Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+483: Misdirection and wishful thinking. (CyberWire) Russia's mass child abductions were really child protection actions, says Russia, as the Duma engages in misdirection to distract attention from Russian atrocities. Hacktivist groups show more signs of ties to Russian security and intelligence services.
Russia-Ukraine war at a glance: what we know on day 484 of the invasion (the Guardian) Zelenskiy admits counteroffensive going ‘slower than desired’; west pledges tens of billions of dollars at Ukraine reconstruction summit in London
Russia-Ukraine war live: Ukraine PM says counteroffensive ‘will take time’; Kyiv ‘strikes bridge linking Kherson and Crimea’ (the Guardian) Denys Shmygal ‘optimistic’ about success; Russia-appointed governor says road damaged after likely attack by Storm Shadow missiles
Zelenskiy admits counteroffensive may be going ‘slower than desired’ (the Guardian) Ukraine president says war is not a Hollywood movie, as Putin announces nuclear-capable ICBMs will soon enter service
Ukraine-Russia war live: Putin claims Ukraine's 'heavy losses' behind 'lull' in counter-offensive (The Telegraph) President Vladimir Putin has said that Moscow had seen a “lull” in the Ukrainian counteroffensive, and that Kyiv had suffered heavy losses in the south of Ukraine.
Ukraine to get AMRAAM weapons under $1 billion deal with RTX (Defense News) Part of the firm-fixed-price deal — the largest ever awarded for AMRAAM weapons — will cover missiles for sale to multiple foreign allies and partners.
The Cyber Domain in the Russo-Ukrainian War (BESA) Cyber attacks have been carried out by both sides in the Ukraine-Russia war to neutralize national infrastructures, banking systems, and government ministries; influence decision-makers, citizens, and soldiers; and gather intelligence. Cyber played no real role in disabling national capabilities or infrastructure, but has had psychological and cognitive effects.
Russia-aligned hackers pose threat to Canada energy sector - spy agency (Yahoo News) Russia-aligned hackers could seek to disrupt Canada's powerful oil and natural gas sector, especially since Ottawa is a strong backer of Ukraine, a Canadian spy agency said on Wednesday.
New EU Sanctions Target Russia Loopholes (Wall Street Journal) Europe tightens economic pressure on Moscow but goes lighter on Chinese companies than some wanted.
Fresh Leads Point to Poland as Hub for Nord Stream Sabotage (Wall Street Journal) Prosecutors said the yacht suspected of playing a role in the attack stopped at a Polish port on its voyage that investigators believe was designed to place explosives along the pipelines.
Russian Court Rejects Appeal to Release Journal Reporter Evan Gershkovich (Wall Street Journal) The Wall Street Journal reporter had been ordered to be held in a Moscow prison until at least Aug. 30.
U.S., West pledge billions for Ukraine reconstruction (Washington Post) The United States and European countries on Wednesday announced billions of dollars in new recovery assistance to Ukraine aimed at addressing the staggering destruction wrought by Russia’s invasion.
Attacks, Threats, and Vulnerabilities
RedEyes Group Wiretapping Individuals (APT37) (ASEC BLOG) RedEyes (also known as APT37, ScarCruft, and Reaper) is a state-sponsored APT group that mainly carries out attacks against individuals such as North Korean defectors, human rights activists, and university professors. Their task is known to be monitoring the lives of specific individuals. In May 2023, AhnLab Security Emergency response Center (ASEC) discovered the RedEyes group distributing and using an Infostealer with wiretapping features that was previously unknown along with a backdoor developed using GoLang that exploits the...
ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks (The Hacker News) ScarCruft, a North Korean threat group linked to state-sponsored activities, has developed a new information-stealing malware with wiretapping feature
APT37 hackers deploy new FadeStealer eavesdropping malware (BleepingComputer) The North Korean APT37 hacking group uses a new 'FadeStealer' information-stealing malware containing a 'wiretapping' feature, allowing the threat actor to snoop and record from victims' microphones.
Military Satellite Access Sold on Russian Hacker Forum for $15,000 (HackRead) The Russian-speaking hacker is also offering access to AT&T Corporation email accounts that have 2FA disabled for $7,000.
