Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+540: Russification and disinformation. (CyberWire) International attention focuses on Black Sea shipping. Russification attempts intensify in the occupied territories.
Russia-Ukraine war: List of key events, day 541 (Al Jazeera) As the war enters its 541st day, these are the main developments.
Ukraine's counteroffensive inches forward, with the help of cluster bombs (CNN) Ukrainian marines have advanced for the second time in two weeks on the southeastern frontlines, towards the key port city of Mariupol, with the recapture of the village of Urozhaine appearing to have been partially aided by the Ukrainian use of controversial cluster munitions.
Ukraine combat drone damages building in central Moscow, Russia says (Al Jazeera) Moscow’s mayor says Ukrainian drone shot down by air defence and debris falls on city’s Expo Center causing damage.
Ukraine-Russia war: Russia 'targeting' British storm shadow missiles (The Telegraph) Russia is targeting British-supplied Storm Shadow missiles as it ramps up attacks on Ukraine’s air force and runways, it has been reported.
Lukashenka Says Putin Not Pushing Belarus To Join War In Ukraine (RadioFreeEurope/RadioLiberty) Belarusian leader Alyaksandr Lukashenka said Russian President Vladimir Putin is not trying to push Belarus into joining the war in Ukraine and vowed that Minsk's forces would never take part in the war unless Ukrainian troops crossed the border into Belarus.
NATO must respond to Russia’s provocations in Belarus (Atlantic Council) The Alliance should conduct a no-notice exercise in the Suwalki Gap between Poland and Lithuania, deploying maritime, air, and ground assets.
Russian War Report: Tensions escalate in the Black Sea as the Russian navy forcefully inspects a civilian cargo ship (Atlantic Council) Russia escalated tensions beyond Ukraine again this week when its navy forcibly inspected and fired warning shots at a civilian cargo ship.
Putin must not be allowed to turn the Black Sea into a Russian lake (Atlantic Council) Western countries must take urgent action to prevent Vladimir Putin from turning the Black Sea into a Russian lake, warns Melinda Haring.
Russia's Former Top Commander in Ukraine Dies (The Moscow Times) A senior general who was briefly placed in charge of Russia’s armed forces in Ukraine last year has died from an undisclosed illness, authorities said late Wednesday.
Russia general who reportedly served as the top commander for Ukraine last year has died (CNN) A Russian general who reportedly served as the top military commander for Ukraine last year has died, according to Russian state media.
Unexploded Missile Suggests Moscow Is Rushing Weapons to the Front (Bloomberg) Intact Russian rocket shows unusual production turnaround time. The Ukrainian counteroffensive has made slow process so far.
Russia building ‘thousands of Iranian-design drones’ in secret base (The Telegraph) Leaked documents show engineers working to create huge arsenal of aerial weapons capable of swarming Ukrainian targets
Ukraine’s vibrant tech ecosystem is a secret weapon in the war with Russia (Atlantic Council) Ukraine’s secret weapon in the war against Russia is a vibrant and sophisticated tech ecosystem including around 300,000 IT professionals and hundreds of defense tech startups, writes Mykhailo Fedorov.
Ukraine’s state authorities must follow private sector in unlearning old habits (Atlantic Council) To achieve individual, business, and national goals of renewal, Ukrainians need their government to be just as nimble and adaptive as the country’s private sector, writes Ukraine's Business Ombudsman Roman Waschuk.
Zelensky extends martial law, casting doubt on fall parliamentary elections (Washington Post) As Russian forces continued to bombard regions across Ukraine, Ukrainian President Volodymyr Zelensky on Thursday signed legislation extending martial law and a general military mobilization until mid-November. If martial law is not lifted, it would require postponing national parliamentary elections scheduled for fall.
The Dutch defense minister says the US has approved the delivery of F-16 fighter jets to Ukraine (FOX 5 San Diego) The United States has given its approval for the Netherlands to deliver F-16s to Ukraine, the Dutch defense minister said Friday, in a major gain for Kyiv even though …
Pentagon open to host F-16 training for Ukrainian pilots in the U.S. (CBS News) The Biden administration says it's willing to host Ukrainian pilots if the training coalition led by Denmark and the Netherlands needs more space or resources.
Nato official apologises over suggestion Ukraine could give up land for membership (the Guardian) Secretary general’s chief of staff says statement was ‘mistake’ and part of wider discussion – but does not completely rule out idea
Putin’s plot to split the West may be succeeding (The Telegraph) The Kremlin is now using every tool it can find to foment divisions within the Nato military alliance
Anne Applebaum: Putin 'Is Really Destroying Modern Russia' (RadioFreeEurope/RadioLiberty) Anne Applebaum, the U.S. Pulitzer-Prize winning author, says Russian President Vladimir Putin will go down in history as the man who “destroyed modern Russia” by reinstating much of the hated features of the repressive Soviet system.
