Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+519: Fighting in the Zaporizhzhia Oblast. (CyberWire) Ukraine makes gains in the southeastern sector, and Russia offers carrots (free grain) and applies sticks (DDoS attacks) in its quest to influence African governments.
Russia-Ukraine war: List of key events, day 520 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 520th day.
Russia-Ukraine war at a glance: what we know on day 520 of the invasion (the Guardian) Ukrainian soldiers say they have recpatured village of Staromaiorske; Yevgeny Prigozhin appeared to attend the Russia-Africa summit in St Petersburg
Live Briefing: Russia Invades Ukraine (RadioFreeEurope/RadioLiberty) RFE/RL's Ukraine Live Briefing gives you the latest developments on Russia's ongoing invasion, Western military aid, global reaction, and the plight of civilians. The Live Briefing presents the latest developments and analysis, updated throughout the day.
Kyiv launches a major push against Russian forces, officials and analysts say (AP News) Ukraine has launched a major push to dislodge Russian forces from the country's southeast as part of its weekslong counteroffensive, committing thousands of troops to the battle.
Ukrainian counter-offensive breaks through Russian defences in major push (The Telegraph) Massive Himars strike and push through village signal new phase in fightback against Putin's forces
On southern front, Ukrainian forces aim to smash through Russian defenses (Washington Post) Intense fighting raged along Ukraine’s front lines Thursday, according to officials in Kyiv, as Ukrainian troops made slow but steady gains in their ongoing counteroffensive to drive a wedge through the Russian-occupied south.
Ukraine’s Stepped-Up Assault Grinds Forward, but Scale Is Unclear (New York Times) Kyiv has intensified its counteroffensive against the Russian invasion, but has kept things murky on the size of the assault, the casualties and what forces it still has in reserve.
Ukraine war: Kyiv claims success as southern fighting intensifies (BBC News) Ukraine's armed forces say they are solidifying positions after an advance east of Zaporizhzhia.
With Wagner in Belarus, tension grows on northern Ukraine border (Washington Post) Fears have grown along Ukraine’s northern border about the potential for new military attacks since Yevgeniy Prigozhin’s Wagner mercenaries relocated to Belarus after last month’s short-lived mutiny against Moscow’s military leadership, with Ukraine — and even Poland — tightening security and stepping up defenses.
SBU detains Russian spy helping enemy prepare another air strike on Kharkiv (Ukrinform) Counter-intelligence operatives with the Security Service of Ukraine (SBU) detained an enemy agent involved in the preparation of another air strike on Kharkiv. — Ukrinform.
US intel report details increasing importance of Chinese technology to Russia's war in Ukraine (CNN) China is providing technology and equipment to Russia that is increasingly important to Moscow’s war in Ukraine, according to a newly released report compiled by the Office of the Director of National Intelligence.
U.S. expects to begin delivering Abrams tanks to Ukraine in September (POLITICO) The news, provided by six people familiar with discussions, marks the most specific information to date on Washington's plans.
Zelenskiy adviser calls for big increase in air defence systems for Ukraine (the Guardian) It makes moral and economic sense for west to help more as Kyiv cannot protect all main cities, aide says
NATO has a new plan to ramp up defense production. Is it enough? (Atlantic Council) Underreported coming out of the Vilnius Summit, the Alliance's new Defense Production Action Plan has the potential to transform how allies acquire what they need to defend themselves.
How Does the War in Ukraine End? (Foreign Affairs) A Conversation With Fiona Hill, Samuel Charap, and Andriy Zagorodnyuk
The War That Defied Expectations (Foreign Affairs) What Ukraine revealed about military power.
Ukraine’s digital revolution is proving vital for the country’s war effort (Atlantic Council) Ukraine's remarkable resilience amid the biggest European war since World War II owes much to the country's ongoing digital revolution, writes Ukrainian Minister for Digital Transformation Mykhailo Fedorov.
The war in Ukraine is spurring a revolution in drone warfare using AI (Washington Post) The advent of AI-enabled drones holds huge promise for Ukraine’s military but may also be exploited by nefarious non-state actors
Russia’s mass abduction of Ukrainian children may qualify as genocide (Atlantic Council) Vladimir Putin has already been charged with war crimes by the International Criminal Court over the mass abduction of Ukrainian children. Many believe the deportations quality as genocide, writes Vladyslav Havrylov.
Prigozhin Apparently Spotted In St. Petersburg On The Sidelines Of Russia-Africa Summit (RadioFreeEurope/RadioLiberty) Yevgeny Prigozhin, the Wagner mercenary chief who led a short-lived insurrection in Russia last month, is reportedly in St. Petersburg where a Russia-Africa summit is taking place.
