Dateline Moscow and Kyiv: Drone strikes continue through the New Year Holiday.
Ukraine at D+312: Shortages and deep strikes. (CyberWire) Russia and Ukraine exchange missile strikes, Russia's hitting cities, Ukraine's hitting barracks.
Ukraine at D+309: Year-end strikes. (CyberWire) Russian strikes against Ukrainian cities mark the close of 2022.
Ukraine at D+308: Diplomacy and a winter war. (CyberWire) A winter war may not necessarily develop in Russia's favor.
Ukraine at D+306: Negotiation as false light. (CyberWire) Ukraine continues to push, slowly, against Russian lines in Luhansk, and to conduct cross-border strikes against Russian air bases.
Moscow says Ukrainian rocket strike kills 63 Russian troops (AP NEWS) Ukrainian forces fired rockets at a facility in the eastern Donetsk region where Russian soldiers were stationed, killing 63 of them, Russia’s defense ministry said Monday, in one of the deadliest attacks on the Kremlin’s forces since the war began more than 10 months ago.
Russia-Ukraine War: Russia Admits Dozens of Its Soldiers Are Killed in Ukrainian Strike in East (New York Times) Russia said it lost 63 soldiers, while Ukraine claimed that 400 Russians were killed. Even the lower toll would represent one of Moscow’s biggest losses in a single strike.
‘Hundreds’ killed as Ukrainian Himars flatten Russian barracks (The Telegraph) Early estimates suggest the New Year’s Eve attack in Makiivka could be Moscow’s largest single loss of life since the start of the war
Mobile phone data leads Ukraine to Russian barracks (The Telegraph) Ukraine launched its deadly missile strike on a Russian barracks after tracking soldiers to the location through their mobile phone signals.
Russia, shaken by Ukrainian strike, said mulling more drones (AP NEWS) Russia is preparing to step up its attacks on Ukraine using Iranian-made exploding drones, according to Ukraine's president, as Moscow looks for ways to keep up the pressure on Kyiv after a Ukrainian attack killed at least 63 Russian soldiers in the latest battlefield setback for the Kremlin’s war strategy.
Ukraine war live: Strikes will go 'deeper and deeper' inside Russia, says Ukraine
(The Telegraph) Strikes inside Russia will go “deeper and deeper”, said the head of Ukrainian military intelligence.
Drone attack on Kyiv after air alerts issued across eastern Ukraine (the Guardian) One person injured by debris according to city’s mayor, after Russian strikes in early hours of Monday
Russian claims its missile attacks are targeting drone production while Zelenskiy vows to keep up fight – as it happened (the Guardian) Ukraine president says his only wish for 2023 is victory
Ukraine Latest: Russia Launches Strikes on Kyiv; Prisoner Swap (Bloomberg) Russia launched a wave of missile and drone strikes in Ukraine on New Year’s Eve, hitting a number of residential and other civilian targets. At least one person was killed in Kyiv.
Leader Loss: Russian Junior Officer Casualties (CEPA) Russian losses in their war against Ukraine have been high, but the deaths of junior officers are especially painful.
Russia-Ukraine war live: Ukraine claims Putin considering closing Russian border; Kyiv hit by missile strikes (the Guardian) Ukrainian minister tells Russians that Putin is set to begin a new round of troop mobilisations
Russia-Ukraine war: List of key events, day 310 (Al Jazeera) As the Russia-Ukraine war enters its 310th day, we take a look at the main developments.
‘Senseless barbarism’: Russian missiles target Ukraine’s cities (Al Jazeera) Explosions rock Kyiv as Moscow launches wave of attacks stretching from Kharkiv in the east to Lviv in the west.
Russia launches one of its biggest missile barrages ahead of New Year's Eve. But Ukrainians say celebrations will go on (CNN) Explosions rattled villages and cities across Ukraine on Thursday, damaging civilian infrastructure and killing at least three people in what Kyiv has called one of Moscow's biggest missile barrages since the war began in February.
Kherson hit by 33 rockets in single day as Russian tanks close in (The Telegraph) Hundreds of civilians forced to flee as Putin's troops pummel civilian targets including maternity ward
Russia hits key infrastructure with missiles across Ukraine (AP NEWS) Russian missiles hit Ukraine Thursday in the biggest wave of strikes in weeks, damaging power stations and other critical infrastructure during freezing winter weather. Russia fired 69 missiles at energy facilities and Ukrainian forces shot down 54, Ukrainian military chief Gen.
Russia-Ukraine war latest: Bakhmut 'covered in blood' amid 'terrible roar' of Russian artillery (The Telegraph) There are "only a few civilians" left in the eastern frontline town of Bakhmut, said Ukrainian President Volodymyr Zelensky, where fierce fighting has raged for months and left it "covered with blood".
Russia 'burning through artillery ammo faster than it can replace it' (The Telegraph) Russian forces will struggle to keep pace with its frontline operation as artillery ammunition stocks are running low and threaten to halt the country’s military campaign.
Russia-Ukraine war: List of key events, day 309 (Al Jazeera) As the Russia-Ukraine war enters its 309th day, we take a look at the main developments.
Putin, Xi vow closer ties as Russia bombards Ukraine again (AP NEWS) Russian President Vladimir Putin and Chinese leader Xi Jinping vowed Friday to deepen their bilateral cooperation against the backdrop of Moscow’s 10-month war in Ukraine , which weathered another night of drone and rocket attacks following a large-scale missile bombardment.
Putin 'must be tried for war crimes' as soon as possible (The Telegraph) British international prosecutor Sir Geoffrey Nice called the Russian president a 'guilty man'
The West must not be tempted to negotiate with Vladimir Putin (The Telegraph) His disastrous war in Ukraine means his regime contains the seeds of its own demise. Stand firm, and in time it will crumble
Western weakness could still allow Putin to snatch victory from the jaws of defeat (The Telegraph) This is a decisive year for Ukraine, and whether the West can show Russia, China and Iran the strength of its resolve
Ukraine's intel rep on explosions at Russian airfield in Engels: similar incidents likely to continue (Interfax-Ukraine) Andriy Yusov, representative of the Main Intelligence Agency of the Ukrainian Defense Ministry, believes that explosions like the one that occurred this week at the Russian airfield in Engels will continue on the Russian territory.
Putin nearly won Ukraine war before military plans fell apart: Danish intel (Newsweek) Vladimir Putin's poor decision-making is to blame for Russian losses, according to Denmark's head of Russia intelligence.
The battle for Kyiv revisited: the litany of mistakes that cost Russia a quick win (the Guardian) Moscow completely misjudged Ukraine, issuing some invading soldiers with parade dress to march down Kyiv’s main street
Opinion | Never have I been so thankful to be wrong about a war (NBC News) Never have I been so thankful to be wrong about a war.
Russia-Ukraine War: Ukraine Pushes to Recapture City in Hotly Contested Northern Luhansk (New York Times) Kyiv’s campaign to take back Kreminna began in the autumn. Russia controls most of the Luhansk region, one of four it illegally annexed in October.
Russia-Ukraine war: List of key events, day 307 (Al Jazeera) As the Russia-Ukraine war enters its 307th day, we take a look at the main developments.
