Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+496: Still sorting out the March on Moscow. (CyberWire) Russia continues to sort out the consequences of the Wagner Group's mutiny.
Russia-Ukraine war: List of key events, day 497 (Al Jazeera) As the war enters its 497th day, these are the main developments.
Ukraine-Russia war latest: Babies injured in Russian missile strike on town centre (The Telegraph) Two babies have been wounded after a Russian strike in a residential area of Pervomaiskyi in Ukraine’s Kharkiv region, along with 29 others.
Russia claims to have intercepted Ukrainian drone attack on Moscow (the Guardian) Flights in and out of Moscow’s Vnukovo airport were suspended in the early hours of Tuesday
Live Briefing: Russia Invades Ukraine (RadioFreeEurope/RadioLiberty) RFE/RL's Ukraine Live Briefing gives you the latest developments on Russia's ongoing invasion, Western military aid, global reaction, and the plight of civilians. The Live Briefing presents the latest developments and analysis, updated throughout the day.
Russia-Ukraine war: List of key events, day 495 (Al Jazeera) As the war enters its 495th day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 495 of the invasion (the Guardian) Ukraine claims to be advancing amid ‘fierce fighting’ on the eastern and southern fronts; international office to investigate Russia’s invasion opens in The Hague
Russia launches the first drone strike on Kyiv in 12 days (Military Times) The head of the Kyiv city administration said Sunday that all of the Iranian-made Shahed exploding drones were detected and shot down.
Russia-Ukraine war at a glance: what we know on day 493 of the invasion (the Guardian) Ukraine’s counteroffensive hobbled by a lack of firepower, says military chief; Belarus president says Russian nuclear weapons in his country will not be used
Russia-Ukraine war at a glance: what we know on day 492 of the invasion (the Guardian) Ukraine continues to claim its counteroffensive is making progress in ‘all directions’; Russia is reported to be pulling staff out of the Zaporizhzhia nuclear power plant
Russia reducing its presence at nuclear plant, says Ukraine (the Guardian) Staff at Zaporizhzhia told to relocate, says Ukrainian intelligence, as Moscow accused of explosion plot
Russia-Ukraine war: Russia reducing its presence at nuclear power plant, says Ukraine; Pope says war seems to have ‘no end’ – as it happened (the Guardian) Ukraine’s military intelligence directorate warns that staff are leaving Zaporizhzhia as Moscow has mined power units; Pope Francis calls for peace
Putin’s monstrous nuclear gamble is his most dangerous yet (The Telegraph) As his unsuccessful war grinds on, the increasingly desperate Russian autocrat is resorting to ever-more aggressive measures
Zelenskiy: Russia may be preparing to trigger nuclear plant explosion (the Guardian) President cites Ukraine intelligence that Moscow has mined Zaporizhzhia nuclear station and sent away staff
'It's Not A Chess Game, It's Pure Madness': Residents Near Russian-Controlled Nuclear Plant In Ukraine Fear Catastrophe (RadioFreeEurope/RadioLiberty) Ukrainian officials and intelligence officers say catastrophe could strike any moment at the Russian-held Zaporizhzhya nuclear power plant. The residents of Nikopol, across a Dnieper River reservoir that is almost completely dry after a dam breach downstream, fear their predictions may come true.
Ukraine says Putin is planning a nuclear disaster. These people live nearby. (Washington Post) The risk of a major disaster at the nearby Zaporizhzhia nuclear power plant terrifies Nadiya Hez, who lives in an area that would probably take the brunt of any deadly radioactive fallout.
Putin, Xi and Modi Meet on Camera, but With No Signs of Greater Unity (New York Times) At a virtual summit meeting of the Shanghai Cooperation Organization, the leaders of Russia, China and India each focused on their own driving issues.
Putin says Russia is ‘united as never before’ at India-China summit (Military Times) Putin sought to project confidence after a short-lived mutiny at the Shanghai Cooperation Organization meeting, before a rare sympathetic audience.
Russia ramps up use of deadly Lancet suicide drone to blunt Ukraine’s offensive (The Telegraph) The low-cost UAV, able to destroy vehicles many times its size and value, has become a problem for Ukrainian troops along the front lines
Russia-Ukraine war live: counteroffensive will be long and very bloody, says US general (the Guardian) Gen Mark Milley says no one should have any illusions about difficulty of Ukrainian offensive
‘Some never came back’: how Russians hunted down veterans of Donbas conflict (the Guardian) Exclusive: Ukrainians who fought against separatists tell of kidnap and torture by invaders; the fate of hundreds of others is a mystery
Russian War Report: Kremlin denies that it targeted civilians in a missile attack on a pizza restaurant (Digital Forensics Research Lab) As Russia continues its assault on Ukraine, the Atlantic Council’s Digital Forensic Research Lab (DFRLab) is keeping a close eye on Russia’s movements across the military, cyber, and information domains.
Satellite Imagery Reveals Russia Caused Flooding in Occupied Ukrainian Town Before Counteroffensive (bellingcat) Russia created a dam that backed up water on the outskirts of the occupied city of Tokmak in Zaporizhzhia oblast ahead of Ukraine’s counteroffensive.
