Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+502: Cyber action discussed (and experienced) at the NATO summit. (CyberWire) As NATO leaders meet in Vilnius, collective security in cyberspace will figure among the agenda. Russian operators are also active against the summit, with kinetic threats and cyberattacks.
Russia-Ukraine war: List of key events, day 503 (Al Jazeera) As the conflict enters its 503rd day, these are the main developments.
Russia Strikes Kyiv With Drones Hours Before Key NATO Summit For Ukraine (RadioFreeEurope/RadioLiberty) Russia launched a fresh wave of kamikaze drones on Kyiv early on July 11, Ukrainian officials said, hours before the start of a crucial NATO summit in Lithuania where the military support for Ukraine in its defense against Russian aggression and its future ties with the alliance top the agenda.
Ukraine-Russia war live: Russian submarine commander shot dead on morning run (The Telegraph) A Russian naval captain who commanded a submarine that allegedly fired on a Ukrainian city has been shot dead on his morning run.
Ukrainian minister says he fears Russia has 'no red lines' to prevent attacks on nuclear plant (AP News) Ukraine's Energy Minister says the catastrophic collapse of a dam in southern Ukraine has made Kyiv worried that Russia might stage an attack on the Zaporizhzhia nuclear power plant to foment panic and quell Ukrainian advances on the frontline.
Ukraine-Russia war live: Putin met Prigozhin after mutiny, Kremlin confirms (The Telegraph) Ukraine claims to have recaptured 169 sq km on the southern front and 24 sq km around Bakhmut since the counteroffensive began last month.
Russian mercenary leader Prigozhin's commanders met Putin after short-lived mutiny, pledged loyalty (AP News) The Kremlin says mercenary chief Yevgeny Prigozhin's commanders met with Russian President Vladimir Putin five days after staging a short-lived rebellion.
Putin met Prigozhin for private talks in Moscow after mutiny (The Telegraph) Revelation indicates that Russian leader may still be reliant on the Wagner chief despite all the recent turmoil
Wagner Leader Prigozhin Met With Putin Days After Aborted Russian Revolt (Wall Street Journal) The meeting is a sign that Yevgeny Prigozhin and his forces remain important players in Russian security and politics.
Ukraine to be offered ‘Nato-lite’ protection (The Telegraph) Major powers commit to ‘Israel-style’ security guarantees for Kyiv, but stop short of timetable for full alliance membership
Ukraine tops NATO summit agenda along with Sweden’s membership (Military Times) Russia’s war on Ukraine will top the agenda when U.S. President Joe Biden and his NATO counterparts meet on Tuesday and Wednesday.
Russian diplomats warn West over Ukraine ahead of NATO summit (Reuters) Russia warned on Tuesday of "catastrophic consequences" for Europe if the Ukraine war escalates, as NATO leaders prepared to deliver a "positive message" to Kyiv at a summit on its future prospects for joining the military alliance.
Conducting talks on Ukraine not currently possible, senior Russian diplomat says (TASS) "As [Russian Foreign Minister] Sergey Lavrov said, if you want war, that’s what you will get," Konstantin Gavrilov noted
Biden and Sunak pledge support for Ukraine ahead of NATO summit (Washington Post) President Biden kicked off his high-stakes visit to Europe with a quick stop in London to meet Prime Minister Rishi Sunak, where the two leaders emphasized the importance of supporting Ukraine and bolstering a show of unity ahead of a NATO summit that is expected to be rife with divisions over how allied nations should support Kyiv against Moscow.
Consider The Porcupine: Western Officials Struggle To Find A New Security Model For Ukraine (RadioFreeEurope/RadioLiberty) It’s called the “porcupine” or “Israel” model: Supply enough weaponry to turn Ukraine’s military into an armed force so powerful and prickly that Russia wouldn’t want to attack it. In return? NATO membership would be back-burnered. It’s an idea gaining traction in some NATO meeting rooms.
