Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+522: Progress, albeit slow, in Ukraine's counteroffensive. (CyberWire) Ukraine continues its counteroffensive. Russia resumes its strikes against civilian targets.
Amid the Counterattack’s Deadly Slog, a Glimmer of Success for Ukraine (New York Times) Recapturing the village of Staromaiorske was such welcome news for the country that President Volodymyr Zelensky announced it himself. But formidable Russian defenses have stymied progress elsewhere.
Russia-Ukraine war at a glance: what we know on day 523 of the invasion (the Guardian) At least four people have been killed in Kryvyi Rih, and two people killed in occupied Donetsk, after multiple strikes across Ukraine
Russia-Ukraine war: List of key events, day 523 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 523rd day.
Russian missiles strike an apartment building, killing at least 4 in Ukrainian leader's hometown (AP News) Ukraine's interior minister says Russian missiles have slammed into a central Ukrainian city and killed at least four people, including a 10-year-old child, as the blasts trapped residents beneath rubble.
Zelenskiy Warns 'War' Coming To Russia After Drone Attack Closes Moscow's Vnukovo Airport (RadioFreeEurope/RadioLiberty) Ukrainian President Volodymyr Zelenskiy has warned that it was "inevitable" that "war" would come to Russia after authorities there were forced to temporarily close a busy Moscow airport following an overnight drone attack on the capital.
Russian forces strike Dnipro as Moscow accuses Ukraine of missile strike (the Guardian) Kremlin says it shot down two missiles in south of the country
Russia-Ukraine war live: ‘War is returning to Russia,’ says Zelenskiy, after drones damage Moscow buildings (the Guardian) Night-time drone attack damages two office blocks, as Ukrainian president says ‘this is an inevitable … and absolutely fair process’
Ukraine ‘fires missiles at targets inside Russia’ for first time (The Telegraph) Moscow accuses Kyiv of a ‘terrorist attack’ after apparent strike on the port city of Taganrog
What happened in the Russia-Ukraine war this week? Catch up with the must-read news and analysis (the Guardian) A new push for the counteroffensive; business brisk at surrogacy clinics in Ukraine
Ukraine-Russia war: Russians fear pincer movement as Ukraine advances on Donetsk village (The Telegraph) Russians fear being caught in a pincer movement as Ukrainian forces advance on a village in the Donetsk region.
Ukraine is on the verge of splitting Russia’s army (The Telegraph) As Kyiv’s full operational design becomes clearer, we can expect decisive battlefield victories soon
Ukraine has weeks to reach the sea and end Putin’s war (The Telegraph) Mud season is nearly upon us. Time is running out for decisive gains before Western fatigue takes hold
Zelenskiy Visits Eastern Front Line In Ukraine As Surge Of Fighting Reported In South (RadioFreeEurope/RadioLiberty) Ukrainian President Volodymyr Zelenskiy has visited the front line near the embattled eastern city of Bakhmut as heavy fighting continued in the country's south.
British defence minister insists Ukraine’s counter-offensive is not failing (The Telegraph) James Heappey dismissed concerns that the operation is stalling after a leaked German military report questioned Kyiv's tactics
The volunteer-formed Ukraine brigade leading the front-line fight against Putin (The Telegraph) Group's proudly patriotic and Western-trained soldiers are taking the fight to Russia
Explosion Hits Oil Refinery In Russian City Of Samara (RadioFreeEurope/RadioLiberty) An explosion hit a major oil refinery in the Volga River city of Samara.
Russia-Ukraine war live: Poland raises fears about ‘dangerous’ situation with Wagner troops near border (the Guardian) Poland has been concerned about the spillover of war on to its territory ever since Russia invaded Ukraine
Lithuania and Poland ‘may close Belarus borders’ due to Wagner fighters (the Guardian) At least 100 mercenaries are in Belarus close to the Polish border, as fears grow they intend to bring crisis to neighbouring countries
U.S. Says Russia's Shoigu Looking For Weapons In North Korea (RadioFreeEurope/RadioLiberty) Secretary of State Antony Blinken said on July 29 that the United States believes Russia's defense minister is in North Korea to secure supplies of weapons to aid the stalled invasion of Ukraine.