US ‘close to’ approving longest range missiles yet to Ukraine (The Telegraph) Ukraine has been pushing for ATACMS missiles which could strike at the heart of Russia’s fragile supply lines
CIA director, on secret trip to Ukraine, hears plan for war’s endgame (Washington Post) During meetings in Kyiv, William Burns was told of Ukraine’s ambitious goal to retake territory and push Moscow into talks by the end of the year
The director of the C.I.A. called the Kremlin to make clear the U.S. had no tie to Wagner’s rebellion. (New York Times) The Biden administration has taken pains to emphasize that it viewed the matter as an internal Russian affair.
‘Yevgeny Prigozhin will never be discussed again’: Russian media to erase all traces of mutinous warlord (the Guardian) The Wagner mercenary group boss who marched on Moscow has had his internet outlets blocked and troll factory closed down
Ukraine live briefing: Wagner chief promises more ‘victories at the front’ in first message since mutiny (Washington Post) The founder of the Wagner mercenary group, Yevgeniy Prigozhin, shared an audio message Monday — his first since calling off his mutiny aimed at the leaders atop Russia’s Ministry of Defense. In the recording, which was published on a Telegram channel closely associated with Wagner, Prigozhin said his fighters will win the “next victories” in the war in Ukraine. He also assessed his march on Moscow as successful.
A week after an armed rebellion rattled Russia, key details about it are still shrouded in mystery (AP News) A week after the mutiny raised the most daunting challenge to President Vladimir Putin’s rule in over two decades, key details about the uprising remain shrouded in mystery.
Analysing the Cost of Wagner Revolt (bellingcat) Visual evidence shows damage to Russia's air force and infrastructure after Wagner revolt.
Zelensky: Wagner revolt shows Putin is ‘weak’ (The Hill) Ukrainian President Volodymyr Zelensky said the Wagner Group rebellion last month shows Russian President Vladimir Putin is “weak” and unable to defend his country, saying the security …
Russia's FSB assigned by Putin to kill Prigozhin, Ukraine intel claims (The Jerusalem Post) Major General Kyrylo Budanov said that he isn't sure if FSB will successfully carry out the assassination.
Satellite photos suggest Belarus is building military camp site (Military Times) Satellite images analyzed by The Associated Press show what appeared to be a newly built military-style camp in Belarus.
All The Kremlin's Men: Russian Officials Drop Out Of Sight, Suggesting Post-Mutiny Purges (RadioFreeEurope/RadioLiberty) Two top Russian generals. The man who launched the mutiny that shook Vladimir Putin’s presidency. A growing number of public figures have dropped out of sight since the revolt -- a possible indication of purges that Putin promised in its aftermath.
The Russian power players who could take down Putin (The Telegraph) The mutiny showed that Russian leadership is won by force. Here are those waiting in the wings to take a shot at the top job
Russian Media Watchdog Blocks Websites Linked To Wagner Leader Prigozhin (RadioFreeEurope/RadioLiberty) Russia's media watchdog Roskomnadzor has blocked the websites of RIA FAN, Politics Today, Economy Today, Neva News, and People's News online media outlets for their ties to the rebellious leader of the Wagner mercenary group, Yevgeny Prigozhin, after his aborted armed march to Moscow last week.
Wagner Mutiny Puts Russia’s Military Bloggers on a Razor’s Edge (Wired) Telegram “war correspondents” have promoted the Kremlin’s invasion of Ukraine, but many have also supported mercenaries who launched a failed coup.
Belarus leader says nuclear arms will not be used (Reuters) Belarusian President Alexander Lukashenko, the Kremlin's staunchest ally in its war in Ukraine, said on Friday he was certain Russian tactical nuclear weapons deployed in his country would never be used.
Belarusian exiles’ hopes dashed as Lukashenko boasts of saving Putin (the Guardian) Opposition plans to overthrow Moscow-backed dictator are back on hold after his role in halting Wagner mutiny
The Wagner Mutiny Will Probably Prolong the War in Ukraine (World Politics Review) After the attempted mutiny of Yevgeny Prigozhin’s Wagner group, Putin may actually double down on Russia’s war in Ukraine.
Wagner's mutiny is the tip of the iceberg of Russia's rebellions | Defence in Depth (The Telegraph) As Vladimir Putin's authority is threatened, power-brokers in the Kremlin stand ready to oust him
The Wagner Mutiny Was a Preview of Russia’s Post-Putin Civil War (World Politics Review) The short-lived mutiny by Yevgeny Prigozhin’s Wagner Group is an indication of how Russian politics may play out after Putin.
Interview: Ex-Envoy McFaul On Putin After The Mutiny, And 'Retiring Forever' The Argument That NATO Membership For Ukraine A 'Provocation' (RadioFreeEurope/RadioLiberty) Former U.S. Ambassador to Russia Michael McFaul speculates on why Vladimir Putin didn't "double down" on Yevgeny Prigozhin's rebellion and says he's tired of people saying NATO membership for Ukraine is unrealistic "because that's what got us into these situations in the first place."
Putin, the Weak Strongman. Part I (Wilson Center) The Wagner Group’s failed mutiny last weekend was perhaps a false start. The private military company’s leader, Yevgeny Prigozhin, was not prepared to unseat Putin. Whatever the next moves by the main actors, Prigozhin has already left a legacy, and it is political.