Ukraine deserves a timetable to join Nato (The Telegraph) Joe Biden says he does not think Ukraine is “ready” for membership. Yet blocking Kyiv from the alliance has not prevented a war
Turkey clears way for Swedish NATO membership, in abrupt about face (Breaking Defense) While far from the official last step for Sweden’s NATO membership, the transmission of Sweden’s Accession Protocol to the Turkish Grand National Assembly all but removes any doubt that the northern European nation will become the alliance’s 32nd member.
Hungary Says Ratifying Sweden NATO Bid Now A 'Technicality' (RadioFreeEurope/RadioLiberty) Hungary's ratification of Sweden's NATO bid is now "only a technical question," Hungarian Foreign Minister Peter Szijjarto said on July 11, after Turkey agreed to allow the Nordic country to join the alliance.
Sweden's rocky road from neutrality toward NATO membership (AP News) When long-neutral Sweden applied for NATO membership together with Finland, both expected a quick accession process.
A Stronger But Less Ambitious NATO (Foreign Affairs) What Sweden and Finland’s membership will mean for the alliance.
Why the New NATO-Ukraine Defense Council Falls Short (Time) The formation of the NUC may be an important step, but is far from the NATO membership Ukraine seeks.
Why Jens Stoltenberg Should Be a Candidate for the Nobel Peace Prize (Real Clear Defense) It might seem that nominating the leader of the world’s largest and most important military alliance for a Nobel peace prize is a contradiction in terms but, the appearance of contradiction is mistaken.
Berlin finalises 700-mln-euro military aid package for Ukraine (Reuters) The German government has finalised a 700-million-euro ($770.28 million) military aid package for Ukraine, the defence ministry said on Tuesday, the first day of a NATO summit in Vilnius.
Biden To Meet With Zelenskiy At NATO Summit As Russia Strikes Ukraine With Drones (RadioFreeEurope/RadioLiberty) The White House has announced that U.S. President Joe Biden will meet with Ukrainian President Volodymyr Zelenskiy at a two-day NATO summit in Lithuania as Russia launched a fresh wave of kamikaze drones on Kyiv and Odesa just hours before the start of the crucial gathering.
A Cybersecurity Wish List Ahead of NATO Summit (SecurityWeek) A formal NATO Cyber Command could do as much for the cybersecurity of individual members of NATO as USCYBERCOM already does for the US.
NATO’s Christian-Marc Lifländer on how the alliance can take a ‘proactive’ cyber stance (Record) An interview with Christian-Marc Lifländer, the head of NATO's cyber and hybrid policy section, about NATO’s changing approach to cyber, and what will happen if attacks targeting Western states continue to increase.
Ukraine has set the standard on software power (POLITICO) Whatever capabilities European NATO members are rushing to procure won’t be enough to deter adversaries unless they heed a salient lesson — the importance of software and data in modern warfare.…
Threat group testing more sophisticated DDoS hacks, authorities warn (Cybersecurity Dive) Hacktivists behind the attacks on Microsoft OneDrive and Azure are claiming recent test disruptions at Stripe, Reddit and EFTPS.
RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit (BlackBerry) The BlackBerry Threat Research and Intelligence team has uncovered malicious lures targeting guests of the upcoming NATO Summit who may be providing support to Ukraine. Our analysis leads us to believe that that the threat actor known as RomCom is likely behind this operation.
Cyberattack Forced Ukraine to Postpone June Inflation Release (Bloomberg) Ukraine delayed the publishing of June inflation numbers and issued the data on its Facebook page after a cyber attack last week, the State Statistics Office said.
New House Judiciary report claims FBI worked with Ukrainian agency to remove verified social media accounts (CNN) The FBI participated in a flawed effort to stop Russian disinformation at the behest of a Ukrainian intelligence agency that instead ensnared authentic American accounts – even a verified Russian-language US State Department account, the House Judiciary Committee alleges in a new report obtained first by CNN.