Russian War Report: Kremlin seeks stronger ties in Africa as Wagner eyes Niger coup (Atlantic Council) As Russian President Vladimir Putin attends the Russia-Africa Summit, he and his government are making moves to solidify regional cooperation. Amid this, Wagner seeks to capitalize on the coup in Niger.
Putin promises free grain to six African nations after collapse of Black Sea deal (the Guardian) President says Russia will replace blocked Ukrainian exports after it abandoned pact on passage of ships
Kenya ICT minister admits cyber-attack on eCitizen portal, insists data secure (The East African)
The attack was by hackers who identified themselves as Anonymous Sudan.
Anonymous Sudan: the group behind recent anti-Kenya cyberattacks (TechCabal) Since Sunday, websites belonging to government agencies, media, hospitals and banks have been targeted by hackers claiming to be exacting revenge on behalf of the Sudanese regime.
Kenya President Ruto to skip Russia-Africa Summit (The East African)
His spokesman said he will instead be represented by African Union.
Cyber training, drills and cyber defense capacity building — SSSCIP and CYBER RANGES sign a Memorandum of Cooperation (EIN News) The SSSCIP has hosted a delegation of CYBER RANGES Corp., a leading global company specializing in technology solutions development and cyber defense training.
Putin has opened a sinister new front in his war against Britain (The Telegraph) If London hopes to defuse the Kremlin’s information operations, it must start by giving Moscow a taste of its own medicine
Attacks, Threats, and Vulnerabilities
Preventing Web Application Access Control Abuse (Joint Cybersecurity Advisory: ACSC, NSA, CISA) The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities. IDOR vulnerabilities are access control vulnerabilities enabling malicious actors to modify or delete data or access sensitive data by issuing requests to a website or a web application programming interface (API) specifying the user identifier of other, valid users. These requests succeed where there is a failure to perform adequate authentication and authorization checks.
Preventing Web Application Access Control Abuse (ACSC) The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.
New Cybersecurity Advisory Warns About Web Application Vulnerabilities (NSA) The National Security Agency (NSA) has partnered with U.S. and international cyber agencies to release the Cybersecurity Advisory (CSA), “Preventing Web Application Access Control Abuse,” warning that vulnerabilities in web applications, including application programming interfaces (APIs), can allow malicious actors to manipulate and access sensitive data.
Preventing Web Application Access Control Abuse | CISA (Cybersecurity and Infrastructure Security Agency CISA) The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.
US, Australia cyber agencies warn IDOR security flaws can be exploited 'at scale' (TechCrunch) A new government joint advisory says IDOR vulnerabilities have resulted in major data breaches in the U.S. and overseas.
US, Australia Cyber Agencies Warn of Exploitable ‘At Scale’ IDOR Security Flaws (Global Village Space | Technology) <p>Learn how common website vulnerabilities, known as insecure direct object references (IDORs), can lead to large-scale data breaches and how to protect against them.</p>
China’s Wuhan Earthquake Center Suffers Cyber-Attack (Infosecurity Magazine) Responding to the news, a Chinese Foreign Ministry Spokesperson claimed the US is engaging in malicious cyber operations across the world
US government contractor says MOVEit hackers accessed health data of 'at least' 8 million individuals (TechCrunch) Maximus, a U.S. government services company, says MOVEit hackers accessed the personal information of as many as 11 million individuals
8 million people hit by data breach at US govt contractor Maximus (BleepingComputer) U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks.
Abusing the Ad Network – Threat Actors Now Hacking into Companies via Search (Bitdefender) For the past few years, hackers have increasingly targeted customers and businesses with tainted software boosted via ads. The recipe is simple – cyber-criminal groups set up fake websites for high-interest software and promote them on top of the results page through advertisements.
New ‘Nitrogen’ malvertising campaign leverages search ads to target enterprise networks (teiss) An insidious malvertising campaign known as "Nitrogen" has been discovered, leveraging ads on Google Search and Bing to target users seeking IT tools such as AnyDesk, Cisco AnyConnect VPN, and WinSCP.
New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads (The Hacker News) Researchers warn of Nitrogen, a malvertising campaign infecting enterprise networks via Google Search and Bing ads. Targets users seeking IT tools.
Hackers Distribute PurpleFox Malware Using Vulnerable MS-SQL Servers (Cyber Security News) The purple fox malware has been active since 2018, adopting a new technique to deliver its payload through MS SQL servers.
