Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+484: Missile strikes, cyberattacks, and (allegedly) wicked counselors. (CyberWire) 36,000 Western-trained Ukrainian troops prepare to enter battle.
Russia Detains Five It Claims Tried To Buy Nuclear Material To Discredit Moscow (RadioFreeEurope/RadioLiberty) Moscow says it has detained several people it claims are linked to Ukraine who were trying to buy radioactive material and smuggle it out of the country to cause an incident "to discredit Russia."
Zelensky says Russia is planning to sabotage Zaporizhzhia nuclear plant (Washington Post) Ukrainian President Volodymyr Zelensky warned Thursday that Russian forces were preparing a “terrorist act” at the Zaporizhzhia nuclear plant, Europe’s largest atomic power station, as officials in Moscow said the head of the U.N. nuclear watchdog agency, Rafael Mariano Grossi, would travel to Russia to meet with nuclear authorities on Friday.
Ukraine Says It Fends Off Missile Strike On Airfield Amid 'Massive' Wave Of Russian Attacks (RadioFreeEurope/RadioLiberty) An attempted Russian air strike on a Ukrainian airfield was parried by Ukraine's air defenses, the military said on June 23, as Moscow launched more swarms of missiles and Iranian-made drones in what the General Staff said was another "massive" overnight wave of attacks.
Russia accuses Ukraine of using UK-supplied missiles to strike bridge to Crimea (the Guardian) Chonhar Bridge is one of a handful of infrastructures linking Crimea with the mainland
Russia says it downed 3 drones outside Moscow, suspects it was attack by Ukraine (AP NEWS) Russian authorities say two drones have crashed outside Moscow as they were approaching the warehouses of a local military unit. Russian media reported Wednesday that the wreckage of a third drone was found about 12 miles away. Russia’s Defense Ministry says the drones were brought down using radio-electronic means. No damage or casualties are being reported. The drones could be the latest attempt by Ukraine to strike targets inside Russia as their war approaches its 17th month. Ukrainian officials have made no comment. Russian media are also reporting that rail lines have been blown up on the Crimean Peninsula in apparent sabotage operations.
Ukraine’s Western-Trained Brigades Begin to Enter the Fight (New York Times) The arrival of new units could be pivotal. But progress has been slow for Ukraine in the early stage of its counteroffensive.
Official Says Ukraine Well Prepared to Liberate Russian-Occupied Territory (U.S. Department of Defense) DOD's objective regarding Ukraine is to ensure the existence of a free, prosperous and democratic Ukraine that can defend itself and deter further Russian aggression, the deputy assistant secretary of
Ukraine intensifies pressure in long-shot push for NATO membership (The Hill) Ukrainian officials are pounding the drumbeat for full NATO membership, putting unrelenting pressure on the U.S. and allies to give in and view as precedent their success in receiving F-16 fighter …
Ukrainian President Fires Ambassador To Belarus (RadioFreeEurope/RadioLiberty) Ukrainian President Volodymyr Zelenskiy has dismissed Ihor Kyzym from the post of ambassador to Belarus.
Wagner chief accuses Russian top brass of lying to Putin (The Telegraph) Total trash is being put on the president’s desk, claims Yevgeny Prigozhin
Neuberger: Ukraine experiencing a ‘surge’ in cyberattacks as it executes counteroffensive (Record) Moscow has ramped up its digital assault on Ukraine as a result of Kyiv’s long-awaited counteroffensive to retake Russian-occupied territory, according to a senior White House official.
Microsoft warns of rising NOBELIUM credential attacks on defense sector (HackRead) The NOBELIUM hackers have been linked to Russia and are known for targeting the SolarWinds hack in 2021.
Anonymous Sudan: neither anonymous nor Sudanese (Cybernews) Microsoft Outlook, UPS, and Scandinavian Airlines all fell victim recently to attacks by the group known as Anonymous Sudan. However, experts we’ve spoken to believe the group is most likely a pro-Kremlin pet project for spreading a pro-Russian agenda.
Sachkov's Revenge: Jailed On Treason Charges, A Russian Cybersecurity Exec Goes On The Offensive (RadioFreeEurope/RadioLiberty) Jailed for nearly two years on treason charges that surprised Russia’s IT community, cybersecurity executive Ilya Sachkov throws an unusual public punch, with a "name-and-shame" video accusing the Federal Security Service of a destructive, misguided campaign targeting the wrong people.
