Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+526: The drone war at week's end. (CyberWire) Russia and Ukraine continue to exchange drone strikes. Russian attacks have concentrated on grain ports and cultural sites. Ukraine's operations have been directed against Russian government offices, lines of communication, and warships. The cyber phases of the war continue to feature nuisance attacks and espionage.
Russia-Ukraine war: List of key events, day 527 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 527th day.
Russia-Ukraine war at a glance: what we know on day 527 of the invasion (the Guardian) Ukraine claims to have incapacitated a ship in Russia’s Black Sea fleet ; Russian defence minister pictured visiting troops inside occupied Ukraine
Ukrainian Drone Attack On Russian Black Sea Base Damages Warship, Intelligence Sources Say (RadioFreeEurope/RadioLiberty) A Ukrainian naval drone carrying 450 kilograms of TNT struck the Russian Navy base at Novorossiisk in the Black Sea, causing extensive damage to a Russian warship docked there, sources in the Ukrainian Security Service (SBU) told RFE/RL.
Russia-Ukraine war live: Kyiv claims to have put a Russian Black Sea ship out of action (the Guardian) Moscow has confirmed Ukrainian sea drones attacked a navy base near the Black Sea port of Novorossiysk
Russian Warship Damaged in Ukrainian Drone Attack (New York Times) Moscow said Ukraine used drones to strike Novorossiysk, a Black Sea naval and shipping hub, and a port in occupied Crimea.
Russian warship damaged in Ukrainian attack on Novorossiysk naval base, sources say (Reuters) A Russian warship was seriously damaged in an overnight Ukrainian naval drone attack on Russia's Black Sea navy base at Novorossiysk, two sources said on Friday, after Russia said it had fended off the attack.
Ukrainian official says drones hit naval ship in Russian port. It's the latest attack inside Russia (AP News) Ukrainian sea drones have attacked a major Russian port on the Black Sea, damaging a naval ship. That's according to a Ukrainian official who spoke on condition of anonymity.
Ukraine-Russia war live: Russia shoots down drones heading to Moscow (The Telegraph) Russia has said that it downed six drones in the Kaluga region, less than 125 miles from Moscow, amid a surge in such attacks targeting the capital.
Russian shelling hits a landmark church in the Ukrainian city of Kherson (AP News) Russian shelling has damaged a landmark church in the southern Ukrainian city of Kherson that held the remains of Prince Grigory Potemkin until last year.
Russia is targeting Ukrainian national identity with attacks on heritage sites (Atlantic Council) The Russian bombing of Odesa's main Orthodox church in July was the latest in long line of attacks on Ukrainian heritage sites that indicate a deliberate campaign to erase Ukrainian cultural identity, writes Mercedes Sapuppo.
Russia's Activities Near Romania and Poland Risk Sparking Another NATO Crisis | RANE (Stratfor) In Romania's case, Russian aggression is more likely to occur by accident. But in Poland, such aggression would have higher chance of escalation because it'd likely be by design.
Ukraine says it launched July attack on bridge to Crimea (BBC News) The July attack led Moscow to restrict the passage of ships through and flights over the Kerch Strait.
Ukraine’s offensive inches forward in search of a breakthrough (Washington Post) Intense fighting raged in southeastern Ukraine this week as Kyiv continued a major push to reclaim territory with a fresh injection of Western-trained and -equipped troops but no sign yet of a major breakthrough.
Ukraine says density of Russian mines is 'insane' as it plays down counteroffensive expectations (CNN) A week after US officials said Ukraine was deploying extra troops to its counteroffensive, movement is limited on the southern front lines with fighting concentrated in two parts of Zaporizhzhia region, according to available videos and statements from official sources.
How the Ukraine Counteroffensive Can Still Succeed (Time) The Ukrainian counteroffensive is going slow, but success is still possible
Russian Orthodox leader Patriarch Kirill’s unholy war against Ukraine (Atlantic Council) Russia's Unholy War: Russian Orthodox Church leader Patriarch Kirill has provided the ideological justification for Vladimir Putin's invasion of Ukraine and Russian efforts to eliminate Ukrainian national identity.
The Unpredictable Dictators (Foreign Affairs) Why it’s so hard to forecast authoritarian aggression.
Most Russian contract soldiers try not to get to frontline: Ukraine intelligence (Al Arabiya English) The majority of contract soldiers in Russia are trying to avoid going to the front line in Ukraine, the Ukrainian Defense Intelligence said on
Russia is resorting to desperate measures to recruit soldiers (The Economist) Trickery and coercion are the Kremlin’s methods
Russia targets neighbour Kazakhstan with army recruitment ads (Reuters) Advertisements offering an immediate payment of over $5,000 for joining the Russian army have began popping up on the screens of Kazakh internet users amid the escalating Ukrainian conflict.