Putin, the Weak Strongman. Part II (Wilson Center) Despite its apparent failure, Prigozhin’s mutiny opens a new stage in Russian political history. Preparations for a fight for Putin’s legacy may have already started.
How Putin Cannibalizes Russian Economy to Survive Personally (Time) Putin’s financial lifeline has his merciless cannibalization of Russian economic productivity. It's unsustainable
Estonian PM Says NATO Membership Is The 'Only Security Guarantee' For Ukraine, But Rules Out Offer While Fighting Continues (RadioFreeEurope/RadioLiberty) Estonian Prime Minister Kaja Kallas on July 4 said that NATO membership "is the only security guarantee" for Ukraine and said it is important that NATO member countries agree during their upcoming summit in Vilnius on "practical steps" on how Ukraine gets into the alliance.
Is Russia Losing Its Grip on Central Asia? (Foreign Affairs) What China’s growing regional ambitions mean for Moscow.
Good News For Russia As Belarus Terminates 19 Years Old Agreement With Ukraine (Opera News) In a significant development, the Verkhovna Rada, the parliament of Ukraine, has officially terminated the agreement on mutual protection of state secrets between Ukraine and the Republic of Belarus. Oleksiy Honcharenko, a member of the European Solidarity parliamentary faction, announced the adoption of Law No.
Russian ice-hockey player arrested for spying in Poland (The Telegraph) The man is suspected of being part of a Moscow spy ring trying to sabotage the flow of weapons to Ukraine
Russian election-meddling ‘troll factory’ reportedly shut down after Wagner revolt (Record) The future of Russia’s infamous Internet Research Agency, a "troll factory" that meddled in the 2016 U.S. presidential election, is uncertain after its founder Yevgeny Prigozhin fled to Belarus following his attempted military coup.
Russian telecom confirms hack after group backing Wagner boasted about an attack (CyberScoop) A Dozor-Teleport CJSC executive told ComNews that the company has been the victim of a cyberattack affecting its cloud infrastructure.
Cracking Down on Dissent, Russia Seeds a Surveillance Supply Chain (New York Times) Russia is incubating a cottage industry of new digital surveillance tools to suppress domestic opposition to the war in Ukraine. The tech may also be sold overseas.
Cyberattack knocks out satellite communications for Russian military (Washington Post) Was it pro-Ukrainian hackers or Wagner rebels?
Russian Hacktivist Platform 'DDoSia' Grows Exponentially (Dark Reading) As cybercrime amidst the Russia-Ukraine war continues to escalate, the DDoSia project, launched by a known hacktivist group, has exploded in its number of members and quality of tools used for attacks.
Microsoft denies data breach, theft of 30 million customer accounts (BleepingComputer) Microsoft has denied the claims of the so-called hacktivists "Anonymous Sudan" that they breached the company's servers and stole credentials for 30 million customer accounts.
Microsoft Denies Major 30 Million Customer-Breach (Infosecurity Magazine) Russian-linked Anonymous Sudan claims to have stolen credentials
Microsoft denies claims of data breach (Cybernews) Microsoft said there was no evidence of its user data being accessed or compromised.
CIA director says US won''t 'waste' chance to recruit Russians disaffected by war (Space War) Washington DC (UPI) Jul 2, 2023 - The director of the CIA delivered a wide-ranging speech in Britain on Saturday in which he said the spy agency will not waste the chance to recruit Russians disaffected by President Vladimir Putin's war in Ukraine and called China the biggest geopolitical and intelligence rival of the United States.
Putin claim that Russia funds Wagner group may make it easier to try him for war crimes (the Guardian) Admission that Russia paid 86bn roubles to Yevgeny Prigozhin’s mercenaries this year is potentially significant, say legal experts
As war nears Crimea, Russian occupiers are trying to lure tourists (Washington Post) Crimea, the Black Sea peninsula that Russia seized from Ukraine and illegally annexed in 2014, has been targeted in repeated drone attacks against naval targets, railway lines and oil depots.
Unilever accused of ‘sponsoring war’ over Russia sales (The Telegraph) Marmite maker has continued to sell products in Russia despite criticism
Italy Freezes Russian Oligarchs' Assets Worth $2.5 Billion (RadioFreeEurope/RadioLiberty) Italy has frozen Russian oligarchs' assets valued at around 2 billion euros ($2.5 billion) following the invasion of Ukraine last year, the country's central bank said on July 4.
Popular Ukrainian Writer Dies From Injuries Following Kramatorsk Restaurant Attack (RadioFreeEurope/RadioLiberty) Ukrainian writer and activist Viktoria Amelina has died from injuries suffered in the June 27 Russian strike on the Ria Lounge restaurant in Kramatorsk. Outside the ruins of the building, employees from the restaurant have put up a makeshift memorial to staff and customers who were killed.
‘It looks like Mars’: Nikopol locals on life without water after dam explosion (the Guardian) Ukrainians near to what was the Kakhovka reservoir are coping but proximity to the Zaporizhzhia nuclear power station is a constant worry
Attacks, Threats, and Vulnerabilities
Chinese Threat Actors Targeting Europe in SmugX Campaign - Check Point Research (Check Point Research) Introduction In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting […]
Hackers target European government entities in SmugX campaign (BleepingComputer) A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and foreign affairs ministries in the UK, France, Sweden, Ukraine, Czech, Hungary, and Slovakia, since December 2022.
