Dateline Moscow and Kyiv: Hacktivists and a postwar future.
Ukraine at D+334: Rushing to the battlefield. (CyberWire) Local fighting continues along relatively static lines, as Ukraine awaits tanks and more artillery, and as Russia feeds newly mobilized troops to the front.
Russia-Ukraine war: List of key events, day 335 (Al Jazeera) As the Russia-Ukraine war enters its 335th day, we take a look at the main developments.
Official Details Situation in Ukraine (U.S. Department of Defense) A senior military official discussed the current situation in Ukraine and detailed the results of the eighth meeting of the Ukraine Defense Contact Group during a background briefing.
Ukraine-Russia war latest: Start training on Leopard tanks, Germany tells Ukraine forces (The Telegraph) Kyiv's allies can start training Ukrainian forces to use Leopard 2 battle tanks, Germany has said, raising hopes of a breakthrough in deliveries of the vehicles.
German government split as Olaf Scholz overrules own foreign minister over Leopard tanks (The Telegraph) Berlin had said it would not stop Poland re-exporting tanks to Ukraine, but the chancellor has since dismissed the remark
Poland continues talk of a Leopard 2 ‘alliance,’ even without Germany (Defense News) Warsaw increases the pressure on Berlin about Leopard 2 deliveries to Ukraine.
Ukraine-Russia war latest: Germany poised to back down on tank deliveries (The Telegraph) Germany appeared poised to back down in the row over sending Leopard 2 tanks to Ukraine on Monday, signalling its willingness to let Nato allies re-export their own, writes Joe Barnes.
Ukrainian troops could fight with Leopard 2s by early spring: Experts (Breaking Defense) Poland has offered to train Ukrainians on its soil using its own Leopards, bypassing Berlin’s reluctance to allow allies to send the heavy tanks to Ukraine. But delivering 300 battle-ready Leopard 2s will not be simple.
Can Germany Be a Great Military Power Again? (New York Times) Leery of Russian aggression, Europe’s economic giant is making a historic attempt to revitalize its armed forces. It has a long way to go.
Italy confirms Samp-T missile-defense donation to Ukraine (Defense News) The Rome government is teaming with fellow weapon user France to send the system to Ukraine, as Russian missiles and drones batter civilian infrastructure.
Russia, Estonia expel ambassadors amid 'destroyed' relations (AP NEWS) Russia and Estonia on Monday were expelling the ambassadors from each other's countries in a tit-for-tat move, saying that their diplomatic missions will be headed by charges d'affaires as relations between the countries sank to a new low over Ukraine.
To Defend Civilization, Defeat Russia (The Atlantic) Ukraine needs any weapon its troops can learn to use, including tanks, to hold the line on the international order and the world’s safety.
Why the world needs Ukrainian victory (Substack) Why does the world need a Ukrainian victory? Fifteen reasons...
Will Ukraine Wind Up Making Territorial Concessions to Russia? (Foreign Affairs) A groups of experts weighs in on whether the most likely outcome to the war in Ukraine will involve Kyiv making some territorial concessions to Russia.
UK reveals capture of Russian equipment, instructs industry to develop new countermeasures (Breaking Defense) The official, who spoke on the condition of anonymity, declined to discuss which specific systems have been captured and passed over to intelligence groups and industry, but the revelation provides new evidence of the ways in which the UK is actively gaining first-hand insight to Kremlin technologies.
Boris Johnson: Ukraine must join Nato for sake of long-term peace (the Guardian) Former prime minister warns of Russian ‘counter-punch’ and criticises US and Germany for tank delays
Opinion NATO is more unified than ever. But what about those tanks? (Washington Post) The impressive unity of the Western alliance against Russian aggression has been marred in recent days by an ugly and unnecessary spat over whether Germany will send tanks to Ukraine. But while that dispute needs to be resolved pronto, it should not detract from the Biden administration’s success in keeping a large group of allies marching largely in lockstep.
How Georgia and Ukraine Are Bolstering Their Chances to Join NATO (Wilson Center) Last year, Finland and Sweden submitted formal requests to join NATO. Following a review of their official letters, NATO Secretary General Jens Stoltenberg and the NATO Heads of State and Government extended an invitation to the two Nordic countries to join the Alliance.
