Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+523: Looking for reliable C2. (CyberWire) Ukraine makes more progress on the ground, and drone strikes against government offices in Moscow continue. Russian bombardment of Ukrainian cities continues.
Russia-Ukraine war: List of key events, day 524 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 524th day.
Putin’s forces pushed back by Ukraine despite Moscow’s claims offensive is ‘failing’ (The Independent) Kyiv minister cites recent gains in direction of Bakhmut, Berdyansk, Melitopol and Kupiansk
Drone Again Hits a Moscow Building Housing Russian Ministries (New York Times) Ukrainian officials have become more open in their view that targets inside Russia are legitimate.
Russia intercepts new wave of drones over Moscow, office tower hit (Al Jazeera) Moscow mayor says the office building damaged was the same one hit in an attack on Sunday.
Latest in Ukraine: Ukraine's counteroffensive makes some gains (NPR) Catch up on key developments and the latest in-depth coverage of Russia's invasion of Ukraine.
Ukraine war: after two months of slow progress the long-awaited counteroffensive is picking up speed. Why has it taken so long? (The Conversation) Ukraine’s summer push is now showing signs of real progress, but don’t expect an end to the war anytime soon.
Ukraine’s Attacks in Russia Aimed at Degrading Moscow’s Ability to Wage War (New York Times) The stepped-up drone and missile attacks show a will to hamper the Kremlin’s military logistics, and to remind ordinary Russians of the cost of war.
Russia-Ukraine war live: Moscow hit by second drone attack in two days; Russian strike hits college dormitory in Kharkiv (the Guardian) Moscow mayor says air defences shot down ‘several’ drones; one injured in strikes on Ukraine’s second-largest city
Russia accuses Ukraine of a drone attack on Moscow that hit a building already struck just days ago (AP News) Russian authorities have accused Kyiv of yet another attack on Moscow and its surroundings with drones.
Russia says thwarts Ukrainian attacks on navy and civilian ships in Black Sea (Reuters) Russia's defence ministry said on Tuesday it had thwarted attacks by Ukrainian sea drones on its navy and civilian ships in the Black Sea.
What Russia's 'forgotten offensive' tells us about the trajectory of war in Ukraine (ABC) So far, the Ukrainians appear to have been able to minimise Russian gains in Luhansk. But what does this new Russian offensive tell us about Russia's strategy and the trajectory of the war, asks Mick Ryan.
Ukraine live briefing: At least 10 dead, more than 100 injured after missile strike on Zelensky’s hometown (Washington Post) Russian strikes killed at least ten people and injured more than 100 others in the Ukrainian city of Kherson and in Kryvyi Rih — President Volodymyr Zelensky’s hometown — Ukrainian officials said. Emergency workers in Kryvyi Rih were able to rescue a 10-year-old girl who initially had been reported dead, according to the Ukraine’s Ministry of Internal Affairs.
Russian missiles strike an apartment building, killing at least 4 in Ukrainian leader's hometown (AP News) Ukraine's interior minister says Russian missiles have slammed into a central Ukrainian city and killed at least four people, including a 10-year-old child, as the blasts trapped residents beneath rubble.
Putin presides over military parade with no mention of war in Ukraine (CBS News) Russian President Vladimir Putin presided over a military parade in celebration of Russia's Navy Day, but the war in Ukraine went unmentioned. The parade came after drones attacked Moscow early Sunday morning. Elizabeth Palmer has the latest.
Opinion Ukraine maps show the price of allies’ hesitation (Washington Post) Last September, Ukraine requested Western tanks from allies to push back against Russia’s invasion. At that time, Russia had not consolidated much of its hold on the territory it had taken. While allies debated whether or not they should send tanks, Russia began to dig in
War and peace with Ukrainian characteristics (Asia Times) Few in Washington seem overly worried about the apparent stalemate in Ukraine, where Kiev’s forces can’t break through Russia’s fortified defenses. Meanwhile, America is entirely concentrated on th…
Mexican president urges end to 'irrational' Ukraine war, wants Russia at peace talks (Reuters) Mexican President Andres Manuel Lopez Obrador on Monday called for an end to the "irrational" war in Ukraine, urging upcoming peace talks in the Middle East to include representation from both Ukraine and Russia.
EU strikes Russia again as digital infowar rages on (Cybernews) Russia has been slapped with yet more restrictions by the EU, which imposed measures against seven nationals and five entities that it says are engaged in “digital information manipulation” in aid of the Kremlin’s invasion of Ukraine.
