Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+504: Spinning the mutiny. (CyberWire) Ukraine continues its slow progress on the ground, Russia continues to fire drones against civilian targets, and there appears to be a purge of senior Russian officers in progress.
Russia-Ukraine war: List of key events, day 505 (Al Jazeera) As the conflict enters its 505th day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 505 of the invasion (the Guardian) Biden labels Putin ‘craven’ as Nato summit ends and Zelenskiy welcomes ‘good result’; at least four injured in overnight attack on Kyiv
Russia-Ukraine war live: ‘Only a complete idiot’ would plot to blow up Zaporizhzhia power plant, Russian nuclear chief says (the Guardian) Russia’s nuclear chief denies Ukrainian claims that Moscow considered destroying nuclear power station it controls
Thousands of Ukraine civilians are being held in Russian prisons. Russia plans to build many more (AP News) Thousands of Ukrainian civilians are being detained across Russia and the Ukrainian territories it occupies, in centers ranging from brand-new wings in Russian prisons to clammy basements.
Desperate Ukrainians take long and uncertain journey to escape Russian occupation (AP News) Some Ukrainians living under Russian occupation are so desperate to escape that they take long, circuitous and uncertain journeys through Russia to return to Ukrainian-held territory.
Inside Russia's penal colonies: A look at life for political prisoners caught in Putin's crackdowns (AP News) Alexei Navalny will spend his 47th birthday Sunday in a tiny prison cell with hardly any natural light. He won’t be able to see or talk to loved ones because phone calls and visits are banned for those in “punishment isolation.”
At NATO summit, Zelenskyy disappointed but finds solace in G7 pledge, seeks long-range US weapons (Breaking Defense) Ukraine President Volodymyr Zelensky said that when he meets US President Joe Biden today, he will “raise” a request for long range weapon supplies, though did not mention any weapon specifically.
Ukraine-Russia war live: Joe Biden delivers speech at Nato summit - watch live (The Telegraph) Joe Biden accused Vladimir Putin of having a “craven lust for land and power” on Wednesday and pledged that the US-led Nato alliance would not “waver” in supporting Ukraine.
Biden Speaks on Ukraine's Future With NATO in Vilnius (U.S. Department of Defense) President Joe Biden stressed the long-term commitment nations have made to Ukraine during the NATO summit in Vilnius, Lithuania.
NATO deepens Ukraine ties but doesn’t set clear path for membership (Military Times) Ukrainian President Volodymyr Zelenskyy says the results of the summit are good but an invitation for membership would be ideal.
France is already sending Ukraine long-range missiles (Defense One) Ambassador puts timeframe on Macron’s Tuesday announcement as U.S. lawmakers up pressure on Biden.
Ukrainian Ambassador Praises French Decision To Send Long-Range Missiles, Calls On Others To Follow Suit (RadioFreeEurope/RadioLiberty) Ukrainian Ambassador to the United States Oksana Markarova praised the recent French decision to send Ukraine long-range missiles at a forum in Washington on July 12 and said any other county that has this type of missile should also send them to Ukraine's front lines.
Turkey won't clear Sweden's way into NATO for 3 months, Erdogan says (Breaking Defense) Though the delay does not fundamentally threaten Sweden’s membership, it could raise concerns among NATO partners that Turkey will use it as a bargaining chip to elicit new political or military concessions.
Biden Braces NATO for Long Conflict With Russia, Making Cold War Parallel (New York Times) Concluding a NATO summit focused on the war in Ukraine and other fast-changing challenges, President Biden vowed that the alliance would oppose Russian aggression for as long as needed.
Nato has rediscovered its purpose in Vilnius (The Telegraph) While committing to Kyiv’s long-term defence, the alliance has not lost sight of the Chinese threat
Ukraine deserves more from the West (The Telegraph) Nato has effectively allowed Moscow to veto Kyiv’s membership
'Deepening' Russia-China partnership 'to stay for the foreseeable future,' Japanese diplomat warns (Breaking Defense) Tamaki Tsukada, chargé d'affaires at the embassy of Japan to the US, downplayed the tussle over a Pacific NATO office but said Indo-Pacific democracies and Western nations must tighten their own ties.