Russia-Ukraine war holds key lessons for US Space Command: top official (The Hill) U.S. Space Command has learned a number of lessons from the Russia-Ukraine war, starting almost as soon as the war began, a top official said last week. Lt. Gen. John Shaw, the Space Command’…
Kennan Cable No. 83: Moscow’s Maritime Strategy: Establishing Russia as a Leading Seafaring State (Wilson Center) Russia is becoming a maritime nation. As Moscow has sought to position Russia as a global power in a “post-West” world,[1] it has worked to develop the Northern Sea Route (NSR) and increase trade with states across the Middle East and North Africa (MENA), in the Gulf, the Indian Ocean, and in the Pacific. Russia’s leadership intensified this effort to diversify the economy in the wake of Western sanctions following the annexation of Crimea in 2014, and the emphasis on establishing Russia as a maritime power has continued ever since. Indeed, following Moscow’s full-scale invasion of Ukraine in February 2022, the Russian economy to a great extent relies on the ability to exploit and export hydrocarbons and agricultural commodities by sea.
Attacks, Threats, and Vulnerabilities
Chinese State-Linked Information Operation Revealed Social Media Account Takeover Potential (Nisos) Nisos investigators identified a network of pro-Beijing Twitter accounts likely engaged in state-backed information operation targeting audiences in various countries in Latin America, including Paraguay, Costa Rica, Chile, and Brazil. Some of the accounts promote strategic Chinese state media-linked news content in both Spanish and Portuguese.
Bangladesh government takes down exposed citizens' data (TechCrunch) Bangladesh's government took down the website that leaked citizens' personal information after TechCrunch reported the leak.
Trinidad and Tobago facing outages after cyberattack (Record) Trinidad and Tobago’s justice department is dealing with a cyberattack that has impacted the ministry’s operations.
Asylum Ambuscade: crimeware or cyberespionage? (WeLiveSecurity) A curious case of a threat actor at the border between crimeware and cyberespionage
Crimeware Group Asylum Ambuscade Ventures Into Cyber-Espionage (Infosecurity Magazine) ESET researchers suggested Asylum Ambuscade has been active since 2020
Critical Vulnerability Can Allow Takeover of Mastodon Servers (SecurityWeek) A critical vulnerability in the Mastodon social networking platform may allow attackers to take over target servers.
Exploit Code Published for Remote Root Flaw in VMware Logging Software (SecurityWeek) VMware says exploit code has been published for a pre-authentication remote root vulnerability (CVE-2023-20864) in its VMware Aria Operations for Logs product.
Meet LockBit: The Most Prevalent Ransomware in 2022 (Fortinet Blog) Get insights into the most notorious ransomware in 2022, preying on hundreds of victims and undergoing several evolutions over the past few years.…
The Seven Phases of a Ransomware Attack: A Step-by-Step Breakdown of the Attack Lifecycle (Flashpoint) We break down each stage of a ransomware attack and how to leverage intelligence to minimize risk for your organization and its assets.
Move It on Over: Reflecting on the MOVEit Exploitation (Huntress) In this blog, we explore the long-term impact of the MOVEit exploitation and how defenders can stay vigilant and learn from the past.
Cl0p has yet to deploy ransomware while exploiting MOVEit zero-day (SC Media) Huntress researchers say Cl0p has used a web shell to copy and exfiltrate data, but no full network compromise has been executed via ransomware.
Emerging Threat: Attackers Exploit Meta's Threads App Buzz (Veriti) Protect from emerging threats associated with Meta's Threads app. Stay vigilant, download from trusted sources, verify domain authenticity.
Microsoft Fixes NoAuth Flaws, Prevents Account Takeover (Kratikal Blogs) Researchers from Descope, a California-based identity and access management service, have reported the vulnerability and named it ‘NoAuth.’
Razer investigates data breach claims, resets user sessions (BleepingComputer) Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter.
Razer Data Breach: Alleged Database and Backend Access Sold for $100k (HackRead) Razer Inc. is aware of the potential breach and is currently investigating.