Czechs Freeze Bank Accounts, Impound Property Of Russian Oligarch Yevtushenkov (RadioFreeEurope/RadioLiberty) Czech media reports say investigators have frozen bank accounts and impounded the property of Russian oligarch Vladimir Yevtushenkov and his son Feliks in Prague and Karlovy Vary.
Elon Musk 'refuses to turn on Starlink' for Crimea drone attack (The Telegraph) SpaceX chief executive deals blow to Ukraine's battle plan by insisting his firm can not be used to conduct long-range offensive strikes
How Elon Musk Was Able to Exert Control in Ukraine War (The Street) One of Musk's ventures has a reach that the competition can't match.
Ukraine Cracks Down on Illicit Financing Network (Gov Info Security) Ukraine blocked an illicit money laundering network operating across the country that made use of sanctioned Russian payment systems and cryptocurrency exchanges to
EU agriculture officials work on ways to move Ukrainian grain to the world (AP News) The European Union will look at helping fund the costly transportation of grain out of Ukraine after Russia halted a deal that allowed Black Sea exports vital to global food security.
After the Deluge (The Atlantic) The Kakhovka Dam’s destruction by suspected Russian sabotage has made the Ukrainian land itself a casualty of war.
The $3.9 billion UN humanitarian appeal for Ukraine is only 30% funded, UN aid official says (AP News) The $3.9 billion humanitarian appeal for war-torn Ukraine is less than 30% funded as the country starts preparing for a second winter with more residential buildings damaged and destroyed and thousands of people homeless following the collapse of the Kakhovka dam.
Russia boasts about 'adoption' of Ukrainian children despite war crimes charges (Washington Examiner) Nearly 400 Ukrainian children have undergone an “adoption” process in Russia, according to a lead Russian official indicted on international war crimes charges for the seizure of Ukrainian children.
Attacks, Threats, and Vulnerabilities
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor (The Hacker News) Indian-linked Patchwork hackers strike Chinese universities and research organizations with the notorious EyeShell backdoor!
APT Bahamut Targets Individuals with Android Malware Using Spear Messaging - CYFIRMA (CYFIRMA) EXECUTIVE SUMMARY The team at CYFIRMA recently obtained advanced Android malware targeting individuals in the South Asia region. The suspicious...
Hackers steal Signal, WhatsApp user data with fake Android chat app (BleepingComputer) Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.
China's Volt Typhoon APT Burrows Deeper Into US Critical Infrastructure (Dark Reading) US officials are concerned that the Beijing-directed cyberattacks could be a precursor to military disruption and broader destructive attacks on citizens and businesses.
Cloudzy with a Chance of Ransomware: Unmasking Command-and-Control Providers (C2Ps) (Halcyon) There are a multitude of players from access brokers to money launderers who specialize in various aspects of the larger Ransomware Economy that range from access brokers to RaaS platform providers, and the vast majority are cognizant that their activities are illicit.
Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable (The Hacker News) Patchstack reports security vulnerabilities in the popular Ninja Forms plugin for WordPress (CVE-2023-37979, CVE-2023-38386, CVE-2023-38393).
Known MOVEit Attack Victim Count Reaches 545 Organizations (Bank Info Security) The number of organizations and individuals affected by the Clop ransomware group's data-stealing attack on MOVEit servers continues to rise. So far, at least 545
Hackers exploit BleedingPipe RCE to target Minecraft servers, players (BleepingComputer) Hackers are actively exploiting a 'BleedingPipe' remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices.
Call of Duty Self-Spreading Worm Takes Aim at Player Lobbies (Dark Reading) The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware.
Call of Duty worm malware used to hack players exploits years-old bug | TechCrunch (TechCrunch) Hackers are exploiting a bug that's at least five years old to infect Call of Duty: Modern Warfare 2 players with a self-spreading malware.
Over $70M Stolen From Multiple DeFi Protocols Due To Vyper Code Bug (Yahoo Finance) Hacker Used Re-entrancy Attacks To Drain Assets From Curve Pools
Cyber attack forces Tempur Sealy to shut down its IT systems (Furniture Today) Tempur Sealy International had to shutter parts of its IT systems as a result of a “cybersecurity event” that hit July 23.
Hospital data breach reaches Birmingham, Alabama hospitals (Birmingham Business Journal) The information exposed may have included full name, address, medical billing and insurance information, diagnoses and medication and date of birth and social security number.
New England Life Care Notifies Over 51k Patients of Recent Data Breach (JD Supra) On July 21, 2023, New England Life Care, Inc. (“NELC”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for...
CMS announces data breach affected about 612,000 beneficiaries (MedicalEconomics) Hack involved information transfer software used by contractor.