Unmasking Pig-Butchering Scams and Protecting Your Financial Future (Trend Micro ES) This report delves into the nature of pig-butchering scams, how scammers carry out their operations, the new pig-butchering tactics we’ve observed in the wild, and what individuals can do to avoid falling for these fraudulent investments and dealing with massive amounts of debt.
Emerging Ransomware Group 8Base Doxxes SMBs Globally (Dark Reading) A threat you've never heard of is using double extortion attacks on mom-and-pop shops around the globe.
Dissecting TriangleDB, a Triangulation spyware implant (Securelist) In researching Operation Triangulation, we set ourselves the goal to retrieve as many parts of the exploitation chain as possible. As of now, we have finished analyzing the spyware implant and are ready to share the details.
New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices (The Hacker News) Operation Triangulation: New spyware targets iOS devices with invisible iMessage exploits. Discover how a kernel vulnerability.
Fortinet Reverses Flutter-based Android Malware “Fluhorse” (Fortinet Blog) Gain insights into the Fluhorse malware campaign as we've managed to fully reverse engineer the malicious Flutter applications. Learn more.…
At least 10 federal agencies contracted with hacked software maker (Federal Times) The attack affecting a “small number” of government agencies is still being assessed, officials said.
Norton LifeLock owner, Vancouver Transit Police confirm MOVEit breaches (Record) Malicious hackers continue to target high-profile companies and organizations through a vulnerability in the MOVEit file transfer tool.
Why Malware Crypting Services Deserve More Scrutiny (KrebsOnSecurity) If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact,…
GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking (Aquasec) Millions of GitHub repositories are potentially vulnerable to RepoJacking, which if exploited may lead to code execution on environments
UPS discloses data breach after exposed customer info used in SMS phishing (BleepingComputer) Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks.
HHS warns industry about resurfaced ransomware group after attack on cancer center (Cybersecurity Dive) In a cybersecurity notification, the department warned the sector about TimisoaraHackerTeam, or THT, after an attack on a U.S. cancer center that “significantly reduced” its capability to treat patients.
Australia's Perpetual says 'tech outage' affected some funds in cyber incident (Reuters) Australian Perpetual on Wednesday confirmed an extended tech outage over an IT security incident, affecting some of its funds, though the fund manager reaffirmed that all its client investments and its own systems were unaffected and secure.
Mondelēz retirement data breached after hacker targets law firm Bryan Cave (Cybersecurity Dive) The snack food company said a third-party actor stole sensitive customer data from the firm, impacting more than 51,000 current and former Mondelēz employees.
Think You Know Ransomware? A Documentary Series (Sophos) A gripping documentary that delves into the alarming realities of ransomware, revealing the far-reaching consequences that affect both business owners and society at large.
Top Mental Health and Prayer Apps Fail Spectacularly at Privacy, Security (Mozilla) Despite dealing with issues like depression, suicide, domestic violence, and PTSD, these apps share data freely and raise many security concerns
28 out of 32 apps receive Mozilla’s *Privacy Not Included warning label
Vulnerability Summary for the Week of June 12, 2023 (Cybersecurity and Infrastructure Security Agency CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Apple just released iOS 16.5.1 with security fixes (ZDNET) The Mac, iPad, and Apple Watch also received an update on Wednesday to fix two actively exploited vulnerabilities.
Apple issues emergency patch to address alleged spyware vulnerability (CyberScoop) The fix follows allegations from a Russian intelligence service that an intentional flaw in iPhones provided a gateway for American espionage.
Apple patch fixes zero-day kernel hole reported by Kaspersky – update now! (Naked Security) Apple didn’t use the words “Triangulation Trojan”, but you probably will.
Apple fixes iPhone software flaws used in widespread hacks of Russians (Washington Post) The announcement by the U.S. phone maker gives credibility to reports by the Russian security company Kaspersky Lab
Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws (SecurityWeek) CISA warned of remotely exploitable vulnerabilities in Enphase Energy products (CVE-2023-32274 and CVE-2023-33869)
Trends
15 cybercrime statistics you ought to know (Independent Advisor) Find out what you need to know about cybercrime in 2023 with our expert-selected statistics
NCC Group Monthly Threat Pulse – May 2023 (Mynewsdesk) 436 attacks in May the second highest monitored by NCC Group’s Global Threat Intelligence team in 2023. Industrials (30%), Technology (15%) and Consumer...
