Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+543: Expecting a long war. (CyberWire) Nothing new in cyberspace, as kinetic fighting continues along Ukraine's axis of advance toward the Sea of Azov.
Russia-Ukraine war: List of key events, day 544 (Al Jazeera) As the war enters its 544th day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 544 of the invasion (the Guardian) Netherlands and Denmark to donate up to 61 F-16 fighter jets to Ukraine; Volodymyr Zelenskiy vows retaliation for deadly strike on city of Chernihiv
Seven killed, 144 wounded in Russian missile strike on Ukraine's Chernihiv (Reuters) Seven people including a 6-year-old girl were killed, 144 wounded, and 41 were in hospital after a Russian missile struck a central square in the historic northern Ukrainian city of Chernihiv on Saturday, Ukrainian officials said.
Ukraine live briefing: Russian strike on theater in Chernihiv kills seven, injures more than 100, Ukraine says (Washington Post) A strike on a theater in the northern city of Chernihiv killed at least seven people, including a 6-year-old child, and injured 129, Ukrainian Interior Minister Ihor Klymenko said Saturday.
Russia-Ukraine war at a glance: what we know on day 542 of the invasion (the Guardian) Russia’s possession of nuclear arms is response to threats, Lavrov says; rise in Ukraine battlefield casualties brings total close to half a million
Russia-Ukraine war live: seven dead and more than 100 injured in Chernihiv attack (the Guardian) President Zelenskiy said a theatre and university were also damaged in the strike on the central square
Live Briefing: Russia Invades Ukraine (RadioFreeEurope/RadioLiberty) RFE/RL's Ukraine Live Briefing gives you the latest developments on Russia's ongoing invasion, Western military aid, global reaction, and the plight of civilians. The Live Briefing presents the latest developments and analysis, updated throughout the day.
Ukrainian Military Says Its Troops Continue Push To Sever Russia's Land Bridge To Crimea (RadioFreeEurope/RadioLiberty) The Ukrainian military says its forces continue to advance in the areas near the cities of Melitopol and Berdyansk after making gains on the southeastern front in their attempt to drive toward the Sea of Azov and cut off Russia's land bridge to Ukraine's Crimean Peninsula.
On the Front Line, Ukrainian Commanders Are Buoyed to Be on the Offensive (New York Times) Despite tough fighting and heavy casualties, Ukrainian commanders say their forces are in better shape now than just months ago, while Russian troops appear worse off.
Why Russia’s War in Ukraine Could Run for Years (Wall Street Journal) From Moscow to Washington, a lack of clear and achievable strategic goals points to a long conflict.
Ukraine running out of options to retake significant territory (Washington Post) Ukraine appears to be running out of options in a counteroffensive that officials originally framed as Kyiv’s crucial operation to retake significant territory from occupying Russian forces this year.
Troop Deaths and Injuries in Ukraine War Near 500,000, U.S. Officials Say (New York Times) Ukraine and Russia have lost a staggering number of troops as Kyiv’s counteroffensive drags on. A lack of rapid medical care has added to the toll.
Ukraine To Rely On Air Defense, Experience Of Power Engineers Throughout Winter - Danilov (MENAFN) The authorities are doing everything to improve its air defense network as much as possible as it's on this network and on power engineers with exper
Ukraine wants its people back – but first it needs glass for broken windows (the Guardian) Lack of glass is impeding efforts to rebuild and repopulate areas hit by Russian shelling such as the village of Shevchenkove
The Netherlands and Denmark will give F-16 fighter jets to Ukraine (Military Times) The Netherlands on Friday said the United States had given its approval to deliver Dutch F-16 fighter jets to Ukraine’s air force.
USAFE Boss: Ukraine Won’t Get the F-16 Until 2024—And Proficiency Will Take Years (Air & Space Forces Magazine) Ukraine will have basic F-16 capability in 2024, but proficiency will take at least four or five years, Air Force Gen. James B. Hecker said.
As Ukraine flies through artillery rounds, U.S. races to keep up (Washington Post) Washington has sent Kyiv millions of munitions, but restocking the arsenal and building new production lines remains a problem
Ukrainian soldiers to receive extra training on US Abrams tanks in Germany (Stars and Stripes) Hundreds of Ukrainian soldiers who have spent months in Germany learning to operate and maintain the most advanced U.S. battle tank are having their training extended at Kyiv’s request.