Chinese hackers target European embassies with HTML smuggling technique (Record) The espionage effort, labeled SmugX by cybersecurity researchers at Check Point, has similarities to previous campaigns linked to China. HTML smuggling helped the malware avoid detection.
Several US states investigating ‘SiegedSec’ hacking campaign (Record) Officials in multiple states are investigating claims by a suspected politically motivated hacking group that websites connected to local governments were breached or defaced.
Beware: New 'Rustbucket' Malware Variant Targeting macOS Users (The Hacker News) North Korea's BlueNoroff, part of Lazarus Group, has upgraded their macOS malware, Rustbucket, to avoid detection and persist longer.
The DPRK strikes using a new variant of RUSTBUCKET (Elastic Blog) A DPRK campaign using a new variant of the RUSTBUCKET malware is underway with updated capabilities and reduced signature detection.
Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks (The Hacker News) Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Attacks
Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor (Security Affairs) Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) group using an updated version of the PowerShell backdoor POWERSTAR in a spear-phishing campaign. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued […]
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant (SecurityWeek) LockBit ransomware group claims TSMC hack and is asking for a $70 million ransom, but the chip giant says only a supplier was breached.
TSMC confirms data breach after LockBit cyberattack on third-party supplier (TechCrunch) One of the world's biggest chipmakers confirmed a data breach after the LockBit ransomware gang targeted one of its third-party providers.
Taiwan Semiconductor Denies LockBit's $70M Hack Claim (Bank Info Security) The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a
Semiconductor giant says IT supplier was attacked; LockBit makes related claims (Record) TSMC, considered the world’s most valuable semiconductor company, said there was an incident at IT supplier Kinmax. The LockBit cybercrime gang is claiming an attack against TSMC.
Us, hacked by LockBit? No, says TSMC, that would be our IT supplier (Register) So, uh, who's gonna pay that $70M ransom?
TSMC confirms supplier data breach following ransom demand by Russian-speaking cybercriminal group (CNN Business) Taiwanese semiconductor giant TSMC confirmed Friday that one of its hardware suppliers was hacked and had data stolen from it, but said the incident had no impact on business operations.
Taiwan Semiconductor confirms data breach by Russian-linked ransomware group (Seeking Alpha) Taiwan Semiconductor (TSM) confirmed on Friday that it had been the recipient of a data breach from a group linked to Russia. Read for more.
Apple supplier faces $70 million ransomware attack (Cyber Security Hub) The data breach was caused by a cyber attack against third-party supplier to TSMC
Ghostscript bug could allow rogue documents to run system commands (Naked Security) Even if you’ve never heard of the venerable Ghostscript project, you may have it installed without knowing.
Hackers study potential prey on social media (INQUIRER.net) Hackers are meticulously studying the behavior of users via social media so the perpetrators can launch targeted phishing attacks that will potentially disrupt business operations and even
BlackCat ransomware pushes Cobalt Strike via WinSCP search ads (BleepingComputer) The BlackCat ransomware group (aka ALPHV) is running malvertizing campaigns to lure people into fake pages that mimic the official website of the WinSCP file-transfer application for Windows but instead push malware-ridden installers.
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising (The Hacker News) BlackCat ransomware now spreading via malvertising! Watch out for rogue installers disguised as legitimate apps like WinSCP.
BlackCat gang claims cyber attack on Barts NHS Trust (Computer Weekly) Investigations continue into a claim by the ALPHV/BlackCat ransomware gang that it has stolen 7TB of data from Barts NHS Trust in London
BlackCat gang claims cyber attack on Barts NHS Trust (Computer Weekly) Investigations continue into a claim by the ALPHV/BlackCat ransomware gang that it has stolen 7TB of data from Barts NHS Trust in London
200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in 'Ultimate Member' Plugin (SecurityWeek) Attackers exploit critical vulnerability in the Ultimate Member plugin to create administrative accounts on WordPress websites.
HHS Tells Congress 100,000+ People Affected by MOVEit Hacks (Bank Info Security) The U.S. Department of Health and Human Services has notified Congress that the information of at least 100,000 individuals has been compromised in hacking
CL0P Ransomware Gang Attacks Top June Cyber Headlines (GovTech) The CL0P ransomware gang, reportedly based in Russia, has breached at least 122 organizations using MOVEit zero day exploits. Here’s what you need to know.
Victims of MOVEit Transfer Attacks Continue Piling Up (Channel Futures) The Clop ransomware gang claims hundreds or organizations were compromised in its recent MOVEit Transfer attacks.
Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Research (eSecurityPlanet) Alarming statistics revealed in Cymulate's assessments as organizations continue to be at risk from MOVEit vulnerability.
Schools say US teachers' retirement fund was targeted by MOVEit hackers (TechCrunch) U.S. schools were notified that TIAA was caught up in a mass-hack exploiting a security vulnerability in the MOVEit file transfer tool.
DoS and DDoS Attacks against Multiple Sectors (Cybersecurity and Infrastructure Security Agency CISA) CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against multiple organizations in multiple sectors. These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible.