Explosions rock Kyiv on New Year's Eve (The Telegraph) At least one person has been killed amid several explosions in Kyiv after Russia fired a new missile barrage on New Year's Eve.
Evidence of Russian crimes mounts as war in Ukraine drags on (AP NEWS) Ten months into Russia’s latest invasion of Ukraine, overwhelming evidence shows the Kremlin’s troops have waged total war, with disregard for international laws governing the treatment of civilians and conduct on the battlefield.
Ukraine Sets Sights on Retaking Key Eastern City (Wall Street Journal) Taking Kreminna could mark a breakthrough for Ukraine’s efforts to dislodge the Russian occupation of its east.
The Bravery and the Recklessness of Ukraine’s Improvised Army (Wall Street Journal) Helping repel the Russian invasion are army units with limited military experience. The question for their country is whether they can stay alive long enough to succeed.
Ukraine probing 58,000 crimes against Russian soldiers, from indiscriminate bombings to sexual assaults (SFX) Reports by The Associated Press (AP) and Frontline independently identified more than 600 cases indicating violations of the laws of war. Ukraine probing 58,000 crimes against Russian soldiers Image Credit source: AP/PTI In the midst of the 10-month-long war in Ukraine, there is ample evidence that Russian troops are waging a full-scale war, flouting international […]
‘Nothing left to destroy’: Russia is fighting for land already in ruins (Washington Post) Tamara Klimashenko stood in what was once her cherished flower garden and pulled out her phone to show photos of the peonies, petunias and chamomiles that once covered this patch of dirt now littered with shrapnel.
Ukraine gives all-clear after air-raid alarms (Reuters) Air raid sirens wailed in Kyiv and across all Ukrainian regions on Sunday morning but no new Russian attacks were reported, officials said. The all-clear was later given.
Russia says it shot down Ukrainian drone near airbase (AP NEWS) The Russian military reported Monday that it shot down a Ukrainian drone approaching an airbase deep inside Russia, the second time the facility has been targeted this month — again revealing weaknesses in Russia's air defenses.
Russian Air Base Is Attacked, as Ukraine Discounts Escalation Threat (New York Times) Russia said falling wreckage from a Ukrainian drone had killed three servicemen at the base, some 300 miles from Ukraine, which would be the third such long-range attack this month.
Inside the Ukrainian counteroffensive that shocked Putin and reshaped the war (Washington Post) After weeks of fighting for scraps of territory on the war’s bloodiest front, Oleh, a 21-year-old Ukrainian company commander, was summoned suddenly last August, along with thousands of other soldiers, to an obscure rendezvous point in the Kharkiv region.
The Case for Taking Crimea (Foreign Affairs) Why Ukraine can—and should—liberate the province.
Ukraine war: Five ways conflict could go in 2023 (BBC News) As the conflict enters its second calendar year, experts predict what could happen on the ground.
Belarus says it downed Ukraine air defence missile (BBC News) Belarus summoned the Ukrainian ambassador, after saying it shot down an air defence missile.
Belarus summons Ukrainian ambassador after shooting down missile (The Telegraph) A Belarusian military source downplayed the incident but the country’s president demanded an immediate investigation
Russia-Ukraine war: 'Ukrainian missile' hits Belarus amid heavy Russian bombardment (The Telegraph) Belarus claimed to have shot down a missile launched from Ukraine, amid a massive wave of Russian attacks on Ukrainian cities.
Moldova Intel: Russia Could Invade Moldova (VOA) Moldovan intelligence points to new offensive aimed at linking Russian forces in Ukraine and Moldova
Russian police hunt armed convicts who fled mercenary training camp (The Telegraph) Locals told to be vigilant after six former prisoners escape a military boot camp run by the Wagner Group
Biden administration working to halt Iran from delivering drones to Russia (The Hill) The Biden administration is reportedly working to curb Iran’s ability to deliver drones to Russian troops for use in Ukraine by expanding efforts to choke Tehran’s production of the unm…
Lithuania buys Switchblade 600 drones (Defense News) Lithuania has become the first European NATO member to order the kamikaze drone.
Minister: Ukraine aims to develop air-to-air combat drones (AP NEWS) Ukraine has bought some 1,400 drones, mostly for reconnaissance, and plans to develop combat models that can attack the exploding drones Russia has used during its invasion of the country, according to the Ukrainian government minister in charge of technology.
Ukraine-Russia war latest: Ukraine's Patriot missile system to be rushed into service in 'special US plan' (The Telegraph) Ukraine’s new Patriot missile defence system will be operational within six months - half the time it usually takes to train a crew to use it, the country’s foreign minister has said.
Downed Russian jets ‘almost all’ taken out by Kremlin's own air defence (The Telegraph) Communication breakdown among Moscow's forces in Ukraine led to a number of 'friendly fire' incidents, claim bloggers
Russia-Ukraine war latest: Putin says Russia will destroy US Patriot missiles (The Telegraph) Vladimir Putin said he was "100 percent" confident that his forces would destroy the Pentagon's most advanced air defence system that US President Joe Biden has promised to send to Ukraine.
How Sumy’s residents kept Russian forces out of their city (the Guardian) Locals joined territorial defence forces when Russia invaded – and managed to hold the city despite being encircled
Russia-Ukraine war: General behind failed capture of Kyiv sent to lead eastern front (The Telegraph) Russian President Vladimir Putin has said he expects his "dear friend" and Chinese counterpart Xi Jinping to make a state visit in the spring, adding that he wants to ramp up military cooperation.
French defense chief visits Ukraine, pledges more support (AP NEWS) France's defense minister on Wednesday pledged further military support for Ukraine, insisting his government's backing is unflagging while efforts are also being made with Moscow to reach an eventual negotiated end to Russia's invasion .
Vladimir Putin says Russia is ready to negotiate over Ukraine (The Telegraph) Russian leader uses Christmas Day address to claim West is preventing talks as Pope Francis urges end to the ‘senseless’ war
Russia’s proposals on Ukraine’s demilitarization should be better accepted — Lavrov (TASS) The enemy is well aware of proposals on the demilitarization and denazification of the Kiev regime’s controlled territories, Russian Foreign Minister said
Russia Says Ukraine Must Surrender Even as Putin’s Army Retreats (Bloomberg) Lavrov says Ukraine’s capitulation is for its own good. Ukraine’s army has pushed Russian troops back in recent months.
Lavrov: Ukraine must demilitarize or Russia will do it (AP NEWS) Russian Foreign Minister Sergey Lavrov on Tuesday warned that Ukraine must meet Moscow’s demand for “demilitarization” and “denazification,” as well as the removal of the military threat to Russia, otherwise “the Russian army (will) solve the issue.”
The AP Interview: Ukraine FM aims for February peace summit (AP NEWS) Ukraine’s foreign minister said Monday that his nation wants a summit to end the war but he doesn’t anticipate Russia taking part, a statement making it hard to foresee the devastating invasion ending soon.
Hard-Line Positions by Russia and Ukraine Dim Hope for Peace Talks (New York Times) Both Moscow and Kyiv say they are ready to talk, but their terms for sitting down at a negotiating table suggest otherwise.
