Dateline
Ukraine at D+533: Contesting the information space. (CyberWire) With only local changes to the lines, albeit with continuing casualties, attention turns to shaping the war's narrative.
Russia-Ukraine war: List of key events, day 534 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 534th day.
Russia-Ukraine war at a glance: what we know on day 534 of the invasion (the Guardian) Air defence foils strike on Kyiv; Russia claims to have downed Ukrainian drone over Moscow after airport temporarily closed
Russia-Ukraine war live: Moscow should expect more attacks, Kyiv says (the Guardian) Ukrainian military intelligence spokesperson says ‘concept of security is increasingly distant from residents of Moscow’
Russia’s military push on eastern front prompts evacuations in Ukraine (Military Times) Ukrainian authorities have ordered a mandatory evacuation of nearly 12,000 civilians from towns and villages in the Kupiansk district of Ukraine’s eastern
Ukraine forces have retaken land near Bakhmut from Russia, Kyiv says (the Guardian) Despite gains, deputy defence minister Hanna Maliar warns of ‘nightmare’ situation farther north in Kharkiv
Ukraine Repels More Russian Attacks In East; UN Official Condemns Russian Strike On Hotel (RadioFreeEurope/RadioLiberty) Ukraine's military says its forces have repelled Russian attacks in the east of the country as a UN official condemned a Russian attack a day earlier on a hotel in Ukraine used by the UN and other humanitarian organizations.
Russian ‘revenge’: Ukraine braces as Kremlin steps up attacks on recaptured areas (POLITICO) Moscow tests Kyiv’s fortifications on the northeastern front.
Ukrainian Minister Warns Zaporizhzhya Nuclear Plant 'One Step Away' From Blackout (RadioFreeEurope/RadioLiberty) Ukrainian Energy Minister Herman Halushchenko has appealed to the International Atomic Energy Agency (IAEA) about the loss of the main power line supplying electricity to the Zaporizhzhya nuclear power plant in southern Ukraine.
Slow counteroffensive darkens mood in Ukraine (Washington Post) This nation is worn out. For nearly 18 months, Ukraine has stood against its Russian invaders — rallying support for its troops by embracing last year’s battlefield victories in the Kyiv, Kharkiv and Kherson regions.
Russia accused of deliberately targeting journalists in Ukraine (Atlantic Council) A series of Russian airstrikes on civilian targets known to be popular among international correspondents covering the invasion of Ukraine has sparked accusations that the Kremlin is deliberately targeting journalists, writes Mercedes Sapuppo.
Russia Is Replicating Iranian Drones and Using Them to Attack Ukraine (New York Times) Called the Geran-2, the drones are a Russian-made version of the Shahed-136, which explodes on impact, researchers say.
F-16 delays leave Ukraine exposed to deadly Russian air superiority (Atlantic Council) A clear commitment to send Ukraine a fleet of F-16s would do much to repair the damage to Western credibility caused by earlier delays. Crucially, it could also save countless Ukrainian lives, writes Olivia Yanchik.
Ukraine’s diplomatic offensive made important advances in Saudi Arabia (Atlantic Council) The recent talks in Jeddah were a Ukraine-focused initiative to prepare the ground for future peace negotiations and get key players closer to Kyiv’s position.
New report highlights evidence of escalating Russian genocide in Ukraine (Atlantic Council) A new international report has identified evidence that Russia's campaign of genocide in Ukraine is escalating as the full-scale invasion of the country approaches the one-and-a-half-year mark, writes Kristina Hook.
'All Of It Must Be Recorded': Still No Justice Three Years After Crackdown On Belarus Protests
(RadioFreeEurope/RadioLiberty) On the third anniversary of a disputed presidential vote in Belarus, opposition activists demanded justice for protesters jailed and beaten in a brutal crackdown. Unprecedented demonstrations erupted after Alyaksandr Lukashenka declared victory in an election widely seen as rigged.
Exclusive: Fear of tech 'brain drain' prevents Russia from seizing Yandex for now, sources say (Reuters) The Kremlin's fear of a serious tech brain drain is the main factor preventing Moscow from nationalising Nasdaq-listed Yandex , often dubbed "Russia's Google", four people with knowledge of the company's divestment plans told Reuters.
Yandex co-founder Volozh slams Russia's 'barbaric' invasion of Ukraine (Reuters) The co-founder of Russian internet giant Yandex , Arkady Volozh, on Thursday condemned what he described as Russia's "barbaric" invasion of Ukraine, days after criticism in Russia over his apparent efforts to distance himself from the country.
Satellite hack on eve of Ukraine war was a coordinated, multi-pronged assault (CyberScoop) The satellite hack that took the world by storm was more complex than initially thought, according to a Viasat executive.