Deloitte denies Cl0p data breach impacted client data in wake of MOVEit attack (ITPro) Deloitte was the third of the 'Big Four' professional services firms to have appeared on the ransomware group's 'wall of shame' victim blog
Cl0p Ransomware Strikes Deloitte, Company Refutes Breach (HackRead) In a message on its dark web breach blog, Cl0p Ransomware claims that The company (Deloitte) doesn’t care about its customers; it ignored their security.
Deloitte joins fellow Big Four MOVEit victims PWC, EY (Cybernews) Big Four financial services firm Deloitte confirms to Cybernews that it's part of the latest round of victims claimed in the MOVEit attacks.
Inside the IcedID BackConnect Protocol (Part 2) (Team Cymru) Introduction In this blog post, we will provide an update on our continued analysis and tracking of infrastructure associated with IcedID’s BackConnect (BC) protocol; a continuation of the analysis we shared in late-December 2022, which you can read here, in addition to our campaign metrics and infrastructure tracking blog posts. Note: whilst the same BC protocol is utilized by several other threat operations, including Bazar and QakBot, this blog post focuses specifically on IcedID infrastructu
Hackers are infecting Call of Duty players with a self-spreading malware (TechCrunch) Activision said it brought the 2009-released game offline while it investigates "an issue."
More patients hit by Beverly Hills plastic surgeon data breach, exposing sensitive photos, private information (NBC Los Angeles) The data of thousands of patients of Dr. Motykie are in danger of being exposed by criminal hackers. Already, some patients’ topless photos and private information has been posted online.
A Tale of Two Cities' water attacks (Control Global) Cyber attacks on water and wastewater facilities in Discovery Bay, California, and Oldsmar, Florida, highlight the industry's vulnerability
Evotec provides update on financial impact of cyber-attack - Evotec (Evotec) Evotec SE (Frankfurt Stock Exchange: EVT, MDAX/TecDAX, ISIN: DE0005664809; NASDAQ: EVO) today announced that it is adjusting its guidance for the fiscal year 2023 due to the impact of the cyber-attack.
Security Patches, Mitigations, and Software Updates
CISA Releases Five Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Microsoft fixes bug that breaks video recording in Windows apps (BleepingComputer) Microsoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems.
Trends
SMEs Are Underestimating Their Cybersecurity Risks (CDOTrends) A shocking 60% of small and medium-sized enterprises (SMEs) worldwide are unprotected and susceptible to potentially devastating ransomware attacks.
Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector (Trustwave) The healthcare sector has been under constant threat from cybercriminals due to the sensitive nature of patient data and the valuable information held by healthcare providers. This blog analyzes the ransomware landscape for the healthcare sector for the years 2022-2023.
Trustwave SpiderLabs Research: Cybersecurity in the Healthcare Industry (Trustwave) Download the new Trustwave SpiderLabs report on a months-long investigation into the cyber threats facing the healthcare industry.
Alarming Cybersecurity Statistics That Will Keep You up at Night (Bankless Times) The latest cybersecurity statistics providing insights into how often companies get hacked, who is the main target, how much they get extorted, and more.
Futuriom SD-WAN and SASE Research Reveals 98 Percent of Organizations Feel Hybrid Work has Increased Demand for SASE and ZTNA Solutions (Business Wire) According to the Futuriom Study, 94 Percent of Organizations Prefer a Single-Pass Architecture When Evaluating and Deploying SASE Solutions
Marketplace
Cybersecurity startup Deep Instinct laying off 15% of team (CTech) The company will be parting ways with 46 of around 300 employees, including 19 in Israel
Funding for Cybersecurity Startups Plunges (eSecurityPlanet) VC funding for cybersecurity startups has been strong - until now. What does it take to win as a cyber startup in the current market?
Diverse Perspectives, Stronger Defenses: Growing the Cyber Workforce Through Diversity (Center for Cybersecurity Policy and Law) In an increasingly interconnected world, cybersecurity is a critical field safeguarding the digital and physical infrastructure that underpins our daily lives.
The honourees: Canada’s Top Women in Cybersecurity (IT World Canada) On Jul. 26, 20 women were honoured at the IT World Canada Top Women in Cybersecurity celebration, Surpassing Expectations. The event hosted a group of women who excel in the various cybersecurity disciplines. Join us in congratulating the 2023 Top Women in Cybersecurity. Kirsten Turnbull Kirsten Turnbull is a senior technical specialist at Microsoft Canada.
Salt Security Appoints Ori Bach as EVP of Product (DataCentreNews UK) Salt Security appoints Ori Bach as EVP of Product to drive product vision and meet growing demand for API security platform.