Volodymyr Zelensky hints at slew of ministerial sackings amid corruption scandals (The Telegraph) Ukrainian president diverts speech from war effort to promise ‘justice’ at home, after claims of bribery and fraud
The West’s answer to Wagner: Inside the elite private militaries on the ground in Ukraine (The Telegraph) The Mozart Group is just one of the veteran-led groups ‘assisting’ on the front line. But is crowdfunding soldiers really a good idea?
Hacktivism Is a Risky Career Path (WIRED) The IT Army of Ukraine saw a huge influx of first-time hackers. But what happens to them after the war?
Audacious Breach of FBI Databases Exposes Agents (Security Intelligence) Recently, two major breaches of FBI databases and Infragard have created concerns about the organization's data security.
Ukraine gets closer to NATO with cybersecurity pact (Register) 'Now Russia will have to play defense'
Ukraine and Finland to cooperate in digitalization and digital resilience | odessa-journal.com (Odessa Journal) The Ministry of Digital Transformation of Ukraine and the Ministry of Transport and Communications of Finland have signed a memorandum on digital
Germany Cut Russian Gas and Kept the Lights on This Winter. Now What? (World Politics Review) Since Russia invaded Ukraine, Germany has slowly weened itself off Russian gas, replacing it with nuclear power and LNG from elsewhere.
US Confronts China Over Companies’ Ties to Russian War Effort (Bloomberg) Biden team sees evidence of non-lethal aid going to Russia. US raised concerns with Beijing as PRC companies step up help.
Will India Ditch Russia? (Foreign Affairs) Debating the future of an old friendship.
Leader Of Group Of Mothers And Wives Of Russian Soldiers Detained En Route To Moscow (RadioFreeEurope/RadioLiberty) Olga Tsukanova, the leader of the Council of Mothers and Wives of Russian Soldiers, was detained at the airport in the city of Samara on January 22.
‘We are asking for forgiveness that we know we will never receive': In Russia, people are bringing flowers to monuments of Ukrainians (Global Voices) In at least 17 cities of Russia, people are bringing flowers and photos of the destroyed house in Dnipro, Ukraine, hit by a Russian missile on January 14, 2023, to spontaneous memorials.
Former Wagner fighter fears deportation from Norway. Human rights group believes sending him to Russia would lead to another ‘brutal killing.’ (Meduza) The former Wagner Group commander Andrey Medvedev, who is now seeking asylum in Norway, has been moved to a migrant detention center and fears an imminent deportation to Russia. According to the human-rights advocate Vladimir Osechkin, sending Medvedev back to Russia would almost inevitably lead to another “brutal killing” by the Wagner Group.
Ukrainian court sentences Kherson woman to 5 years for helping organize pro-Russian sham ‘referendum’ (Meduza) A Ukrainian court has issued the first verdict in a wartime collaboration case, sentencing a woman from the Kherson region to five years in prison for helping organize a “referendum on joining Russia.”
Attacks, Threats, and Vulnerabilities
DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation (SentinelOne) A cluster of attacks uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.
Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats (Unit 42) We observed a recent spate of supply chain attacks attempting to exploit CVE-2021-35394, affecting IoT devices with chipsets made by Realtek.
Technical Advisory: Proxy*Hell Exploit Chains in the Wild (Bitdefender) In November 2022, Bitdefender Labs noticed an increase in attacks using ProxyNotShell exploits targeting on-premesis Microsoft Exchange deployments.
Japanese Train Company Shows Need for Multilingual NLU (Safeguard Cyber) The phishing campaign impersonates Ekinet, a Japanese based organization that is used to reserve train tickets. Learn more from this blog.
FBI Confirms Lazarus Group, APT38 Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft (Federal Bureau of Investigation) Through an investigation, the FBI was able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge reported on June 24, 2022.
A Major App Flaw Exposed the Data of Millions of Indian Students (WIRED) A mandatory app exposed the personal information of students and teachers across the country for over a year.