African Union Chairman Says Putin's Grain Offer Is Not Enough, Calls For Cease-Fire In Ukraine (RadioFreeEurope/RadioLiberty) The chairman of the African Union said on July 28 that proposals by Russian President Vladimir Putin to provide grain to Africa were insufficient.
A Spending Boom Fuels Russia’s Wartime Economy, Raising Bubble Fears (New York Times) The economic strength has helped to maintain popular support for Vladimir Putin’s war, but some have warned the state-led spending is threatening the country’s financial stability.
Officials Who Can't Speak Kyrgyz Will Be Fired, State Warns, As Language Law Takes Effect (RadioFreeEurope/RadioLiberty) Kyrgyz officials who can't speak Kyrgyz, the state language, will be fired from their jobs, the government has announced. The warning comes days after President Sadyr Japarov signed a law making it compulsory for state workers to be proficient in Kyrgyz.
Putin Says 'Armed Conflict' With Ukraine Justifies Crackdown On Dissent (RadioFreeEurope/RadioLiberty) Russian President Vladimir Putin commented on the ongoing crackdown on dissent in Russia, saying that "there must be a certain attitude toward people who are causing harm inside the country."
Interview: Is Putin A Modern-Day Tsar? (RadioFreeEurope/RadioLiberty) Andrei Zorin, a Russian historian at Oxford University, discusses whether Russian President Vladimir Putin meets the criteria of being a tsar, Russia's long legacy of authoritarian rulers, and how Putin's invasion of Ukraine may have been fueled by the mythical goal to "unite" the Slavic peoples.
IT innovations in Ukraine after 500 days of war (Computing) Throughout history, warfare has served as a catalyst for innovation. Although bloody and brutal, it drives remarkable technology advancement and continues to shape lives long after the battles are ...
Russia Takes Its Ukraine Information War Into Video Games (New York Times) Propaganda is appearing in Minecraft and other popular games and discussion groups as the Kremlin tries to win over new audiences.
BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware (Recorded Future) This report is a summary of threat activity linked to the Russian advanced persistent threat (APT) group BlueBravo (APT29, Midnight Blizzard) uncovered since January 2023.
BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware (Recorded Future Insikt Group) This report is a summary of threat activity linked to the Russian advanced persistent threat (APT) group BlueBravo (APT29, Midnight Blizzard) that Recorded Future’s Insikt Group has uncovered since January 2023. The activity and indicators in this report were detailed in several intelligence reports for Recorded Future clients between February and June 2023.
BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities (The Hacker News) BlueBravo, a Russian nation-state actor, has been targeting diplomatic entities in Eastern Europe with a new backdoor named GraphicalProton.
Kenya cyber-attack: Why is eCitizen down? (BBC News) A key government online platform has been down for several days and mobile money services are also affected.
Explainer: DDoS attack that crippled services in Kenya for hours (The Star) Kenya came under cyberattack that affected its critical infrastructure
Anonymous Sudan Drops A Bombshell Concerning Yesterday's Cyber Attack, This Is Their Next Target (Opera News) In a daring cyber attack, several vital Kenya Government services were breached, exposing vulnerabilities in systems storing sensitive private data of millions of Kenyans. The hack, claimed to be orchestrated by a group identifying as Anonymous Sudan, resulted in the temporary shutdown of the e-citizen platform, rendering various public services inaccessible to Kenyan citizens.
Explainer: All you need to know about the cyber attack in Kenya (The Standard) A DDoS attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network.
‘Anonymous Sudan:’ Inside billion-shilling cybercrime underworld (Nation)
The hackers breached e-Citizen, the online portal that hosts over 5,000 govt services.