Products, Services, and Solutions
Senhasegura Opens North American Center of Excellence to Support Next Generation PAM (Business Wire) New Technical Support Hub Delivers Senhasegura’s 5-Star Service to Channel Partners and End Users
ESET Partners with Patriot Growth Insurance Services to Offer Best-in-Class Cyber Insurance to Companies Across the US (Yahoo Finance) ESET, a global leader in cybersecurity, today announced that it has partnered with Patriot Growth Insurance Services (Patriot), one of the largest US insurance services firms specializing in cyber insurance, to close the gap between cyber insurance requirements and applicants' cybersecurity technology and processes. The newly launched platform allows ESET and Patriot to proactively assess companies' security postures so they know what they should do to qualify for cyber insurance coverage before
Palo Alto Networks Introduces CI/CD Security, Becoming the First CNAPP to Extend Security into the Software Delivery Pipeline (Palo Alto Networks) With the integration of Cider Security, Prisma Cloud bolsters risk prevention in the engineering ecosystem with centralized visibility, pipeline posture management and OWASP CI/CD protection SANTA...
Cequence Named “Best-in-Class” in Datos Insights API Security Solutions (Cequence Security) Cequence Security has been recognized as a “best-in-class” solution in the Datos Insights Vendor Evaluation: API Security Solutions report.
Aware's AI Data Platform Dominates in Head-to-Head Showdown Against Meta's Llama-2 (PR Newswire) Aware, the AI Data Platform for workplace conversations, today unveiled its performance against Meta's latest release, Llama-2. As the tech...
Darktrace HEAL provides security teams with abilities to simulate real-world cyber incidents (Help Net Security) HEAL works with DETECT and Darktrace PREVENT to build a live picture of the environment and attack, and integrates with Darktrace RESPOND.
Egnyte Announces Generative AI Solutions for Secure Content Collaboration (Business Wire) The new solutions enable companies to search and summarize documents and media files while maintaining privacy, security, and compliance
Fortinet Recognized as the Sole Leader in the Westlands Advisory 2023 IT/OT Network Protection Platforms Navigator™ (Fortinet) As one of the top and fastest growing OT security vendors, Fortinet is increasing market share with its integrated OT-Aware Security Fabric platform
Technologies, Techniques, and Standards
Cybersecurity Performance Goals: Sector-Specific Goals (Cybersecurity and Infrastructure Security Agency CISA) Now that the cross-sector CPGs have been published, CISA is working to develop Sector-Specific Goals (SSGs) for each of the 16 Critical Infrastructure sectors.
Setting up a cybersecurity squad from scratch (Thales Group) Thales Cyber Defense Solutions aims to raise the digital resilience of critical infrastructures. A growing number of utilities, maritime companies and chemical factories are having their crucial control systems scrutinized by Roel van Rijsewijk and his team of threat hunters.
Best practices on cybersecurity budget allocation: a research-based guide (NordLayer) Building a cybersecurity strategy is challenging. It requires more than just technical knowledge and managerial skills but also demands financial resources.
Design and Innovation
Researchers Poke Holes in Safety Controls of ChatGPT and Other Chatbots (New York Times) A new report indicates that the guardrails for widely used chatbots can be thwarted, leading to an increasingly unpredictable environment for the technology.
Why Elon Musk’s Plan for a Super App Won’t Be Easy in America (Wall Street Journal) Lots of U.S. companies have talked about a super app, including PayPal, Snap and Block.
Legislation, Policy, and Regulation
Pakistan needs to press pause on its data overhaul (Atlantic Council) Islamabad appears poised to push through onerous data regulations that will put the country's tech industry under strain—and raise concerns for consumers.
Report: Biden should prioritize cyber capacity building for allies (CyberScoop) A report from the Foundation for the Defense of Democracies lays out how the White House can help allies defend against cyberattacks.
Senate panel advances bills to childproof the internet (The Verge) President Joe Biden has made child safety a top administration priority.
Sweeping and controversial children’s digital privacy bills head to full Senate (Record) The two measures, known as KOSA and COPPA 2.0, are aimed at helping families navigate the “the complexities of online content that is manipulated and targeted" at children.
Privacy debate takes center stage in kids’ online safety legislation (Washington Post) Privacy figures big into pros and cons of COPPA 2.0, KOSA
Opinion | Lindsey Graham and Elizabeth Warren: When It Comes to Big Tech, Enough Is Enough (New York Times) We need a nimble, adaptable new agency with the expertise, resources and authority to rein in the tech giants that control our digital lives.