U of G students alerted to data breach months after it happened (GuelphToday.com) Personal information like names, student numbers and dates of birth were potentially exposed in the data breach that happened in March
Westlake Village, CA: BankCard USA surrenders and pays ransom (SuspectFile) BankCard USA is nothing more than one of the latest victims to fall into the network of a group of cybercriminals whose main objective is to monetize their work, at any cost and by any means.
CISA Adds One Known Exploited Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-35081 Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
Vulnerability Summary for the Week of July 24, 2023 (Cybersecurity and Infrastructure Security Agency CISA) High Vulnerabilities Primary Vendor -- Product Description Published
Security Patches, Mitigations, and Software Updates
CP2023-003 Vulnerability Mitigation/Remediation for Inkjet Printers (Home and Office/Large Format) (Canon) Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers (home and office/large format) may not be deleted by the usual initialization process.
Trends
Unpacking the OT & IoT Threat Landscape with Unique Telemetry Data (Nozomi Networks) Nozomi Networks analysis of the current threat landscape finds malware activity in OT and IoT environments worldwide jumped 10x and alerts on unwanted applications doubled as nation-states, criminal groups and hacktivists continue to target healthcare, energy and manufacturing.
Zscaler VPN Report Finds Nearly Half of Organizations Are Concerned About Enterprise Security Due to Unsafe VPNs (GlobeNewswire News Room) Insecure VPNs, Email, and End User Devices Identified as Primary Attack Vectors, Stressing the Need for a Zero Trust Architecture 88% of companies...
Cyber Insurance and the Ransomware Challenge (RUSI) A study examining the role of cyber insurance in addressing the threats posed by ransomware.
Marketplace
Silk Security Emerges from Stealth with $12.5m in Seed Funding to Close Security and Operations Cyber Risk Resolution Gap (PR Newswire) Silk Security, the first platform for sustainable cyber risk resolution, today announced the company's public launch and $12.5 million in seed...
Nile Raises $175M Series C Funding to Propel Its Vision to Redefine Enterprise Networks (Nile) Nile was built from the ground up to deliver secure wired and wireless networking, as a service.
Converge Insurance Announces $15 Million Series A Funding from Forgepoint Capital (PR Newswire) Converge Insurance, pioneers in advanced cyber risk management and underwriting, today announced $15 million in Series A funding from...
Telos Corporation Awarded $5.8 Million Contract with National Geospatial-Intelligence Agency (Telos Corporation) Telos Corporation (NASDAQ: TLS), a leading provider of cyber, cloud and enterprise security solutions for the world’s most security-conscious organizations, today announced a $5.8 million, five-year contract award with the National Geospatial-Intelligence Agency (NGA). The contract builds on Telos’ 16-year relationship with NGA and includes renewals of both Xacta...
Cycode Leads Code to Cloud Shift with 200% Y-o-Y Revenue Growth (GlobeNewswire News Room) Expands Executive Team with Proven CRO and SVP Marketing Appointments ...
Accenture to chop 890 Irish jobs as part of 18,000 cuts worldwide (Computing) Accenture plans to cut 890 employees in Ireland. The new round of cuts, coming after an earlier round of 800 lay-offs for the global solution provider's Irish operations, is part of a larger plan to eliminate 18,000 jobs over the next year-plus.
Reddit Taps Fredrick ‘Flee’ Lee for CISO Job (SecurityWeek) Reddit hires a 20-year cybersecurity veteran to manage its privacy and security functions as it prepares for an IPO.
Marshall Erwin hired as Chief Information Security Officer at Fastly (Security Magazine) Marshall Erwin has been hired as Chief Information Security Officer at Fastly. Erwin was previously Chief Security Officer at Mozilla.
Envision Welcomes Top Tech Sales Professional Jessica Kumar (GlobeNewswire News Room) Envision Technology Advisors, a leading tech consultancy headquartered in Rhode Island, announced the...
Envision Welcomes Microsoft Sales Expert Matthew Aghedo (GlobeNewswire News Room) Envision Technology Advisors, a trusted technology services consultancy, announced the addition of...
Envision Welcomes Noted Sales Leader Bryan Bickerstaff (GlobeNewswire News Room) Envision Technology Advisors, an award-winning technology services company, announced the addition of...
Products, Services, and Solutions
ESET Mobile Security Premium earns Approved Mobile Product certification by AV-Comparatives for the second year in a row (EIN News) ESET Mobile Security Premium excelled in AV-Comparatives' Mobile Security Report 2023
Menlo Security Redefines Browser Security with Industry-First AI-Powered Phishing and Ransomware Protection (Menlo Security) HEAT Shield and HEAT Visibility, powered by Menlo Security’s Isolation Core™, prevent attacks from infiltrating enterprise networks and provide rich, actionable intelligence to mitigate highly evasive threats
Cisco Introduces Automated Ransomware Recovery (Cisco) Organizations can now automatically recover from ransomware attacks with first-of-its-kind capabilities in Cisco Extended Detection and Response (XDR)
Aqua Security Unveils AI-Guided Remediation for Lightning-Fast Vulnerability Response (Aqua) Aqua Security announced enhancement of the Aqua Cloud Security Platform with the availability of AI-Guided Remediation capabilities.
