Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+550: Ukraine advances in Zaporizhia. (CyberWire) Various sources report that Ukraine has broken through Russian defenses in Robotyne, southern Zaporizhia oblast, and is continuing a slow advance toward objectives on the Sea of Azov. Russian hacktivist auxiliaries have briefly disrupted some trains in Poland.
Ukraine offensive to speed up as forces break through Russia’s strongest line of defence (The Telegraph) Russian troops under pressure as Kyiv’s battle in the south takes hold with Western-trained brigades joining in the assault
Russia-Ukraine war: List of key events, day 551 (Al Jazeera) As the war enters its 551st day, these are the main developments.
Russia-Ukraine war live: Poland ‘will close Belarus border’ if there is incident with Wagner; Ukraine troops pushing south (the Guardian) Poland and Baltic states demand mercenary group leaves Belarus; Ukraine says it has liberated village of Robotyne as counteroffensive continues
Russia-Ukraine war at a glance: what we know on day 550 of the invasion (the Guardian) Kremlin orders Wagner fighters to sign oath of allegiance; three Ukrainian pilots die in mid-air collision
Zelenskiy Predicts 'Powerful September' As Ukraine Fends Off Latest Russian Air Attacks (RadioFreeEurope/RadioLiberty) Ukrainian President Volodymyr Zelenskiy said he expects “a powerful September for Ukraine,” including key decisions from Western allies regarding the provision of important weapons and equipment.
'Ukraine Has Retaken The Initiative From The Enemy,' Says Former Top NATO Officer Di Paola (RadioFreeEurope/RadioLiberty) With its counteroffensive, Ukraine has regained the initiative as it battles invading Russian forces says former NATO top official Giampaolo Di Paola, but that its lack of air supremacy is the “most significant missing element.”
U.S. Joint Chiefs' Gen. Milley cites Ukrainian counteroffensive 'breakthrough' (UPI) Ukrainian military forces are making progress in their counteroffensive against Russia on the battlefield, breaking through an important defensive line, according to a top U.S. military official.
Ukraine offensive to speed up as forces break through Russia’s strongest line of defence (The Telegraph) Russian troops under pressure as Kyiv’s battle in the south takes hold with Western-trained brigades joining in the assault
Opinion How the U.S. sees Ukraine’s push: No stalemate, but no breakthrough (Washington Post) As Biden administration officials assess Ukraine’s slow progress in this summer’s counteroffensive, they have been candidly discussing with Kyiv what they see as “lessons learned.” The bottom line for the administration is that this war will probably grind into next year — and that the United States and its allies must remain steadfast in helping Ukraine keep pushing forward.
Russia shells northern Ukraine as UK warns of second Russia takeover (Military Times) U.K. military intelligence on Saturday assessed that Russia may “increase the intensity of its offensive efforts” around Kupiansk and nearby Lyman.
Russia sends in elite troops to halt Ukrainian counter-offensive (The Telegraph) The Kremlin's deployment of paratroopers to the front line appears to be aimed at preventing Kyiv's forces from making a breakthrough
Russia-Ukraine war at a glance: what we know on day 549 of the invasion (the Guardian) Lukashenko says Prigozhin dismissed warnings about threats to his life; Kremlin denies being behind plane crash; flight recorders and 10 bodies recovered
Wider Europe Briefing: A New EU Push For More Military Aid To Ukraine (RadioFreeEurope/RadioLiberty) I'm RFE/RL Europe Editor Rikard Jozwiak, and this week I'm looking at EU talks in Spain on how to boost Ukraine's military and unpacking the eventful "EU enlargement" summit in Athens.
Russia-Ukraine war live: Putin orders Wagner fighters to sign oath of allegiance to the state (the Guardian) Decree published on Kremlin website obliges anyone working on behalf of the military in Ukraine to swear a formal oath of allegiance
All Major Moscow Airports Temporarily Shut As Another Drone Attack Reported In Russian Capital (RadioFreeEurope/RadioLiberty) Russia reported a new drone attack on Moscow early on August 26, prompting authorities to temporarily suspend operations at all three major airports in the Russian capital.