Russia recruited operatives online to target weapons crossing Poland (Washington Post) Russian spy agencies built a network of amateurs for operations including sabotage, assassination and arson — plots disrupted by Polish authorities
Moscow says US unwillingness to end Ukraine conflict (Mehr News Agency) TEHRAN, Aug. 19 (MNA) – The United States is unwilling to end the Ukrainian conflict, which is why it keeps talking about resolving it based on Ukrainian President Vladimir Zelensky’s "formula," Russian Foreign Minister Sergey Lavrov said.
Russia Got Ukraine's Nuclear Weapons. It Did Not Have to Be Like This (19FortyFive) A newly independent government in Kyiv was set to become the custodian of more nuclear weapons than those of China, the United Kingdom, and France put together. Years of wrangling about their control ensued. Recently released archival documents demonstrate the ironies that underlay successive attempts to disinherit Ukraine from this cache.
Invasion, War, And Mutiny (RadioFreeEurope/RadioLiberty) Analyst and author Mark Galeotti joins RFE/RL to discuss Moscow's war on Ukraine, its reverberations in Russia, and how it's related to the invasion of Georgia in 2008. Also on the agenda: the continuing aftermath of the Wagner mutiny.
Putin sets sights on re-election but cost of war can only grow (the Guardian) With defence spending booming, China onside and murky deals filling gaps left by sanctions, the Kremlin believes it can weather a damaged rouble, but will Russians stomach welfare cuts if they come?
The Week In Russia: The Dramatic Pace Of Regress (RadioFreeEurope/RadioLiberty) Russia’s invasion of Ukraine has killed more than 500 children -- possibly many more. A Kremlin foe, sentenced to 25 years in prison on a treason conviction after criticizing Putin and the war, draws parallels with the Stalin-era persecution of Russians branded “enemies of the people.”
First Ship To Use Ukraine's Black Sea Corridor Arrives In Istanbul (RadioFreeEurope/RadioLiberty) The Hong Kong-flagged container ship operated by a German firm left the Ukrainian part of the Black Sea on the evening of August 16, several hours after leaving the southern port of Odesa.
Russia’s Suspension of the Black Sea Grain Initiative Exposes Cracks in EU Solidarity (Wilson Center) A few weeks ago, Russia announced it is suspending its participation in the Black Sea Grain Initiative—the crucial UN agreement enabling continued exports of Ukrainian grain via the Black Sea.
Chinese Defense Minister Pushes Beijing's Global Security Blueprint During Trip To Russia, Belarus (RadioFreeEurope/RadioLiberty) Li Shangfu's stops in Moscow and Minsk saw him win support for the Global Security Initiative, the brainchild of leader Xi Jinping and Beijing's security alternative to the Western-led international order. Why is the Global Security Initiative catching on?
Russia Bans Entry To 20 Moldovan Officials After Chisinau Expels 45 Russian Diplomats (RadioFreeEurope/RadioLiberty) Russia has banned entry to 20 Moldovan officials following Moldova's "unfriendly" decision to expel 45 Russian diplomats and employees of the Russian Embassy.
Russia Puts International Criminal Court Prosecutor On Entry Ban List (RadioFreeEurope/RadioLiberty) Russia has banned entry to 54 British nationals, including Karim Khan, the chief prosecutor of the International Criminal Court (ICC), and journalists from the BBC and other media outlets in response to U.K. sanctions against its citizens and enterprises, the Foreign Ministry said on August 18.
Russia Limits Powers Of Interpol Claiming Its Actions Have Been 'Unfriendly' (RadioFreeEurope/RadioLiberty) Russia's Internal Affairs Ministry says it has limited the authority of Interpol, the world's leading international law enforcement organization.