Alleged Razer data breach: Hacker demands US$100K in crypto in exchange for stolen data (Vulcan Post) Razer data breach is suspected as stolen data surfaces on dark web. Razer is currently investigating the potential breach.
Razer gets pwned as hackers steal source code (Cyber Security Connect) Gaming hardware and peripheral manufacturer Razer is currently looking into a potential data breach after hackers listed stolen data online. Razer has said it is aware of a breach relating to its Raz
Razer Cyber Attack: Gaming Hardware Giant Faces Data Breach (The Cyber Express) Gaming hardware behemoth Razer remains under the cybersecurity spotlight again, with a new Razer cyber attack looming large. An unknown
Amazon Prime Day: Buyers Beware of Phishing Campaigns Targeting Online Shoppers (Veriti) Amazon Prime Day, a highly anticipated event for online shoppers, is just around the corner but online shoppers might get more than they bargained for—it’s a prime opportunity for cybercriminals to exploit unsuspecting users.
UK battles hacking wave as ransomware gang claims ‘biggest ever’ NHS breach (TechCrunch) The U.K.’s largest NHS trust is investigating a ransomware incident as the country’s public sector battles a wave of cyberattacks
Another huge US medical data breach confirmed after Fortra mass-hack (TechCrunch) More than a hundred organizations are affected by a mass-ransomware attack targeting Fortra's file transfer software.
HCA Healthcare patient data stolen and for sale by hackers (CNBC) The health-care giant claimed no "clinical" information was breached by the hackers, a claim undercut by sample data provided to an industry analyst.
New York City Schools Had Warnings Before Cyber Attack (GovTech) Before a global cyber attack compromised data from New York schools in May, an audit by the state comptroller and a special commissioner of investigation had dinged the district for insufficient oversight.
City of Hayward website down after weekend cyber attack (CBS News) Hayward's city website was down on Monday after being targeted over the weekend by a cyber attack, city officials said.
Hayward hacked: City suffers ransomware attack, turns off website (KTVU FOX 2) The city of Hayward has fallen victim to a ransomware attack and shut down its city website as IT crews investigated the extent of the problem.
Revolut lost $20m due to payment flaw (Computing) Hackers capitalised on differences between European and US payment systems
Security Patches, Mitigations, and Software Updates
About the security content of Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1 (Apple Support) This document describes the content of Rapid Security Responses.
Apple releases, quickly pulls Rapid Security Response update for 0-day WebKit bug (Ars Technica) Update for iOS 16, macOS Ventura can be uninstalled if you're having problems.
iOS 16.5.1 security fix temporarily pulled after it broke websites (9to5Mac) Apple yesterday released an iOS 16.5.1 update to fix a security vulnerability which is being actively exploited by attackers –...
Apple Pulls iOS 16.5.1 and macOS 13.4.1 Rapid Security Response Updates Due to Safari Bug (MacRumors) Apple earlier today released new Rapid Security Response updates for iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 users, but Apple has pulled...
Marketplace
Acquisitions for Security Vendors, Funding For Startups | Q2 2023 (Pinpoint Search Group) A look the cyber security vendor transactions in Q2, 2023. Stay tuned into infosec funding and acquisitions news with our quarterly report.
GreenPages Continues Business Transformation With New Brand Identity and Name Change to Blue Mantis (GlobeNewswire News Room) Leading Strategic Technology Services Provider Has Been Flourishing and Innovating for More Than Three Decades is Now Blue Mantis...
SAVVY Exits Stealth with $30M in Funding to Enable Safe Use of SaaS Applications at Scale (GlobeNewswire News Room) Workforce Security Automation Empowers Organizations with Just-in-Time Guardrails to Prevent SaaS Security Incidents...
Honeywell to Buy Israeli Cybersecurity Business Scadafence (Wall Street Journal) The U.S. industrial company said the acquisition would expand its asset-discovery, threat-detection, and compliance-management capabilities.