White House says top Russian official pitched North Korea on increasing sale of munitions to Moscow (AP News) The White House says U.S. intelligence officials have determined that Russian Defense Minister Sergei Shoigu has made a pitch to North Korean officials to increase the sale of munitions to Moscow.
Can India Bring Russia and Ukraine to the Table? (Foreign Affairs) What New Delhi's diplomacy can and cannot achieve.
The Week In Russia: Off-Ramps And Obsessions (RadioFreeEurope/RadioLiberty) Putin says he’s not against negotiations for peace in Ukraine. Analysts say that, despite setbacks in the more than 17 months since he launched Russia’s large-scale invasion, he is still bent on “destroying and subordinating” that country and determined to “redraw the world map.”
EU Extends Sanctions On Belarus Over Its Support For Russia's War In Ukraine (RadioFreeEurope/RadioLiberty) The European Union announced on August 3 the extension of sanctions against Belarus due to its support for Russia's aggression against Ukraine.
Georgia Bans Export, Reexport Of Cars From U.S., EU To Russia And Belarus (RadioFreeEurope/RadioLiberty) Georgia's Finance Ministry on August 2 said the exporting and reexporting of U.S. cars to Russia and Belarus was banned as of August 1.
Bilyana Lilly on how cybersecurity assistance to Ukraine has helped thwart Russian cyberattacks (CyberScoop) Writer and researcher Bilyana Lilly
Microsoft says Russia-linked hackers behind dozens of Teams phishing attacks (Reuters) A Russian government-linked hacking group took aim at dozens of global organizations with a campaign to steal login credentials by engaging users in Microsoft Teams chats pretending to be from technical support, Microsoft researchers said on Wednesday.
Russian APT29 conducts phishing attacks through Microsoft Teams (Security Affairs) Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. Microsoft Threat Intelligence reported that Russia-linked cyberespionage group APT29 (aka SVR group, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) carried out Microsoft Teams phishing attacks aimed at dozens of organizations and government agencies worldwide. APT29 along with APT28 cyber espionage group was involved in […]
Ukraine's invisible battle to jam Russian weapons (BBC News) Ukrainian and Russian electronic warfare units are trying to gain the upper hand on the battlefield.
How Ukraine’s cyberwarriors are upending everyday life in Russia (Times) From milk supplies to trains and the weather forecast, a civilian army of IT experts delight in sowing chaos
Nato’s cybersecurity chief: “We’re always on the back foot in cyber defence” (New Statesman) Ian West, head of Nato’s Cyber Security Centre, on AI, Ukraine and tackling a billion “suspicious events” a day.
Attacks, Threats, and Vulnerabilities
CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 | CISA (Cybersecurity and Infrastructure Security Agency CISA) The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners are releasing a joint Cybersecurity Advisory (CSA), 2022 Top Routinely Exploited Vulnerabilities.
CISA, NSA, FBI and International Partners Issue Advisory on the Top Routinely Exploited Vu (National Security Agency/Central Security Service) The “2022 Top Routinely Exploited Vulnerabilities” CSA provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors who continue targeting
2022 Top Routinely Exploited Vulnerabilities (Cybersecurity and Infrastructure Security Agency CISA) The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA):
WSJ News Exclusive | Software Maker Ivanti Discovered Second Security Flaw Days After First One Was Found (Wall Street Journal) Officials in the U.S. and Norway suspect the ‘zero-day’ vulnerabilities have been exploited by state-sponsored hackers.
EXCLUSIVE: Hacking tool Flipper Zero is being tracked by intelligence agencies, who fear white nationalists may deploy it against power grid (The Daily Dot) The NYPS is keeping tabs on the Flipper Zero hacking tool and has expressed concern over its potential use by extremists.
A U.S. National Strategy Is Needed to Counter Violent Extremism (RAND) Users in the United States are overwhelmingly responsible for racially and ethnically motivated violent extremism (REMVE) discourse online. Strategies that focus on organizations or individuals likely will not work to counter REMVE because the movement is diffuse and leaderless.