Putin, unaccustomed to losing, is increasingly isolated as war falters (Washington Post) A new gulf is emerging between the president and much of the country’s elite
The ‘devil on Putin’s shoulder’ who could be the next Russian president (The Telegraph) Could Nikolai Patrushev be the man to sit down for peace negotiations with Ukraine in 2023?
Russia expected to replace general with commander of failed Kyiv invasion (The Telegraph) Britain’s MoD suggests Lieutenant General Yevgeniy Nikiforov’s takeover of command will unlikely improve Moscow's defence in Luhansk region
Russia’s New Winter War (Foreign Affairs) Could Putin go the way of Napoleon and Hitler?
The revenge of history in Ukraine: year of war has shaken up world order (the Guardian) A shared sense of national history is proving to be a crucial weapon, spurring on Ukraine resistance and Russian soldiers
The Cold War Never Ended (Foreign Affairs) Ukraine, the China challenge, and the revival of the West.
What should Eurasian security look like after the Russia-Ukraine war? (The Hill) In Ukrainian President Volodymyr Zelensky’s address to a joint session of Congress, he stated: “Your money is not charity. It is an investment in global security and democracy.” The immediate inves…
Why Germany Has Learned the Wrong Lessons From History (Foreign Policy) On Russia and Ukraine, Germans remain wedded to historical and geopolitical delusions.
Russia goes to war but Ukrainian resistance wins hearts and minds: 2022 in Review (Breaking Defense) From Germany's defense investment to the coming expansion of NATO, Russia's invasion sent paradigm-shifting shock waves through Europe.
Russian cyberattacks (Special Services) With the ongoing war in Ukraine, in the Polish cyberspace, there are more and more occurrences classified as computer incidents, including attacks perpetrated by Russian hackers. This is a response of the Russian Federation to the Poland’s support provided to Ukraine and an attempt to destabilise the situation in our country.
Poland warns of pro-Kremlin cyberattacks aimed at destabilization (The Record by Recorded Future) Poland’s security agency said on Friday that the country has been a "constant target" of pro-Russian hackers since the start of the war between Russia and Ukraine.
Russia’s Cyberwar Foreshadowed Deadly Attacks on Civilians (WIRED) The Kremlin’s aggression in Ukraine is following a dangerous playbook that began to unfold years ago.
Russia ‘killing for pleasure’ Zelensky tells world after market square missile attack (The Telegraph) Five people dead and fifty-eight injured in ‘absolute evil’ attack on centre of Kherson which was full of Christmas shoppers
Russian cyberattacks (Special Services) With the ongoing war in Ukraine, in the Polish cyberspace, there are more and more occurrences classified as computer incidents, including attacks perpetrated by Russian hackers. This is a response of the Russian Federation to the Poland’s support provided to Ukraine and an attempt to destabilise the situation in our country.
Russia 'hiding evidence of war crimes in rubble' as video shows theatre demolition (The Telegraph) The building in Mariupol was hit by an air strike in March with up to 600 people estimated to have been killed
Russia to arm warplanes with new hypersonic cruise missiles (The Telegraph) Russia is planning to equip its air force with new, air-launched hypersonic cruise missiles, the country's Interfax news agency has reported.
Putin Is Grasping for a Wonder Weapon, but Hypersonic Missiles Won't Help Russia (Military.com) Russian President Vladimir Putin has threatened to use hypersonic missiles against Ukraine. The Ukrainians are unimpressed, and we should not be surprised.
Ukraine-Russia war: Masked men throw sledgehammers at Finland's embassy in Moscow (The Telegraph) Sledgehammers were thrown into the Finnish embassy by a group of masked men prompting a plea to guarantee the safety of diplomatic staff.
How an Unusual Coalition Outfoxed China and Russia at the U.N. (Foreign Policy) The United Nations, thanks to a clever procedural revolt by small countries, is finally moving to close one of its last gaps on international law.
Pussy Riot song protests against war in Ukraine and calls for Putin to be prosecuted (the Guardian) The collective said Mama, Don’t Watch TV – a reference to the words of a captured Russian conscript soldier – rails against the Russian leader’s ‘bloodthirsty puppets’ and ‘war criminals’
Inside the monumental, stop-start effort to arm Ukraine (Washington Post) The U.S. supply of weapons has never been enough for Kyiv. But for Washington and the Pentagon, there are broader concerns.
It’s Costing Peanuts for the US to Defeat Russia (CEPA) The cost-benefit analysis of US support for Ukraine is incontrovertible. It’s producing wins at almost every level.
What Are JDAMs? And What Will They Do For Ukraine? (New York Times) The United States is giving satellite-guided bombs to Kyiv for the first time as part of a new $1.85 billion military aid package.
Want to Help Ukraine? Fund This U.S. Government Agency. (Foreign Policy) A little-known bureau in the Department of Commerce has the power to weaken Russia’s military via export controls.
For Ukraine, Hungary’s Orban is another problematic strongman next door (Washington Post) An authoritarian leader, known for suppressing political opposition and using his national press as his own mouthpiece, insists that Ukrainians who speak his language need protection and financial assistance, and he allows his government to issue passports, illegally, to Ukrainian citizens.
The global backlash against Vladimir Putin has rejuvenated democracy (The Telegraph) Authoritarian regimes were in the ascendancy at the start of the year. Russia's failures changed all that
Since the beginning of the year, the SSU has neutralized more than 4,500 cyber attacks on Ukraine (Odessa Journal) The Security Service successfully protects Ukraine's information and digital security in war conditions. Since the beginning of the year, more than 4.5
A Ukrainian Steals $25,000 In Bitcoin From Russian Dark Web Drug Market And Gives It To A Kyiv Charity (Forbes) Solaris drug market’s master wallet has been hacked and its funds diverted to a Ukrainian humanitarian charity.
Ukrainian Steals Bitcoin From Russian Darknet Market, Donates to Charity (Bitcoin News) A Ukrainian living in the U.S. has reportedly hacked a major drug market on the Russian dark web, diverting some of its crypto proceeds.
Ukraine shuts down fraudulent call center claiming 18,000 victims (BleepingComputer) A group of imposters operating out of a Ukrainian call center defrauded thousands of victims while pretending to be IT security employees at their banks and leading them to believe that attackers had gained access to their bank accounts.
Russian diplomacy warns about cyber-attacks from Ukraine (Prensa Latina) Moscow, Dec 28 (Prensa Latina) Deputy Foreign Minister Oleg Syromolotov warned about the use of Ukrainian territory for offensive operations and cyber attacks by the West against Russia.
Ukraine poses a cyber challenge to international community (Global Village Space) Russian Deputy Foreign Minister Oleg Syromolotov said, Ukraine poses a cyber weapons challenge to the international community.
Kaspersky uncovers what cyber confrontation looked like in 2022 (Yahoo Finance) As part of Kaspersky’s annual Security Bulletin prediction series, experts analyzed cyberspace activities relating to the Ukrainian crisis, observing their meaning in relation to the current conflict, and their impact on the cybersecurity field. The story of the year, prepared by Kaspersky researchers within annual Kaspersky Security Bulletin, tracks every stage of the armed conflict in Ukraine, the events that have taken place in the cyberspace and
Christopher Ahlberg on Recorded Future's Work to Aid Ukraine (BankInfo Security) Recorded Future has signed an agreement with Ukraine's Ministry of Digital Transformation to help protect the county's critical infrastructure against Russian
This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists (The Record by Recorded Future) The hacktivist group Cyber Partisans have developed a secure version of Telegram to protect political activists.