Russia Is Trying to Leave the Internet and Build Its Own (Scientific American) Russia and other nations are working on “sovereign Internet” systems that threaten digital rights—and the stability of the global Internet
Ukraine’s ground counteroffensive ushers in a new phase of the conflict in cyberspace (CSO Online) Cyberattacks against Ukraine have surged, linked to attacks on the ground, but their effectiveness has been blunted, according to observers including the deputy chairman of Ukraine’s cyber warfare service.
Kremlin cyber gang targets NATO meeting place website (Cybernews) Threat group NoName has taken credit for taking down several websites in Lithuania, including the exhibition center LITEXPO, where the NATO summit is currently taking place. The attacks have also disrupted the NATO multimedia website and several websites of Lithuanian water, district heating utility companies.
Hack Blamed on Wagner Group Had Another Culprit, Experts Say (Bloomberg) At around 5 a.m. in Moscow on June 29, Russian satellite communications provider Dozor-Teleport ZAO’s systems suddenly dropped offline. Hackers had targeted the company with a destructive attack and stolen troves of its internal data.
Cl0p hacker operating from Russia-Ukraine war front line – exclusive (Cybernews) As the Cl0p ransomware gang continues to sow anxiety worldwide, affecting prominent companies like the BBC and Deutsche Bank, at least one of the gang’s masterminds, Cybernews discovered, is still residing in Ukraine.
The GRU's Disruptive Playbook (Mandiant) We have tracked GRU disruptive operations against Ukraine adhering to a standard five-phase playbook.
Russian Spy Chief Confirms Call With CIA Counterpart, Says They Discussed Ukraine (RadioFreeEurope/RadioLiberty) Russian foreign intelligence chief Sergei Naryshkin said that he and CIA counterpart William Burns had discussed Ukraine in a phone call last month, TASS said on July 12.
Russian spy chief confirms call to CIA director after Wagner revolt (the Guardian) Sergei Naryshkin says he and Bill Burns discussed the mutiny and ‘what to do with Ukraine’ in phone call last month
Russia's Defense Ministry says Wagner mercenaries are surrendering their weapons to the military (AP News) Russia’s Defense Ministry says mercenaries of the Wagner Group are completing the handover of their weapons to the military.
Wagner has handed over thousands of tonnes of weaponry, says Russia (the Guardian) Vladimir Putin said mercenary group would be dismantled after Yevgeny Prigozhin’s short-lived mutiny
Russia says Wagner has returned tanks, missile systems, weapons, ammo (Washington Post) Russia’s Defense Ministry said Wednesday that the Wagner Group has handed over thousands of tons of weapons, ammunition and military equipment to the Russian army, in the latest sign that Moscow is still working to break up the mercenaries’ influence following their dramatic and short-lived mutiny last month.
WSJ News Exclusive | Russia Detained Several Senior Military Officers in Wake of Wagner Mutiny (Wall Street Journal) Hours after Yevgeny Prigozhin began a short-lived march on Moscow, the country’s domestic security service detained several high-ranking military officers, including Gen. Sergei Surovikin, who remains held.
Russian general in Ukraine says he was fired after accusing defense ministry of betraying troops (CNN) A senior Russian general in command of forces in occupied southern Ukraine says he was suddenly dismissed from his post after accusing Moscow’s Defense Ministry leadership of betraying his troops by not providing sufficient support.
Russian general says he has been fired for telling truth about Ukraine problems (the Guardian) Ivan Popov appears to criticise head of army and defence minister, saying: ‘Our most senior commander hit us in the back’
Attacks, Threats, and Vulnerabilities
Iran is on a hacking spree. The reason why may be ominous. (Yahoo Life) Experts say it could be related to revenge assassinations Tehran is plotting against former U.S. officials.
Iran Regime’s Cyber Offensive a Tool for Negotiation in Nuclear Talks (Iran News Update) Proofpoint states that as the Joint Comprehensive Plan of Action (JCPOA) negotiations progress and Tehran faces increasing isolation, TA453 is intensifying its targeting efforts towards experts likely influencing foreign policies.
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online (Cybersecurity and Infrastructure Security Agency CISA) The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on enhancing monitoring in Microsoft Exchange Online environments.
Enhanced Monitoring to Detect APT Activity Targeting Outlook Online (Cybersecurity and Infrastructure Security Agency CISA) In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA), and Microsoft determined that advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data.
How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom (WIRED) Microsoft says hackers somehow stole a cryptographic key, perhaps from its own network, that let them forge user identities and slip past cloud defenses.