CISA issues DDoS warning after attacks hit multiple US orgs (BleepingComputer) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of ongoing distributed denial-of-service (DDoS) attacks after U.S. organizations across multiple industry sectors were hit.
Over Two-Thirds of FortiGate Firewalls Still at Risk (Infosecurity Magazine) Bishop Fox said they have successfully developed an exploit for the vulnerability
Researchers Develop Exploit Code for Critical Fortinet VPN Bug (Dark Reading) Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.
Japan’s largest port stops operations after ransomware attack (BleepingComputer) The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals.
8Base Ransomware Group Emerges as Major Threat (Infosecurity Magazine) VMware explained that 8Base employs a combination of encryption and “name-and-shame” tactics
Torrent of image-based phishing emails are harder to detect and more convincing (Ars Technica) The arms race between scammers and defenders continues.
Fresh Phish: Malicious QR Codes Are Quickly Retrieving Employee Credentials (INKY) QR codes are popping up everywhere, providing a quick path to information we seek. Once a harmless marketing tool, QR codes are being exploited by cybercriminals in a credential harvesting phishing scheme.
Cybersecurity company INKY sheds light on emerging QR code phishing threats (SiliconANGLE) Cybersecurity company INKY sheds light on emerging QR code phishing threats
Imagine your child calling for money. Except it’s not them – it’s an AI scam (the Guardian) Fraudsters are being given more sophisticated ways to trick us into believing they are someone they are not, says James Wise, a trustee of the thinktank Demos
Ransomware criminals are dumping kids' private files online after school hacks (AP News) Ransomware gangs have been stealing confidential documents from schools and dumping them online. The documents describe student sexual assaults, psychiatric hospitalizations, abusive parents — even suicide attempts.
Online romance scams are netting millions of dollars — and pushing some to self-harm (NBC News) Scams that once bilked victims out of hundreds or even thousands of dollars are increasingly persuading them to move their investment and retirement accounts into phony investment schemes.
BBB Scam Alert: This phishing scam claims a process server is looking for you (Better Business Bureau) This new phishing scam variation involves a phony process server and a non-existent court case against you. Here’s how to spot it.
Who’s Behind the DomainNetworks Snail Mail Scam? (KrebsOnSecurity) If you've ever owned a domain name, the chances are good that at some point you've received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to…
Crypto platform Poly Network suspends service after hacker steals millions of dollars in digital assets (Recotd) Millions of dollars worth of cryptocurrency were stolen from the Poly Network platform this weekend in an attack that saw hackers take billions of largely worthless coins.
Cyber Attack on Suncor Energy Indefinitely Suspends Electronic Payments at Canadian Gas Stations (CPO Magazine) Motorists who have pulled up to one of Canada’s Petro-Canada gas stations in the last few days have been greeted by “cash only” signs, as a cyber attack on parent company Suncor Energy has disrupted the company’s payment and loyalty reward systems.
Dublin airport staff's salary data breached (Reuters) Some Dublin airport staff's financial information has been compromised by a cyber-attack on provider company Aon that also affected various other firms, the Dublin Airport Authority (DAA) said on Sunday.
Fort Worth officials say leaked data came from Public Information Act request (Record) Officials in the City of Fort Worth, Texas denied being hacked for a second time after the same cybercrime group posted another batch of information allegedly stolen from government networks.
Hacking crew targeting states over transition bans claims cyberattack hitting global satellite systems (CyberScoop) A group that previously hacked Fort Worth, Texas, claimed a cyberattack that affected Halliburton, Shell, Helix Energy and Oceaneering.
Police investigate stolen exam papers after cyber attack (Schools Week) Schools Week understands the incident relates to a school’s email system being hacked
AQA also hit by exam paper cyber attack (Schools Week) Police are investigating a cyber-attack at England's largest exam board AQA - the third board to be targeted
Twitter bug causes self-DDOS tied to Elon Musk's emergency blocks and rate limits: "It's amateur hour" (Waxy.org) An "amateur hour" Javascript bug is self-DDOSing Twitter, sending infinite requests from users related to — or possibly even causing — Elon Musk's "temporary emergency measures" to stop web scraping.
Vulnerability Summary for the Week of June 26, 2023 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
WordPress plugin lets users become admins – Patch early, patch often! (Naked Security) Ultimate Member plugin lets rogue users choose their own site capabilities, including becoming admins.
Trends
BlackFog State of Ransomware Report (BlackFog) June was the second busiest month of 2023 with 46 publicly disclosed ransomware attacks recorded, not including the victims of the MOVEit attack.
Understanding the Growing Professionalism of Cyber-Criminals (Infosecurity Magazine) Melissa Bischoping says organizations must know how threat actors are transforming their operations or risk being blindsided by an attack
58 per cent of malware families sold as service are ransomware (The Siasat Daily) A new study has revealed that 58 per cent of malware families sold as a service are ransomware.
SEO Poisoning Attacks Increase Across Healthcare (Health IT Security) Threat actors have been leveraging search engine optimization (SEO) poisoning tactics to trick users into clicking on malicious links, HC3 warned.