Attacks, Threats, and Vulnerabilities
Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives (Check Point Research) Executive summary Introduction In early 2023, CPIRT investigated an incident at a European hospital. The investigation showed that the malicious activity observed was likely not targeted but was simply collateral damage from Camaro Dragon’s self-propagating malware infections spreading via USB drives. Camaro Dragon is a Chinese-based espionage threat actor whose operations are actively focused on […]
Chinese malware accidentally infects networked storage (Register) Hides itself from popular Asian AV, also uses games to do its dirty work
Microsoft Teams bug allows malware delivery from external accounts (BleepingComputer) Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources.
Akamai SIRT Security Advisory: CVE-2023-26801 Exploited to Spread Mirai Botnet Malware (Akamai) Akamai researchers identified an active exploitation of CVE-2023-26801, a critical command injection vulnerability discovered in March 2023 (CVSS 9.8).
Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices (BleepingComputer) A variant of the Mirai botnet is targeting almost two dozen vulnerabilities aiming to take control of D-Link, Arris, Zyxel, TP-Link, Tenda, Netgear, and MediaTek devices to use them for distributed denial-of-service (DDoS) attacks.
Microsoft 365 users report Outlook, Teams won't start or freezes (BleepingComputer) Network and IT admins have been dealing with ongoing Microsoft 365 issues this week, reporting that some end users cannot use Microsoft Outlook or other Microsoft 365 apps.
10 banks alleged victims of ransomware attacks on file transfer software (American Banker) Ransomware gang Cl0p is currently threatening 50 companies with releasing data it stole from them late last month.
Japan’s digital ID gets emergency review amid data leaks (Register) PM wants response as urgent as that mustered for COVID-19
Massive data breach impacts CalPERS and CalSTRS, the nation’s biggest public pensions funds (KCRA) The vendor helps CalPERS identify member deaths and make sure that correct payments go to retirees and their beneficiaries.
BlackCat gang threatens to leak plastic surgery photos (Register) Sharing a cancer patient's nude snaps earlier wasn't enough for these scumbags
Hospital’s Cyber Attack Shows What Disruption Looks Like (GovTech) After the attack, the staff at Johnson Memorial suddenly had to revert to low-tech ways of patient care. They relied on pen and paper for medical records and notes, and sent runners between departments to take orders and deliver test results.
US Military Personnel Receiving Unsolicited, Suspicious Smartwatches (SecurityWeek) The US army says soldiers says unsolicited, suspicious smartwatches are being sent to soldiers, exposing them to malware attacks.
Security Patches, Mitigations, and Software Updates
CISA Releases Four Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released four Industrial Control Systems (ICS) advisories on June 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Apple Releases Security Updates for Multiple Products | CISA (Cybersecurity and Infrastructure Security Agency CISA) Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.
Juniper Networks Releases Security Advisory for Junos OS and Junos OS Evolved (Cybersecurity and Infrastructure Security Agency CISA) Juniper Networks has released a security advisory that addresses a vulnerability in Junos OS and Junos OS Evolved. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.
ISC Releases Security Advisories for Multiple Versions of BIND 9 (Cybersecurity and Infrastructure Security Agency CISA) The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions.
Trends
The bored teenagers who can disrupt the world (The Spectator Australia) Most of us live a strange double life when it comes to hacking. We read headlines saying that our toaster might spy on us, that Russia is trying to hack into our social media, and that society as a…
Marketplace
NYC's First Cyber Academy Cohort Looks Back (GovTech) The cybersecurity upskilling program is educating its second cohort, tweaking the material with lessons learned from the first go-round. Graduates spoke highly of the trainings — and the offers of more.
Devo Names Trevor Crompton Area Vice President of EMEA (PR Newswire) Devo Technology, the cloud-native security analytics company, today announced the leadership appointment of Trevor Crompton as Area Vice...
Barracuda welcomes Siroui Mushegian as CIO (PR Newswire) Barracuda Networks, Inc., a trusted partner and leading provider of cloud-first security solutions, today announced Siroui Mushegian as its new...
Forcepoint Appoints Ryan Windham as Senior VP of Business Transformation, Driving Data-first SASE Adoption (Business Wire) Windham brings 20+ years of cyber and AI leadership experience to accelerate Forcepoint ONE technology innovation and global growth through customer-first operational excellence
Products, Services, and Solutions
New infosec products of the week: June 23, 2023 (Help Net Security) The featured infosec products this week are from: Cymulate, Edgescan, ESET, iStorage, and Netskope.