Inside Russia's attempts to hack Ukrainian military operations (NPR) Ukrainian officials say Russian hackers remain focused on infiltrating military planning operations. That includes seizing and trying to crack tablets used on the on the front lines by officers.
Ukrainian official touts country’s wartime cyber intelligence efforts (Record) Illia Vitiuk, head of cybersecurity at the Security Service of Ukraine (SBU), said that hackers have been getting into Russian systems to find out the Kremlin’s targets, how the enemy’s troops move, and more.
The concept of modern political confrontation in cyber space (OUP Academic) Abstract. The purpose of the study is to determine the main forms of behavior of the participants of the political process in the information space of Ukraine a
Attacks, Threats, and Vulnerabilities
Germany says Charming Kitten hackers target Iran dissidents (Deutsche Welle) Germany's domestic intelligence agency has warned dissident Iranian activists about the threat of cyber espionage against them. The hackers work by gaining the trust of their targets.
Charming Kitten APT is targeting Iranian dissidents in Germany (Security Affairs) Germany’s Federal Office for the Protection of the Constitution (BfV) warns that the Charming Kitten APT group targeted Iranian dissidents in the country. The Federal Office for the Protection of the Constitution (BfV) is warning that an alleged nation-state actor targeted Iranian dissident organizations and individuals in the country. The intelligence agency attributes the attack […]
Investigating New INC Ransom Group Activity (Huntress) The Huntress team investigated a ransomware attack of a new INC Ransom threat actor group. Here is the activity we observed.
How an unpatched Microsoft Exchange 0-day likely caused one of the UK’s biggest hacks ever (Ars Technica) Evidence appears to show a critical 0-day tracked as ProxyNotShell was exploited.
There’s a New Stealer Variant in Town, and It’s Using Electron to Stay Fully Undetected (Mend) The Mend.io threat research team recently uncovered new NPM packages used to download a new info-stealer variant that uses the popular Electron framework to disguise itself as a legitimate application.
Gafgyt malware exploits five-years-old flaw in EoL Zyxel router (BleepingComputer) Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks.
New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks (The Hacker News) Malicious actors are leveraging the legitimate Rust-based injector Freeze[.]rs to deploy the XWorm malware in targeted environments.
Do You Speak Multiple Languages? Malware Does. (HP Threat Research Blog) Over the last few months, we’ve seen a flurry of finance-themed malicious spam campaigns spreading malware through batch scripts (.bat). The campaigns use a wide variety of programming languages to achieve different objectives within the infection chain – from batch scripts, PowerShell, Go, shellcode to .NET.
Hackers stole $6 million from city of New Haven in cyberattacks: mayor (NBC Connecticut) Hackers stole more than $6 million from the city of New Haven through a series of cyberattacks, and the FBI and New Haven police are investigating, Mayor Justin Elicker announced Thursday. It appears that hackers got access to the email account of the chief operating officer of New Haven’s public schools in late May. The mayor said the thefts happened…
City of Dallas to Pay $8.5 Million in Expenses Due to Ransomware Attack (News Talk WBAP-AM) The Dallas City Council on Wednesday approved paying more than $8.5 million dollars in damages to the more than 26,000 victims of a ransomware attack on the city's computer network.
Nearly 1.5 million affected by data breach at Alberta Dental Service Corporation (CBC News) A significant data breach has compromised the personal information of about 1.47 million Albertans, the Alberta Dental Service Corporation said.
California city investigating data theft after ransomware group’s claims (Record) The California city of El Cerrito is investigating the potential theft of data after a ransomware group added the city’s government to its list of victims on Wednesday.
Security Patches, Mitigations, and Software Updates
Google just made its Chrome browser more secure by cutting 'patch gap' in half (ZDNET) You should restart Google Chrome weekly now. Here's why.
Trends
No more hiding in the shadows as cyber gangs circle Australia (The Mandarin) Skills shortages and technology lags have left Australian enterprises and agencies vulnerable to cyber-attacks from state-sponsored and international criminal gangs using increasingly sophisticated techniques to break down defences, a leading cyber security expert has warned.
Marketplace
Amid historic hiring surge, NSA considers hybrid, unclassified work options (Federal News Network) The NSA's top official says the highly secretive agency is looking at how much work it can do outside of a SCIF.
Rootly Raises $12M to Help Enterprise IT Teams Resolve Incidents 80 Percent Faster (Dark Reading) Rootly, which offers the first and only enterprise-grade incident management platform, announced today that it has raised a $12M Series A round of financing led by Renegade Partners with participation from Google Gradient Ventures (Google’s AI-focused venture fund) and XYZ Ventures.