Summit Old, Summit New (Graphika) Russia-Linked Actors Leverage New and Old Tactics in Influence Operations Targeting Online Conversations About NATO Summit
Pro-Kremlin Ideologue Urges Tajik Migrants To Embrace Orthodoxy (RadioFreeEurope/RadioLiberty) Pro-Kremlin political analyst Aleksandr Dugin, often seen as a spiritual influencer of President Vladimir Putin, has suggested that Tajik migrants consider embracing the Russian language and Orthodox faith
The Cultural Diplomacy of Excluding Russians from Public Spaces (Wilson Center) Given Russia's full-scale invasion of Ukraine, what is the Ukrainian cultural response, and why do Ukrainians often refuse to speak on the same stage with Russians?
Institutional Transformation and Cultural Decolonization in Ukraine (Wilson Center) Ukraine's decolonial processes entered an active phase with the full-scale invasion by Russia in February 2022, following eight years of partial occupation and hybrid warfare.
Storied Cossack Leader Mazepa Helps Ukraine Put Its Stamp On A Monastery Long Linked To Moscow (RadioFreeEurope/RadioLiberty) He fought against Russia more than three centuries ago. Now, as Ukraine tries to fight off a Russian invasion, Kyiv is invoking the name of Cossack leader Ivan Mazepa to consolidate control over a historic monastery long linked to the Russian Orthodox Church.
A Concertino from Hell (Wilson Center) Around the time of the summer solstice this past June, Ukrainian composer Roman Hryhoriv stepped before a string chamber orchestra and played an instrument that had never been heard in concert before: a Russian Uragan missile.
Russia shuts down human rights group that preserved the legacy of Nobel laureate Andrei Sakharov (AP News) Russian courts have ordered the liquidation of a human rights organization that preserved the legacy of Nobel Peace Prize laureate Andrei Sakharov and have ordered the detention of a prominent election monitor.
Russian court dissolves Sakharov Center, a prominent human rights group (Washington Post) A court in Russia on Friday ordered the dissolution of the Sakharov Center, an organization that ran a renowned museum and cultural space in Moscow, the Associated Press reported, amid an ongoing purge of human rights groups in Russia.
Russian Election Monitor's Co-Leader Ordered Into Pretrial Detention (RadioFreeEurope/RadioLiberty) The Basmansky district court of Moscow said on August 18 that the co-chairman of the Golos movement, Grigory Melkonyants, has been ordered into pretrial detention until October 17 on a charge of "running an undesirable organization," which carries a sentence of up to six years in prison.
Kremlin Critics Piontkovsky, Illarionov Among Latest Additions To Russia's Foreign Agent List (RadioFreeEurope/RadioLiberty) The Russian Justice Ministry on August 18 added seven more individuals to its foreign agents list, including prominent Kremlin critics Andrei Piontkovsky, Andrei Ilarionov, and Linor Goralik.
Young Children Interrogated By FSB Over Mother's Alleged Defamation Of Military (RadioFreeEurope/RadioLiberty) Russia's Federal Security Service (FSB) has interrogated two children -- a 9-year-old girl and a 10-year-old boy -- while investigating a criminal case related to their mother's alleged defamation of the Russian military.
Four Arrested After Soviet Army Monument Defaced In Sofia (RadioFreeEurope/RadioLiberty) A Soviet Army monument in the Bulgarian capital, Sofia, was defaced by a group of soccer fans late on August 17.
Russian women fear return of murderers freed to fight for Wagner (the Guardian) Concern that convicts re-entering society after stints in Ukraine will bring ‘wave of murder, rape and domestic violence’
Russian general who knew ‘secrets’ of Putin’s palace dies suddenly in prison (The Telegraph) One of Gennady Lopyrev’s main projects was to oversee construction of his leader’s Black Sea hideaway
US sanctions Russian operatives accused in the poisoning of Putin critic Alexei Navalny (The Hill) The U.S. on Thursday imposed sanctions and visa restrictions on four Russian intelligence operatives accused of direct involvement in the 2020 poisoning of Alexei Navalny, a Russian politician and corruption investigator who is one of President Vladimir Putin’s fiercest critics.
Paying the price of truth: Nobel peace laureate Dmitry Muratov won’t be silenced by Putin (the Guardian) The Russian newspaper editor speaks from Moscow in an exclusive interview as a new film biography charts his defiance of the Kremlin during the war in Ukraine
Report: Russian Minister's Wife Involved In Illegal Deportation Of Ukrainian Children (RadioFreeEurope/RadioLiberty) The Russian investigative group Proyekt (Project) said on August 21 that an organization led by Yelena Milskaya, the wife of Emergency Minister Aleksandr Kurenkov, was involved in the forced deportation of Ukrainian children to Russia last year.