11 Years into the Syrian Conflict, Explore its Toll, Putin’s Role (FRONTLINE) Years before his 2022 invasion of Ukraine, Putin intervened in Syria to aid President Bashar al-Assad. Revisit FRONTLINE documentaries on the conflict.
Russia will struggle to cope with a sinking rouble (The Economist) What does the currency’s collapse mean for Vladimir Putin’s ability to wage war?
Britain plotting to assassinate pro-Russian leaders in Africa, says Moscow (The Telegraph) Kremlin source claims MI6 has trained a saboteur unit of 'Ukrainian nationalists and neo-Nazis' for a clandestine operation in the continent
Kazakhstan Blocks Russian TV Channel's Website Over Extremist Content (RadioFreeEurope/RadioLiberty) Kazakh authorities have blocked the website of the Russian TV channel Tsargrad due to extremist propaganda and "inciting discord."
How Russian prisoners of war see Putin’s invasion (The Economist) And how they are treated by Ukraine
WSJ News Exclusive | The Ghost Fleet Helping Russia Evade Sanctions and Pursue Its War in Ukraine (WSJ) Turkish companies have bought dozens of tankers that ship Russian oil, playing a critical role in Moscow’s efforts to fund its war in Ukraine.
Berlin prosecutor investigates possible poisoning of Russian journalist (the Guardian) Elena Kostyuchenko, who has criticised the invasion of Ukraine, fell ill on a train journey in Germany
American imprisoned in Russia faces espionage charges, reports say (AP News) A Russian-born U.S. citizen in prison on a bribery conviction now faces charges of espionage, according to Russian news agencies.
Attacks, Threats, and Vulnerabilities
PlayCrypt Ransomware Group Wreaks Havoc in Campaign Against Managed Service Providers (Adlumin SaaS Security) Adlumin's Threat Research Team unveils a widespread global offensive orchestrated by the elusive PlayCrypt ransomware group. Dive into the intricate tactics and high-stakes targets of this sophisticated campaign in our latest blog post.
Cuba Ransomware Deploys New Tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America (BlackBerry) BlackBerry has discovered and documented new tools used by the Cuba ransomware threat group. The good news is that BlackBerry protects against Cuba ransomware.
Mass-spreading campaign targeting Zimbra users (We Live Security) A mass spreading phishing campaign has been targeting the users of the Zimbra communication tool, and ESET Research is here to give the details
NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security (The Hacker News) "NoFilter" technique exploits Windows Filtering Platform for sneaky privilege escalation.
Thousands of Android APKs use compression trick to thwart analysis (BleepingComputer) Threat actors increasingly distribute malicious Android APKs (packaged app installers) that resist decompilation using unsupported, unknown, or heavily tweaked compression algorithms.
Microsoft: BlackCat's Sphynx ransomware embeds Impacket, RemCom (BleepingComputer) Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.
Chinese hackers accused of targeting Southeast Asian gambling sector (Record) Hackers based in China are targeting the gambling sector across Southeast Asia in a campaign that researchers say is closely related to data collection and surveillance operations identified earlier this year.
Threat Actors are Interested in Generative AI, but Use Remains Limited (Mandiant) Threat actors are using AI capabilities to facilitate a variety of malicious activity, but use remains limited.
Online influence operators continue fine-tuning use of AI to deceive their targets, researchers say (CyberScoop) The use of AI for malign purposes is limited but growing and maturing in key ways, researchers with Google's Mandiant said Thursday.
Generative AI could be cybersecurity’s biggest threat, warns Mandiant (Verdict) US company Mandiant has warned that despite current usage of AI in online malicious activity being low, threat actors remain interested.
‘Extreme’ user abuse leads AnonFiles operators to shut down hosting service (Record) “After trying endlessly for two years to run a file-sharing site with user anonymity we have been tired of handling the extreme volumes of people abusing it and the headaches it has created for us,” AnonFiles' administrators said.
Hackers ask $120,000 for access to multi-billion auction house (BleepingComputer) Hackers have breached the network of a major auction house and offered access to whoever was willing to pay $120,000.
Tennessee school hit with ransomware as gangs ramp up attacks ahead of new academic year (Record) Ransomware gangs are accelerating their attacks against educational institutions as schools prepare to reopen, with the K-12 school for Cleveland, Tennessee telling parents and administrators this week that it is dealing with a ransomware attack.
University of Missouri System provides update on data breach (KFVS 12) Current and former students and employees from the University of Missouri are advised to keep an eye on their personal information.
Microsoft’s Role in Hack Conjures Ghost of Gates ‘Choose Security’ Memo (Bloomberg) Microsoft’s role in email breach to be part of cyber inquiry
Security Patches, Mitigations, and Software Updates
Apple fixes Sonoma location permissions issue with 13.5.1 update (AppleInsider) Apple has released macOS Ventura 13.5.1, incorporating a single fix for location permissions settings not displaying.