Dozens of RCE Vulnerabilities Impact Milesight Industrial Router (SecurityWeek) Dozens of critical and high-severity vulnerabilities in the Milesight UR32L industrial router leading to code execution
Ransomware Roundup - DoDo and Proton (Fortinet Blog) FortiGuard Labs investigates DoDo and Proton ransomware and how their distribution methods have the potential to affect users around the world. Learn more.…
The Double Extortion Group, 8Base (Avertium) Meet 8Base, a stealthy ransomware group that evaded detection for over a year, only to resurface with an alarming surge in operations during May & June '23.
Hacktivist Collective “Mysterious Team Bangladesh” Revealed (Infosecurity Magazine) Group-IB said the group carried out 750 DDoS attacks and more than 70 website defacements in a year
Bangladesh hacktivists target critical infrastructure in India, Israel, and Australia (Cybernews) The Mysterious Team Bangladesh hacktivist gang carried out over 750 DDoS attacks within a year driven by religious and political reasons, a report shows.
Hacktivism is back because it never went away (Register) Mysterious Team Bangladesh has carried out 846 attacks since June 2022, mostly DDoS
Cyber Signals: Sporting events and venues draw cyberthreats at increasing rates (Microsoft Security) Today we released the fifth edition of Cyber Signals, spotlighting threats to large venues, and sporting and entertainment events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World Cup 2022™.
Tunnel Vision: CloudflareD AbuseD in the WilD (GuidePoint Security) Across the cybersecurity community, defenders are constantly finding threat actors using novel and innovative techniques to further their exploitation efforts against target networks. Lately, some Threat Actors (TAs) have pivoted to using legitimate tools that defenders may see utilized more commonly in their networks, decreasing the chance of detection by traditional anti-virus, EDR, and other defensive processes.
VMConnect: Malicious PyPI packages imitate popular open source modules (ReversingLabs) ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo.
New Rilide Stealer Version Targets Banking Data and Works Around Google Chrome Manifest V3 (Trustwave) Trustwave SpiderLabs discovered a new version of the Rilide Stealer extension targeting Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera.
Fortra battles misuse of its cyber security tools (Blocks and Files) The Fortra GoAnywhere file transfer product and unsupported versions of Cobalt Strike have been manipulated into malware delivery channels.
Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market (Rapid7) In a post-pandemic landscape, the interconnectedness of cybersecurity is front and center.
New Medical Health Care Devices Report (Rapid7) Rapid7’s research team uncovers more than 13 commercially available medical infusion pumps discovering serious deficiencies in security processes. Download Now!
Top Industries Significantly Impacted by Illicit Telegram Networks (The Hacker News) Concerned about the rise of illicit activities on messaging platforms? Telegram has become a hub for malicious actors engaged in cybercrime.
Collaboration Security: risks and realities of the modern work surface (Mimecast) The continued rise in the use of collaboration tools provides a new threat surface for cybercriminals to infiltrate.
Cyberattack suspected in computer system outage for Eastern Connecticut Health Network, Waterbury HEALTH (NBC Connecticut) Computer systems are down for the Eastern Connecticut Health Network and Waterbury HEALTH Thursday and ECHN said they believe there was a cyberattack. ECHN is diverting patients from its hospital emergency rooms while Waterbury Hospital is using paper records during the outage. A message on the ECHN website says all Prospect Medical Holdings facilities are experiencing IT complications, which are…
Tenable CEO accuses Microsoft of negligence in addressing security flaw (CyberScoop) Cybersecurity veteran Amit Yoran says Microsoft has a culture of toxic obfuscation when it comes to addressing security threats.
Microsoft comes under blistering criticism for “grossly irresponsible” security (Ars Technica) Azure looks like a house of cards collapsing under the weight of exploits and vulnerabilities.
CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM, formerly MobileIron Core) vulnerability, tracked as CVE-2023-35081, to its Known Exploited Vulnerabilities Catalog. “The Cybersecurity and Infrastructure Security […]
Security Patches, Mitigations, and Software Updates
CISA Releases Five Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-215-01 Mitsubishi Electric GOT2000 and GOT SIMPLE
ICSA-23-215-02 Mitsubishi Electric GT and GOT Series Products
ICSA-23-215-03 TEL-STER TelWin SCADA WebInterface
ICSA-23-215-04 Sensormatic Electronics VideoEdge
ICSA-23-208-03 Mitsubishi Electric CNC Series
Google is making it easier to remove your private information from Search (Engadget) Google is making it easier for people to request the removal of their phone number, home address and email from search results.
Trends
BlackBerry Global Threat Intelligence Report — August 2023 Edition (BlackBerry) This report by the BlackBerry Threat Research and Intelligence team provides the latest actionable and contextualized cyber intelligence to increase cyber resilience.