The rise in cyber extortion attacks and its impact on business security (Help Net Security) In this Help Net Security video, Charl van der Walt, Head of Security Research at Orange Cyberdefense, discusses cyber extortion attacks and their expansion to new regions.
Kenyan Businesses Experience 82% Increase in Cyber-Attacks (allAfrica.com) Cyber-attacks on Kenyan businesses increased by 82 percent last year, latest report shows, highlighting growing vulnerabilities in firms.
Marketplace
Nordic firms ride wave of cyber M&A activity (Defense News) The mergers and acquisitions are taking place as Sweden seeks NATO membership, and neighboring Finland this year joined the alliance.
Nokod Security raises $8 million to enhance low-code/no-code app security (Help Net Security) Nokod Security announced its $8 million seed round, which will be used to establish a presence in the United States market.
Outdid Raises $2.5 Million to Provide Identity Verification in a Private and Trustless Manner (Business Wire) Seed Round Led by Jump Crypto followed by Superscrypt
Bitdefender to Acquire Horangi Cyber Security to Expand its GravityZone Unified Risk and Security Analytics Platform (AiThority) Bitdefender, a global cybersecurity leader, announced it has agreed to acquire Singapore-based Horangi Cyber Security
Carlyle enters into exclusive negotiations to acquire PR0PH3CY
(Carlyle) The investment will drive PR0PH3CY’s growth, continuing its buy and build strategy, and help it expand to new markets Carlyle’s cyber security expertise and international network will support PR0PH3CY long-term ambitions As part of the transaction, PR0PH3CY will launch its company rebrand, changing its name to “NEVERHACK” Paris, France, 03 July 2023 – Global investment firm Carlyle (NASDAQ: CG) announced today that it has [entered into exclusive negotiations to acquire PR0PH3CY, a leading “one-stop-shop” cybersecurity services business
Nvidia Acquired AI Startup That Shrinks Machine-Learning Models (The Information) Nvidia in February quietly acquired OmniML, a two-year-old artificial intelligence startup whose software helped shrink machine-learning models so they could run on devices rather than in the cloud, according to a spokesperson and LinkedIn profiles of former OmniML employees who now work at ...
Army Awards $36M EW-Cyber System Deal to Lockheed Martin (MeriTalk) Amber Chaudhry, acting chief experience officer at the U.S. Department of Housing and Urban Development (HUD), has left her position at the department, according to her LinkedIn posting.
How Alumni Engagement Can Help America’s Cyber Agencies Address Talent Gaps (The Cipher Brief) Evan Rosenfield and Adam Maruyama discuss the role of alumni in filling the US government’s cyber talent gaps.
Cybersecurity experts have become targets for board seats (CNBC) The need for strong cybersecurity programs is a vital part of doing business today, and a good reflection of that is adding security executives to boards.
Former GD Exec Alec Newell Named Business Development VP at NetCentrics - GovCon Wire (GovCon Wire) Looking for the latest GovCon News? Check out our story: Former GD Exec Alec Newell Named Business Development VP at NetCentrics. Click to read more!
Products, Services, and Solutions
New infosec products of the week: June 30, 2023 (Help Net Security) The featured infosec products this week are from: Cequence Security, Delinea, Index Engines, and NetApp.
Axio Global Unveils Cyber-Physical Attack Quantifier at Lloyd’s Lab Demo Day (Business Wire) Innovative Solution Helps Critical Infrastructure Organizations Understand Cyber-Physical Damage Risk and Offer Sustainable Coverage for Exposure
Fortanix Launches Industry-First Confidential Data Search for Regulated Encrypted Data (Business Wire) Data security leader pioneers a unified, high-performance solution that is thousands of times faster than current technologies and supports off-the-shelf databases to accelerate adoption.
Twitter has started blocking unregistered users (The Verge) Elon Musk blamed “data pillage” and claims the move is temporary.
MISI Invites Nubeva To 3rd Party Testing of Ransomware Reversal Product (Yahoo Finance) Independent Product Testing Commences at U.S. Cyber Command's DreamPort Facility
Belarusian Catholic Religious Instructor Given Third Consecutive 15-Day Jail Term (RadioFreeEurope/RadioLiberty) A court in Minsk has sentenced a Roman Catholic religious instructor, Uladzislau Beladzed, to 15 days in jail for a third consecutive time on a charge of "distributing extremist materials" that his relatives and colleagues call groundless.
Polimec and Deloitte Switzerland Introduce New KYC Credentials to Enhance Regulatory-Compliant Fundraising (Crypto Reporter) Use case sets the basis for regulatory compliance in decentralized finance (DeFi), reducing the risk of fraud and accelerating Web3
Infinios partners with Secureworks to support the fintech ecosystem (Paypers) Bahrain-based fintech Infinios has teamed up with US-based cybersecurity company Secureworks to support the development of the fintech ecosystem.
Technologies, Techniques, and Standards
CISA Announces Updates to the Election Security Team (Cybersecurity and Infrastructure Security Agency) Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly announced today that Cait Conley, Senior Advisor to the Director, will take on additional responsibilities supporting CISA’s election security efforts.
CyberSentry Program Launches Webpage (Cybersecurity and Infrastructure Security Agency CISA) It should come as no surprise that our nation’s critical infrastructure is under concerted threat from malicious cyber actors.