Attacks, Threats, and Vulnerabilities
Suspected N. Korean Hackers Target S. Korea-US Drills (SecurityWeek) North Korea-linked hackers attempted a cyberattack targeting "Ulchi Freedom Shield", a joint military exercise between Seoul and Washington.
N. Korean Kimsuky APT targets S. Korea-US military exercises (Security Affairs) North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea military exercise. The news was reported by the South Korean police on Sunday, the law enforcement also added that […]
North Korean hackers target US-South Korea military drills, police say (The Economic Times) Suspected North Korean hackers have targeted a joint US-South Korea military exercise being held this week though classified information has not been compromised, South Korean police said on Sunday.
Cyber incident update
(auDA) Update on a claim that cyber criminals accessed auDA data.
Australia’s .au domain administrator denies data breach after ransomware posting (Record) The organization that manages Australia’s internet domain .au denied that it was affected by a data breach on Friday after a ransomware gang added it to their list of victims.
Hackers claim to have breached auDA (iTnews) Domain administrator investigating.
US warns space companies about foreign spying (Reuters) U.S. counterintelligence agencies on Friday warned the American space industry to guard against efforts by foreign intelligence entities to steal research and trade secrets as they try to boost their own countries' space programs.
Intelligence Agencies Warn Foreign Spies Are Targeting U.S. Space Companies (New York Times) U.S. officials say Chinese and Russian spy agencies are trying to steal technology from private American space companies and preparing cyberattacks that could disable satellites in a conflict.
US Warns Space Industry of Growing Risks of Spying and Satellite Attacks (Bloomberg) Bulletin comes after several recent attacks on satellites. Companies advised to establish insider-threat programs.
Foreign countries targeting tech from US space companies, intel agencies warn (The HIll) U.S. intelligence agencies warned private American space companies on Friday that foreign intelligence agencies are targeting the industry in efforts to steal or undermine critical technologies.
Pentagon urges US space companies to stay vigilant against foreign intelligence (TechCrunch) Investments, JVs or acquisitions could be vehicles for foreign adversaries to gain a foothold in the U.S. space industry, the Pentagon said.
Safeguarding the US Space Industry: Keeping Your Intellectual Property in Orbit (DNI) According to US financial sector estimates, the global space economy is projected to grow from $469 billion in 2021 to more than $1 trillion by 2030.
What To Do About The U.S. Intelligence Community Warning on Safeguarding The Space Industry (OODA Loop) The ODNI’s Counterintelligence Center (the National Counterintelligence and Security Center (NCSC) and the FBI and USAF have issued a joint bulletin designed to raise awareness of threats to the U.S. space industry. This bulletin conveys
Catching up with WoofLocker, the most elaborate traffic redirection scheme to tech support scams (Malwarebytes) This tech support scam is one of the most long running and covert ones we have ever seen.
WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams (The Hacker News) New WoofLocker sophisticated toolkit tricks users with fake tech support scams, leveraging advanced fingerprinting and redirection mechanisms.
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection (The Hacker News) Hackers are using sneaky compression methods in Android APK files to evade malware detection
Over 3,000 Android Malware Samples Using Multiple Techniques to Bypass Detection (Zimperium) On June 28th, Zimperium zLab researchers observed that Joe Sandbox published a tweet that mentioned an application package file (APK) that could not be analyzed from most of the anti-decompilation tools, but could be installed on Android devices whose OS version is above Android 9 Pie (API 28).
Another BlackCat ransomware variant spotted on the prowl (Register) Bad kitty, no catnip for you
Cyberattack on Energy One affects corporate systems in Australia and the UK (CSO Online) Global software provider disables links between corporate and customer facing systems as it investigates extension of cyberattack.