Honeywell steps up fight against ‘operational tech’ cyber threats, buying Israeli firm (WRAL TechWire) Honeywell is buying Israel-based SCADAfence in a move it says bolsters offerings against cybersecurity threats that target operational technology and Internet of Things.
More Microsoft layoffs ahead as tech giant starts 2024 fiscal year (CRN) The cuts appeared to hit solutions associates, direct sales associates, program managers and success managers
Inside the perverse system of 'lazy management' that's destroying the tech industry (Business Insider) Tech executives and investors have claimed that loafing employees are dragging down companies. But experts say the real problem is "lazy management."
Products, Services, and Solutions
Meta Plans Labels For State-Run Media Outlets And Offer Fact Checking On Threads (Forbes) The comment comes days after Instagram chief Adam Mosseri said Threads will not actively promote politics and hard news content.
GCA Releases its Cybersecurity Toolkit for Small Business in Portuguese (Global Cyber Alliance) A new milestone for our free and effective toolkit designed for small to medium-sized businesses in the Lusophone Commonwealth.
Votiro Expands Global Partner Program and Launches First Ever Zero Trust Content Protection for MSP Partners and Enterprise Customers (Business Wire) Channel-first initiatives to help Votiro accelerate global expansion and strengthen cybersecurity postures
Baffle Delivers End-to-End Data Protection for Analytics (GlobeNewswire News Room) Easily deployed and configured, the platform ensures security and compliance as data is stored and moved through analytics pipelines...
Sophos Announces Partnership With Cysurance (Sophos News) Providing unique, fixed-price cyber insurance to organizations using Sophos Managed Detection and Response (MDR)
AvePoint Achieves New ISO 27701:2019 Certification as Part of its Commitment to Security and Privacy (GlobeNewswire News Room) Audited against two additional ISO certifications with zero non-conformities for the second year in a row...
Netskope Partners with Wipro to Power New Managed Security and Network Services (Netskope) Netskope, a leader in Secure Access Service Edge (SASE) today announced a new partnership with Wipro Limited to
Hughes Partners with Netskope to Launch Managed SASE Solution for Small to Medium Enterprises (Netskope) Market leaders in Managed Services and Secure Access Service Edge bring businesses a customizable cloud security solution for SD-WAN
NETSCOUT Combines Leading Global Threat Intelligence With Machine Learning to Protect Enterprises From Rapidly Spreading Dynamic DDoS Attacks (Business Wire) Adaptive DDoS Protection for AED Defeats Dynamic DDoS Attacks, Securing Enterprises and Reducing Risks and Costly Network Downtime
Cork™ Cyber Warranty MSP Early Access Program Reaches Full Capacity Due To Overwhelming Market Demand (Business Wire) Company Opens Priority Waiting List for General Availability of Platform Expected in Fall 2023; BRITECITY and WOM Technology Management Group Standardizing on Cork as Part of Their Managed Security Offerings
Exabeam Delivers Behavior Monitoring Solution Specifically for Federal Departments and Agencies (Business Wire) Purpose-built for OMB M-21-31 EL3 compliance to detect compromised user credentials, privileged user compromise, improper asset access, compromised system/host/device, and lateral movement of threat actors
Center for Internet Security, CREST Join Forces to Secure Organizations Globally (CIS) New program provides organizations a way to show customers and partners their cybersecurity posture meets rigorous standards of CREST accreditation
Omada Identity Cloud Now Available in the Microsoft Azure Marketplace (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), today announced the availability of Omada's market...
Technologies, Techniques, and Standards
5 ways to prepare a new cybersecurity team for a crisis (CSO Online) Advanced planning, training and simulation, and understanding organizational risk will go a long way to avoid rookie mistakes when a cybersecurity team meets its first critical incident.
Legislation, Policy, and Regulation
Data Protection: European Commission adopts new adequacy decision for safe and trusted EU-US data flows (European Commission) Today, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. The decision concludes that the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred from the EU to US companies under the new framework.