Cloud Detection and Response Survey Report 2023 (Permiso) We surveyed more than 500 security, engineering and IT professionals to learn as much as we could about their cloud environment and security practices.
Service members more vulnerable to digital payment scams, federal report finds (Stars and Stripes) The transient nature of military life is part of what makes military members more vulnerable.
Marketplace
DNV acquires security specialist to safeguard cyber-physical systems (Lloyd's List) Less than six months after being hit by a ransomware attack, DNV has moved to acquire a Helsinki-listed security business. The combined cyber expertise is seen as critical to DNV’s purpose.
ShadowDragon Named 2023 Technology Pioneer by World Economic Forum (Business Wire) Pioneer of “OSINT for good” helps businesses, law enforcement and governments effectively investigate and analyze open source and publicly available information to solve challenging criminal cases
ManTech Chairman Kevin Phillips Joins Paladin Capital as Strategic Advisor (Paladin Capital Group) Paladin Capital Group, a cyber and advanced technologies investor, is pleased to announce that ManTech International Chairman Kevin Phillips will join the firm as a Strategic Advisor.
XONA Systems Appoints Ron Fabela as Field CTO (XONA Systems) Annapolis, MD (June 22, 2023) – XONA Systems, the frictionless secure user access platform deployed on a Zero-Trust Architecture and purpose-built for operational technologies (OT), today announced the addition of a recognized ICS security expert as its Field CTO. “As we continue our rapid growth, the addition of Ron Fabela as our Field CTO adds […]
Products, Services, and Solutions
Securiti Unveils Unify Partner Program to Unlock Unprecedented Data Intelligence and Control Value Across Hybrid Multicloud Environments (Business Wire) Next-gen program fuels strategic partners to drive adoption of Data Controls Cloud
NowSecure Achieves SOC 2 Type 2 Security Certification for 4th Consecutive Year (Benzinga) Independent Third-Party Certification Of Advanced Security Posture And Practices for NowSecure Platform
Quo Lab: Get Value From Your Data (Quo Lab) As you might already know, Mandiant goes beyond the classic automated detection strategies applied in the Threat Intelligence industry.
Globe Telecom Taps Traceable to Boost API Security (Business Wire) Traceable AI, the industry’s leading API security company, today announced that it has been selected from amongst multiple API Security vendors by Globe, to strengthen its API security capabilities.
Orange Business, Orange Cyberdefense and Palo Alto Networks Join Forces to Deliver Cloud-Native Managed SASE to Enterprises (Business Wire) Simpler operational model for customers with end-to-end accountability improves agility, efficiency, performance, and security
Frontegg Cements CIAM Dominance in the G2 Summer 2023 Reports (GlobeNewswire News Room) Identity Platform Leader Also Ranks No. 1 for Best Results in CIAM, Demonstrating the Platform’s Business and Technical Value it brings to its Customers...
Radware Announces Signature Partnership with Sycomp (GlobeNewswire News Room) Closes million-dollar deal to provide hybrid DDoS protection for a top 10 biotech company...
Canva Secures the Cloud with SentinelOne® (Business Wire) Design software maker leverages autonomous platform to keep endpoints, workloads and remote workforce safe
A last line of defense against ransomware (Register) Object First unveils Ootbi: a ransomware-proof and immutable solution designed to deliver simple and powerful backup storage
data.world Launches Data Governance Application with Generative AI to Boost Data Team Productivity and Accelerate the Responsible Use of Data for AI (GlobeNewswire News Room) Eureka™ Bots power automations that increase data governance team productivity up to 59%, speeding the availability of governed data for both human and...
AvePoint Adds New Functionality to Cloud Backup for Salesforce, the Only FedRAMP (moderate) Authorized Solution on Salesforce AppExchange and AWS Marketplace (GlobeNewswire News Room) Advanced features strengthen data protection and simplify deployment for public sector customers...
RangeForce Launches Defense Readiness Index™, the World’s First Comprehensive Score Enabling Companies to Easily Gauge, Assess, and Bolster Their Cybersecurity Capabilities (News Direct) Rooted in cybersecurity training for the United States Department of Defense and NATO, RangeForce enables teams to prepare against the latest threats with continuous cybersecurity upskilling.