Dasera Introduces Free 'Ski Lift,' Elevating Data Security and Governance for Snowflake Users (Business Wire) Automated, Self-Service Data Security and Governance Now Available for Snowflake Users – At No Cost
LastPass Unveils its Channel Partner Program and Commitment to a Partner-Centric Community (Business Wire) Allegiance Partner Program designed to help LastPass partners boost profitability and improve password management for their small, medium and enterprise-sized customers
Enrich More With Splunk 4.4 - DomainTools | Start Here. Know Now. (DomainTools) Updates to the DomainTools app for Splunk provide deeper insights into network infrastructure to proactively identify security threats
[News] Bitdefender Expands Cybersecurity Partnership with Ferrari (Bitdefender) Bitdefender has expanded its partnership with Ferrari S.p.A., to provide Bitdefender Advanced Threat Intelligence to the company’s worldwide operations. Ferrari S.p.A. will integrate Bitdefender Advanced Threat Intelligence into its security operations center (SOC) to help Ferrari security analysts more quickly validate and triage alerts, improve threat hunting and speed incident response.
EnGenius Empowers Businesses with Safety and Controls with its New Power Distribution Line of Products (PR Newswire) EnGenius Technologies Inc., a leading provider of cutting-edge connectivity solutions, expands its product ecosystem with a new Power...
Inspira Enterprise Launches State-of-the-art Cyber Fusion Center in Dallas (PR Newswire) Inspira Enterprise, Inc. announced today the opening of its fourth Cyber Fusion Center (CFC) and Customer Experience Center (CEC) to expand its...
Introducing The Modern CISO Network: Board Book (Lacework) Lacework has officially launched the first edition of The Modern CISO Network: Board Book, a directory of cybersecurity leaders who are ready and willing to provide their expertise to organizations and boards.
Caveonix Strengthens Organizations’ Defense Against MOVEit Vulnerabilities (GlobeNewswire News Room) Caveonix, the industry’s leading unified platform for hybrid multicloud governance, compliance, and...
Tanium Platform Advances Threat Identification Capabilities and Enhances Endpoint Reach (Tanium) Award-winning XEM Platform Introduces advanced SBOM capabilities, expanded ARM support, and additional Risk & Compliance improvements
Silobreaker unveils new geopolitical cyber threat intelligence capabilities (CSO Online) Silobreaker integrates RANE geopolitical intelligence to warn security teams of world events that could heighten the risk of cyberattacks.
Zscaler unveils cybersecurity innovations for its zero trust platform (SecurityBrief Australia) These new services transform secure branch connectivity and provide continuous monitoring and threat detection for identity-based attacks.
Next up for AI: cybersecurity (TechHQ) AI cybersecurity technology was unveiled by Zscaler at Zenith Live Las Vegas 2023. Here's our rundown of the solutions on offer.
Celerium Announces Compromise Defender™ Solution with Defensive Support Against Cl0p/MOVEit Ransomware Threats (PR Newswire) Celerium Inc., a leading cyber defense company, today announces the release of its latest cybersecurity solution, Compromise Defender™. As an...
Group-IB signs distribution agreement with Tech First Gulf to bolster MEA cybersecurity offering (Group-IB) Group-IB, a global cybersecurity leader, is pleased to announce the signing of a distribution agreement with Tech First Gulf, a leading value-added distributor in the Middle East and Africa (MEA) region.
Orange Business leads team to deliver cloud-native managed SASE to enterprises (ComputerWeekly.com) Enterprise division of the global telco taps in-house cybersecurity practice and leading cybersecurity technology provider to offer simpler operational model for customers with end-to-end accountability improves agility, efficiency, performance and security.
Drata Debuts Future of Automated GRC at Drataverse (PR Newswire) Drata, a continuous security and compliance automation platform, today unveiled the first look at several new offerings for 2023 at the...
Technologies, Techniques, and Standards
NSA shares tips on blocking BlackLotus UEFI malware attacks (BleepingComputer) The U.S. National Security Agency (NSA) released today guidance on how to defend against BlackLotus UEFI bootkit malware attacks.
SSDF and IoT Cybersecurity Guidance: Building Blocks for IoT Product Security (NIST) NIST’s IoT cybersecurity guidance has long recognized the importance of secure software development (SSDF) practices, highlighted by the NIST IR 8259 series—such as the recommendation for documentation in Action 3.d of NIST IR 8259B, that manufacturers have considered and documented their “secure software development and supply chain practices used.”
Secure Technology Alliance Celebrates 30 Years of Cross-Industry Achievement Spanning Identity, Payments, Access Control and Beyond (GlobeNewswire News Room) Milestones include contributions to U.S. adoption of EMV chip cards, advancements in PIV cards, passports and mobile driver’s licenses (mDLs)...
How Government Contractors & Agencies Should Navigate New Cyber Rules (Dark Reading) The impending regulations highlight the increasing importance of enhanced network security and regulatory compliance across the government sector.