QR Code Phishing Attempts to Steal Credentials from Chinese Language Users (Fortinet Blog) FortiGuard Labs recently discovered a phishing campaign using a variety of QR codes to target Chinese language users. It aims to steal credentials by luring users into entering their data into a ph…
T-Mobile's latest customer data breach wasn't a "hack" (The Desk) There's a pretty big part of the latest T-Mobile security breach that journalists are getting wrong.
CISA Adds One Known Exploited Vulnerability to Catalog (CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.
Hybrid play: Leveling the playing field in online video gaming and beyond (WeLiveSecurity) Does VALORANT’s approach to cheating signal a turning point in how we deal with the continued hacks afflicting our hybrid world of work and play?
Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks (The Hacker News) New findings indicate that the Sliver C2 framework is gaining popularity among threat actors as a versatile alternative to traditional C2 tools.
Sliver C2 Leveraged by Many Threat Actors (Cybereason) Threat Research: Sliver C2 gets more and more traction from Threat Actors, often seen as an alternative from Cobalt Striker.
Royal Mail overseas parcels ban 'costing me hundreds of pounds' (BBC News) Small businesses are still unable to send new parcels overseas two weeks after the Royal Mail cyber-attack.
Arnold Clark threatened by hackers following cyber attack (Motor Trader) Arnold Clark is being reportedly ransomed by international hacking ring Play. This follows the cyber attack on the company over the festive period, in whic
Companies Impacted by Recent Mailchimp Breach Start Notifying Customers (SecurityWeek) Mailchimp data breach victims include WooCommerce, FanDuel, Yuga Labs and the Solana Foundation
CertifID Partners with Federal Law Enforcement to Issue a Security Advisory on Vacant Property Fraud (Business Wire) CertifID Inc., a leader in wire fraud protection, has collaborated with federal law enforcement to issue an advisory on the latest wire fraud threat t
'GodMode' access is still a problem at Twitter, another whistleblower alleges (Washington Post) More allegations bubble up about Twitter’s ‘GodMode’ cyber problems
Security Patches, Mitigations, and Software Updates
Apple Patches WebKit Code Execution Flaws (SecurityWeek) Apple rolls out patches to cover numerous serious security vulnerabilities affecting users of its flagship iOS and macOS platforms.
Trends
Brand Phishing report – Q4 2022 (Check Point Software) Summary Following a significant phishing campaign in the previous quarter, Yahoo became the top brand impersonated in phishing attacks in Q4 2022,
More Than Half of Organizations Have Experienced an Insider Threat in the Past Year According to 2023 Insider Threat Report (Business Wire) More Than Half of Organizations Have Experienced an Insider Threat in the Past Year According to 2023 Insider Threat Report
2023 Insider Threat Report (Gurucul) The 2023 Insider Threat Report surveyed over 326 cybersecurity professionals to reveal the latest trends and challenges facing organizations in this changing environment. The report explores how IT and cybersecurity professionals adapt to better deal with risky insiders and how organizations are preparing to better protect their critical data and IT infrastructure.
Marketplace
Microsoft Invests $10 Billion in ChatGPT Maker OpenAI (Bloomberg) Microsoft Corp. is investing $10 billion in OpenAI, whose artificial intelligence tool ChatGPT has lit up the internet since its introduction in November, amassing more than a million users within days and touching off a fresh debate over the role of AI in the workplace.
Microsoft Invests Billions in ChatGPT-maker OpenAI (SecurityWeek) Microsoft it is making a “multiyear, multibillion dollar investment” in the artificial intelligence startup OpenAI, maker of ChatGPT and other AI tools.
Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction (SecurityWeek) Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.
Thoma Bravo, Vista Circle Sumo Logic (The Information) Private equity firms including Thoma Bravo, Vista Equity Partners and Francisco Partners have approached data analytics software company Sumo Logic expressing interest in a possible acquisition, according to a person familiar with the matter. This adds Sumo to the current list of possible ...