EOL Cyber Incident and Update - Energy One Limited (ASX:EOL) (Listcorp) Read the latest Company Administration General news from Energy One Limited (ASX:EOL)
IBM Security Guardium Flaw Let Attacker to Execute Arbitrary Commands (Cybersecurity News) A Command Injection vulnerability was recently discovered on IBM Security Guardium which allows threat actors to execute arbitrary commands on the affected system remotely.
‘Fake police, gold bars and drink-driving: How fraudsters took dad on a wild James Bond mission’ (The Telegraph) Katie Morley investigates: our reader’s vulnerable parent was taken for a ride
Here’s how World Cups have become a playground for cybercriminals (Citizen) Microsoft warned in order to safeguard against cybersecurity threats, sports, associations, teams, and venues must adopt protective measures
Hotmail email delivery fails after Microsoft misconfigures DNS (BleepingComputer) Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain's DNS SPF record.
Ransomware gang threatens Raleigh Housing Authority months after devastating attack (Record) A ransomware gang has started posting sensitive personal information connected to a devastating attack on the Raleigh Housing Authority (RHA) that disrupted the organization for weeks in May.
Finance Department Sent Every Employee Their Colleagues’ Personal Info (The City) The city’s tax collection agency accidentally shared the home addresses, cell phone numbers and personal email addresses of more than 1,700 workers with all those employees.
Hackers threaten patients after massive cyber attack on Israeli hospital (Databreaches.net) Lauren Marcus reports: Cybercriminals who obtained sensitive data regarding patients’ personal health are using the material as blackmail following a...
Cyberattack keeps hospitals' computers offline for weeks (WDIV) Key computer systems at hospitals and clinics in several states have yet to be turned back on more than two weeks after a cyberattack forced some emergency room shutdowns and ambulance diversions.
As ECHN cyberattack continues, patients have not been in danger (CT Insider) While some minor services have been disrupted at Prospect Medical Holdings facilities in the state due to an ongoing cyberattack, doctors and hospital officials say that life-saving measures are still in place.
'It has paralyzed our technology' Fix in the works after cyber attack shuts down local Multi-listing site (WLWT) Hackers have taken over the web site for the most comprehensive listing of homes for sale in Cincinnati, but there’s already an effort to find a solution.
Latitude Financial posts $98 million loss in cyber attack fallout (ABC) Trusted and independent source of local, national and world news. In-depth analysis, business, sport, weather and more.
Tesla's massive data breach in May affected more than 75,000 people, carmaker says (Business Insider) The "Tesla files" contained 100 gigabytes of confidential data, including employees' names and contact information.
Tesla begins notifying workers who were affected by data breach (Yahoo Finance) Tesla has begun notifying current and former employees whose information was included in a confidential data breach in May.
Tesla Data Breach Blamed on ‘Insider Wrongdoing’ Impacted 75,000 (Bloomberg) Tesla’s May data breach included employee-related records Tesla says two former employees shared info with Handelsblatt
How agents are working around the cyberattack that shut down MLS access in parts of 12 states (Chicago Agent Magazine) This month, cyberhackers attacked the MLS services provider Rapattoni, locking out an estimated 5% of agents across the U.S. from their MLSs.
WD refused to answer our questions about its self-wiping SanDisk SSDs (Verge) Months later, the company has nothing to say for itself.
Security Patches, Mitigations, and Software Updates
Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS (Cybersecurity and Infrastructure Security Agency CISA) Juniper has released a security advisory to address vulnerabilities in Junos OS on SRX Series and EX Series. A remote cyber threat actor could exploit these vulnerabilities to cause a denial-of service condition.
New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now (The Hacker News) JuniperNetworks released an "out-of-cycle" security patch for Junos OS. Attackers could remotely execute code by chaining these vulnerabilities.
Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions (The Hacker News) Google Chrome's upcoming version 117 plans to introduce a new security feature that will notify users after automatically removing malware extensions
Twitch will let streamers block banned users from watching streams (TechCrunch) Twitch's chat ban tools have been around for ages, but the platform is about to hand streamers a way to control who can watch a stream to begin with. In Twitch will soon let streamers prevent banned and blocked users from watching streams.
Trends
AI use rising in influence campaigns online, but impact limited - US cyber firm (Reuters) Google-owned U.S. cybersecurity firm Mandiant said it had seen increasing use of AI to conduct manipulative information campaigns online in recent years, though the technology's use in other digital intrusions had been limited so far.