Chinese hackers breached U.S. and European government email through Microsoft bug (Record) A Chinese hacking group exploited a bug in Microsoft’s cloud email service to spy on two-dozen organizations, including some government agencies, the tech giant said late Tuesday.
Microsoft: Chinese hackers accessed government and individual email accounts (Computing) Microsoft says a state-backed threat group covertly accessed email accounts at around 25 organisations worldwide, including government agencies in the US and Western Europe.
Chinese hackers breach email of Commerce Secretary Raimondo and State Department officials (Washington Post) The State Department discovered the Microsoft vulnerability, which affected unclassified government systems, last month
Communist China Deflects Accusations of Hacking Emails of Commerce Secretary and State Department Ahead of Blinken Visit (The New York Sun) Officials say the surgical, targeted espionage accessed the email of a small number of individuals at an unspecified number of federal agencies and was…
LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros (Fortinet Blog) FortiGuard Labs investigates malicious Microsoft Office documents that dropped the LokiBot malware onto a victim's system. Get an analysis of the intricacies of this threat and awareness of its ope…
New PoC Exploit Found: Fake Proof of Concept with Backdoor Malware (Uptycs) Uptycs reveals how newly discovered fake PoC malware includes a backdoor for data theft, offering strategies for detection, recovery & prevention.
Crit.IX: 9 vulnerabilities discovered in Honeywell’s Experion® Platforms for Distributed Control Systems (DCS) (Armis) 9 vulnerabilities discovered in Honeywell’s Experion® Platforms for Distributed Control Systems (DCS)
SonicWall alerts to critical auth bypass vulnerability, urges immediate patching (BeyondMachines) SonicWall has urgently alerted customers to patch critical vulnerabilities in its GMS and Analytics software suites, addressing 15 security flaws, including authentication bypass vulnerabilities, with impacted systems being GMS 9.3.2-SP1 or earlier and Analytics 2.5.0.4-R7 or earlier, recommending immediate upgrades to the patched versions.
Mithril Security demos LLM supply chain ‘poisoning’ (AI News) Mithril Security recently demonstrated the ability to modify an open-source model, GPT-J-6B, to spread false information while maintaining its performance on other tasks.
AI Junk Is Starting to Pollute the Internet (Wall Street Journal) Online publishers have been inundated with useless article pitches as websites using AI-generated content multiply.
The 5 Riskiest Connected Devices in 2023: IT, IoT, OT, IoMT (Forescout Vedere Labs) Since 2020, Forescout Research – Vedere Labs has been tracking the riskiest devices on organizations’ networks. In 2020, we released the first Enterprise of Things Security Report, followed in 2022 with the Riskiest Connected Devices in Enterprise Networks report.
Town of Cornelius works to restore systems after cyber threat (Queen City News) “We’ve disconnected everything that needed to be disconnected. We’re scanning all of our servers to make sure that threat does not exist anywhere else,” said Communications …
Hayward government still reeling from major cyber attack (CBS News) Hayward is still struggling to fully recover from a recent cyber attack that threatened to cripple the city's computer systems.
Cyber attack compromises MDI Hospital data (The Ellsworth American) Approximately 24,000 patients who received care at Mount Desert Island Hospital, its nine heath centers or its handful of specialty clinics between January 2018 and May 3
Security Patches, Mitigations, and Software Updates
CISA Releases One Industrial Control Systems Advisory (Cybersecurity and Infrastructure Security Agency CISA) CISA released one Critical Industrial Control Systems (ICS) advisory on July 12, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-193-01 Rockwell Automation Select Communication Modules
Trends
2023 Crypto Crime Mid-year Update: Crime Down 65% Overall (Chainalysis) The 2023 Mid-Year Crypto Crime Update is here! After a year of recovery, crypto crime is down significantly this year but ransomware activity is rising.
Facebook and Microsoft Are the Most Impersonated Brands in Phishing Attacks (PR Newswire) Vade, a global cybersecurity company that secures human collaboration with a combination of AI and human-powered detection and response, today...
H1 2023 Phishing and Malware Report: Phishing Threats Increase 54% (Vade Secure) Vade’s H1 2023 Phishing and Malware Report reveals the latest cyberthreat stats and trends.
Ransomware gangs have extorted $449 million this year: Chainalysis (Record) Ransomware gangs have operated at a near-record profit in the first six months of the year, extorting more than $449 million from victims, according to blockchain research firm Chainalysis.