What Makes Sumo Logic an Appealing Target for Private Equity (GovInfoSecurity) Thoma Bravo, Vista Equity Partners and rival Francisco Partners have set their sights on a new target: Sumo Logic. Each of the three private equity firms has approached the Silicon Valley-based data analytics software vendor expressing interest in a possible acquisition, The Information reports.
ISRAEL : Former NSO cyber experts reunite in new startup Bold, backed by Israeli businessman Shlomi Fogel (Intelligence Online) In the wake of NSO Group's Pegasus woes, a number of the firm's cyberintelligence veterans have been snapped up by Bold, a startup supported by Israeli real estate magnate Shlomi Fogel, the CEO of
Forward Networks Raises $50M in Series D Funding, Achieves 139% Year-over-Year Growth (PR Newswire) Forward Networks announced today that it has secured $50M in Series D funding from top-tier venture capital firms. The company provides unique...
Snyk Secures Strategic Investment from ServiceNow to Accelerate Enterprise DevSecOps Transformation (GlobeNewswire News Room) New Integration Enhances ServiceNow Vulnerability Response Solution, Allowing Global Enterprises to Find and Fix Security Issues Fast...
CYGNVS™ Launches First-Ever Guided Platform for Cyber Crisis Preparedness and Response Management (Business Wire) CYGNVS Inc. today emerged from stealth backed by $55 million in series A funding and unveiled its pioneering guided cyber crisis platform purpose-buil
The loneliness of leading a cybersecurity startup (Help Net Security) Leading a cybersecurity startup is one of the loneliest jobs in the world. It takes mental fortitude to persevere when the buck stops at you.
Garda World Security Corporation Announces Offering of US$350 Million Senior Secured Notes due 2028 (PR Newswire) Garda World Security Corporation (the "Company" or "GardaWorld") announced today the commencement of a private offering of US$350 million...
NSA awards $284M cybersecurity services contract to CACI (FedScoop) The contract focuses on modernizing the agency's cyber engineering practices as the pace and scope of cybersecurity threats within the government increases.
NOAA Looks to Industry Support to Boost its Cybersecurity Efforts (Nextgov.com) The agency is looking for a contractor to provide 24/7 support to detect and monitor cybersecurity threats.
CRN Names Versa Networks One of 10 Hot Edge Computing Companies to Watch in 2023 (Business Wire) Versa Networks, the recognized leader of single-vendor Unified Secure Access Service Edge (SASE), today announced that CRN®, a brand of The Channel Co
Gemini is Laying Off More Staff, Citing ‘Bad Actors’ in Crypto Industry (The Information) Gemini, the crypto startup whose customers have beencaught up in the Genesis bankruptcy, is laying off 10% of staff, according to an internal message viewed by The Information. It’s at least the third round of cuts at Gemini in the past eight months. Gemini President Cameron Winklevoss informed ...
Seraphic Bolsters Leadership Team with Addition of Christof Baumgärtner as Chief Revenue Officer (Business Wire) Seraphic Security today announced the appointment of Christof Baumgärtner as Chief Revenue Officer. In this role, Baumgärtner will be overseeing busin
Booz Allen Appoints Rory P. Read to Board of Directors (Business Wire) Booz Allen announced today it has appointed Rory P. Read to the Board of Directors.
Trinity Cyber Appoints John Fraser to Lead Federal Sales (PR Newswire) Trinity Cyber, Inc., a technology innovator that is providing groundbreaking network security, today announced the appointment of John Fraser...
Cloud Visionary, CSPM Pioneer Chen Burshan Joins Skyhawk Security as CEO (GlobeNewswire News Room) Former GM and Site Manager for Israel at Dome9, acquired by Check Point Software, brings deep cloud security domain expertise to the role...
FireTail Names Timo Rüppell as Vice President of Product (Business Wire) API security company FireTail welcomes Timo Rüppell as Vice President of Product, and has opened a new office in Helsinki, Finland.
Products, Services, and Solutions
Nozomi Networks Innovates to Deliver the Industry’s First OT and IoT Endpoint Security Sensor (Nozomi Networks) Nozomi Networks Innovates to Deliver the Industry’s First OT and IoT Endpoint Security Sensor – press release from Nozomi Networks
Arctic Wolf Boosts Cyber Incident Response With New Offering For Partners (CRN) Arctic Wolf announced its Incident Response JumpStart Retainer, which will enable partners to assure customers that cyber incidents such as ransomware will get a fast response from an IR team.