Questions & Answers: EU-US Data Privacy Framework (European Commission) On 10 July, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. The adequacy decision concludes that the United States ensures an adequate level of protection – compared to that of the EU - for personal data transferred from the EU to US companies participating in the EU-U.S. Data Privacy Framework.
U.S. and E.U. Complete Long-Awaited Deal on Sharing Data (New York Times) The agreement ends legal uncertainty for Meta, Google and scores of companies — at least for now.
EU Approves Data-Transfer Deal With U.S., Averting Potential Halt in Flows (Wall Street Journal) The issue has proved a concern for some of the world’s biggest tech companies, including Meta Platforms and Google.
EU and US reach a deal to let data flow across the Atlantic (POLITICO) The agreement ends years of legal limbo that affects thousands of companies — but could be challenged yet again in court.
EU Seals New Transatlantic Data-Transfer Pact With US in Third Attempt (Bloomberg) EU seals new transatlantic data-transfer pact in third attempt. Deal is also likely to face legal attack, EU’s Reynders says.
EU, US shake hands on protections for transatlantic data transfers (Record) The EU will acknowledge that U.S. companies can protect the privacy of people's data as it travels transatlantically. The U.S., meanwhile, will certify companies and limit what intelligence agencies can do.
Crypto Reg Affairs: South Korea Passes Crypto Legislation Focusing on Investor Protection (Elliptic Connect) South Korea has approved its first standalone cryptoasset legislation, which integrates 19 crypto-related bills and authorizes the FSC to oversee digital asset operators and custodians. Read more.
TSA Head Eyes ‘Anticipating Cyber Risks’ as Strategic Objective (Meritalk) Transportation Security Administration (TSA) Administrator David Pekoske published the third edition of the agency’s Administrator’s Intent document last week, which outlines the agency’s planned actions through 2025 to achieve the vision and key technology and cyber objectives from TSA’s eight-year strategy released in 2018.
Selling Your Cellphone Location Data Might Soon Be Banned in U.S. for First Time (Wall Street Journal) Massachusetts considers a law at the vanguard of a broader movement to protect consumer privacy.
Litigation, Investigation, and Law Enforcement
Spain's High Court shelves Israeli spyware probe on lack of cooperation (Reuters) Spain's High Court on Monday shelved an investigation into the use of Israeli cyber-intelligence firm NSO Group's "Pegasus" software to spy on Spanish politicians, including Prime Minister Pedro Sanchez and several ministers.
Tracy Resident Charged With Computer Attack On Discovery Bay Water Treatment Facility (US Attorney for the Northern District of California) A federal grand jury has indicted Rambler Gallo, charging him with intentionally causing damage to a protected computer after he allegedly accessed the computer network for the Discovery Bay Water Treatment Facility, located in the Town of Discovery Bay, Calif., and intentionally uninstalled the main operational and monitoring
Tracy man indicted for illegally accessing water treatment network (CBS News) A Tracy man has been indicted for allegedly accessing the computer network of the Discovery Bay Water Treatment Facility and shutting it down, the U.S. Department of Justice said Thursday.
Technician Indicted for Hacking California Water Treatment Facility (HackRead) The jury has charged Rambler Gallo with one count of transmitting a program, information, code, and command to cause damage to a protected computer.
Tracy Man Charged With Computer Attack On Discovery Bay Water Treatment Facility (Contra Costa News) Rambler Gallo was charged with intentionally causing damage to a protected computer after he allegedly accessed the computer network for the Discovery Bay Water Treatment Facility
Hacker who exposed some of soccer's dirtiest secrets charged in Portugal (Record) The hacker behind the Football Leaks scandal, which exposed tax fraud, corruption, and other wrongdoing at Europe's biggest soccer clubs, was charged in Portugal last Friday.
Genesis Market gang tries to sell platform after FBI disruption (Record) The international sting against Genesis Market focused on the fraud platform's presence on the regular web. But the gang is still trying to make some final moves on the dark web.