Ivanti Says Second Zero Day Used in Norway Govt Breach (Gov Info Security) Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti's endpoint management software appeared to have
How ViaSat Did What SpaceX Wouldn't (Inside Cyber Warfare) A brief case study involving Musk, Starlink, and high risk evacuations in the contested territories of Eastern Ukraine
'A War Crime Has No Statute of Limitations': One Year After The Blast That Killed Ukrainian POWs In Olenivka (RadioFreeEurope/RadioLiberty) One year after a July 29 explosion killed 53 Ukrainian prisoners of war and wounded 75 more, the search for answers continues for the families of the dead as Kyiv looks to build an international case against Moscow, who it says is responsible for the blast.
Russian Court Rejects Appeals Of Crimean Tatar Leader, Co-Defendants Against Prison Terms (RadioFreeEurope/RadioLiberty) A court in Russia has rejected appeals filed by Crimean Tatar leader Nariman Dzhelyal and two activists -- brothers Aziz and Asan Akhmetov -- against prison terms handed to them in September on a sabotage charge that Kyiv and rights groups call politically motivated.
WSJ News Exclusive | Saudi Arabia to Host Ukraine Peace Talks as Part of Western Effort to Woo Global South (Wall Street Journal) Washington and Europe are hoping the talks, which exclude Russia, can lead to international backing for peace terms favoring Ukraine.
Officials say Saudi Arabia will host a Ukrainian-organized peace summit over Russia's war in August (AP News) Saudi Arabia will host a Ukrainian-organized peace summit in early August seeking to find a way to start negotiations over Russia’s war on the country.
Report: Chinese companies evade sanctions, fuel Russia's war (Register) PRC semiconductor exports curiously rose 19% y-o-y for first 9 months of 2022
EU Sanctions Russian Companies For Spreading War Propaganda (RadioFreeEurope/RadioLiberty) European Union countries have placed sanctions on seven Russian individuals and five entities over a "digital information manipulation" campaign.
Attacks, Threats, and Vulnerabilities
US hunts Chinese malware staged to interfere with US military operations. (CyberWire) Chinese cyber operations move from espionage to sabotage. So far it's staging, but US officials are concerned.
U.S. Hunts Chinese Malware That Could Disrupt American Military Operations (New York Times) American intelligence officials believe the malware could give China the power to disrupt or slow American deployments or resupply operations, including during a Chinese move against Taiwan.
N. Korea-linked operation combines US military lures, S. Korean e-commerce sites (Record) In a campaign that researchers at Securonix are calling STARKMULE, hackers are sending out emails with fake U.S. military job-recruitment documents and also using South Korean e-commerce sites as part of the operation.
Detecting Ongoing STARK#MULE Attack Campaign Targeting Victims Using US Military Document Lures (Securonix) The Securonix Threat Research (STR) team has been monitoring a new attack campaign tracked by STR as STARK#MULE. The campaign appears to be targeting Korean-speaking victims based on the nomenclature and names of documents used, and based on the contents of the lure document.
Israel's largest oil refinery website offline after DDoS attack (BleepingComputer) Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems.
Shin Bet: Iranians launch phishing campaign against Israelis on LinkedIn (The Jerusalem Post) These fake accounts would contact Israelis on LinkedIn and send a file for either an invite to a conference or for articles and studies.
CISA Releases Malware Analysis Reports on Barracuda Backdoors (Cybersecurity and Infrastructure Security Agency CISA) CISA has published three malware analysis reports on malware variants associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. It was exploited as a zero day
CISA: New Submarine malware found on hacked Barracuda ESG appliances (BleepingComputer) CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances on federal agencies' networks by exploiting a now-patched zero-day bug.
Linux version of Abyss Locker ransomware targets VMware ESXi servers (BleepingComputer) The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.
