Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+517: NATO prepares for Russian escalation in the Black Sea. (CyberWire) Slow progress in Ukraine's counteroffensive as Russia escalates its war against grain and deals with internal fissures.
Russia-Ukraine war: List of key events, day 518 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 518th day.
The Russian Federation’s Ongoing Aggression Against Ukraine (U.S. Mission to the OSCE) Thank you for convening this important Special Permanent Council meeting. To start, I want to point out that the Black Sea Grain Initiative, or BSGI, never should have been necessary. Russia’s war of aggression against Ukraine forced the Initiative’s creation.
Russian Drone Strike On Ukrainian Port Of Reni 'An Indirect Attack On Romania, Moldova' (RadioFreeEurope/RadioLiberty) The Russian drone strike on the Ukrainian port of Reni was only 200 meters from Romania.
NATO, Kyiv To Discuss Black Sea Security As Ukraine Under Air-Raid Alert (RadioFreeEurope/RadioLiberty) An air-raid alert was declared across most of Ukraine on July 26 in the afternoon as the newly established NATO-Ukraine Council was preparing to discuss Black Sea security at its inaugural meeting in Brussels.
German military says Ukraine’s counter-offensive is moving too slowly (The Telegraph) Leaked intelligence reveals senior figures within the Bundeswehr are frustrated their training tactics have not been implemented in combat
Ukraine-Russia war: Russian news channel Dozhd outlawed after 'discrediting Kremlin' (The Telegraph) Russia has laid more mines in the black sea which could end up attacking civilian shipping, the UK’s ambassador to the UN has said.
Russian lawmakers extend age limit for compulsory military draft (AP News) The Russian parliament’s lower house has approved a bill extending the upper age limit for the compulsory military draft from 27 to 30, a move that appears to be part of efforts by the Kremlin to expand the military during the fighting in Ukraine.
Putin appeared paralyzed and unable to act in first hours of rebellion (Washington Post) When Yevgeniy Prigozhin, the head of the Wagner mercenary group, launched his attempted mutiny on the morning of June 24, Vladimir Putin was paralyzed and unable to act decisively, according to Ukrainian and other security officials in Europe. No orders were issued for most of the day, the officials said.
Putin missed chance to 'liquidate' Wagner rebellion (The Telegraph) Intelligence source describes ‘paralysis at all levels’ in Russia's response to mercenary group’s mutiny
Mykhailo Fedorov Is Running Ukraine’s War Against Russia Like a Startup (WIRED) Ukraine's deputy prime minister has helped the country bootstrap and innovate its war effort, creating a defense industry from scratch, and using his Big Tech ties to cut Russia off from the world.
The Ukraine war offers a chance to solve Moldova’s Transnistria problem (The Hill) The time is ripe for decisive action.
Rebuilding efforts should prioritize the key pillars of Ukraine’s democracy (Atlantic Council) International attention is currently focused on the physical reconstruction of postwar Ukraine's devastated infrastructure, but rebuilding the country's democratic institutions will be just as important, writes Oleksii Antoniuk.
Ukraine's gas storage facilities can play a key role in European energy security (Atlantic Council) Ukraine's underground gas storage facilities are the largest in Europe and offer considerable untapped opportunities to enhance the continent's energy security, writes Sergiy Makogon.
Biden Administration Announces Additional Security Assistance for Ukraine (U.S. Department of Defense) The Defense Department announced additional security assistance to meet Ukraine’s critical security and defense needs.
Fact Sheet on U.S. Security Assistance to Ukraine (US Department of Defense) In total, the United States has committed more than $43.7 billion in security assistance to Ukraine since the beginning of the Biden Administration, including more than $43 billion since the beginning of Russia’s unprovoked and brutal invasion on February 24, 2022.
U.S. Announces $400 Million In Military Aid For Ukraine (RadioFreeEurope/RadioLiberty) The United States announced additional security assistance for Ukraine valued at up to $400 million, the Pentagon said. The new U.S. aid for Ukraine includes air-defense munitions, armored vehicles, anti-armor weapons, and "other equipment to help Ukraine counter Russia’s ongoing war of aggression."
Air defense ammo, Strykers among latest weapons shipment to Ukraine (Defense News) The weapons shipment will be worth up to $400 million, and the U.S. has sent more than $43 billion to Ukraine since Russia launched its invasion.
Ukraine-Russia war: Ukraine vows further drone strikes on Moscow and Crimea (The Telegraph) A Ukrainian drone attack on Moscow hit several targets including a Russian defence ministry building that is believed to be the headquarters of the country’s notorious cyber forces.