Skyhawk Security Launches Platform to Detect Cloud Infrastructure Threats at Runtime, Eliminating Alert Fatigue (GlobeNewswire News Room) Synthesis Security Platform's comprehensive runtime protection of cloud infrastructure moves beyond basic misconfigurations, detecting when inadequate...
Data Theorem’s Leading Software Supply Chain Security Solution Wins 2022 CyberSecured Award for Attack Surface Management (Business Wire) Data Theorem, Inc., a leading provider of modern application security, today announced that its industry-leading Supply Chain Secure solution won the
Intelligent CloudCare Launches Cybersecurity Vulnerability Assessment/ Penetration Testing Service (GlobeNewswire News Room) Intelligent CloudCare, an IT services firm for small and medium-sized businesses and a subsidiary of...
Agora Data Attains SOC 2 Compliance Certification, Also Meets FTC Safeguards Rule for Protecting Customer Information (News Direct) Accreditation Offers Additional Certainty to Agora Data’s Information Security Practices
Technologies, Techniques, and Standards
National Cybersecurity Alliance Announces Program for 2023 Data Privacy Week Campaign (GlobeNewswire News Room) Week-long data privacy campaign champions consumer and business awareness for data privacy via educational resources and events featuring leading industry...
Contrast Security Champions Data Privacy Week 2023 (Contrast Security) The code security leader advocates for increased transparency within the cybersecurity space and focuses on improving data privacy practices
Privacy nutrition labels | Code Patrol podcast (Contrast Security) What are privacy nutrition labels? Learn more about why developers should join the Developers Alliance and get onboard with the privacy label initiative.
Comment: Building a cyber-resilient water future (Envirotec) A criminal cyber-attack on a UK water company in August 2022, which saw hackers gain access to customer banking details, led utilities to urgently reassess ...
Design and Innovation
92% of organizations think they need to do more to reassure customers about their data (Cisco) Cisco’s 2023 Data Privacy Benchmark Study reveals that 92% of respondents say their organization needs to do more to reassure customers about how their data is used in AI
Academia
Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats (CISA) Malicious cyber actors are targeting K–12 education organizations across the country, with potentially catastrophic impacts on students, their families, teachers, and administrators.
Legislation, Policy, and Regulation
Fourth time around for vulnerability disclosure bill (FCW) Rep. Sheila Jackson Lee (D-Texas) is taking yet another stab at getting the executive branch to tell Congress more about its process of disclosing (or stockpiling) zero-day bugs.
Government watchdog: Feds fail to implement vast majority of cybersecurity recommendations (CyberScoop) The Government Accountability Office says there's an urgent need for an updated national cybersecurity to hold federal agencies accountable.
Majority of GAO's Cybersecurity Recommendations Not Implemented by Federal Agencies (SecurityWeek) Out of the 335 public recommendations on a comprehensive cybersecurity strategy that GAO has made since 2010, 190 were not implemented as of December 2022.
GAO says US govt isn't listening to security warnings (Register) Federal depts ignore almost 60% of IT defense recommendations
House oversight of federal workforce, IT, cyber likely to be split between 2 subcommittees (Federal News Network) The House Oversight and Accountability Committee looks like it will newly name and create four of five subcommittees for the 118th Congress to go along with the committee's new name.
Local governments still have questions as cyber grants inch forward (StateScoop) The cyber grant program is moving forward, it'll still be a while before the money flows, said the heads of NASCIO and CompTIA's Public Technology Institute.
Litigation, Investigation, and Law Enforcement
Australia-led global ransomware task force debuts (Information Age) Revenue made by ransomware gangs drop markedly.