APT “Mysterious Elephant” Emerges in Q2 2023, Kaspersky Reports (Infosecurity Magazine) Kaspersky also sheds light on more information related to the “Operation Triangulation” campaign
CVE-2023-35081 - Remote Arbitrary File Write (Ivanti Community) A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerability impacts all supported versions –releases 11.10, 11.9 and 11.8. Older versions/releases are also at risk. This vulnerability is different from CVE-2023-35078, released on July 23.
New vulnerabilities mean it's time to review server BMC interfaces (CSO Online) Two recently discovered vulnerabilities in widely used baseboard management controllers could give remote and local threat actors full control over servers.
Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack (The Hacker News) Ivanti discloses another flaw in Endpoint Manager Mobile (EPMM) that is being exploited by malicious actors.
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion (Proofpoint) Proofpoint identified a new malware we call WikiLoader.
It has been observed delivered in multiple campaigns conducted by threat actors targeting Italian organizations.
The malware uses multiple mechanisms to evade detection.
It is named WikiLoader due to the malware making a request to Wikipedia and checking that the response has the string “The Free” in the contents.
It is likely the use of this malware is available for sale to multiple cybercriminal groups.
What is the Akira ransomware, and why has the government issued a warning against it? (The Hindu) What is the Akira ransomware, why has the government of India issued a warning for it, how does it work, and how can users protect their devices against ransomware? Read more on The Hindu.
Cado Security Labs Encounter Novel Malware, Redis P2Pinfect (Cado Security) Cado Security Labs recently encountered a novel malware, named “P2Pinfect” targeting publicly-accessible deployments of the Redis data store.
AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service (The Hacker News) Beware of AVRecon botnet! It exploits compromised routers for illegal proxy services.
Original BreachForums Breached, PII Data of 210K Users Sold Online (HackRead) Have I Been Pwned, a central repository for tracking online data breaches, has confirmed the legitimacy of the stolen BreachForums data.
N. Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist (HackRead) CoinsPaid’s internal systems were compromised, prompting the firm to temporarily halt operations for four days.
Now Abyss Locker also targets VMware ESXi servers (Security Affairs) A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn. The operators behind the Abyss Locker developed a Linux variant that targets VMware ESXi servers expanding their potential targets. VMware ESXi servers are privileged targets of ransomware groups and are often part of enterprises’ infrastructures. […]
Android now swamped by spyware apps say cybersercurity experts (Mobile News) The Android platform is now riddled with scam apps that can hijack user’s personal data. Cybersecurity experts ESET says there has been an 88 per cent increase in the number of SpyLoan loan apps that can steal sensitive information from infected Android devices This has led to a 19 per cent overall growth in the
The Never-Ending Phishing Scam: When “Natalie Hamilton” Reemerged with a Vengeance (and Power Drill) (Akamai) Akamai researchers have been tracking a scam campaign that has been active since at least March 2022 and has remained active through various sophisticated obfuscation techniques.
Sovos Compliance Notifies Northwestern Mutual Clients of MOVEit-Related Data Breach (JD Supra) On July 22, 2023, Sovos Compliance, LLC (“Sovos”) filed a notice of data breach on behalf of Northwestern Mutual after discovering that a secure file...
Pacific Premier Bank Announces Third-Party Data Breach Affecting Customers’ SSNs (JD Supra) On July 20, 2023, Pacific Premier Bank filed documents with the Securities and Exchange Commission describing a third-party data breach involving a...
In 12 months, INSA Foils Over 6,700 Cyberattacks on Ethiopia (Ethiopian Monitor) More than 6,760 cyber attack attempts were made against Ethiopia in the past twelve months, the Information Network Security Administration (INSA) reports.
Scottish university UWS targeted by cyber attackers (BBC News) Data supposedly belonging to the University of the West of Scotland is being auctioned by a cyber gang.