Russia jails first soldier who refused to go to war in Ukraine (The Telegraph) The court ruling has blindsided support groups which had advised a dismissal was the worst thing that could happen
Statue of Russian empress Catherine the Great torn down in Odesa (The Telegraph) Removal of the monument of the 18th-century ruler, who founded the city in 1794, marks a change in attitude towards Ukraine’s Soviet past
‘Wholly unremarkable’: the suburban couple in Sweden accused of spying for Russia (the Guardian) Pair suspected of illegally gathering intelligence against Sweden and US for more than a decade
Senior German Intelligence Officer May Have Compromised Ukraine Intel While Spying for Russia (Breitbart) German prosecutors say a high-ranking intelligence official charged with spying for Russia may have compromised intel on Ukraine.
Putin forced to slash oil output by half a million barrels a day (The Telegraph) Cuts threaten to drive oil prices higher
How Ukraine’s hospitals battled the nightmare of war – and even bettered the NHS (The Telegraph) Conflict sparked huge changes in healthcare system that resulted in more bed capacity than medics’ counterparts in the UK
How Russia’s War on Ukraine Is Worsening Global Starvation (New York Times) Moscow blocks most shipments from Ukraine, one of the world’s largest wheat producers, and its attacks on the country’s energy grid also disrupt the flow of food.
Putin Allows Foreign Gas Buyers to Pay Debts in Foreign Currency (Bloomberg) Russian President Vladimir Putin allowed natural-gas buyers from “unfriendly” countries to pay debts for fuel in foreign currency, partly lifting a requirement for ruble-only payments.
How to defeat Putin’s energy blackmail once and for all (The Telegraph) By focusing on renewables and nuclear power, Britain and Poland will help bring Europe out of the shade of Russian gas
Russian sausage tycoon who criticised Ukraine invasion falls to death from hotel window (The Telegraph) Pavel Antov, a member of Vladimir Putin’s United Russia party, is found lying in a pool of blood outside a luxury hotel in India
Former Russian army chief dies suddenly in Moscow (The Telegraph) Gen Alexei Maslov’s death came days after a navy official in charge of submarine building also passed suddenly
Exiled chief rabbi says Jews should leave Russia while they can (the Guardian) Exclusive: Pinchas Goldschmidt warns Jewish population will be made scapegoat for hardship caused by war
Russia to supply free sperm banks to troops fighting in Ukraine (Military Times) TASS reported that Russian troops will be eligible to freeze their sperm for free.
Thugs ‘pressure university’ to stop Vladimir Putin’s goddaughter being expelled (The Telegraph) Activists claim people linked to the family of Daria Medvedchuk took action after she faced expulsion for failing her exams
Attacks, Threats, and Vulnerabilities
North Korean Hackers Created 70 Fake Bank, Venture Capital Firm Domains (SecurityWeek) North Korea’s BlueNoroff hacking group is targeting banks and venture capital firms with new malware and updated delivery techniques.
BlueNoroff introduces new methods bypassing MoTW (SecureList) We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.
North Korean Hackers Are Posing As Venture Capitalists To Steal Crypto Assets: Security Firm (The Daily Hodl) A unit of the North Korean state-sponsored hacker Lazarus Group is impersonating financial and investment firms to steal crypto assets.
North Korean Hackers Pose As VC Firms And Banks To Steal Millions From Crypto Startups (Bitcoinist.com) North Korean hackers are taking it a notch higher by pretending to be venture capitalists to steal from cryptocurrency startups.
Kaspersky Forewarns of New Malware Scheme by Lazarus Group Affiliate BlueNoroff (Coinspeaker) Kaspersky recently reported that a Lazarus affiliate might enhance its sophisticated malware attacks on crypto startups in 2023.
North Korea carries out cyber attack on nearly 900 S Korean foreign policy experts: Report (Republic World) The South Korean National Police Agency has reported that North Korea has carried out cyberattacks on at least 892 foreign policy experts in South Korea.
Official: Cyberattack On Iranian Messaging Apps Foiled (Iran Front Page) The CEO of Iran’s Infrastructure Communications Company says the country has managed to foil a massive cyberattack on Iranian instant messaging apps.
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware (Trend Micro) We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to distribute IcedID via malvertising attacks.
PyTorch discloses malicious dependency chain compromise over holidays (BleepingComputer) PyTorch has identified a malicious dependency with the same name as the framework's 'torchtriton' library. This has led to a successful compromise via the dependency confusion attack vector.
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after all… (Naked Security) The crooks now know who you are, where you live, which computers are yours, where you go online… and they got those password vaults, too.
LastPass: Hackers Stole User Data and Encrypted Password Vaults (HackRead) Follow us on Twitter @HackRead - Facebook @ /HackRead
LastPass Says Password Vault Data Stolen in Data Breach (SecurityWeek) LastPass says hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.
What’s in a PR statement: LastPass breach explained (Almost Secure) The LastPass statement on their latest breach is full of omissions, half-truths and outright lies. I’m providing the necessary context for some of their claims.
LastPass hit by major data hack: what you need to know (Which?) The attack exposed users' information, but LastPass says a secure master
password should still offer protection
Yes, It’s Time to Ditch LastPass (WIRED) The password manager’s most recent data breach is so concerning, users need to take immediate steps to protect themselves.
Hacker Demands a $200K Ransom From Twitter After Stealing the Data of 400M Users (Spiceworks) An unknown hacker is trying to coerce Twitter into paying for the data of 400 million of its users to avoid a hefty GDPR fine.
Twitter in data-protection probe after '400 million' user details up for sale (BBC News) Politicians and celebrities are said to be affected but the scale of the data breach is unverified.
Social media giant hit by cyber attack as 400 million users’ data stolen, hacker claims (7NEWS) The cyber crook claims to be selling public and private data of hundreds of millions of Twitter users including celebrities.
Hacker claims to be selling Twitter data of 400 million users (BleepingComputer) A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale.
Anonymous Twitter User Leaks 3Commas API Database (CoinDesk) The leak comes after 3Commas repeatedly told users that they had been “phished” after widespread hacks.
3Commas Admits It Was Source of API Leak That Led to Hacks (Decrypt) Trading tool 3Commas has acknowledged it was the source of API leaks that led to an estimated $22 million worth of crypto being stolen.
3Commas API leak victims demand refunds and apology for 'gaslighting' (Cointelegraph) 3Commas admission has been met with strong pushback from the community, who had been warning the firm for months that an API leak had occurred.
LockBit claims an attack on the Port of Lisbon (Cybernews) The notorious cybergang LockBit posted the data stolen from the Portuguese port on their leak site.
Port of Lisbon website still down as LockBit gang claims cyberattack (The Record by Recorded Future) The website for the Port of Lisbon is still down days after officials told a local news outlet that they were dealing with a cyberattack.
LockBit ransomware used in attack on Ohio town’s court, police department and more (The Record by Recorded Future) The city of Mount Vernon, Ohio said its police department, municipal court and other government offices were affected by a ransomware attack.