Veza Announces Strategic Investments from Capital One Ventures and ServiceNow Ventures (Business Wire) Investments will accelerate go-to-market execution and product innovation to meet enterprise demand for identity security
Check Point to Acquire Perimeter 81 - to Deliver the Fastest and most Secure SASE Solution in the Industry - Check Point Software (Check Point Software) Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, signs a definitive agreement to acquire Perimeter 81, a pioneering Security Service Edge (SSE) company.
Symmetry Systems Raises $17.7M for Data Security Posture Management Platform (SecurityWeek) Symmetry Systems has raised $17.7 million for its AI-powered Data Security Posture Management (DSPM) platform.
Plurilock Signs US$393,000 Contract for Cybersecurity Solutions Project with California State Critical Infrastructure Agency (Yahoo Finance) Vancouver, British Columbia--(Newsfile Corp. - August 10, 2023) - Plurilock Security Inc. (TSXV: PLUR) (OTCQB: PLCKF) and related subsidiaries ("Plurilock" or the "Company"), an identity-centric cybersecurity solutions provider for workforces, is pleased to announce that the Company has signed a US$393,000 contract for a project to provide cybersecurity solutions to a California state critical infrastructure agency (the 'Customer') for a period of 1 year."We are pleased to announce a new contrac
Rapid7 to lay off hundreds as it invests in MSPs, MDR (CRN) The cuts are a ‘difficult decision’ and ‘may be surprising’ to employees ‘when we are meeting performance expectations,’ Rapid7 CEO Corey Thomas said
Parsons Awarded $109 Million Cyber Capabilities Contract (GlobeNewswire News Room) Parsons Corporation (NYSE: PSN) announced today that the company has been selected by United States...
ConnectWise Recognized with Top Workplaces 2023 Awards (GlobeNewswire News Room) ConnectWise Prioritizes Supportive Work Environment During High Growth Years; Finds Success and Employee Longevity...
KnowBe4 Celebrates 13th Anniversary With Donation to Protect Endangered Species (KnowBe4) KnowBe4 Celebrates 13th Anniversary With Donation to Protect Endangered Species
PCI Security Standards Council Hires Wenlock Free as Regional Vice President, North America (PCI Security Standards Council) Longtime Payment Industry Executive to Lead North American Efforts for The PCI SSC
WSJ News Exclusive | Former U.S. Cyber Director Inglis Joins Advisory Firm Hakluyt (Wall Street Journal) Chris Inglis, the former U.S. national cyber director who left the White House in February, has joined London-based corporate advisory firm Hakluyt & Co.
Products, Services, and Solutions
The top new cybersecurity products at Black Hat USA 2023 (CSO Online) Here are the top cybersecurity tools, platforms, capabilities, services, and technologies launched at Black Hat USA 2023 that you need to know about.
Syxsense announces AI-powered Cortex Copilot (Security Infowatch) By leveraging advances in generative artificial intelligence, Cortex Copilot uses natural language queries to further automate smart task generation and intelligent scripting....
Lookout SAIL improves efficiency for cybersecurity professionals (Help Net Security) Lookout SAIL allows people to interact naturally with the Lookout platform instead of having to learn from a user manual or guide.
Fortra releases new integrations for its Offensive Security (Help Net Security) Fortra launches integrated solutions enhancing offensive security capabilities: vulnerability management, pen testing, and red teaming.
Calix expands security options in SmartBiz to protect small businesses from cyberthreats (Help Net Security) Calix expanded security measures in Calix SmartBiz to enable broadband service providers to seamlessly serve their small business markets.
Technologies, Techniques, and Standards
Fact Sheet: Office of the National Cyber Director Requests Public Comment on Open-Source Software Security and Memory Safe Programming Languages (ONCD | The White House) Request for Information Today, the White House Office of the National Cyber Director (ONCD), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), the National Science Foundation (NSF), the Defense Advanced Research Projects Agency (DARPA), and the Office of Management and Budget (OMB), is announcing a Request For Information (RFI) on open source software…
X-Force releases detection & response framework for managed file transfer software (Security Intelligence) How AI can help defenders scale detection guidance for enterprise software tools
Design and Innovation
Strength in Numbers: NVIDIA and Generative Red Team Challenge Unleash Thousands to Vet Security at DEF CON (NVIDIA Blog) Thousands of hackers will tweak, twist and probe the latest generative AI platforms this week in Las Vegas as part of an effort to build more trustworthy and inclusive AI. Collaborating with the hacker community to establish best practices for testing next-generation AI, NVIDIA is participating in a first-of-its-kind test of industry-leading LLM solutions, including Read article >
"Any cybersecurity company failing to leverage AI is obsolete" (CTech) "The bar has been raised for both attackers and defenders. No one will ultimately emerge victorious; it will remain a cat-and-mouse game. Education is valuable, but technology is the solution," says Team8 Chief Innovation Officer Bobi Gilburd
Cybersecurity: It's Time to Trust the Machines (Dark Reading) When it comes to cybersecurity automation, the pluses outweigh the minuses.