Data Leak Exposes 572 GB of Student, Faculty Info from Accreditation Org (HackRead) The data leak originated from a database owned by the Southern Association of Independent Schools, Inc. (SAIS).
University of Hawaii makes payout to cyber criminals (KHON2) College officials said they made the difficult decision to prevent sensitive information of tens of thousands from being dumped on the internet.
Hawai'i Community College pays ransomware gang to prevent data leak (BleepingComputer) The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.
Hawaii Community College paid at least $100,000 in ransomware attack (KITV Island News) The University of Hawaii says it paid a ransom in the low six-figure range to hackers who stole the personal information of about 28,000 people from the Hawaii Community College
Data breach hits Arizona’s school voucher program, prompting security concerns (Arizona Family) Gov. Katie Hobbs is demanding answers from state superintendent Tom Horne.
'Added stressor to university life': University of Guelph student speaks out following data breach (Kitchener CTV) A student at the University of Guelph is speaking out over what she's calling a lack of transparency following a data breach.
Scottish university UWS targeted by cyber attackers (BBC News) Data supposedly belonging to the University of the West of Scotland is being auctioned by a cyber gang.
Press release
CMS Responding to Data Breach at Contractor
(CMS) CMS Notifying Potentially Involved Beneficiaries and Providing Information on Free Credit Monitoring
Twitter's rebranding to 'X' triggers Microsoft Edge security alert (BleepingComputer) Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. It's got to do with a security feature dubbed 'Progressive Web App Icon change', designed to keep users safe during app icon or name changes.
Apple rejects new name 'X' for Twitter iOS app because... rules (BleepingComputer) Mr. Musk may have successfully pushed Twitter's new name and logo, 'X', and even made the vanity domain x.com redirect to the social media website, but that's not to say, the Mathematical double-struck letter will fit the bill everywhere. Apple's App Store can't accept Twitter iOS app's new name due to minimum character requirements
Security Patches, Mitigations, and Software Updates
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 (Cybersecurity and Infrastructure Security Agency CISA) Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM). This vulnerability allows an attacker with EPMM administrator privileges to write arbitrary files with the operating system privil
Ivanti patches another EPMM zero-day used to attack Norwegian government (Computing) Mobile security vendor Ivanti has fixed another zero-day vulnerability in the Endpoint Manager Mobile (EPMM) software that was exploited alongside another zero-day fault to infiltrate the IT systems of a dozen ministries in Norway.
Zimbra Patches Exploited Zero-Day Vulnerability (SecurityWeek) Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks.
Google: Android patch gap makes n-days as dangerous as zero-days (BleepingComputer) Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods.
Trends
The Majority Report (CrowdSec) The Majority Report is a comprehensive community-driven data report generated from the collective contributions of CrowdSec's rapidly-growing network of 65,000+ active users. It offers key insights into the rise of IPv6 and the role of VPN in cybercriminal activities.
New report highlights the rise of IPv6 in cybercriminal activities (Security) A new report reveals some of the top emerging cybersecurity threats and trends worldwide.
Industrial Ransomware Attack Analysis Q2 2023 (Dragos) Ransomware attacks continued to be a significant threat in Q2 2023. Read our analysis of ransomware variants impacting industrial organizations worldwide.
CrowdSec's New Cybersecurity Majority Report Highlights the Rise of IPv6 in Cybercriminal Activities | Cybersecurity Dive (Cybersecurity Dive) CrowdSec, the pioneering open source and collaborative cybersecurity company, today released its Q2 2023 Majority Report.
ZeroFox Releases Brand Protection Trends Report, Finds 164% Increase in Cyber Threats Targeting Brands Quarter-Over-Quarter (GlobeNewswire News Room) ZeroFox unveils new generative AI tools to address spike in domain and executive impersonations noted in intelligence report...
Brand Protection. Trend Report (ZeroFox) An organization’s brand is the key to its success—public perception of that brand can significantly impact its bottom line.