Ransomware gang apologizes, gives SickKids hospital free decryptor (BleepingComputer) The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children (SickKids), saying one of its members violated rules by attacking the healthcare organization.
Ransomware group LockBit apologizes saying 'partner' was behind SickKids attack (CP24) A global ransomware operator issued an apology and offered to unlock the data targeted in a ransomware attack on Toronto’s Hospital for Sick Children, a move cybersecurity experts say is rare, if not unprecedented, for the infamous group.
Canadian copper mine suffers ransomware attack, shuts down mills (The Record by Recorded Future) A Canadian copper mine suffered a ransomware attack, forcing the company to switch to manual processes and shut down mills in response.
Ransomware gang cloned victim’s website to leak stolen data (BleepingComputer) The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim's site to publish stolen data on it.
BlackCat gang clones victim's website for data leak (Computing) The BlackCat ransomware gang has created a clone of a victim's website and uploaded stolen data to it as a new strategy to coerce and embarrass victims into paying up.
Data Breach: Toyota Kirloskar Motor Reports Data Breach System, Says ‘Extent of Intrusion Is Being Confirmed’ | LatestLY (LatestLY) In a statement, the company said it has been "notified by one of its service providers of an incident that might have exposed personal information" of some of its customers on the internet. Data Breach: Toyota Kirloskar Motor Reports Data Breach System, Says ‘Extent of Intrusion Is Being Confirmed’.
Toyota customer information leaked through a data breach (Team-BHP.com) A cyber attack on multiple Toyota Kirloskar Motor entities has exposed personal information of several customers.In an official statement released by Toyota, the carmaker confirmed the incident, stating ...
More Aussies told they’ve been caught up in hack months after major data leak (7NEWS) ‘Here I was thinking I’d escaped the Medibank breach.’
Bitcoin core developer claims to have lost 200+ BTC in hack (Cointelegraph) OG Bitcoin developer Luke Dashjr says he has no idea how his PGP key was compromised but shared a wallet address that appears to hold 216 of his stolen Bitcoin.
BTC.com lost $3 million worth of cryptocurrency in cyberattack (BleepingComputer) BTC.com, one of the world's largest cryptocurrency mining pools, announced it was the victim of a cyberattack that resulted in the theft of approximately $3 million worth of crypto assets belonging to both customers and the company.
Hackers steal $8 million from users running trojanized BitKeep apps (BleepingComputer) Multiple BitKeep crypto wallet users reported that their wallets were emptied during Christmas after hackers triggered transactions that didn't require verification.
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies (The Hacker News) BitKeep, a decentralized multi-chain crypto wallet, has confirmed a cyberattack that led to the distribution of fraudulent versions of its Android app
For Sale on eBay: A Military Database of Fingerprints and Iris Scans (New York Times) German security researchers studying biometric capture devices popular with the U.S. military got more than they expected for $68 on eBay.
Cybercriminals create new methods to evade legacy DDoS defenses (Help Net Security) zAttackers will continue to make their mark in 2023 by trying to develop new ways to evade legacy DDoS defenses, according to Corero.
Ransomware groups bypass ProxyNotShell mitigations with new exploit (Cybersecurity Connect) A new exploit that allows bad actors to use Outlook Web Access to remotely run code on the Microsoft Exchange Server has been discovered by security researchers at Crowdstrike. Dubbed Outlook Web Acc
Royal ransomware claims attack on Intrado telecom provider (BleepingComputer) The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday.
Hackers accessed data on 270,000 patients from Louisiana hospital system in attempted ransomware attack (CNN) Hackers accessed the personal data of nearly 270,000 patients in an attempted ransomware attack on a Louisiana health care system in October, a spokesperson for the system told CNN Wednesday.
Personal data from 270,000 patients was leaked in Louisiana hospital cyberattack (The Record by Recorded Future) Social Security Numbers are among the data accessed by hackers during an October attack on Lake Charles Memorial Health System in Louisiana.
Ransomware attack at Louisiana hospital impacts 270,000 patients (BleepingComputer) The Lake Charles Memorial Health System (LCMHS) is sending out notices of a data breach affecting almost 270,000 people who have received care at one of its medical centers.
Files may have been stolen from Arkansas hospital during cyberattack (Becker's Hospital Review) Nashville, Ark. -based Howard Memorial Hospital reported hackers may have stolen files from its network during a cyberattack earlier this year.
NJ hospital sending patients away because of cybersecurity concern (New Jersey 101.5) A spokeswoman for CentraState Medical Center said the facility is experiencing some technical problems related to an IT security issue.
Music Service Deezer Admits Data Breach via Third Party, Possibly Affecting 200M+ Users (Restore Privacy) Deezer has informed its users via a post published last month that it has suffered a data breach via a third-party service provider.
Cyber attack halts operations at Lawrence County Recorder’s Office (WSAZ) “To this point, we don’t believe any of our files were compromised. So for the residents of Lawrence County, they don’t need to have any concern about their home deed or mortgage or whatever,” Lawrence County Recorder Sharon Gossett Hager said.
Lawrence County Recorder's Office operations halted after Christmas Day cyber attack (WSAZ) Lawrence County Recorder's Office operations halted after Christmas Day cyber attack
Hope College data breach 'scary to think about' for alum whose whole family may be at risk (WZZM13) The '03 grad told 13 ON YOUR SIDE that she, her mother, father and sister had all been notified by the College.
Toy maker Jakks Pacific reports cyberattack after multiple ransomware groups leak data (The Record by Recorded Future) Toy giant Jakks reported a cyberattack to the SEC after two different ransomware gangs posted stolen information to their leak site.
BetMGM Confirms Breach as Hackers Offer to Sell Data of 1.5 Million Customers (SecurityWeek) Online sports betting firm BetMGM has confirmed suffering a data breach as hackers have offered to sell a database containing the records of 1.5 million customers.
Louisville Metro Department of Corrections Data Security Incident (LouisvilleKY.gov Logo) The Louisville Metro Department of Corrections is committed to protecting the confidentiality and security of the personal information we maintain. We recently concluded an investigation involving a data security incident that involved the personal information of 73 individuals whom we have mailed a notification letter.
One of Bradford's biggest academy trusts is hit by cyber attack (Bradford Telegraph and Argus) Dixons Academies Trust – which runs 10 schools in the district and others elsewhere – has been hit by a cyber-attack.
EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer (SecurityWeek) As smartphone ear speakers become better, it’s getting easier to spy on users through the device’s built-in accelerometer, which doesn’t require any special permissions.
Cyber gang says it leaked sensitive personal data of Xavier students and employees (NOLA.com) Vice Society, which is known for targeting school systems and higher education institutions, made the claim on or around Dec. 20, according to Brett Callow, a threat analyst with cyber security firm Emsisoft who monitors ransomware attacks.
Arnold Clark hit with cyber attack as car firm 'back to 1970s' (HeraldScotland) The company confirmed a network issue affected both their computer and telephone systems over the festive weekend
Arnold Clark hit by 'cyber attack' leaving staff unable to access systems (The Scottish Sun) CAR dealership Arnold Clark was targeted by hackers in a devastating Christmas Eve cyber attack. The auto giants’ computer system was wiped meaning bosses feared they may have lost thousands of cus…
Arnorld Clark hit with cyber attack as car dealership apologises to customers (Yahoo Sports) The company confirmed a network issue affected both their computer and telephone systems over the festive weekend
QEH makes progress in recovery from cyber attack (Barbados Today) A gradual restoration of Internet-based activity and the eventual resumption of normal services at the Queen Elizabeth Hospital (QEH) is expected from next week as officials make progress in recovering from a cyber security attack earlier this month.