With AI, Hackers Can Simply Talk Computers Into Misbehaving (Wall Street Journal) Using a technique called “prompt injection,” hackers can break AI systems without a deep knowledge of coding.
Academia
NSA: Codebreaker Challenge Helps Drive Cybersecurity Education (Dark Reading) The US National Security Agency aims to attract students to cybersecurity in general and its own open positions in particular: 3,000 new jobs this year.
Legislation, Policy, and Regulation
The government comes to grips with cyber warfare, not just cybersecurity (Federal News Network) There's cybersecurity, and then there's cyberwarfare. My next guest is both an academic and a practitioner of cyber wargames. He's here to update us on the types of exercises going on right now in…
NSA chief: Chinese cyber spies continue to improve — but haven't surpassed US (Register) China has not yet surpassed the U.S. in conducting cyber espionage despite several successful hacks that have been publicly linked to Beijing, the head of the U.S.’s premier digital spy agency said Thursday.
U.S. and China Poised to Drift Further Apart After Investment Ban (Wall Street Journal) President Biden’s order comes on top of a slowing Chinese economy, Covid lockdowns and rising tensions between the two powers.
Online Safety Bill: debate over client side scanning and encryption rolls on (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.
DOD Announces Establishment of Generative AI Task Force (U.S. Department of Defense) The DOD announced the establishment of a generative artificial intelligence task force to play a pivotal role in analyzing and integrating tools across the department.
Pentagon launches 'Task Force Lima' to study generative AI for defense (Breaking Defense) Led by the Pentagon’s Chief Digital and AI Office, the task force “will assess, synchronize, and employ generative AI capabilities across the DoD, ensuring the Department remains at the forefront of cutting-edge technologies while safeguarding national security,” according to a DoD announcement.
Section 702 Must Get Reauthorized, NSA Chief Says (National Defense) Section 702 Must Get Reauthorized, NSA Chief Says
House committee asks FCC for more action on IoT device security (Nextgov.com) A letter from the House Select Committee on the Chinese Communist Party asks the FCC for investigations into Chinese-linked connectivity modules as the agency launches its IoT cyber labeling program.
To Battle New Threats, Spy Agencies to Share More Intelligence With Private Sector (Wall Street Journal) Pandemics, cyberattacks and supply-chain disruptions are pushing the government to work more with outside groups.
Litigation, Investigation, and Law Enforcement
Cyber Safety Review Board Releases Report on Activities of Global Extortion-Focused Hacker Group Lapsus$ (US Department of Homeland Security) The U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) report summarizing the findings of its review into the activities associated with a threat actor group known as Lapsus$.
Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report (Cybersecurity and Infrastructure Security Agency CISA) Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group attacked dozens of well-known companies and government agencies around the world.
US should crack down on SIM swapping following Lapsus$ attacks: DHS review (Record) In its latest report, the Cyber Safety Review Board called on the FCC and FTC to strengthen their oversight and enforcement activities around SIM swapping.
United Kingdom: Injunctive Relief Against Persons Unknown - The Ransomware Edition (cyber/data/privacy insights) On 11 July 2023, the English High Court handed down its decision on the claimant’s application in Armstrong Watson LLP v. Persons Unknown, granting judgment in default and final injunctive relief. Specifically, the court granted the claimant permanent injunctive relief against persons unknown – a gr
Dissident republicans claim to have obtained leaked PSNI database (The Telegraph) Northern Ireland police chief Simon Byrne admits leak of 10,000 staff details is 'industrial scale'
Data breach evokes memories of Castlereagh IRA raid that led to top republicans being outed as agents (Belfast Telegraph) The PSNI data breach fiasco will bring back memories of the IRA raid on Special Branch HQ in 2002, which had police officers and informants fearing for their security.
The Guardian view on Northern Ireland’s data leak: putting lives at risk | Editorial (the Guardian) Editorial: The police’s error is hard to forgive, but ministers must treat Northern Ireland’s wider human safety needs as a priority too
Microsoft's role in data breach part of US cyber inquiry -Bloomberg News (Reuters) A U.S. cybersecurity advisory panel will investigate risks in cloud computing that will also include Microsoft Corp's role in the recent breach of government department email systems by suspected Chinese hackers, Bloomberg News reported on Thursday.
Hopkins data breach update: 300K+ people affected | I-Team (WBAL) More than 300,000 people were affected by a data breach at Johns Hopkins Medicine, the 11 News I-Team has learned.
Alleged Air Force leaker shared intel with foreign nationals, FBI says (Military Times) The three servers Teixeira allegedly leaked documents in contained more than 150 members.