Marketplace
Call for Applications Open for DataTribe’s Sixth Annual Cybersecurity Startup Challenge (Business Wire) Finalists split a $20,000 prize and winner is eligible for up to $2 million in seed financing
Gamma moves into security space with Satisnet buy (MicroscopeUK) Unified comms player moves to add security depth with addition of experienced MSSP
Alabama-based Sentar gets federal grant to boost cybersecurity for nuclear plants - UPI.com (UPI) A federal grant will help with the development of a proof-of-concept study targeting potential cybersecurity threats at the nation's nuclear power plants, Alabama-based Sentar said Thursday.
Palo Alto shares rise on earnings beat, surprising investors who worried about a Friday report (CNBC) Palo Alto's better-than-expected earnings report was a relief to investors who were concerned about potentially bad numbers due to a late Friday announcement
This AI Stock Darling Crashed Nearly 20% Just Because It’s Reporting Earnings On A Friday Afternoon (Forbes) Nobody likes working late on a Friday in August, not even Wall Street analysts, who described Palo Alto Networks’ earnings timing as “unprecedented.”
Palo Alto Networks slips ahead of controversial 'Friday Night Special' earnings report (The Street) Palo Alto Networks will publish a rare Friday-night earnings report following a muted outlook from cybersecurity rival Fortinet earlier this week.
Palo Alto Network’s Odd Summer Friday Report Has Wall Street Asking Why (Yahoo Finance) (Bloomberg) -- Palo Alto Networks Inc. investors are cautious ahead of the cybersecurity firm’s fiscal fourth-quarter results, which will be released at the highly unusual time of Friday after the market close.
Intel is laying off 226 people in Silicon Valley — dozens more than expected Email Share (Silicon Valley Business Journal) The semiconductor giant is laying off workers in San Jose and at its Santa Clara headquarters.
Rapid7 Restructures Amid New Focus On Partnerships (NASDAQ:RPD) (Seeking Alpha) Rapid7, Inc. reported Q2 2023 financial results, beating revenue and EPS estimates. Click here to find out why RPD stock is rated as a hold.
British Army Struggling to Recruit Cybersecurity Experts (Defense Post) The British Army’s attempt to bolster its cyber defense capabilities is facing a major obstacle.
Tammi Morton takes on Chief Security Officer role at UnitedHealth Group (Security Magazine) Experienced security executive Tammi Morton has been named the new Chief Security Officer at UnitedHealth Group.
Security startup Eclypsium adds well-known CFO to its ranks (Portland Inno) Portland startup Eclypsium has hired a well-known finance executive for a top job.
O’Melveny Welcomes Former SEC Regional Director Michele Wein Layne to its Los Angeles Office (O’Melveny) O’Melveny announced today that Michele Wein Layne, formerly the director of the Los Angeles Regional Office of the Securities and Exchange Commission (SEC), has joined the firm’s Los Angeles office as of counsel in its White Collar Defense & Corporate Investigations Practice Group.
Products, Services, and Solutions
New infosec products of the week: August 18, 2023 (Help Net Security) The featured infosec products this week are from: Action1, MongoDB, Bitdefender, SentinelOne and Netskope.
Versa Delivers New AI-Assisted Enhancements Across SASE, SD-WAN, Security Service Edge (SSE), Zero Trust Everywhere (ZTEA), and SD-LAN Products (Business Wire) Suite of AI Technologies Supporting All Products is Integrated into the Versa Unified SASE Platform
Exclusive Networks Announces Global Distribution Partnership with Thales (Exclusive Networks) Broadens existing presence across EMEA, APAC, and expands into North America
Axiad Offers Passwordless Authentication for Air Gapped and Critical Environments (MSSP Alert) Axiad brings passwordless authentication to air gapped and critical infrastructure environments that integrate Microsoft Security solutions.
IBM Extends Cloudflare Alliance to Combat Bots Using Machine Learning (Security Boulevard) IBM extends its alliance with Cloudflare to combat malicious bot attacks growing in volume and sophistication.