Retired FBI Executive Charged With Concealing $225,000 In Cash Received From An Outside Source (Department of Justice, U.S. Attorney’s Office, District of Columbia) Charles F. McGonigal Arrested in New York
Former Special Agent In Charge Of The New York FBI Counterintelligence Division Charged With Violating U.S. Sanctions On Russia (Department of Justice, U.S. Attorney’s Office, Southern District of New York) A Russian Court and Government Interpreter Is Also Charged with Violating U.S. Sanctions on Russia
Former Senior F.B.I. Official in New York Charged With Aiding Oligarch (New York Times) Prosecutors say Charles McGonigal, who was chief of counterintelligence, worked secretly for Oleg Deripaska to investigate a Russian rival.
Former senior FBI official accused of working for Russian he investigated (Washington Post) Charles McGonigal, a former counterintelligence chief, is also accused of taking $225,000 from a former Albanian intelligence worker while still at the FBI
Former FBI Agent Charged With Taking Payments From Russian Oligarch Oleg Deripaska (Wall Street Journal) Prosecutors say former counterintelligence agent Charles McGonigal accepted payments from Oleg Deripaska for work he did investigating a rival oligarch.
Former top FBI official Charles McGonigal charged with aiding Russian oligarch Oleg Deripaska (The Telegraph) The sanctioned Russian businessman is believed to own property in London
Retired top FBI counterintelligence agent who led Trump-Russia probe arrested for own ties to Russian oligarch (Fox News) Charles McGonigal, once special agent in charge of FBI N.Y.'s Counterintelligence Division, charged with money laundering, breaking U.S. sanctions against Russia oligarch Oleg Deripaska.
DuCharme Hired to Represent Ex-FBI Counterintelligence Leader Accused in Case Over Alleged Sanctions-Busting | New York Law Journal (New York Law Journal) Prosecutors in the U.S. Attorney’s Office for the Southern District of New York on Monday unsealed an indictment accusing McGonigal, 54, of working on behalf of the billionaire Oleg Deripaska in his unsuccessful attempt to have sanctions against him lifted.
Supreme Court Puts Off Considering State Laws Curbing Internet Platforms (New York Times) The laws, enacted by Florida and Texas in response to conservative complaints about censorship, have been challenged under the First Amendment.
Congressman ‘coming for answers’ after ‘no-fly list’ hack (The Record from Recorded Future News) A Republican congressman on the House Committee on Homeland Security is seeking answers about last week's hack of regional airline CommuteAir.
Google Play Store will be forced to house other app stores by next week as India upholds ruling (9to5Google) A ruling in India will force the Google Play Store to distribute third-party app stores as soon as January 2023.
DOJ Poised to Sue Google Over Digital Ad Market Dominance (Bloomberg) DOJ could file Google antitrust lawsuit as soon as Tuesday. Google already faces a DOJ lawsuit over its search practices.
PayPal Investigated Over Potential Market Dominance in Germany (Bloomberg) Federal Cartel Office looks into terms for payment service. As first step, regulator will examine PayPal’s market power.
The Unknown Hedge Fund That Got $400 Million From Sam Bankman-Fried (New York Times) After the collapse of FTX, prosecutors and lawyers have scrutinized its discredited founder’s huge investment in Modulo Capital.
Orange County Man Pleads Guilty to Using Stolen Identities to Apply for More Than $1 Million in COVID Jobless Benefits (Department of Justice, U.S. Attorney’s Office, Central District of California) An Orange County man pleaded guilty today to fraudulently applying for more than $1.2 million in COVID-19 pandemic unemployment insurance (UI) benefits – and receiving more than $400,000 of the same – by using the stolen identities of two dozen victims.
Sydney man jailed over $100k SMS phishing scam (CyberSecurity Connect) Sydney Local Court has sentenced a 40-year-old Sydney man to a two-year, eight-month stint in prison over an SMS phishing scam that began in 2018.
More than 1,000 suspicious emails reported to Office of Cyber-Security (Manx Radio) Nearly 11,000 reported since Suspicious Email Reporting Service was set up
US Supreme Court leak investigation highlights weak and ineffective risk management strategy (CSO Online) The court’s inability to find out who leaked the draft decision and how they did it is a cautionary tale for CISOs about safeguarding sensitive information and intellectual property.