Cyber attack leaves 6 NC counties locked out of their online records (WRAL.com) They're responsible for keeping and protecting your most important records, but Thursday, a company that works with local governments across North Carolina has been paralyzed by a cyber attack with no end in sight.
Recorder's Office affected by cyber attack on vendor (Yahoo) The Ashtabula County Recorder's Office has been forced to return to old methods after a cyber attack on a service used by the office. County Recorder Barbara Schaab said she was informed that a vendor her office uses is down due to a cyber attack that took place on Christmas. "So my services, as far as any digital application, is out of service until they can isolate the threat," ...
Why Governments and Agencies Are Targeted by Cyber Attacks | A Deep Dive into the Motives (SentinelOne) From Russian wipers and Chinese-backed APTs to supply chain attacks and critical vulnerabilities, here's what SentinelLabs researchers discovered in 2022.
How cybercrime evolved in 2022 – and the lessons learned (Gadget) One of the key lessons learned in 2022 is how every layer of society can be affected by a cyber-attack, writes ANNA COLLARD, SVP of content strategy at KnowBe4.
Cybercriminals create new methods to evade legacy DDoS defenses (Help Net Security) zAttackers will continue to make their mark in 2023 by trying to develop new ways to evade legacy DDoS defenses, according to Corero.
Log4j2 vulnerability on year later: ‘It is still being exploited’ (IT World Canada) This month marks the one-year anniversary of the discovery of the Log4j2 vulnerability. Technically, it's a 2021 cybersecurity event. However IT and infosec leaders spent much of 2022 hunting for and patching applications using the buggy open-source logging library module. If they're smart, they'll keep doing it in 2023, says one expert. "Many CISOs may
Vulnerability Summary for the Week of December 19, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA.
Security Patches, Mitigations, and Software Updates
Netgear warns users to patch recently fixed WiFi router bug (BleepingComputer) Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible.
Netgear urges users to update popular router models to address vulnerability (The Record by Recorded Future) Netgear is urging users to update their devices to address CVE-2022-48196 – a vulnerability affecting several models of routers.
Ransomware impacts over 200 govt, edu, healthcare orgs in 2022 (BleepingComputer) Ransomware attacks in 2022 impacted more than 200 hundred larger organizations in the U.S. public sector in the government, educational, and healthcare verticals.
Hackers Had a Banner Year in 2022. U.S. Regulators Aim to Slow Them Down in 2023. (Wall Street Journal) Attacks against school districts, local governments, private companies and charities abounded throughout the year.
Hacktivism Is Back and Messier Than Ever (WIRED) Throughout 2022, geopolitics has given rise to a new wave of politically motivated attacks with an undercurrent of state-sponsored meddling.
The Best, The Worst and The Ugliest in Cybersecurity | 2022 Edition (SentinelOne) Before we ring in the New Year, SentinelOne reviews and reflects on some of the most formative cyber news stories that occurred in 2022.
2023 State of Security (Forcepoint) Learn which cybersecurity initiatives are the top focus for your colleagues in Forcepoint's 2023 State of Security Report.
Executives are to blame for cyber breaches, says Australians (CyberSecurity Connect) Australians are demanding company executives be held responsible for data breaches, according to new research from Palo Alto Networks. Findings revealed that 50 per cent of Aussies believed that tho
Will the Crypto Crash Impact Cybersecurity in 2023? Maybe. (Dark Reading) Will the bottom falling out of the cryptocurrency market have a profound impact on cybercriminal tactics and business models? Experts weigh in on what to expect.
Don’t be a cyber hoarder: Survey says you’re upping stress, anxiety, risks (WRAL TechWire) We asked 1,000 Americans about their digital habits and how they manage digital clutter and found that a majority of respondents (62%) feel stress or anxiety due to the sheer number of digital files they have. Cyber hoarding can also manifest in slower internet speeds and increased cybersecurity risks.
Ukraine War and Upcoming SEC Rules Push Boards to Sharpen Cyber Oversight (Wall Street Journal) A communications gap between directors and security chiefs hampers corporate governance, experts say.
Startups End a Bruising 2022, Stare Down Another Challenging Year (Wall Street Journal) Startups had a dismal year in 2022, from plummeting investment to scarce public listings, and data point to a 2023 that could be even more difficult.
December's M&A News Roundup (Infosecurity Magazine) Although December saw a few significant deals in the cybersecurity industry, buyers and sellers remained cagey regarding the money involved
New Year's Surprise: Cybersecurity M&A, Funding Activity Snowballs in Q4 (Dark Reading) Concerns about recessionary trends impacting the cybersecurity sector in 2022 remained largely unfounded in Q4, as investment activity surged after a Q3 slowdown.
Johnson Controls Acquires CDS Integrated Security Systems And Gem Security Services For Intelligent Business Protection (Security Informed) Johnson Controls, the pioneer for smart, healthy, and sustainable buildings, announced the acquisition of CDS Integrated Security Systems and Gem Security Services, a Welsh-born pioneer systems integrator delivering Intelligent Business Protection solutions.
Airbus in talks to acquire minority stake in Atos' cybersecurity business - SiliconANGLE (SiliconANGLE) Airbus in talks to acquire minority stake in Atos' cybersecurity business - SiliconANGLE
Hexagon AB Acquires Qognify (American Security Today) Hexagon AB Acquires Qognify and Gallagher Command Centre PIV takes Platinum in 2022 'ASTORS' Homeland Security Awards
Netwrix Acquires Remediant for PAM Technology (SecurityWeek) Data security software vendor Netwrix has acquired Remediant, an early-stage startup building PAM (privileged access management) technology.
Zscaler Joining CISA’s Joint Cyber Defense Collaborative (Meritalk) Cloud security provider Zscaler said this week that it has joined the Joint Cyber Defense Collaborative (JCDC), which was created last year by the Cybersecurity and Infrastructure Security Agency (CISA) to unify the efforts of cyber defenders from organizations around the world.
WISeKey Releases CEO Letter to Shareholders (GlobeNewswire News Room) WISeKey Releases CEO Letter to Shareholders Geneva, Switzerland – December 30, 2022: WISeKey International Holding Ltd. (“WISeKey”) (SIX: WIHN, NASDAQ:...
As cyber risk intensifies, insurers must offer a better market to companies in need of protection (CityAM) From rising inflation to Russia’s invasion of Ukraine, this year has yet again demonstrated the domino effect that occurs following a crisis, and the
‘A new playbook is being written’: why Silicon Valley is applauding Elon Musk’s brutal crackdown at Twitter (Business Insider) Tech founders and investors tell Insider that Musk is inspiring them to rethink how they treat their employees.