Scottish NHS data breaches up by a third in five years (Herald) The number of data breaches at Scottish health boards has risen by a third since the introduction of a system intended to reduce them, it has emerged.
Marketplace
CISA to Host Industry Day on Cyber Response and Recovery Act Requirements (ExecutiveBiz) Looking for the latest Government Contracting News? Check out our story: CISA to Host Industry Day on Cyber Response and Recovery Act Requirements. Click to
Dallas Tech Unicorn Names Cybersecurity, Software Sales Veteran As President (Dallas Innovates) Island, the Dallas-based tech unicorn startup valued at $1.3 billion in 2022 has named Steve Tchejeyan president of the company that is a leader and pioneer in the Enterprise Browser market. The company said that Tchejeyan brings decades of executive leadership experience driving successful business strategies and growth initiatives for some of the world’s leading […]
Rapid7 appoints Anita Moorhouse as partner director (iTWire) Cloud risk and threat detection company Rapid7 has appointed Anita Moorhouse as partner director APJ to spearhead the company’s channel partnerships in the region. Rapid7 said over the past two years, it has worked hard to increase its support of partners in the APJ region—a strategic catalyst for c...
Products, Services, and Solutions
New infosec products of the week: July 28, 2023 (Help Net Security) The featured infosec products this week are from: BreachRx, Darktrace, Dig Security, Panorays, and SeeMetrics.
N2K Cyber and Unit 42 by Palo Alto Networks collaborate to launch Unit 42 Threat Vector, the newest segment on The CyberWire Daily Podcast (Yahoo Finance) N2K Cyber, previously The CyberWire Network, and Palo Alto Networks® Unit 42® announced today the launch of their new bi-weekly segment, Threat Vector, on the CyberWire Daily podcast. The segment, hosted by David Moulton, Director Thought Leadership Unit 42, will feature insights from Unit 42 threat intelligence experts, incident responders, and proactive security consultants. By joining the industry's leading daily cybersecurity podcast, Unit 42 Threat Vector will unravel the complex and consta
Fortinet Recognized as the Sole Leader in the Westlands Advisory 2023 IT/OT Network Protection Platforms Navigator™ (Fortinet) As one of the top and fastest growing OT security vendors, Fortinet is increasing market share with its integrated OT-Aware Security Fabric platform
Darktrace unveils AI-enabled capabilities for incident response (SecurityBrief Australia) Heal completes Darktrace’s cyber AI loop, delivering resilience throughout the cyber lifecycle from prevention, detection, response, and recovery.
Darktrace Launches AI-Enabled Product to Help Businesses Prepare for and Recover from Cyber-Attacks (Fagen Wasanni Technologies) Darktrace Launches AI-Enabled Product to Help Businesses Prepare for and Recover from Cyber-Attacks - Fagen Wasanni Technologies
IT Security Company, Jera IT, Develops Free Security Audit Following Huge Data Breach Industry Trend (Digital Journal) Between 2022 and 2023, as many as 32% of UK businesses reported cyber-attacks or data breaches. Large companies are often disproportionately affected, with 69% having been targeted while roughly 59% of medium sized companies have also reported cybersecurity crimes.
Internet Safety Labs Advances Mobile App Safety for K-12 Students, Families and Educators with New App Microscope (GlobeNewswire News Room) Pierces the technology fog to show what is really going on with children’s private and personal data inside EdTech applications...
GCA and Amazon Team Up to Strengthen Cyber Education and Reduce Cyber Risks with a Focus on Digital Natives (Global Cyber Alliance) Today, the Global Cyber Alliance (GCA) announces a new collaboration with Amazon focused on fostering consumer education around scam identification, prevention, and reducing the stigma around reporting scams among young adult Internet users, ranging from 18-25 years old.
Technologies, Techniques, and Standards
What Role Does AI Play In Enhancing Aviation Cybersecurity? (Forbes) Cybersecurity is critical to the safety of aviation. Attacks to critical aviation infrastructure pose real threats. So, how does the FAA address these cyber challenges?