NoName, the Russian hacker group behind the cyberattacks on Election Day (Gearrice) Yesterday, July 23, Spain suffered a massive campaign of attacks by the pro-Russian cybercriminal group NoName057 that left several government websites
How could Russian hackers affect the Isle of Man? (Isle of Man) The effect of the war in Ukraine and its impact on the Isle of Man will be on the agenda at an event in the autumn.
Attacks, Threats, and Vulnerabilities
Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack (Wall Street Journal) Hackers exploited a “zero-day” flaw in Ivanti software to breach 12 ministries in Norway.
Hackers exploit Citrix zero-day to target US critical infrastructure (TechCrunch) Thousands of organizations could be at risk from a Citrix zero-day that hackers have already abused to target U.S. critical infrastructure.
Hackers Mimic Popular VPN Download page to Deliver Malware (Cyber Security News) Threat actors have been using domestic VPN installation files for distributing SparkRAT malware which leads to MeshAgent infection on the victim systems.
Conti and Akira: Chained Together | Arctic Wolf (Arctic Wolf) Leveraging blockchain analysis, Arctic Wolf has begun to discern what ransomware groups Conti-affiliated threat actors have worked with; one such group is Akira.
Stealer Logs & Corporate Access (Flare) The exponential growth of infostealer malware has been one of the core trends in cybercrime for the past three years.
Over 400,000 corporate credentials stolen by info-stealing malware (BleepingComputer) The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments.
The Alarming Rise of Infostealers: How to Detect this Silent Threat (The Hacker News) Info stealing malware on the rise! Windows, Linux, macOS - no system is safe! Get the scoop on these cyber threats in Uptycs' latest whitepaper.
FraudGPT: The Villain Avatar of ChatGPT (Netenrich) Generative AI models are changing the threat landscape. Recent activities on the Dark Web show the advent of FraudGPT, a malicious derivative of ChatGPT.
VEC Attacks on Replay: Attackers Use the Same Message to Target… (Abnormal) Discover how one threat actor compromised five vendor organizations to commit the same invoice fraud attack against more than a dozen victims.
ChatGPT Has a Plug-In Problem (WIRED) Third-party plug-ins boost ChatGPT’s capabilities. But security researchers say they add an extra layer of risk.
University of Rochester provides update on recent cyberattack (WXXI News) The cyberattack in early June involved a product provided by a third-party file transfer company. Officials said that UR Medicine's electronic health record system, eRecord and MyChart, remain secure.
Fayette County, Ga., Emergency Services Investigates Data Breach (GovTech) The county is currently looking into whether data was exposed during a breach of a file transfer system used by a billing provider for its fire and emergency services system.
BTC student information may have been compromised in cyber attack (790 KGMI) BTC says they will soon receive a list of individuals who were affected and the types of personal information that may have been included.
Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info (McAfee Blog) Turns out, scammers really love Barbie. As Barbie makes her debut on the big screen, scammers are aiming to cash in on the summer blockbuster. A rash of
Dear all! What are some common subject lines in phishing emails? (We Live Security) Email threats are one of the most common ways attackers have to access sensitive information or install malware. ESET researchers point out, in 2022, this kind of threat saw a year-over-year increase of almost 30%.
CISA Adds One Known Exploited Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-35078 Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
Vulnerability Summary for the Week of July 17, 2023 (Cybersecurity and Infrastructure Security Agency CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
CVE-2023-35078 - New Ivanti EPMM Vulnerability (Ivanti) At Ivanti, our top priority is upholding our commitment to deliver and maintain secure products. We are investing significant resources to ensure that all our solutions continue to meet our own high standards.
VMware fixes bug exposing CF API admin credentials in audit logs (BleepingComputer) VMware has patched an information disclosure vulnerability in VMware Tanzu Application Service for VMs (TAS for VMs) and Isolation Segment caused by credentials being logged and exposed via system audit logs.
Trends
Safeguarding Tomorrow's World: Enterprise Artificial Intelligence Applications Introduce New Risks (NightDragon) NightDragon leaders explore how artificial intelligence is changing the risk landscape facing enterprises today, as well as the innovation and potential for where it could go in the future.
Latest SonicWall Report Reveals Stealthier Threat Actor Behaviors: Cryptojacking Soars as Cyberattacks Increase, Intensify, Diversify (SonicWall) https://www.sonicwall.com/news/latest-sonicwall-report-reveals-stealthier-threat-actor-behaviors-cryptojacking-soars-as-cyberattacks-increase-intensify-diversify/
Data theft extortion rises, while healthcare is still most-targeted vertical in Talos IR engagements (Cisco Talos Blog) Ransomware was the second most-observed threat this quarter, accounting for 17 percent of engagements, a slight increase from last quarter’s 10 percent.