Sonatype Drives Intelligent Software Security with New Product Enhancements (GlobeNewswire News Room) Company Unveils Boosted Product Capabilities and Evolved Platform to Meet Continuing Demand for Software Supply Chain Security Solutions...
Rubrik Brings Power of AI to VMware Customers to Accelerate Cyber Recovery (Rubrik) Data security leader announces generative AI capabilities to further bolster organizations’ cyber resilience.
Technologies, Techniques, and Standards
From cyber strategy to Implementation: what CEOs and boards need to Know (The Harvard Law School Forum on Corporate Governance) The federal government on July 13 launched the implementation plan for its National Cybersecurity Strategy, just four months after releasing the ...
SEC Cybersecurity Rules: Considerations for Incident Response Planning (Holland & Knight) New Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules (Final Rules) adopted by the U.S. Securities and Exchange Commission (SEC) become effective Sept. 5, 2023.
Space ISAC Publishes White Paper on Machine Learning Security Operations Framework (Executive Gov) Looking for the latest Government Contracting News? Read about Space ISAC Publishes White Paper on Machine Learning Security Operations Framework.
Italian hackers win on-orbit satellite hack challenge (Interesting Engineering) Hack-a-Sat is a cyber challenge to test satellite security and find hidden flags in programs or websites with intentional flaws.
What are you thinking? Some Nation States Might Want to Know (Defending Digital Campaigns) Recently, it was reported that the email of the US Ambassador to China, the Secretary of Commerce, and a GOP Congressman was hacked by the Chinese. These announcements follow the revelation of email compromises leading up to recent diplomatic activities with China. According to reporting by
4 ways simulation training alleviates team burnout (Help Net Security) Simulation training turns mistakes into learning opportunities and enhances an organization's security readiness.
Haggling With Hackers: Surprising Lessons From 50 Negotiations With Ransomware Gangs (PCMAG) Ransomware negotiations are usually shrouded in secrecy, but some security experts think that we should make them public and analyze them to glean insights. So that's exactly what we did.
How to Protect Against Nation-State APT Attackers Leveraging Mobile Users (Dark Reading) In this Dark Reading News Desk segment, Lookout Mobile Security's Justin Albrecht discusses APT attacks targeting mobile users.
Visibility Is Just Not Enough to Secure Operational Technology Systems (Dark Reading) Visibility is just the first step to secure your operational technology environment against today's threats. You need a proactive, defense-in-depth approach.
Academia
NSA funding Metro State cybersecurity clinic to protect Minnesota small businesses (Star Tribune) A grant from the NSA will fund cybersecurity consulting for Minnesota organizations that are especially vulnerable to cyberattacks.
Competition at annual tech conference lets local students show their cyber skills (Augusta Press) Cyber skills are proving to be a competitive draw for local students, as schools nurture teams of curious young coders, programmers and techies to compete on a national level.
A community college aims to get its students job experience — and fight digital criminals (Arizona Republic) When Glendale Community College officials told Martin Bencic that a moratorium was planned for its cybersecurity program, he felt dread.
Expert: UK cyber security programme for students is “excellent” introduction to the field (ITPro) Through Cyber Explorers, DSIT and the NCSC aim to empower youths and prevent them from going down the path of hacking
Legislation, Policy, and Regulation
America’s Tech Giants Rush to Comply With New Curbs in Europe (Wall Street Journal) Some of the impact will hit right away, changing how users scroll, search and shop online.
Strong practical help for firms hit by cyberattack (Australian Financial Review) Firms and public agencies hit by cyberattacks are being promised a quick, compassionate and discreet response, aimed at minimising harms, says cyber defence leader, Abigail Bradshaw
Editorial: Public understanding a prerequisite for Japan's 'active cyber defense (The Mainichi) Japan needs to bolster preparedness against cyberattacks from other countries. But thorough implementation of countermeasures could result in a violat
G20 ministers agree on treating cyber security as a global problem (Business Standard) According to him, there was a lot of consensus on cyber security, where everyone agreed that this is a problem that the entire world has to face together
High costs will not deter Germany from removing Huawei parts (South China Morning Post) The German Interior Minister said she will not be deterred by the high cost of removing Chinese gear from the country’s 5G telecoms network if it is in the best interests of national security.