Juniper Networks Grabbing Enterprise Market Share from Rivals (Channel Futures) Juniper has transformed its channel to chase enterprise market share and is winning deals against the likes of Cisco and Aruba with its AI technology
Musk May Have Found a Hardcore Leader for Twitter (The Information) Like many new dads, The Boring Company CEO Steve Davis spent the first few weeks of fatherhood sleeping near his partner and newborn. Unlike other new fathers, Davis and his family were sleeping in an office—a makeshift bedroom at Twitter’s San Francisco headquarters, where Davis has spent the ...
Twitter brings Elon Musk’s genius reputation crashing down to earth (Washington Post) Musk’s intense focus on his social media company purchase has devolved into the culture wars. Meanwhile, Tesla is tanking.
Mastodon Is Hurtling Toward a Tipping Point (WIRED) As the niche, decentralized social networking platform rises in popularity, it faces rising costs, culture shifts—and potential legal risks.
Products, Services, and Solutions
IBM Works With Cloud Security Alliance to Mitigate Systemic Risk in Financial Services Industry (ReadITQuik) IBM is now working with the Cloud Security Alliance to advance the security and risk management of cloud services in the financial industry.
Tantus Tech wins cybersecurity contract with USDA (Security Systems News) Tantus Technologies has announced that they’ve been awarded a Task Order to provide cybersecurity services to the Farm Service Agency (FSA), Natural Resources Conservation Service
Honeywell expands cybersecurity capabilities (Control Global) Honeywell released its operational technology cybersecurity solutions to help users defend the availability, reliability and safety of their industrial control systems and operations.
Folio Photonics to Showcase Advancements in First-Ever Enterprise-Scal (PRWeb) Folio Photonics today announced it will showcase how it is reenergizing data storage media innovation with the first-ever enterprise-scale, optical disc data
SentinelOne is VB100 Certified | Maximizing Protection Against the Evolving Threat Landscape (SentinelOne) Ensuring the Highest Levels of Accuracy and Reliability: How SentinelOne Earned VB100 Certification
SimSpace expands globally with commercial release of Cyber Force Platform used by US Cyber Command Elite Forces (ACE Times) To support rapid commercial growth and global expansion, SimSpace is expanding its executive leadership team and bolstering their offering by opening additional offices in the US, EMEA, and APAC
Keeper Security Asserts StateRAMP Certification (CIOReview) Keeper Security Asserts StateRAMP Certification By Cio Review - The Keeper Security Government Cloud platform meets stringent StateRAMP requirements for managing and protecting passwords,...
Enea Secures Order for Signaling Security in Mobile Networks from European Operator (Fast Mode) Enea has received an order for signaling security in mobile networks from a European telecom operator.
Technologies, Techniques, and Standards
Facing Flat Budgets, Kohler’s Cyber Chief Looks to Do More With What’s On Hand (Wall Street Journal) Price hikes by vendors make a flat budget smaller, while unfilled jobs remain an ongoing problem. Mandy Huth, Kohler’s VP of cybersecurity, has a plan.
Facial Recognition in Church? It's Happening Right Now (ChurchLeaders) I can see there could be positive uses for facial recognition in church, but I’ve also been surprised at how few conversations there have been about using it.
Design and Innovation
Exclusive: Twitter removes suicide prevention feature, says it's under revamp (Reuters) Twitter Inc removed a feature in the past few days that promoted suicide prevention hotlines and other safety resources to users looking up certain content, according to two people familiar with the matter who said it was ordered by new owner Elon Musk.
Research and Development
IARPA to Hold Proposer’s Day for ReSCIND Cyberpsychology-Informed Defense Program (Hstoday) ReSCIND seeks to augment traditional cyber defenses to help rebalance the asymmetry of cyber defense by imposing a cyber penalty on attackers.
Conscious Machines May Never Be Possible (WIRED) People won’t be saying “It’s conscious!” about an AI in 2023—no matter how smart it may seem.
AI assistants help developers produce code that's insecure (Register) At the same time, tools like Github Copilot and Facebook InCoder make developers believe their code is sound
Kaspersky awarded 100-plus patents in 2022 (ANI News) New Delhi [India], December 30 (ANI/Bloomingdale): The majority of Kaspersky inventions and innovations in 2022 were devoted to machine learning, cloud infrastructure, security information, event management (SIEM) and malware detection.
U of M faculty member Dipankar Dasgupta named a National Academy of Inventors Fellow (Memphis Inno) Read MBJ’s coverage of the University of Memphis’ research efforts, and you’ll see the name Dipankar Dasgupta, Ph.D., come up quite a bit.
SUNY Canton’s cybersecurity program is being backed by the NSA and DHS (WWNY TV) Every time you log onto your computer, there is always a risk of malware or a virus lurking online trying to gain as much information from users as possible.
Thales Australia extends partnership with Sydney University (ChannelLife Australia) The long-standing partnership to continue research and development of transformational solutions in aerospace, space, defence and digital security fields.
Legislation, Policy, and Regulation
Analysis | On Netanyahu Government's Agenda: Saving Israel's Cyber Edge (Haaretz) Israel's offensive cybercapabilities took a blow after U.S. sanctions, and the new defense minister will have to perform a delicate balancing act
Cyber Sovereignty: In Search of Definitions, Exploring Implications (ORF) The increasing dependence on the internet across the spectrum is pushing some states to adopt measures to exert their sovereignty over cyberspace. Certain global events have also acted as a catalyst for states to pursue cyber sovereignty.
Iran’s Internet Blackouts Are Sabotaging Its Own Economy (WIRED) A new US State Department assessment highlights the stark economic toll of Tehran’s recent shutdowns and platform control.
Why the US must view cyberspace as one battlespace (The Hill) The United States is at an inflection point when it comes to the future of our nation’s cybersecurity.
TikTok banned on government devices under spending bill passed by Congress (CNBC) Congress passed a large spending package that includes a bill banning TikTok from being used on government devices and new filing fees for mergers.
TikTok banned from House of Representatives devices (The Record by Recorded Future) TikTok will be banned from all devices managed by the House of Representatives, the chamber’s Chief Administrative Office announced Tuesday.
How toxic is TikTok to America’s national security? (The Washington Times) National security has made its way out of the five walls of the Pentagon into our daily lives as it’s plastered all over mainstream media with global conflicts, including the high-profile war in Ukraine.
Biden signs $858 billion defense policy bill into law, expanding gov't cyber operations (The Record by Recorded Future) President Joe Biden signed a $858 billion defense policy bill on Friday, conferring more powers, and requirements, on U.S. Cyber Command.
From Log4j to zero trust, agencies have another busy year in cyber (Federal News Network) To nobody’s surprise, 2022 was another action-packed year for federal chief information security officers and cybersecurity teams across government.
Troops Are Getting Cyber Training and Then Rapidly Leaving the Military, Report Finds (Military.com) Troops who receive extensive cyber training, lured by the lucrative private sector, are parting ways with the military services quicker than some branches can offset the cost of that training.
GAO: Army, Marine Corps Need Better Guidelines & Tracking to Keep Cyber Personnel (Executive Gov) Looking for the latest Government Contracting News? Read about GAO: Army, Marine Corps Need Better Guidelines & Tracking to Keep Cyber Personnel.
‘Special pay’ keeps Pentagon’s cyber experts from jumping ship (C4ISRNet) Services “spent at least $160 million on cyber retention bonuses annually” from fiscal 2017 to 2021, the Government Accountability Office said.