Cyberattacks on governments and public services were way up this spring, research shows (Record) Cyberattacks on governments and public entities worldwide surged by 40% from March to May compared to the previous quarter, according to researchers at the cybersecurity firm BlackBerry.
New Survey Reveals Majority of Organizations Still Using Phishable Multifactor Methods for Customer Authentication (Benzinga) Nok Nok and Enterprise Strategy Group today released the findings of a comprehensive survey on the state of passwords.
"They need us. We don't need them:" The fall of Twitter is making the trolls and grifters desperate (Salon) The business model depends on "triggering" liberals — but they're running out of progressives to bait
Marketplace
Cybersecurity Snapshot (May 2023) (Momentum Cyber) We are pleased to provide you with Momentum’s Cybersecurity Market Review for 1H 2023. Strategic Activity in 1H 2023 included 553 transactions totaling $14.0B in deal value across M&A (130 transactions, $8.8B) and Financing (423 transactions, $5.2B).
‘Tidal Wave’ of Down Rounds Hits Startups (The Information) Turntide Technologies, a maker of electric motor systems backed by Bill Gates–founded Breakthrough Energy Ventures, was one of the more than 300 private companies that passed the $1 billion valuation threshold last year, putting it firmly into unicorn status. It’s not worth close to that ...
Jericho Security Raises $3 Million for Awareness Training Powered by Generative AI (SecurityWeek) Jericho Security raises $3 million in a pre-seed funding round to help organizations defend against generative AI-powered phishing attacks.
Deloitte acquires cyber security specialist ParaFlare (Accountants Daily) Seven-year-old start-up brings team of 80 and a “unique approach” to digital defence. Deloitte Australia has acquired cyber security specialist ParaFlare to bolster its digital defence capability
Pindrop Bolsters Executive Team to Help Companies Protect Against Escalating Fraud Attacks As AI Voice Cloning Threats Rise (Pindrop) Former Bandwidth CFO Jeff Hoffman and former Palo Alto Networks SVP Rahul Sood join Pindrop to support product development, strategic planning, and company growth ATLANTA – August 3, 2023 – Pindrop, a global leader in voice security and authentication, today announced the addition of two accomplished executives to its C-Suite. Jeff Hoffman joins the company […]
Twenty-Six Year, IBM Executive Sherri Thomas, Joins Camelot Secure As Chief Revenue Officer, To Propel Growth And Innovation | Camelot Secure (Camelot Secure) Camelot Secure (Camelot), a revolutionary new cybersecurity company, today announced the appointment of Sherri Thomas as Chief Revenue Officer. With over 26 years of distinguished service at IBM, Thomas’ accepting this position underscores the industry’s growing rumors that Camelot is on the verge of launching truly unique cybersecurity services.
Products, Services, and Solutions
Threat Intelligence with Breach and Attack Simulation (SafeBreach) Combining threat intelligence with breach and attack simulation provides the context needed to identify and remediate threats quickly.
The Valence SaaS Security Platform is now available in the Microsoft Azure Marketplace (GlobeNewswire News Room) Microsoft Azure customers worldwide now gain access to Valence Security to take advantage of the scalability, reliability and agility of Azure to drive...
Security Tools for Containers, Kubernetes, and Cloud (Sysdig) See all vulnerabilies, configuration issues, and suspicious activity with Sysdig's unified cloud and container security tools platform.
BlueVoyant and AVANT Join Forces (BlueVoyant) BlueVoyant today announced a strategic partnership with AVANT, a premier technology distributor and channel sales enablement company.
The Chertoff Group Launches Partnership with Tidal Cyber to Deliver Threat-Informed Defense as a Managed Service (GlobeNewswire News Room) The Chertoff Group and Tidal Cyber today announced a joint offering to deliver threat-informed...
Onyxia Cyber Unveils AI-Powered Cybersecurity Performance Management Platform, Enabling Proactive Risk Management (PR Newswire) Onyxia Cyber ("Onyxia") today unveiled the first AI-powered Cybersecurity Performance Management (CPM) platform, a vital management platform...
Pathlock Recognized as a Leader in Two KuppingerCole Industry Reports Highlighting Leadership in Access Control Solutions for Business Applications (PR Newswire) Pathlock, the leading provider of application governance, risk and compliance, announced the company was prominently featured in two...
Contrast Security Releases Assess Feature for LLMs to Protect Against AI Security Threats (Contrast Security) The code security leader has introduced a new capability within its Secure Code Platform to address prompt injection, the top entry of the OWASP Top 10 for LLMs.