Nepal takes strides against cybercrime (Khabarhub) The Government of Nepal, on August 9, endorsed the National Cyber Security Policy 2023, marking a significant milestone as the country enacted its inaugural legislation aimed at combating cybercrime. The policy delineates forthcoming strategies, operational guidelines, objectives, and plans pertaining to cyber security, with a primary emphasis on creating a secure digital landscape for users. […]
Biden Order Could Hit Chinese VC Firms Run by Americans (The Information) Some of China’s most prominent venture capitalists are U.S. citizens or green-card holders. That could soon become a problem for their firms. President Joe Biden’s executive order last week, limiting certain American investments in China, could also curtail the activities of Chinese investment ...
Council Post: Why Technology, Not More Legislation, Is The Answer For Cybersecurity (Forbes) Medium-to-large-sized organizations seem particularly vulnerable to cyberattacks because they have suppliers, contractors and third-party vendors.
The Battle to Ban TikTok and the Man at the Center of It (Wall Street Journal) Montana Attorney General Austin Knudsen helped start a case that he thinks could make its way to the Supreme Court.
Litigation, Investigation, and Law Enforcement
Jordan requests interviews with former Twitter safety chief, DHS official in censorship probe (The Hill) Rep. Jim Jordan (R-Ohio) sent letters Friday to the former Twitter safety chief and the Department of Homeland Security’s former cybersecurity director, requesting interviews with the two as the House Judiciary Committee continues its investigation into alleged social media censorship by the federal government.
Germany Hunts for Cyber Criminals Amid Billion-Euro Scams (Bloomberg Law) Online trading fraud is a rapidly growing global problem. In the US, the Federal Bureau of Investigation estimates that such scams stole $3 billion last year; Equivalent amounts are being harvested in rich European nations. Tackling the gangs is difficult because they work across borders and change the forms of their deceptions frequently to evade detection.
Cybercrime: 14 arrests, thousands of illicit cyber networks disrupted in Africa operation (INTERPOL) Networks identified linked to financial losses of more than USD 40 million
African Cybercrime Operations Shut Down in Law Enforcement Operation (Dark Reading) Interpol- and Afripol-led crackdown disrupts cybercrime ecosystem responsible for some $40 million in losses to victims.
Interpol arrests 14 suspected cybercriminals for stealing $40 million (BleepingComputer) An international law enforcement operation led by Interpol has led to the arrest of 14 suspected cybercriminals in an operation codenamed 'Africa Cyber Surge II,' launched in April 2023.
Northern Irish police make another arrest after data breach (Reuters) A 50-year-old man has been arrested as part of an investigation linked to last week's accidental breach of sensitive data which likely left militant groups in possession of the details of Northern Ireland police, a senior officer said on Friday.
Man, 50, will appear in court following major data breach at PSNI (The Independent) The man has been charged with possessing documents or records likely to be useful to terrorists and possession of articles for use in terrorism.
PSNI data breach: Man charged over documents linked to FoI (BBC News) A 50-year-old man is charged with possessing documents or records likely to be useful to terrorists.
Man charged with terrorism offences after Northern Ireland police data breach (the Guardian) Fifty-year-old charged with two counts of possessing documents for use in terrorism or likely to be useful to terrorists
Sixteen-year-old among five arrested for HK$300,000 phishing scams (The Standard) A 16-year-old teenager was among five people arrested in connection to 12 phishing scams valued at about HK$300,000. The arrests came between Tuesday and Wednesday as police found that victims ha...
FBI Confiscated Nearly $2M Worth of Crypto Between March and May 2023: Report (CryptoPotato) Bitcoin, Ether, Tether, Monero and Dai are some of the crypto-assets seized by FBI in a period of three months.
University of Rochester Facing Suit Over MOVEit Data Breach (1) (Bloomberg Law) The University of Rochester failed to protect the personal information of more than 88,000 people that was exposed in a May data breach involving Progress Software’s MOVEit file-transfer application, a proposed federal class action said.
X Corp Lawsuits Target Data Scraping (The National Law Review) X Corp (formerly Twitter) has cracked down on data scrapers in a series of lawsuits filed within the last several weeks. One lawsuit targets an Israel-based research firm that provides commercial data