2023 State of Open Source Security Report (Snyk) Find and fix security vulnerabilities in code, containers & open source libraries.
95% of patients fear their data will be leaked (AtlasVPN) Leaks of personal medical records have become a growing concern.
Marketplace
Coro Acquires Network Security Startup Privatise (Business Wire) With Privatise’s SASE capabilities, Coro becomes the first cybersecurity to deliver cloud-native, seamless and secure access to applications and resources regardless of location or device
Why Your Customers Trust You More When You Prioritize Cybersecurity (MUO) We all prefer to do business with companies we believe will keep our data safe.
Schellman Welcomes Jennifer Walsh as New CFO, Reinforcing Financial Leadership (Business Wire) Schellman, a global leader in attestation and compliance services, today announced the appointment of Jennifer Walsh as the company's new Chief Financial Officer. With her exceptional expertise in financial and operational initiatives, Walsh is set to spearhead Schellman's financial strategy and shape a future of unparalleled growth and success.
ColorTokens Welcomes Agnidipta Sarkar as Vice President CISO Advisory (PR Newswire) ColorTokens Inc., a leading Unified Zero Trust Platform provider, announced today that Agnidipta Sarkar has started as Vice President, CISO...
Products, Services, and Solutions
OpenText powers organizations to achieve digital success in a multi-cloud world with Cloud Editions 23.3 (OpenText) The latest innovations combine information and automation to enable customers to become more intelligent, connected and secure.
Bluescape Partners with ThunderCat Technology to Deliver Digital Workb (PRWeb) Bluescape®, a visual collaboration and workspace platform, announced today that it has partnered with ThunderCat Technology to offer its digital workben
Talon Cyber Security Delivers Most Complete Enterprise Browser Security Portfolio with the Launch of the Talon Extension (Talon Cyber Security) New Extension Furthers Talon’s Market Leadership Position, Delivers Value for Customers Regardless of Browser Type Tel Aviv, Israel – July 25, 2023 – Talon Cyber Security, the leading provider of enterprise browser technology, today announced the availability of the Talon Extension, a new enterprise browser security solution that provides customers with visibility and protection for...
Users Rank Senhasegura as the Top Gold Medalist in the 2023 ITRG Privileged Access Management Data Quadrant Buyers Guide Report (Business Wire) Exceptional Security Technology Platform, Combined with Highly Regarded Customer Service, Propels Senhasegura to Number 1
Mimecast Announces Protection for Microsoft Teams to Strengthen Essential Collaboration Tools (Mimecast) New product offering supported by first-of-its-kind research highlighting a looming disconnect between collaboration security posture and organizational confidence
SeeMetrics Launches Cybersecurity Performance Boards (SeeMetrics) SeeMetrics, the leading Cybersecurity Performance Management (CPM) platform that’s revolutionizing how security leaders measure, track, and improve security performance, today announced the launch of its new Cybersecurity Performance Boards.
Verizon introduces global eSIM IoT platform (iTWire) Verizon Business has unveiled a wireless IoT platform that will allow businesses to deploy and centrally manage IoT devices across international borders to leverage both native eSIM and roaming capabilities of MNO partners. Verizon Global IoT orchestration allows devices to operate in multiple globa...
Approov Launches Global Partner Program for Easy Access to Mobile Security with Comprehensive Support (Business Wire) Provides Qualified Technology Leaders, Resellers and MSSPs With Significant New Mobile App Security and Market Opportunities
Bfore.AI Announces General Availability of All PreCrime™ Solutions (EIN News) Its 4 distinct capabilities include predictive threat intelligence, proactive brand protection, complete adversary disruption and automated takedown services
Baffle Transforms Confidential Computing with Software-Based Advanced Encryption (GlobeNewswire News Room) No-code, data-centric solution is the easiest, fastest and most flexible way to analyze regulated data while meeting all compliance standards...
Forward Networks Achieves SOC 2 Type 1 Compliance, Demonstrating Commitment to Transparency and Data Security (PR Newswire) Forward Networks announced today it has successfully achieved System and Organization Controls (SOC) 2 Type 1 Compliance. The completion of the...
Cowbell Joins AWS Cyber Insurance Partner Initiative (PR Newswire) Cowbell, a leading provider of cyber insurance for small and medium-sized enterprises (SMEs), today announced that it has joined the Amazon Web...