Cisco Releases Security Advisories for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition.
Atlassian Releases Security Update for Confluence Server and Data Center (Cybersecurity and Infrastructure Security Agency CISA) Atlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition.
Trends
Rapid7’s Mid-Year Threat Review (Rapid7 Blog) It will come as little surprise to most people that cyber threats in 2023 have been rather prolific. From widely exploited vulnerabilities to high-profile ransomware and extortion campaigns, the first half of the year has seen more than its fair share of large-scale incidents.
Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands (SecurityWeek) Rapid7 says criminal ransomware gangs could easily be able to purchase and use bevy of zero-day exploits for vulnerable enterprise software.
Cyberattacks on health care grow in number even as more leaders, staff gain awareness (Contemporary OB/GYN) ‘New era’ as 2023 could go from bad to worse for invasions of computer networks.
The Ethical Investor: How AI helps cyber criminals, and why cyber security is now a major factor for ESG - Stockhead (Stockhead) Why cybersecurity is emerging as an ESG factor for investors, and what impact Artificial Intelligence has on the cybersecurity sector.
Marketplace
ProjectDiscovery raises $25M to launch a cloud version of its threat-scanning platform (TechCrunch) ProjectDiscovery, which is developing tools to help security teams detect and remediate security threats, has raised $25M.
Conversant Group Hires Tod Grantham as VP of Professional Services (PR Newswire) Conversant Group, an innovative provider of "Secure First" infrastructure and cybersecurity services, has added Tod Grantham as the company's...
Joe Rohner: Booz Allen Gets Workforce Ready for AI - ExecutiveBiz (ExecutiveBiz) Looking for the latest Government Contracting News? Check out our story: Joe Rohner: Booz Allen Gets Workforce Ready for AI. Click to read the full story!
NTT Research CIS Lab Director Wins Second IACR Test-of-Time Award for Paper on Oblivious Transfer (Business Wire) NTT and NTT Research Also Contribute 15 Papers to Crypto 2023
Meta Platforms gets tough with its return-to-work plan, warns employees they could be fired if they don't comply (Silicon Valley Business Journal) Meta Platforms Inc. on Thursday delivered a message to employees: management will be watching how they comply with the company's return-to-office rules and workers could be fired if they don't, according to a report in Insider.
Products, Services, and Solutions
Deloitte and Claroty team for OT cybersecurity (CRN Australia) Vendor’s xDome to be built into Deloitte’s managed XDR.
Palo Alto Networks Prisma SASE Recognized as a Leader in Zero Trust Edge Solutions (PR Newswire) Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, announced today it has been positioned as a leader in the inaugural...
Booz Allen Wins DISA's Thunderdome Production Agreement | WashingtonExec (Washington Executive) Kelly Rozumalski, Booz Allen Booz Allen Hamilton has won a follow-on production other transaction authority agreement to deploy Thunderdome, the Defense Inf ...
How to Protect Your Cryptocurrency with a Cold Wallet | Trend Micro News (Trend Micro News) Why Do You Need a Cold Wallet to Protect Your Cryptocurrency? How to Set up Cold Wallets? What's the Common Risks?
Kivu Launches New Managed Security Services for Cloud and Identity Threat Detection and Response (PR Newswire) Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection...
Technologies, Techniques, and Standards
SEC Rule Sparks Reimagining of Cybersecurity Operations (Palo Alto Networks Blog) The U.S. SEC's new cybersecurity reporting rule mandates companies disclose their cybersecurity risk management processes in annual reports.
The Growing Need For Cyber Insurance (Wealth Management) Digital fraud is a growing threat to advisors, who are on their own when it comes to buying coverage for the risk.
CISA and Election Security Partners Hold Tabletop the Vote Election Security Exercise (Cybersecurity and Infrastructure Security Agency) The Cybersecurity and Infrastructure Security Agency (CISA) hosted the nation’s largest annual election security exercise this week in close coordination with the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED).
Design and Innovation
Google Brings AI Magic to Fuzz Testing With Eye-Opening Results (SecurityWeek) Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage.
Academia
Department of Defense-Sponsored Cyber Internship Offers Knowledge, Inspiration for College (U.S. Department of Defense) The Office of the Under Secretary of Defense for Research and Engineering-sponsored Cyber-Spectrum internship program, MAVEN, recently celebrated its second internship graduation.
Utica University receives grant for cyber range plans (Central New York Business Journal) Utica University received a $150,000 grant from the George I. Alden Trust to build a new cyber range in Bull Hall.
BlueVoyant Empowers Next Generation of the STEM Workforce (PR Newswire) BlueVoyant, a leading global cybersecurity firm, is honored to team up with the Transforming Lives Community Development Corporation (TLCDC) to...