The Log4j vulnerability – how can we all do better next time (Register) Accept there are some risks you don’t control but which nonetheless you can’t ignore
Meta's Oversight Board asks Facebook owner to evaluate election integrity efforts (Reuters) Meta Platforms' Oversight Board has asked the social media firm to evaluate efforts to prevent promotion of political violence on its platforms, after it allowed a video calling for violence post the 2022 Brazilian election to stay online.
Research and Development
Eight teams of hackers will compete to breach U.S. satellite in space (Newsweek) Protecting satellites from hacks is becoming more important as industries from agriculture to banking and insurance rely on space-based capabilities.
Corsha Announces $1.8 Million AFWERX TACFI Grant Award (Corsha) Corsha launches pilot to determine how to enable AFSC to securely move data from additive manufacturing, data aggregation, and analysis devices into DE platforms
Academia
Boise State partners with MARS Suite Corporation to address cyber threats, demand for talent (Boise State News) Boise State University’s Institute for Pervasive Cybersecurity is partnering with cybersecurity platform provider MARS Suite...
Support for cybersecurity clinics across the U.S. (Google) Our new $20 million collaboration with the Consortium of Cybersecurity Clinics will expand and create cyber clinics across the US.
Legislation, Policy, and Regulation
Why is it so rare to hear about Western cyber-attacks? (BBC News) Could a cyber-attack on a Russian technology company provide a rare insight into a Western hack?
Romanias Cybersecurity Chief Proposes Banning TikTok (UrduPoint) TikTok should be banned in Romania as it may send data to the Chinese government, Anton Rog, the head of National Cyberint Center within the Romanian Intelligence Service, said on Thursday.It would be nice, for example, to ban TikTok, if you ask me. According to the technical analysis I have publis ..
US cyber ambassador says China can win on AI, cloud (Register) Calls on governments to combat 'playbook' that propelled Huawei to prominence
Nation's first cyber security coordinator appointed, as government reckons with hack affecting big four banks (ABC) As law enforcement agencies respond to a data breach at a law firm that kept the big four banks and the Health Department as clients, the federal government announces it has finally filled the role of the nation's first cyber security coordinator.
Shadow Cyber Security Minister James Paterson responds to cyber security coordinator appointment (Cyber Security Connect) Shadow cyber security minister James Paterson has responded to the government’s appointment of the nations first cyber security coordinator, saying that it comes too little too late. Whilst the sh
Got a Warrant? FBI May Need One to Search U.S. Data in Foreign Spy Database (Wall Street Journal) Lawmakers are considering whether to require the FBI to obtain warrants before searching data accumulated under the Foreign Intelligence Surveillance Act.
Bipartisan Bill Proposes Cybersecurity Funds for Rural Water Systems (SecurityWeek) A new bill proposes to increase cybersecurity funding for rural water systems by $7.5 million dollars per year
House defense bill adds special Ukraine IG, Taiwan cyber cooperation (Defense News) The House's FY24 National Defense Authorization Act sets up a Special Inspector General for Ukraine and requires cooperation on Taiwan cybersecurity.
Readout from CISA’s 2023 Second Quarter Cybersecurity Advisory Committee Meeting (Cybersecurity and Infrastructure Security Agency) Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its second quarter Cybersecurity Advisory Committee (CSAC) meeting.
Lawmaker calls for the creation of Georgia Cyber Command (Jackson Progress-Argus) (The Center Square) — A state lawmaker says Georgia needs to create a state cyber command and should be hastened in the wake of a Russian cyber-attack that hit the
A cyber-focused candidate is running for president. Does he have a chance? (Washington Post) Former congressman Will Hurd, with a deep cyber background, enters GOP presidential field
Litigation, Investigation, and Law Enforcement
Crypto malware ring targeting Canada busted in Ukraine (Cybernews) The criminals operated in a rented office space and demanded that new staff members take a polygraph test, Ukrainian authorities claim.
Twitter may face fines in Australia over hate speech (Axios) Australia's online safety regulator sent a legal notice to Twitter demanding the social network explain the steps it is taking to combat online hate or risk being slapped with fines.
Former FBI analyst who kept classified records in home sentenced to prison (The Hill) Correction: Former FBI analyst Kendra Kingsbury is a resident of Kansas. The information was incorrect in an earlier version of this story. A former intelligence analyst with the FBI’s Kansas City …
The Hunt For A Russian Spy: How The FSB Used A Mexican Man To Target A Defector In Miami (RadioFreeEurope/RadioLiberty) A Russian-trained Mexican microbiologist will soon be released from a U.S. prison, a year after pleading guilty for his role in a bungled job surveilling a government informant. Turns out the informant was a Russian defector whose betrayal of a spy network in the U.S. infuriated Vladimir Putin.