Shining Light on NIST and Its Influence on SaaS Security (CPO Magazine) The National Institute of Standards and Technology (NIST) is one of the leaders in developing cybersecurity practices. Part of the U.S. Department of Commerce, NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of the U.S. industry, federal agencies, and the broader public.
VMware, Other Tech Giants Announce Push for Confidential Computing Standards (SecurityWeek) VMware partners with tech giants such as Samsung and AMD to accelerate the development of confidential computing applications.
Cyber Command Finishes its First 'Hunt Forward' Operation in Latin America (Government CIO) The agency and its allies engaged in an exercise to demonstrate their defensive operations and improve cyber defenses in the U.S.
Polymorphic malware and the rise of new 'moving target' defensive security (SiliconANGLE) Polymorphic malware and the rise of new 'moving target' defensive security - SiliconANGLE
Council Post: Cyber Threat Prevention And Board-Worthy Reporting (Forbes) In today’s digital-first world, the risk of targeted cyberattacks can no longer be ignored.
Council Post: Seven Things To Include In Your Anti-Phishing Policy (Forbes) The goal of promoting an anti-phishing policy is not just to raise awareness or mitigate social engineering attacks but to establish a resilient culture of cybersecurity.
NuHarbor Security Announces Winner of Cybersecurity Common Ontology Hackathon (Business Wire) Competition drew more than 800 entrants, resulting in multiple innovations
Decrypted: Akira Ransomware (Avast Threat Labs) Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.
Decryptor publicly released for Akira ransomware used in several high-profile incidents (Record) A cybersecurity firm released a decryptor for the Akira ransomware, providing a way forward for dozens of victims that have dealt with attacks since the gang emerged in March 2023.
Avast released a free decryptor for the Windows version of the Akira ransomware (Security Affairs) Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. The Akira ransomware has been active since March 2023, the threat […]
What is a Cyber Security Risk Assessment? (Check Point Software) Learn what a cyber security risk assessment is, and what makes it an invaluable tool for improving an organization’s cyber security posture.
Quantum-Resistant vs Quantum-Proof Cryptography: Differences (Analytics Insight) In an increasingly interconnected digital world, the need for robust cryptographic algorithms to protect sensitive information has never been more crucial.
Design and Innovation
Endor Labs Details Results of Using AI, ChatGPT to Detect Malware (Acceleration Economy) An Endor Labs study sheds light on ways to use ChatGPT in defensive cybersecurity. The company tapped AI to detect malware.
‘Shadow’ AI use becoming a driver of insider cyber risk (Computer Weekly) Off-the-books use of generative AI tools will inevitably lead to a costly, high-profile data breach for someone, but a little attention paid to appropriate data management policy can help mitigate the risk.
Artificial intelligence is a familiar-looking monster, say Henry Farrell and Cosma Shalizi (The Economist) The academics argue that large language models have much older cousins in markets and bureaucracies
Legislation, Policy, and Regulation
Taiwan Looks to Ukraine Playbook in Race to Build Satellite Internet (Wall Street Journal) Kyiv’s ability to maintain broadband access inspires Taipei to boost communications resilience in the event of conflict with China.
China’s Anti-Espionage Law Raises Foreign Business Risk (Forbes) Revisions to the law allow China significant leeway to investigate and prosecute foreign corporations, raising fears among U.S. and foreign businesses.
Nations urged to be responsible in cyberspace after meeting in Vancouver (IT World Canada News) Representatives of 16 countries wound up two days of meetings on cybersecurity in Vancouver this week by calling for nations to uphold responsible behaviour in cyberspace. Global Affairs Canada said the meetings of cyber diplomats, who discussed challenges to co-ordinated responses to incidents, were follow-ups to sessions last year in Belgium. "Country representatives recognized that
UK unites 68 other states in joint call to action against online child abuse (Record) The statement stresses the private sector’s responsibility to protect children from sexual exploitation, and follows discussions in Vienna hosted by the U.N. Office on Drugs and Crime.
Elon Musk Seeks Support Against Rules on Free Speech Online (WIRED) During a tour in Europe to make a Neuralink announcement, Musk's real goal became apparent: Stop the European Commission’s proposed measures regarding online content moderation.
CERT-In issues “Guidelines on Information Security Practices” for Government Entities for Safe & Trusted Internet (India Education) India’s digital landscape has witnessed tremendous growth, with over 80 crore Indians (Digital Nagriks) actively utilizing the Internet and cyberspace, making it one of the largest connected nations in the world. Citizens are increasingly relying on
Indian govt asks ecommerce companies to refrain from using dark patterns (ETCIO.com) The ministry is also in the process of framing guidelines for discouraging the usage of dark patterns, said Rohit Kumar Singh, secretary, department of consumer affairs which comes under the ministry of consumer affairs.
Apple, Paytm, Flipkart and others summoned by Parliamentary Panel to address rising cyber threats (Mint) Parliamentary Standing Committee for Finance to address cyber security and cyber threats; senior officials from banks and tech companies summoned to present measures to combat cyber crimes.
Why an Illinois law is at the center of Congress’ debate on new data privacy legislation (Record) As lawmakers on Capitol Hill continue to negotiate federal privacy rules, many advocacy groups and Democrats are calling attention to an Illinois law as an example for how certain provisions can lead to critical reforms.