Baffle Transforms Confidential Computing with Software-Based Advanced Encryption (GlobeNewswire News Room) No-code, data-centric solution is the easiest, fastest and most flexible way to analyze regulated data while meeting all compliance standards...
JupiterOne Expands Platform with Integrations for Hybrid Infrastructure and AI-Driven Usability Improvements (PR Newswire) JupiterOne, the industry's leading cyber asset analysis company, today announced a platform expansion focused on expanding customer...
SentinelOne® Launches Cloud Data Security Product Line (Business Wire) Company unveils high-speed malware detection products for leading cloud and network storage providers Amazon S3 and NetApp, enabling customers to revolutionize protection as threats evolve
HYPR Introduces HYPR Adapt, Designed to Combat Identity Cyber Attacks, and Reveals Study Determining 324% Customer ROI (GlobeNewswire News Room) New product extends HYPR’s passwordless authentication portfolio proven to deliver 324% ROI...
New Relic Launches Interactive Application Security Testing (New Relic) Patented deterministic technique delivers near zero false positives and proof-of-exploit and accelerates security testing, enabling dev, ops, and security teams to ship secure code faster
Technologies, Techniques, and Standards
IoT Security Starts with Securing the Entire Supply Chain (TIA Online) The frequency of cyber threats continues to exponentially increase, and bad actors are launching new attacks all the time, with no network or network-attached device being immune. With the rapid…
Managing Legacy Medical, OT, IoT Device Risk in Healthcare (Bank Info Security) While patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate
CVSS, EPSS, KEV: The New Acronyms - And The Intelligence - You Need For Effective Vulnerability Management (Rezillion) Managing the risk from various types of vulnerabilities is a challenge. The goal of a vulnerability management program is to reduce an organization’s overall risk exposure by enabling the identification, prioritization, and remediation of vulnerabilities.
Design and Innovation
OpenAI Quietly Shuts Down Its AI Detection Tool - Decrypt (Decrypt) Dashing the hopes of liberal arts professors and teachers, OpenAI decommissions its AI content detector due to poor accuracy.
Research and Development
The promise of watermarking AI content (Waterloo News) Dr. Florian Kerschbaum -Professor, David R. Cheriton School of Computer Science -Member, Waterloo Cybersecurity and Privacy Institute The recent announcement by a group of major tech companies about watermarking AI-generated content might have been greeted with a sigh of relief by many, but cybersecurity researchers are already suggesting this new approach has several flaws.
Legislation, Policy, and Regulation
Government strengthens cyber security (The Beehive) A lead operational agency will be established to strengthen cyber security readiness and response as well as make it easier for people and organisations to get help, Minister for the Public Service Andrew Little says.
CERT NZ to be incorporated into the National Cyber Security Centre (Reseller News) New Zealand’s Computer Emergency Response Team is joining the Government Communications Security Bureau's National Cyber Security Centre.
New Zealand sets up lead cyber agency to boost online security (RAPPLER) The government brings New Zealand's Computer Emergency Response Team into its National Cyber Security Centre, which it says would help improve the response to cyber incidents
The White House Already Knows How to Make AI Safer (WIRED) The US already has a road map for the deployment of AI systems. Biden's promised executive order just needs to put these guidelines into practice.
Biden nominates veteran national security official as top cyber adviser (CyberScoop) The selection of Harry Coker ends a protracted search for the second-ever national cyber director.
Former NSA insider Coker is White House pick for national cyber director (Record) Harry Coker would become just the second person to hold the job. He's a former executive director of the NSA — the agency's third-highest position.
Ex-NSA, CIA official Harry Coker in line to be next National Cyber Director: White House (Breaking Defense) If confirmed, Coker will fill a critical role left open months after the departure of Chris Inglis, who was appointed as the first-ever national cyber director in 2021.
Cyberspace Solarium Co-Chairs Welcome Coker's Nomination for National Cyber Director (Congressman Mike Gallagher) Representative Mike Gallagher (R-WI) and U.S. Senator Angus King (I-ME), Co-chairs of the Cyberspace Solarium Commission (CSC), today released the following statement regarding the Biden administration’s announcement of a new permanent National Cyber Director, a position filled by Acting National Cyber Director Kemba Walden since February 2023.
The AI-Powered, Totally Autonomous Future of War Is Here (WIRED) Ships without crews. Self-directed drone swarms. How a US Navy task force is using off-the-shelf robotics and artificial intelligence to prepare for the next age of conflict.
Litigation, Investigation, and Law Enforcement
The Generative AI Battle Has a Fundamental Flaw (WIRED) Writers and artists want compensation from AI firms that they claim have trained their models on copyrighted works. But their legal fights miss the bigger issues.