Black Sea fleet base hit in ‘largest ever’ drone attack on Crimea (The Telegraph) Ukrainian mayor of Melitopol says 300 Russian troops have been taken to hospital in nearby Simferopol
Russia Officially Confirms Prigozhin’s Death (New York Times) Russian investigators said genetic tests showed that the Wagner chief, Yevgeny V. Prigozhin, who led a brief mutiny against Moscow’s military leadership, was among the victims of a plane crash last week.
Russia confirms Wagner chief Prigozhin’s death after DNA tests (Washington Post) Russian investigators confirmed Sunday that Wagner mercenary leader Yevgeniy Prigozhin and top leaders of the group were killed when his plane crashed in the Tver region of Russia, announcing the results of DNA testing on the bodies of victims.
Kremlin denies role in plane crash believed to have killed Russian mercenary leader Prigozhin (AP News) President Vladimir Putin’s spokesperson, Dmitry Peskov, has rejected allegations that the Kremlin was behind a plane crash that is presumed to have killed mercenary leader Yevgeny Prigozhin.
Kremlin denies killing Yevgeny Prigozhin in plane crash (the Guardian) Spokesperson says western claims that Vladimir Putin was behind assassination are ‘an absolute lie’
Twenty years of ruthlessness: how Russia has silenced Putin’s opponents (the Guardian) From poisonings to shootings to falls from windows and now possibly plane crashes, Kremlin has been accused of numerous lethal attacks
The Last Hour of Prigozhin’s Plane (WIRED) Russia tightly controls its information space—making it hard to get accurate information out of the country. But open source data provides some clues about the crash.
Putin Signs Decree Obliging Paramilitary Fighters To Swear Oath To Russian Flag (RadioFreeEurope/RadioLiberty) Two days after the presumed death of Wagner mercenary group leader Yevgeny Prigozhin, Russian President Vladimir Putin has signed a decree obliging paramilitary troops to swear an oath to Russia's national flag.
Putin orders all mercenaries to pledge allegiance to Russia (The Telegraph) The new oath is to ensure that all Russian soldiers ‘strictly follow the orders of commanders and superiors’
Mercenary fighters led by Russian intelligence likely successor for Wagner Group after Prigozhin’s death (New York Post) The most likely candidate to take over Wagner’s missions and business assets is Redut, a mercenary group controlled by Russian intelligence which began as an arrangement between oligarchs wit…
Lukashenka Says 'Core' Of Wagner Fighters Will Remain In Belarus (RadioFreeEurope/RadioLiberty) Belarus's authoritarian leader Alyaksandr Lukashenka said the “core” of the Wagner mercenary group -- about 10,000 fighters -- will remain in his country in his first comments since the presumed death of the organization’s leader, Yevgeny Prigozhin, in a suspicious plane crash in Russia.
Inside ambitious mercenary outfit Redut, the Wagner rival linked to the Russian spy services (The Telegraph) With Yevgeny Prigozhin dead, several private 'security' firms are emerging as successors to a group notorious for entering conflict zones
Before Prigozhin’s death, Wagner was fighting on Russia’s behalf in Africa. What happens now? (the Guardian) From securing resources to destabilising western influence, the mercenary group’s activities hang in the balance, says writer Dino Mahtani
Yevgeniy Prigozhin, Russian mercenary leader who became Putin foe (Washington Post) The head of the Wagner Group, he broke with the Russian autocrat in June and attempted a wartime rebellion. He is believed to have died at 62 in a plane crash.
Patriot, traitor, martyr … legacy of Prigozhin is still unwritten (the Guardian) The mercenary leader’s reputation as patriot, martyr or traitor will be dictated by two linked factors – Putin and the result of the war
Obituary: Yevgeny Prigozhin, Mercenary Leader Whose Mutiny Was 'Stab In The Back' For Putin (RadioFreeEurope/RadioLiberty) Yevgeny Prigozhin, the Russian mercenary leader whose brazen rebellion posed the biggest challenge to Vladimir Putin in his more than two decades in power, died in a plane crash on August 23, according to investigators. He was 62.