Legislation, Policy, and Regulation
States’ use of non-state actors in cyberspace (Observer Research Foundation) Without proper legislation, states using non-state actors for cyberwarfare pose a significant threat to governments, businesses, and individuals.
Chinese Officials Meet Foreign Firms to Ease Data Law Fears (Bloomberg) Walmart, PayPal among foreign firms that met CAC last week. They discussed fast-tracking some data transfers abroad.
U.K. to Put Magnifying Glass on Crypto Transfers (Wall Street Journal) The country’s financial regulator laid out guidance for applying rules for traditional money transfers to those involving digital assets.
Crypto memes could land you in prison or with an unlimited fine for breaching financial promotion rules, UK regulator warns ‘finfluencers’ (MSN) The UK's financial regulator is proposing new rules for social media promotions. It specifically highlights memes promoting crypto investment as potential rule-breakers.
Cyber Incident Notification Requirements (NCUA) Beginning on September 1, 2023, all federally insured credit unions must notify the NCUA as soon as possible after the credit union reasonably believes it has experienced or received notice of a reportable cyber incident.
The Plan to Better Protect US Hospitals From Ransomware (WIRED) An innovation agency within the US Department of Health and Human Services will fund research into better defenses for the US health care system’s digital infrastructure.
Troops need improved cyber education, US Army leaders say (Defense News) Failing "to defend the networks that our warfighters use absolutely will cause us to lose,” said Lt. Gen. Maria Barrett, the ARCYBER commander.
Newly created Army cyber/space office to focus on streamlining efforts, building out talent - Breaking Defense (Breaking Defense) “I think our focus right now is we have to grow fast…And that’s done through good hiring actions…it’s also the retention of employees that we have," Christopher Green said. "I want to make sure we build a culture where people want to come to work everyday, they want to stay with us and they want to help us build our capabilities.”
Litigation, Investigation, and Law Enforcement
Veröffentlichung Bundeslagebild: über 130.000 Fälle von Cybercrime in 2022 (Bundeskriminalamt) Straftaten im Bereich Cybercrime liegen in Deutschland weiter auf einem sehr hohen Niveau. Im vergangenen Jahr registrierte die Polizei 136.865 Fälle von Cybercrime. Das geht aus dem heute veröffentlichten Bundeslagebild Cybercrime 2022 hervor. Damit nahm die Zahl der Taten im Vergleich zum Vorjahr um 6,5 Prozent ab. Wie das Lagebild anhand von ergänzenden Lagedaten jedoch auch zeigt, nahm die Zahl jener Taten, die aus dem Ausland heraus begangen werden und in Deutschland einen Schaden verursachen, weiter zu, nämlich um 8 Prozent im Vergleich zum Vorjahr.
German Police Warn of Increased Foreign Cybercrime Threat (Bank Info Security) Ransomware and other cyberthreats stemming from overseas actors surged last year in Germany, causing losses worth billions of euros, the country's federal police
Cyber security researchers become target of criminal hackers (Financial Times) Computer experts called in to tackle organised hacking groups say their work is attracting physical threats
Republicans scrutinize Biden White House’s emails with tech platforms (NBC News) Selective releases from Rep. Jim Jordan and a federal court case have become a focus for Republicans claiming censorship on social media.
Officials Investigate Threats Against Trump Grand Jurors in Georgia (New York Times) Some of the jurors’ identities have been shared on social media, with suggestions that they be harassed or made “infamous.”
Truth Social are doxxing grand jurors who indicted Trump in Georgia (The Independent) A plethora of Truth Social users came to Mr Trump’s defence following his fourth indictment
Dallas Ransomware Victim Count Climbs, Feds Investigate (GovTech) The U.S. Department of Health and Human Services says it’s investigating the Dallas ransomware attack from earlier this year. The city now says 30,253 people were impacted by the cyber attack.
Kobach: KBI looking into possible data breach in Kansas newspaper case (The Lawrence Times) Kansas AG Kris Kobach says state authorities reviewing alleged crimes associated with the raid of a Marion newspaper are interested in whether someone breached the Kansas Criminal Justice Information System.
FBI arrest California police officers involved in racist text messages scandal (the Guardian) A grand jury had indicted officers from Antioch and Pittsburg for a wide range of offenses, including criminal conspiracy
Did a Journalist Violate Hacking Law to Leak Fox News Clips? The Government Thinks He Did. (Zero Day) But attorneys for Timothy Burke say a raid on his home and office exhibit government over-reach and misuse of the federal hacking law, and raises First Amendment issues.
‘No records’ of suspected Russian spy graduating from claimed university (Record) Queensland University of Technology said it has “no records of anyone" with the name Orlin Roussev as having graduated from the institution.