Technologies, Techniques, and Standards
How Your New Car Tracks You (WIRED) Vehicles from Toyota, Honda, Ford, and more can collect huge volumes of data. Here’s what the companies can access.
Ransomware is only getting faster: Six steps to a stronger defense (BleepingComputer) Ransomware encryption speed is crucial because it reduces the time available for an organization to react to a security breach. Included are six crucial steps for protecting your organization from the ever-increasing speed of ransomware attacks.
Design and Innovation
IonQ Forte Launched For Commercial Use, Making #AQ 29 Available for Customers Worldwide (Business Wire) IonQ’s most powerful quantum system, IonQ Forte, enters expanded commercial availability for the first time. System introduces record #AQ 29 performance and new hardware features that promise improved gate operation accuracy.
IonQ and QuantumBasel Partner to Achieve Future Quantum Advantages With Deployment of Two Generations of IonQ Quantum Systems in Europe (Business Wire) Deal endeavors to bring two IonQ future quantum systems with #AQ1 35 and #AQ 64 to Switzerland. Systems will serve European industry, government entities, and research institutes with local access to IonQ’s most powerful quantum systems. IonQ will establish a quantum innovation center for the entire EMEA region at uptownBasel campus in Arlesheim, Switzerland
Inside the AI Factory (The Verge) How many humans does it take to make tech seem human? Millions.
How existential risk became the biggest meme in AI (MIT Technology Review) "Ghost stories are contagious."
Legislation, Policy, and Regulation
European Council agrees to water down protections for journalists from spyware (Record) The European Council agreed on Wednesday to seek to reduce the level of protections provided to journalists from government surveillance and spyware in a proposed law intended to safeguard media freedoms across the bloc.
The cyber argument for regulating AI (Washington Post) Schumer, Fick join the calls for AI regulation, with election distortion and cyber among the reasons
House Bill to Create National Commission on AI Policy (Executive Gov) Looking for the latest Government Contracting News? Read about House Bill to Create National Commission on AI Policy.
‘A moment of revolution’: Schumer unveils strategy to regulate AI amid dire warnings (NBC News) The Senate majority leader released his long-awaited framework for regulating artificial intelligence and said he would launch a series of AI forums this fall featuring a range of experts.
SEC delays final rule on cyber incident disclosure as industry pushes back (Construction Dive) The agency was seeking prompt reporting of material cyber breaches and attacks, but faced a range of concerns from stakeholders.
Biden administration warns businesses not to hack back against cyberattackers (The Washington Times) The Biden administration is warning private digital defenders not to hack back against cyberattackers, amid a crush of breaches hammering American businesses and citizens.
Energy Department Cyber Strategy in ‘Drafting Process’ (Meritalk) The Department of Energy (DoE) is in the “drafting process” of creating a new cybersecurity strategy that will address cloud technologies to be used by the agency going forward, according to Ann Dunkin, chief information officer at DoE, who talked about process for the strategy during a June 20 event organized by Federal News Network.
Litigation, Investigation, and Law Enforcement
Jack Teixeira, Accused Classified-Document Leaker, Pleads Not Guilty (Wall Street Journal) Arraignment follows indictment, arrest in April in high-profile documents case
Pentagon leak suspect pleads not guilty to federal charges (Air Force Times) Massachusetts Air National Guard member Jack Teixeira was indicted by a grand jury on federal felony charges.
WSJ News Exclusive | U.S. Tracked Huawei, ZTE Workers at Suspected Chinese Spy Sites in Cuba (Wall Street Journal) Intelligence bolstered suspicions that China’s telecom giants might be playing a role in the expansion of Beijing’s eavesdropping capabilities on the island.
Discord servers used in child abductions, crime rings, sextortion (NBC News) “What we see is only the tip of the iceberg,” said Stephen Sauer, the director of the tipline at the Canadian Centre for Child Protection.
FTC sues Amazon over 'deceptive' Prime sign-up and cancellation process (CNBC) The agency claims Amazon used so-called "dark patterns" to steer users to enroll in Prime without their consent.
Progress Software hit with class action lawsuit over MOVEit hack (SC Media) The plaintiffs represent more than 100 individuals who say Progress Software’s security practices were negligent, resulting in their personal data being exposed and pilfered through the hack.