The Record by Recorded Future) The agreement submitted to an Illinois state court mostly applies to private businesses. Clearview AI also has many government customers.