The Role of Cybersecurity in Protecting Water Disinfection Systems (EnergyPortal) The role of cybersecurity in protecting water disinfection systems has become increasingly crucial in our digital age. As water treatment facilities worldwide adopt advanced technologies to improve their operations, they inadvertently expose themselves to cyber threats. The recent surge in cyber-attacks on critical infrastructure underscores the need for robust cybersecurity measures to safeguard these essential services.
The race against time in ransomware attacks (Help Net Security) Ransomware continues to leave business data at risk, as organizations worry about failure to recover data, even when they have backups.
How CISOs can engage the C-suite and Board to manage and address cyber risk (VentureBeat) Whys CISOs should use storytelling and real-world examples to not just vocalize cyber risk, but make boards feel the impact of it.
Defending Your Organization from Illegal Data's Wrath (Datadobi) Businesses not only grapple with the management of data but also face the threat of illegal data concealed within their digital repositories.
Design and Innovation
Cryptography may offer a solution to the massive AI-labeling problem (MIT Technology Review) An internet protocol called C2PA adds a “nutrition label” to images, video, and audio.
VIEWPOINT: The ethical issues of AI - fighting the right battles (APDR) Will artificial intelligence replace human beings? Could it turn against its creators? Does it represent a danger for the human race?
Academia
Why schools are easy targets for ransomware attacks, and what to do about it (Educator) The Educator speaks to an expert about how principals can safeguard their schools from this increasingly complex threat
UNLV hosts summer camp, escape room to highlight cybersecurity (KSNV) UNLV is workingto inspire the valley's next generation of cybersecurity professionals.
Legislation, Policy, and Regulation
The world is ‘reentering an era of strategic competition’ with cyber, official says (Nextgov.com) Cyberspace Ambassador Nathaniel Fick argued that the U.S. needs to be able to provide cybersecurity assistance to allies in a way that incorporates emerging technologies.
North Korea's cyber-enabled sanction evasion requires tougher response, lawmakers and experts say (Nextgov.com) Pyongyang’s growing reliance on cybercrimes to circumvent international sanctions should push the U.S. and its allies to fully enforce existing sanctions and review whether more regulations are needed to govern digital currencies.
Home Office lobbied for facial recognition in shops to tackle theft, report (Computing) Recently published documents have revealed the UK government has been actively pressurising the Information Commissioner's Office (ICO) to endorse the rollout of facial recognition technology in high street shops and supermarkets to tackle 'retail crime'.
FACT SHEET: Biden-Harris Administration Announces National Cyber Workforce and Education Strategy, Unleashing America’s Cyber Talent (The White House) Read the full strategy here Today, the Biden-Harris Administration unveiled the National Cyber Workforce and Education Strategy (NCWES), a first-of-its-kind comprehensive approach aimed at addressing both immediate and long-term cyber workforce needs. Filling the hundreds of thousands of cyber job vacancies across our nation is a national security imperative and the Administration is making generational…
National Cyber Workforce and Education Strategy: Unleashing America’s Cyber Talent (The White House) Technology and humanity are intertwined. Technology itself does not have a value system; rather it carries the values of its owners and operators. Cyberspace is composed not only of technology and protocols, but also people. People are an integral part of cyberspace, both in creating and using it
The White House releases the US National Cyber Workforce and Education Strategy. (CyberWire) The latest official plan to follow the National Cybersecurity Strategy represents an unusual mix of the highly general and the very specific in its provisions.