Generative AI’s ‘Industry Standards’ for Cybersecurity and Data Privacy Could be Here Sooner Rather than Later (The National Law Review) AI may be both the most "powerful capability of our time" and the "most powerful weapon of our time." That's according to Jen Easterly, Director of the Cybersecurity a
SEC, FTC Headline A Rise In U.S. Privacy And Cybersecurity Efforts - Privacy Protection - United States (Mondaq) 2023 so far has seen the FTC address data privacy matters with vigour, issuing a series of policy statements bolstered by several enforcement actions.
Final Rule: SEC to Require Companies to Report Breaches in 4 Days (Black Kite) The SEC finalized new cybersecurity rules, requiring companies to report breaches within a matter of days. Discover what it all means here.
SEC requires reporting cyberattacks within 4 days, but not everyone may like it. (Tripwire) New rules requiring publicly-listed firms to disclose serious cybersecurity incidents within four days have been adopted by the US Securities and Exchange Commission (SEC).
Cyber Experience on Boards Still Seen as Critical in New SEC Rules (Wall Street Journal) Companies will no longer need to say if their boards have cybersecurity experts under new rules from U.S. financial regulators, but that hasn’t diminished the importance of having them available, company directors say.
US Spies Are Lobbying Congress to Save a Phone Surveillance 'Loophole' (WIRED) The National Security Agency has urged top lawmakers to resist demands that it obtain warrants for sensitive data sold by data brokers.
U.S. House rejects bid to curb spy agency data collection (Reuters) A U.S. spy program that sweeps up vast amounts of electronic communications survived a legislative challenge in the House of Representatives on Wednesday, the first attempt to curb the data gathering since former NSA contractor Edward Snowden revealed details of its scope.
Cyber Command, NSA pick advances to Senate floor, but path to confirmation remains blocked (Record) The Senate Armed Services Committee has approved President Joe Biden's nominee to be U.S. Cyber Command and National Security Agency chief, sending it to the chamber floor where an impasse over military promotions drags on.
Six ways that AI could change politics (MIT Technology Review) A new era of AI-powered domestic politics may be coming. Watch for these milestones to know when it’s arrived.
Litigation, Investigation, and Law Enforcement
US Senator Wyden asks FTC, CISA, DOJ to 'take action' against Microsoft following hack (Reuters) Oregon Senator Ron Wyden has asked the Federal Trade Commission, the Cybersecurity and Infrastructure Security Agency and the Justice Department to 'take action' against Microsoft following a China-linked hack that reportedly resulted in the theft of thousands of government emails from top U.S. officials.
US senator blasts Microsoft for “negligent cybersecurity practices” (Ars Technica) Rebuke follows recent breach that exposed email accounts of US federal officials.
WSJ News Exclusive | Microsoft Faces Mounting Scrutiny Over China-Linked Email Hack (Wall Street Journal) A leading lawmaker on cybersecurity issues accused the tech giant of negligence that enabled the spying campaign.
Senator calls on DOJ to investigate alleged China hack of Microsoft cloud tools (Register) A leading U.S. senator asked the Justice Department and several other agencies to investigate a recent hack of Microsoft-provided email accounts used by top government officials.
US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’ (SecurityWeek) Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.
US Senator: It's Time to Investigate Microsoft for 'Negligent Cybersecurity' (PCMAG) Sen. Ron Wyden wants the FTC and DOJ to investigate Microsoft for its role in the 2020 SolarWinds hack and a recent breach of US government email accounts.
Will S.B.F. Cut a Deal? (Puck) A close reading of the latest developments and looming mysteries: Can S.B.F. flip on a politician? Is Ryan Salame the next FTX insider to plead guilty? What will happen to the parents, Barbara and Joe, and to the brother, G.B.F? And will the case even make it to trial?
Sam Bankman-Fried Won't Face Campaign Finance Charge, U.S. DOJ Says (CoinDesk) The Justice Department said late Wednesday that the campaign finance charge was not included in an extradition document with The Bahamas, and so it would not proceed on the charge.
Why paying a cyber ransom could land you with a big fine (NZ Herald) PLUS: A visiting security expert's contrary view on AI.
Trump Faces Major New Charges in Documents Case (New York Times) The office of the special counsel accused the former president of seeking to delete security camera footage at Mar-a-Lago. The manager of the property, Carlos De Oliveira, was also named as a new defendant.
Ex-Trump lawyer says evidence against him ‘overwhelming’ in Mar-a-Lago case (the Guardian) Ty Cobb, who represented Trump in Mueller investigation, says classified documents case is ‘tight’ after new charges filed
Hunter Biden Can't Turn the Page (Time) Hunter Biden's plea deal falling apart is the latest reminder that he can't move beyond his past.
The Hunter problem simply isn't going away for Biden (The Telegraph) Hunter has made millions because he is the President's son. People want to know more