Chillisoft recruits Exabeam to advance security operations (Reseller) Partnership aims to help solve integration-related cybersecurity challenges faced by New Zealand customers.
Kinetic Business Launches All-In-One Security Solution to Protect Businesses from Cyberthreats (The Bakersfield Californian) Kinetic Business, a leading network technology provider, has launched a new cybersecurity product, Managed Detection and Response (MDR), designed exclusively for business customers. The all-in-one security solution protects business data, network, applications, and users from evolving and sophisticated cyber threats.
Deloitte and Palo Alto Networks Expand Their Strategic Alliance With New SSDL Offering (PR Newswire) Deloitte, a leader in global security consulting services, and Palo Alto Networks, the global cybersecurity leader, have announced a new...
Introducing the Keeper Influencer Program: Empowering Cybersecurity Advocates Worldwide (PR Newswire) Keeper Security, the leading provider of cloud-based zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets,...
Fastly Deploys Industry-Leading Threat Intelligence Capabilities to Publish Network Effect Threat Report (Business Wire) Fastly’s security platform provides preemptive protection and convenience to security customers, featuring real-time IP reputation intelligence. Report insights cover a variety of industries, attack patterns, and trending techniques.
Upwork Deploys Calico Enterprise to Achieve Zero-Trust Security (PR Newswire) Tigera, provider of the industry's only active security platform for containers and Kubernetes, today announced that Upwork, the world's work...
New Virtual I-9 Document Review Service Coming Soon from Sterling and ID.me (Yahoo Finance) Employers Will Have a Secure, Modernized Solution for Remote I-9 Document Review
Technologies, Techniques, and Standards
Qualys Announces Ground-Breaking First-Party Software Risk Management Solution (PR Newswire) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced it...
Cyber Incident Response Plan Template | ManagedMethods (ManagedMethods) Our comprehensive incident response template provides a structured framework, guiding you through incident identification, containment, eradication, and recovery.
Legislation, Policy, and Regulation
China calls on all citizens to spy on their neighbour (The Telegraph) Secretive security service says people need to be vigilant to form a 'line of defence' against foreign espionage
An Internet Shutdown Means Manipur Is Burning in the Dark (WIRED) Since May 4, the Indian government has shut off the internet in Manipur, giving cover to murders, rapes, and arson.
The Lose-Lose-Lose-Lose Bill C-18 Outcome: Meta Blocking News Links on Facebook and Instagram in Canada (Michael Geist) For months, supporters of Bill C-18, the Online News Act, assured the government that Meta and Google were bluffing when they warned that a bill based on mandated payments for links was unworkable and they would comply with it by removing links to news from their platforms. However, what has been readily apparent for months became reality yesterday: Meta is now actively blocking news links and sharing on its Facebook and Instagram platforms.
‘Disaster’: warning for democracy as experts condemn Meta over Canada news ban (the Guardian) Retaliatory move against Online News Act is ‘epic miscalculation’ that will promote spread of misinformation, analysts say
Pentagon CIO pushes defense agencies to tap $9 billion cloud contract (Defense News) The Pentagon in December 2022 selected Amazon, Google, Microsoft and Oracle for its Joint Warfighting Cloud Capability, or JWCC.
Here’s how the Army is reorganizing its network, cyberops offices (Breaking Defense) No current contracts, awards, jobs or physical moves are being affected by the PEOs restructuring, an Army spokesman said, but the reorg aims to streamline technical capabilities.
Litigation, Investigation, and Law Enforcement
US navy sailors arrested on charges of passing sensitive material to China (the Guardian) Jinchao Wei, 22, and Wenheng Zhao, 26, accused in separate cases of ‘violating commitments they made to protect the United States’
FCC fines robocaller a record $300M after blocking billions of their scam calls (TechCrunch) The FCC ordered a record $300 million forfeiture, but whether and when that money will be paid is, as always, something of an open question.
Tech Entrepreneur Admits to Being Hacker in $4.5 Billion Bitcoin Heist (Wall Street Journal) Ilya Lichtenstein, who pleaded guilty to laundering stolen digital currency, made an unexpected admission in court that he was behind the Bitfinex hack.
‘Crypto couple’ pleads guilty to money laundering, as husband admits to carrying out Bitfinex hack (Record) A New York man in court for laundering the proceeds of a 2016 heist on the Bitfinex cryptocurrency platform admitted to carrying out the hack himself, a twist in a case that has beguiled investigators.