Sevco Security Unveils New Vulnerability Hunting Capabilities (Business Wire) Capabilities Improve Overall Security Posture With Proactive Approach to Preventing the Number of Successful Attacks
Cycode Elevates its Security First, Developer-Friendly AppSec & ASPM Platform with New Capabilities (GlobeNewswire News Room) Expands hardcoded secrets detection to include Confluence, AWS S3 Buckets and Azure to stop supply chain attacks in their tracks...
Skyhawk Re-invents Cloud Detection Response with Industry’s First Generative AI-Powered Shift Left CDR Technology (GlobeNewswire News Room) Skyhawk Security, the originator of cloud threat detection and response (CDR), now also called...
vPenTest from Vonahi Security Achieves SOC 2 Type II Certification (Business Wire) This certification enhances the company's automated network penetration testing platform's market potential, particularly in industries with stringent regulatory requirements
Synopsys Launches Software Risk Manager to Simplify Enterprise-Scale Application Security Testing (Synopsys) New Solution Combines Policy-Driven Test Orchestration and Vulnerability Management with Market-Leading AST Engines to Help Teams Maximize AppSec Program ROI SUNNYVALE, Calif., Aug. 1, 2023...
Forescout's New Risk and Exposure Management Solution Delivers Streamlined, Quantitative Approach to Cyber Asset Risk Management (Business Wire) Gives enterprises overwhelmed by rapid asset growth and a widening attack surface a more intuitive way to identify and respond to exposure gaps
VMware Carbon Black Launches Threat Detection and Response for Modern Applications (VMware News and Stories) New Cloud Native Detection and Response capabilities provide security teams with real‑time, unified visibility and context into containers and Kubernetes environments
Exertis named ColorTokens’ first pan-European distributor (Exertis | News) Leading distributor Exertis today announced that it has been named as ColorTokens’ first pan-European distributor.
Fortinet Security Operations Solutions Use AI to Slash Time to Detect and Respond to Incidents from Three Weeks to One Hour (Fortinet) Report from Enterprise Strategy Group reveals that the integrated Fortinet SecOps Fabric automatically contains incidents in minutes or even seconds
Devo and Cybermindz Partner to Address the Mental Health of Front-Line Cybersecurity Workers in the U.S. (PR Newswire) Devo Technology, the cloud-native security analytics company, today announced its financial support for Cybermindz, a not-for-profit...
Cycode Elevates its Security First, Developer-Friendly AppSec & ASPM Platform with New Capabilities (GlobeNewswire News Room) Expands hardcoded secrets detection to include Confluence, AWS S3 Buckets and Azure to stop supply chain attacks in their tracks...
Incode and Snappt Partner to Bring Industry-Leading Identity Verification to Property Management (PR Newswire) Incode Technologies Inc., a leading provider of world-class identity verification and authentication solutions for global enterprises, today...
Technologies, Techniques, and Standards
Some Companies Shun Long-Awaited Trans-Atlantic Data Agreement (Wall Street Journal) After years of waiting for a new data-transfer deal between the U.S. and the EU, some privacy officers are taking a cautious approach.
Inside the fight against hackers who disrupted hospitals and jeopardized lives (Microsoft) After tricking an employee with a phishing email and a poisoned spreadsheet, hackers used the employee’s infected computer to break into Ireland’s public health system and tunnel through the network for weeks. They prowled from hospital to hospital, browsed folders, opened private files and spread the infection to thousands of other computers and servers.
The data security challenge for fintechs - ET CIO (ETCIO.com) The number of fintech start-ups has more than doubled in recent years, and customer adoption of fintech services has shown an impressive upward trend. This not only demonstrates the industry's rapid expansion but also underlines the critical need for robust data security practices to safeguard sensitive information.
A jargon-free explanation of how AI large language models work (Ars Technica) Want to really understand large language models? Here’s a gentle primer.
Academia
Indiana University launches space law courses, satellite cybersecurity program (Herald Times) Interested in combatting cyber attacks waging on over 22,000 miles above your head? How about learning how to become a space lawyer (yes, that's a real thing)? There's a new dedicated space carved out at Indiana University just for you.