Congress greenlights expansion of Defense Department’s cyber workforce (Federal News Network) DOD pursues multiple paths to hire a new cybersecurity workforce including scholarships and a reserve program.
US Congress funds cybersecurity initiatives in FY2023 spending bill (CSO Online) This year’s appropriation bill covers a lot of cybersecurity territory, including threats from TikTok and foreign adversaries and steps to improve medical device security.
U.S. Cyber Command 2022 Year in Review (U.S. Cyber Command) 2022 was a banner year for U.S. Cyber Command. Here are some of the year’s most important moment...
US passes the Quantum Computing Cybersecurity Preparedness Act – and why not? (Naked Security) Cryptographic agility: the ability and the willingness to change quickly when needed.
NSA Texas Is Open for Cyber Business (AFCEA International) The National Security Agency is growing its U.S. cybersecurity workforce, particularly in the the Lone Star State.
It May Be Time for TikTok to Change its Ways if State AGs Have Any Say (Ad Law Access) While State Attorneys General have been clear that social media companies are generally on their radar for a variety of consumer protection concerns,
Governor Hochul Signs Nation-leading Legislation to Protect Energy Grid from Cyber Threats (Governor Kathy Hochul) Governor Hochul signed legislation (A.3904B/S.5579A) that will create strongest-in-the-nation cybersecurity protections for the state's energy grid.
New York breaks the right to repair bill as it’s signed into law (The Verge) It’s a sweeping bill, but not what some were hoping for
Baker signs executive order to establish Massachusetts Cyber Incident Response Team (Beacon Hill Times) Governor Charlie Baker signed an executive order to establish the Massachusetts Cyber Incident Response Team (MA-CIRT). Led by the Secretary of the Executive Office of Technology Services and Security (EOTSS), MA-CIRT is established with the mission of enhancing the Commonwealth’s ability to prepare for, respond to, mitigate against, and recover from significant cybersecurity threats.
Iraq War veteran heads up battle against cyber attacks in Northern Ireland (Alloa and Hillfoots Advertiser) Val Wilson has responsibility for BT’s recently opened Security Operations Centre in Belfast.
Litigation, Investigation, and Law Enforcement
Authorities Raid Alleged Cyberscam Compounds in Cambodia (ProPublica) Human traffickers who have forced workers to engage in investment scams that defrauded victims out of millions have been disrupted, at least temporarily. Meanwhile, Apple's app store has removed an app that frequently facilitated the frauds.
Google, YouTube content providers must face U.S. children's privacy lawsuit (Reuters) A U.S. appeals court on Wednesday revived a lawsuit accusing Alphabet Inc's Google and several other companies of violating the privacy of children under age 13 by tracking their YouTube activity without parental consent, in order to send them targeted advertising.
DOJ arrests man behind brazen $100 million attack on Mango Markets (The Record by Recorded Future) The DOJ said a man who admitted to launching the $100 million hack against crypto platform Mango Markets was arrested in Puerto Rico.
Crypto Trader’s Fraud Charges Show DeFi Isn’t Outside the Law (Bloomberg) Mango Markets’ attacker faces several criminal charges from NY. Activity on unregulated venues can still be considered illegal.
FBI Investigating 3Commas Data Breach (CoinDesk) This week, an anonymous person leaked 100,000 API keys connected to the crypto trading service.
US lawmakers press government for answers over use of Israeli spyware (Middle East Eye) Congressman Adam Schiff and Senator Ron Wyden enquire about Washington's purchase and use of Israeli spyware
This ‘Dystopian’ Cyber Firm Could Have Saved Mossad Assassins From Exposure (Haaretz) Meet Toka, the Israeli cyber firm founded by Ehud Barak, that lets clients hack cameras and change their feeds – just like in Hollywood heist movies
CatalanGate Report: Correcting a Case (The Citizen Lab) On December 15, 2022, as part of our regular re-analysis of past cases to find additional spyware infection indicators and details, we discovered that a
Twitter Probed in EU for Pre-Musk Data Leak of 5.4 Million Users (Bloomberg) Irish data protection authority comments in emailed statement. Case adds to intense global scrutiny after Musk takeover.
Sam Bankman-Fried to enter plea in FTX fraud case (Reuters) Sam Bankman-Fried is expected to enter a plea next week to criminal charges he defrauded investors and looted billions of dollars in customer funds at his failed FTX cryptocurrency exchange.
WSJ News Exclusive | Sam Bankman-Fried Likely to Plead Not Guilty to Fraud Charges (Wall Street Journal) U.S. prosecutors had charged the FTX founder with engaging in criminal conduct that contributed to the cryptocurrency exchange’s collapse.
FTX diverted $200 million of customer money for two venture deals that caught the SEC's attention (CNBC) As Sam Bankman-Fried was using FTX customer money for all sorts of risky trading and lending, he was also making large venture investments.
Alameda Lent Sam Bankman-Fried $546 Million for Robinhood Stake (Bloomberg) FTX founder fights for control of millions of Robinhood shares. Ex-executive Gary Wang also loaned millions to purchase stock.
Emails reveal Sam Bankman-Fried's courtship of federal regulators (Los Angeles Times) The cryptocurrency billionaire employed several former regulators who aided his efforts to woo top CFTC officials, emails obtained by the Los Angeles Times show.
Bankman-Fried, FTX execs received billions in hidden loans, ex-Alameda CEO says (Reuters) Sam Bankman-Fried and other FTX executives received billions of dollars in secret loans from the crypto mogul's Alameda Research, the hedge fund's former chief told a judge when she pleaded guilty to her role in the exchange's collapse.
Caroline Ellison Apologizes for Misconduct in FTX Collapse (Wall Street Journal) The former CEO of Alameda told a judge she and others conspired to steal billions from FTX customers while misleading investors and lenders.
The S.B.F. Chronicles, Part 2: Schmuck Insurance (Puck) During a sideline conversation at a fintech conference, some 15 months ago, S.B.F. offered some stunning revelations about how the sausage was made at FTX. This is the second in a series.
Gemini’s Cameron Winklevoss Slams Crypto Exec Barry Silbert Over Frozen Funds (Bloomberg) Gemini lent user funds to Silbert’s troubled Genesis brokerage. Winklevoss says DCG used money from Genesis for other purposes.
French data agency fines Microsoft $63 million for Bing cookie violations (The Record by Recorded Future) France’s data privacy watchdog fined Microsoft more than $63 million for several violations related to how the Bing search engine handles cookies.
Facebook parent Meta to settle Cambridge Analytica scandal case for $725 million (Reuters) Facebook owner Meta Platforms Inc has agreed to pay $725 million to resolve a class-action lawsuit accusing the social media giant of allowing third parties, including Cambridge Analytica, to access users' personal information.
Google to pay $29.5 million to settle DC, Indiana lawsuits over location tracking (The Hill) Google has agreed to pay a total of $29.5 million to settle separate lawsuits with Washington, D.C., and Indiana over its location tracking practices. Under the settlements, Google agreed to …
Investigators used Andrew Tate's social media activity to catch kickboxer (Mirror) A popular, but speculative, theory from Tate's detractors has gone viral claiming that the four-time world champion gave away his location with a video directed at Greta Thunberg