Warner, Fischer Lead Bipartisan Reintroduction of Legislation to Ban Manipulative 'Dark Patterns' (Mark R. Warner) This week, U.S. Sens. Mark R. Warner (D-VA) and Deb Fischer (R-NE), joined by Sens. Amy Klobuchar (D-MN), and John Thune (R-SD), introduced the Deceptive Experiences To Online Users Reduction (DETOUR) Act to prohibit large online platforms from using deceptive user interfaces, known as “dark patterns,” to trick consumers into handing over their personal data. The bill would also require these platforms to obtain consent from users for covered research and prohibit them from using features that result in compulsive usage by children and teens.
Senators take another shot at cracking down on ‘dark patterns’ (Record) A bipartisan Senate bill to stop online platforms from tricking consumers into disclosing personal data through the use of deceptive user interfaces, commonly referred to as “dark patterns,” has been reintroduced Friday by Sen. Mark Warner, (D-VA), alongside several colleagues.
FBI: Without Section 702, we can't ID cyber criminals (Register) Also: China's 'got a bigger hacking program than that of every major nation combined'
More Battlefield AI Will Make the Fog of War More Deadly (WIRED) The Pentagon’s embrace of military AI raises questions about what limits should be placed on the technology—and how to keep humans in control.
Senate opens path for a cyber-focused military branch (Record) The chamber's version of this year's National Defense Authorization Act would order up a third-party assessment of establishing a cyber-specific military service.
National Cyber Strategy Implementation Plan: What you need to know (Help Net Security) Kelly Rozumalski, Senior VP at Booz Allen, discusses the National Cybersecurity Strategy Implementation Plan (NCSIP).
What a 'whole of government' approach means for cybersecurity (Washington Technology) The money flowing to state and local governments is influencing these entities to adopt new ways to manage their IT. It's starting with cyber but it won't end there.
Litigation, Investigation, and Law Enforcement
Meta Forced to Reveal Anonymous Facebook User's Identity Over Defamatory Posts (Stack Diary) In a landmark decision that signals a shift in the balance between user privacy and accountability on social media platforms, the Court of The Hague has
Who Paid for a Mysterious Spy Tool? The F.B.I., an F.B.I. Inquiry Found (New York Times) After a Times report, the bureau canceled its contract with a government contractor that used the tool on its behalf. But questions remain.
US senator victim-blames Microsoft for Chinese hack (Register) ALSO: China says US hacked it right back, BreachForums users have been pwned, and this week's critical vulns
Air Force engineer under investigation for "critical compromise" of communications (Task & Purpose) Law enforcement raided the home of an engineer, finding thousands of dollars in stolen communication equipment and Air Force radio passwords.
Pentagon hit by ‘critical compromise’ of US air force communications – report (the Guardian) Forbes reports claim that engineer at Arnold air force base in Tennessee had taken home government radio technologies
Understanding the Legal Implications of DDoS Mitigation (CityLife) In the digital landscape, Distributed Denial of Service (DDoS) attacks pose a significant threat to businesses and organizations.
The Legal Aspects of DDoS Mitigation: What You Need to Know (TS2 SPACE) In the ever-evolving digital landscape, Distributed Denial of Service (DDoS) attacks have become a prevalent threat to businesses and organizations.
Louisiana lawmakers calls for more information on OMV data breach (WWL) After the data breach at the Louisiana Office of Motor Vehicles last month, the OMV is offering a free year of Life Lock credit monitoring to those impacted.
Florida man accused of hoarding secrets faces fresh charges (Register) Mar-a-Lago IT director told 'the boss wanted the server deleted'
Assange will not be freed until 2024 US election is done (iTWire) WikiLeaks founder and publisher Julian Assange is unlikely to be released by the US until the 2024 presidential elections are done. That is the main takeaway from American statements on Saturday, refusing to accede to Australia's timid requests for his freedom. Following bilateral ministerial ta...
Attorneys in Lehigh Valley Health Network data breach lawsuit battle over protection of data downloaded from dark web (The Morning Call) Attorneys for Lehigh Valley Health Network allege lawyers suing the provider over a cyberattack that exposed patients’ personal information to the dark web improperly downloaded the data from…