The FTC wants to put a ban on fake reviews (The Verge) It would fine companies that buy and sell fake reviews.
US Cyber Command Working to Expand Information-Sharing Initiative With Industry (Executive Gov) Looking for the latest Government Contracting News? Read about US Cyber Command Working to Expand Information-Sharing Initiative With Industry.
SEC Affirms Intention to Prioritize Adoption of Cybersecurity Rules for Public Companies and Investment Advisers and Funds (Gibson Dunn) Gibson Dunn lawyers review the proposed implementation of two rules by the U.S. Securities and Exchange Commission that address cybersecurity governance and cybersecurity incident disclosure.
SEC announces delay in finalising new cyber security disclosure rules (CyberSecurity Connect) The US Securities Exchange Commission has said that it is pushing back finalising changes to how cyber security incidents are disclosed to October 2023.
IBM Calls for Fed Supply Chain Security Center of Excellence (Meritalk) Tech giant International Business Machines (IBM) has called on the government to establish a shared service center of excellence to develop protections against supply chain disruptions, according to a recent report it released in collaboration with experts from government, business, academia, and the nonprofit sectors.
Department of Defense Efforts to Acquire Artificial Intelligence (US Government Accountability Office) Artificial intelligence could transform national defense and security. The Department of Defense has designated it a top priority in its modernization...
Enforcement of CPRA Regulations Delayed Until 2024 (cyber/data/privacy insights) A California court order has delayed enforcement of the implementing regulations for the California Privacy Rights Act of 2020 (CPRA) until March 29, 2024. The California Superior Court of Sacramento County issued the court order on Friday, June 30 — one day before enforcement of the CPRA regulation
CISA election security lead Kim Wyman to leave agency (StateScoop) Wyman, who previously served as Washington state's top election official, will step down as CISA's top election security adviser.
Chilling revelations on the rise of feds’ Orwellian speech police (New York Post) CISA Director Jen Easterly has said “cognitive infrastructure” — that is, what people think — is “most critical.”
Army Combat Veteran to Take Over Key Election Security Role Working With State, Local Officials (SecurityWeek) CISA's Cait Conley will coordinate with federal, state and local officials responsible for election security ahead of the 2024 presidential election.
Pornhub blocks access in Mississippi and Virginia over age verification laws (The Verge) And more states may be on the list soon.
Litigation, Investigation, and Law Enforcement
Judge limits Biden administration in working with social media companies (AP News) A judge on Tuesday prohibited several federal agencies and officials of the Biden administration from working with social media companies about “protected speech,” a decision called “a blow to censorship” by one of the Republican officials whose lawsuit prompted the ruling.
Federal Judge Limits Biden Officials’ Contacts With Social Media Sites (New York Times) The order came in a lawsuit filed by the attorneys general of Missouri and Louisiana, who claim the administration is trying to silence its critics.
Briefing: Court Blocks Biden Administration From Pressuring Social Media Firms Over Covid ‘Disinformation' (The Information) A judge on Tuesday granted a preliminary injunction preventing the Biden administration from pressuring social media companies to take down posts questioning the effectiveness of Covid vaccines, face masks, lockdowns, the accuracy of the Hunter Biden laptop story and the validity of the 2020 election. The judge said that during the Covid pandemic, the administration “seems to have assumed a role
Judge blocks U.S. officials from tech contacts in First Amendment case (Washington Post) The Trump-appointed judge’s move could upend years of efforts to enhance coordination between the government and social media companies
Cyber agency faces heightened scrutiny with social media lawsuit (Washington Post) Debate over ‘First Amendment’ and ‘countering disinformation’ gets a key court ruling, with some cyber officials ensnared
White House accused of ‘massive’ attempt to censor Covid jab dissent (The Telegraph) Court grants injunction against Joe Biden’s officials, pending ruling, over claims they urged social media firms to curb ‘vaccine hesitance’
The Geopolitics of Extraditing Hackers (Reason.com) Geopolitics has always played a role in prosecuting hackers. But it's getting a lot more complicated, as Kurt Sanger reports....
How the FBI hacked Hive (POLITICO) The bureau is trying to take the fight to foreign ransomware gangs, even if it means giving up on bringing some of them behind bars.
Meta Loses EU Court Fight Over Antitrust Crackdown on Data (Bloomberg) EU top court rules on scope of German watchdog’s investigation. Meta accused nation’s cartel office of overstepping its powers.
Third Nigerian pleads guilty in BEC scams dating back nearly a decade (Record) U.S. prosecutors obtained a guilty plea Thursday from a third Nigerian man accused of participating in a business email compromise (BEC) ring in the mid-2010s.
Breach Victims Have Standing When Data Misused, 1st Circuit Says (DataBreaches.net) Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the...
Republicans accused of faking Whatsapps to smear Hunter Biden (The Telegraph) Lawyer for President Joe Biden’s son says screengrabs released by investigating committee suggesting leverage for business deal are bogus
HHS Office for Civil Rights Settles HIPAA Investigation with iHealth Solutions Regarding Disclosure of Protected Health Information on an Unsecured Server for $75,000 (DataBreaches.net) HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident...