Exchange Hacks Account For 36% Of the $30B the Blockchain Industry Has Lost Since 2012 (Bankless Times) Discover why exchange hacks account for 36% of the total blockchain industry losses and what measures the industry can take to increase security among exchanges.
Ransomware attacks cost financial organizations US$32.3 billion in downtime since 2018 (CSO Online) Research predicts a spike in ransomware attacks against financial service organizations in 2023.
American SMBs lag behind European counterparts in digitalization, according to IONOS SMB digitalization and resilience survey (IONOS) According to the annual IONOS survey of small and midsize business (SMB) professionals, American SMBs are last in almost all the digitalization statements presented.
Marketplace
Safe Security Acquires RiskLens to Become Undisputed Leader in the $4B Cyber Risk Quantification and Management (CRQM) Market (RiskLens) Powerful combination of SAFE Platform’s industry defining AI capabilities coupled with the industry standard FAIR model for cyber risk quantification.
authID Hires Sales Leaders to Drive Biometric Identity Verification and Authentication Growth (GlobeNewswire News Room) authID® [Nasdaq: AUID] a leading provider of innovative biometric identity verification and authentication...
DoD Deputy CDAO Greg Little Departing for Palantir (MeriTalk) Greg Little is stepping down from his post as the Pentagon’s inaugural deputy chief digital and artificial intelligence officer (CDAO) for enterprise platforms and business optimization, a spokesperson for the Defense Department’s (DoD) Office of the Secretary of Defense confirmed to MeriTalk today.
SparkCognition Announces Appointment of Dr. Hamid Biglari and Professor Dame Fiona Murray to Board of Directors (PR Newswire) SparkCognition, a global leader in artificial intelligence (AI) software solutions, is pleased to announce the appointment of two distinguished...
Products, Services, and Solutions
SANS Institute Review Profiles Netenrich Resolution Intelligence Cloud (Netenrich) Leading cybersecurity association reviews Netenrich’s analytics platform for improving operational efficiencies with data analytics and automation.
Salt Security Chosen to Protect APIs as Part of Application Modernization at Leading Australian Energy Infrastructure Company (PR Newswire) Salt Security, the leading API security company, today announced that Jemena, an energy supplier across the east coast of Australia and the...
Zurich Unwraps New Cyber Insurance for Mid-Market Companies - MSSP Alert (MSSP Alert) Zurich North America has unwrapped a cyber insurance module aimed specifically at mid-market businesses.
Akamai expands its Connected Cloud with new data centers in US, France and India - SiliconANGLE (SiliconANGLE) Akamai expands its Connected Cloud with new data centers in US, France and India - SiliconANGLE
Auvik Solution Aims to Eliminate Shadow IT with Capabilities to Discover, Manage and Secure SaaS Environments (Business Wire) New Auvik SaaS Management Software Conquers Sprawl and Security Challenges with Centralized Visibility and Management
Delinea Successfully Completes SOC 2 Type ll Report (PR Newswire) Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced that the company has...
Security Journey accelerated secure coding training platform enhancements to drive development team engagement and application security knowledge gain (GlobeNewswire News Room) Enhanced tournaments and over 800 lessons across more than 40 languages, frameworks, and technologies to drive up to 85% knowledge gain...
Technologies, Techniques, and Standards
Cybersecurity Leaders Report Reduction in Disruptive Cyber Incidents with MSS/MDR Solutions (PR Newswire) Optiv, the cyber advisory and solutions leader, has published a report based on a recent survey of cybersecurity leaders that reveals 73% of...
Personal data vs. sensitive data: What is the difference? (Security Intelligence) As data regulations tighten, navigating the difference between personal and sensitive data is more difficult than it might seem.
US military losing electronic warfare ‘muscle memory,’ CQ Brown warns (C4ISRNet) If confirmed, Air Force Chief of Staff Gen. CQ Brown would replace the current Joint Chiefs chairman, Army Gen. Mark Milley.
Design and Innovation
GitHub announces passwordless authentication trial (Computing) The trial can be considered a milestone in the long demise of passwords
Legislation, Policy, and Regulation
Albania’s PM complains US is not providing country with cyberdefense funds (Record) Speaking at an event alongside the NATO summit in Vilnius, Lithuania, Prime Minister Edi Rama said U.S. lawmakers should think more about foreign cyberdefense aid.