Legislation, Policy, and Regulation
National Cyber Workforce and Education Strategy Can Help Meet Evolving Cyber Workforce Needs (Information Technology Industry Council) Today, global tech trade association ITI welcomed the White House Office of the National Cyber Director (ONCD)’s release of the National Cyber Workforce and Education Strategy, an outline designed to build the U.S. cyber workforce and education system and address the critical cyber workforce shortage.
White House releases strategy to expand the U.S. cyber workforce (Nextgov.com) The plan includes measures for improving cybersecurity knowledge at all levels of education and improving how the federal government attracts, hires and pays cybersecurity workers.
White House seeks whole of society approach, immigration reform to boost cyber workforce (CyberScoop) The Biden administration's strategy for boosting the cybersecurity workforce looks to government, private sector and non-profits.
Inside the White House blueprint for filling U.S. cyber jobs (Washington Post) The cyber workforce plan: A strategy, some commitments and a request for specifics
NSF renews cybersecurity workforce development projects (Mirage News) The U.S. National Science Foundation CyberCorps® Scholarship for Service program is renewing funding for seven academic institutions, providing more than $24 million over the next four years.
Biden's intelligence advisers recommend reforming FBI access to controversial spying tool (CyberScoop) The report comes as Congress debates whether to renew Section 702 of FISA, which is set to expire at the end of the year.
White House urges reauthorization of Section 702 spy powers (Register) As expert panel suggests some tweaks to boost public's confidence in FISA
Limit FBI’s access to powerful spy tool, White House panel says (Washington Post) But the intelligence advisers said they oppose requiring the bureau to seek a warrant before searching a key NSA database
FBI Access to Spying Tool Should Be Restricted, Panel Advises (Wall Street Journal) Access to a trove of intercepted emails, texts and other electronic data should be curtailed following serial missteps, a White House panel of advisers concluded.
Section 702 surveillance powers are necessary, but FBI access needs limits, panel says (Record) Congress should renew the electronic surveillance powers authorized under a controversial 2008 law, but not without fresh rules governing the FBI’s use of the program, according to a White House panel of intelligence experts.
Army Establishes New Offensive Cyber, Space Program Office (MeriTalk) The U.S. Army established a new program management office within its Program Executive Office for Intelligence, Electronic Warfare, and Sensors (PEO IEW&S) to support its expanding cyber, information warfare, and tactical space missions.
SEC demands four-day disclosure limit for cybersecurity breaches (Naked Security) When is a ransomware attack a reportable matter? And how long have you got to decide?
A win, a miss and a path to stronger digital authentication (C4ISRNet) The NCSIP introduces a dedicated segment for policy reviews, ensuring an adaptive strategy that remains in sync with an evolving cybersecurity landscape.
CISA Welcomes Aeva Black: Joining Our Team to Strengthen Open Source Software Security (Cybersecurity and Infrastructure Security Agency CISA) Today marks an exciting moment as we announce the addition of Aeva Black to our team. With great enthusiasm, we welcome Aeva as CISA’s Open Source Security Lead, a role that will strengthen our efforts to ensure robust software security across our nation’s critical systems.
Litigation, Investigation, and Law Enforcement
Capita boss quits as potential fine looms for huge hack of confidential data (the Guardian) Jon Lewis, the chief executive, is to step down as troubled outsourcing firm reels from March cyber-attack
Capita calls in Amazon man after devastating cyber attack (Telegraph) Current boss Jon Lewis to help with leadership transition over the coming year
California privacy regulator’s first case: Probing connected cars (Washington Post) Modern cars are computers filled with data, with few clear manufacturer policies on what happens to it
German data watchdog probing Worldcoin crypto project, official says (Reuters) A German data watchdog has been investigating OpenAI CEO Sam Altman's Worldcoin project since late last year due to concerns over its large-scale processing of sensitive biometric data, the regulator's president told Reuters.
Worldcoin: a solution in search of its problem (Molly White) Worldcoin doesn't seem to know what problem it's trying to solve, but they want to scan your eyeballs anyway.
Australia's prime minister stands firm against the US on WikiLeaks founder's prosecution (AP News) Australian Prime Minister Anthony Albanese said his government is standing firm against the United States over the prosecution of WikiLeaks founder Julian Assange.
'Never designed to protect the data of the students': Arizona homeland security agency investigating school voucher transaction data breach (12news.com) Gov. Hobbs demanded answers from School Superintendent Horne after a report of the breach two weeks ago. Horne's staff didn't disclose it at the time.
Musk threatens independent CCDH researchers with legal action (Computing) Lawyers representing the troubled social media platform says researchers documenting a rise in hate speech on the platform are driving users away