FACT SHEET: Biden-Harris Administration Publishes the National Cybersecurity Strategy Implementation Plan | The White House (The White House) Read the full Implementation Plan here President Biden has made clear that all Americans deserve the full benefits and potential of our digital future. The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace: Today, the Administration is announcing a roadmap to…
National Cybersecurity Strategy Implementation Plan (White House) President Biden's March 2023 National Cybersecurity Strategy lays out a bold, affirmative vision for cyberspace.
White House shares the 69 initiatives slated to shore up national cybersecurity (Cybersecurity Dive) “If the strategy represents the president’s vision for the future, then this implementation plan is the roadmap to get there,” Acting National Cyber Director Kemba Walden said.
Court temporarily dunks water cybersecurity initiative (Washington Post) GOP state officials secure win, Biden administration suffers setback in water cyber rule case
Why Amazon, Google and Other Tech Giants Are Flouting Some New Government Cybersecurity Recommendations (The Messenger) google, amazon, tech, cybersecurity, government policy
NSA, Cyber Command nominee says Section 702 is ‘irreplaceable,’ weighs in on other topics (Record) The Biden administration’s nominee to lead U.S. Cyber Command and the NSA offered his first public insights on controversial surveillance programs, encryption and other hot button cybersecurity issues.
Intelligence nominee urges reup of controversial surveillance program (POLITICO) Biden’s pick to lead the National Security Agency called Section 702 an “irreplaceable” authority.
Biden's NSA nominee defends collecting data on foreigners and Americans alike (Reuters) The Biden administration's nominee to lead the National Security Agency (NSA) says he will champion the mass surveillance power that has been used to collect data from foreigners and Americans alike and which has come under renewed scrutiny from lawmakers.
Senate panel wants to green-light US military cyber ops against Mexican cartels (DefenseScoop) A provision in the Senate version of the fiscal 2024 National Defense Authorization Act tasks the Secretary of Defense with developing a strategy to use cyber to disrupt illicit activity crossing the southern border.
Op/Ed: Russia, China, Iran plotting to tamper with 2024 election, but we can stop them (Indianapolis Star) Opinion: To protect democracy, the federal government must fund safeguards against cybersecurity attacks during the 2024 presidential election.
Does Pentagon need an overarching AI acquisition plan? A key official is wary (Breaking Defense) “What we've really been trying to wrestle with inside of CDAO is not to over centralize because the department is so diverse and distributed and so large, that we want innovation to happen at the edge,” said Margaret Palmieri, deputy chief digital and AI officer.
FCC chair's pilot program would enhance school cybersecurity defenses (UPI) The chair of the Federal Communications Commission Wednesday laid out the framework for a proposal that would enhance cybersecurity protecting school networks.
US Senate committee votes to approve key FCC nominee (Reuters) The U.S. Senate Commerce Committee on Wednesday voted to approve President Joe Biden's nominee for a key fifth seat on the U.S. Federal Communications Commission (FCC), after Democrats have been stymied since 2021 from gaining a majority on the telecommunications regulator.
Litigation, Investigation, and Law Enforcement
ChatGPT Under Investigation by FTC (Wall Street Journal) The agency is investigating whether OpenAI’s chatbot has harmed individuals by publishing false information about them.
Lina Khan Is Taking on the World’s Biggest Tech Companies—and Losing (Wall Street Journal) The FTC chair’s court loss against Microsoft, which the agency is appealing, marks another setback in her fight to block mergers.
Justice Dept. may challenge Thoma Bravo deal to take ForgeRock private, Politico reports (Reuters) The U.S. Department of Justice (DOJ) is nearing a decision on whether to challenge private equity firm Thoma Bravo's $2.3 billion buyout deal for ForgeRock Inc , Politico reported on Monday, citing four people with direct knowledge of the matter.
Cloud Security Startup Orca Sues Biggest Competitor, Wiz, for Patent Infringement (The Information) Fierce competition between two of the hottest and most highly valued security startups has turned into a legal battle. Orca Security, which became known for spotting glaring security flaws in Microsoft software, on Wednesday sued its biggest competitor, Wiz, alleging it illegally copied patented ...
Johns Hopkins Facing Multiple Lawsuits Over MOVEit Data Breach (HIPAA Journal) Two lawsuits have recently been filed in the U.S. District Court for the District of Maryland against Johns Hopkins University and Johns Hopkins Health System that allege a failure to properly secure and safeguard the protected health information of patients, resulting in the theft of their data by the Clop ransomware group.