What Prigozhin's Death Reveals About Putin's Power in Russia (Time) With the likely killing of Yevgeny Prigozhin, Putin reasserted his power, but Russian history offers lessons on violence
The (Purported) Death Of Prigozhin: Five Questions On What Comes Next (RadioFreeEurope/RadioLiberty) With the mutinous mercenary leader Yevgeny Prigozhin presumed dead in a plane crash and fingers pointing at the Kremlin, what does his purported demise mean for Russia, Putin, the generals, the war in Ukraine, and the fate of Wagner? Here are five things to watch for in the coming days and weeks.
Migrants Reportedly Being Forced To Sign Contracts With Defense Ministry To Obtain Russian Citizenship (RadioFreeEurope/RadioLiberty) Rights activists says migrants from Central Asian countries are being pressured into signing contracts with Russia's Defense Ministry as the Kremlin tries to bolster the pool of recruits to help fight its war against Ukraine.
Putin has just become even more dangerous (The Telegraph) Seizing control of Wagner will give the Russian state the ability to extend its war against the West
The real origins of Putin's war (The Spectator) In 1992, Richard Nixon assessed the future of Russia in a remarkably prophetic interview. ‘Russia is at a crossroads’, said the former US President: It is often said the cold war is over and the West has won. But that is only half of the truth. Communism has been defeated but the ideas of freedom
The Ukraine war, propaganda-style, is coming to Russian movie screens. Will people watch? (AP News) The Russian authorities have announced an endeavor to boost production of movies glorifying Moscow’s actions in Ukraine this year.
Russia Pushes Long-Term Influence Operations Aimed at the U.S. and Europe (New York Times) A newly declassified American intelligence analysis says Russian spy agencies are using influence laundering techniques to hide the Kremlin’s involvement in cultivating pro-Russia and anti-Ukraine messages.
Newly declassified US intel claims Russia is laundering propaganda through unwitting Westerners (CNN Politics) Russian intelligence is operating a systematic program to launder pro-Kremlin propaganda through private relationships between Russian operatives and unwitting US and western targets, according to newly declassified US intelligence.
Poland investigates cyber-attack on rail network (BBC News) Hackers briefly disrupted some train services, amid suggestions that the attack came from Russia.
Poland investigates hacking attack on state railway network (Reuters) Poland's domestic security agency is investigating a hacking attack on the country's railway network which led to traffic disruption overnight, the state-run Polish Press Agency reported on Saturday.
Hackers bring down Poland’s train network in massive cyber attack (Ticker News) Polish intelligence agencies are currently conducting an investigation into a cyberattack that targeted the country’s railway infrastructure, according to reports from Polish media. The incident, which occurred overnight, involved hackers gaining unauthorized access to railway frequencies, resulting in disruptions to train services in the northwestern region of Poland. The Polish Press Agency (PAP) revealed that […]
The Cheap Radio Hack That Disrupted Poland's Railway System (WIRED) The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.
Russian delegate storms out of G20 summit after ‘corrupt Putin’ comment (The Telegraph) Tom Tugendhat at centre of diplomatic ‘walkout’ that led Kremlin representative to call London ‘a hive of corruption’
Senior EU Official Calls On Russia To Renew Black Sea Grain Deal (RadioFreeEurope/RadioLiberty) A senior European Union official urged Russia on August 26 to renew a grain deal to allow the safe export of Ukrainian grain through Black Sea ports, after Moscow quit the agreement last month.
Russian Ultra-Nationalist Detained In Finland On Ukraine's Request (RadioFreeEurope/RadioLiberty) Finnish media reports on August 25 said police have detained Yan Petrovsky, a Russian ultra-nationalist and former commander of the Rusich saboteur group that fights alongside of Russia's armed forces against Ukraine.
Russian Who Worked At U.S. Consulate In Vladivostok Accused Of Spying For Washington (RadioFreeEurope/RadioLiberty) Russia's top domestic security agency said a detained former employee of the U.S. Consulate in Vladivostok is accused of collecting information about Russia's action in Ukraine and related issues for U.S. diplomats.
Attacks, Threats, and Vulnerabilities
Tunisia says diplomatic missions face ‘suspicious’ cyber campaigns (AA) Foreign Ministry did not specify content of these social media campaigns - Anadolu Ajansı
Unveiling CVE-2023-3519 : Citrix ADC & Gateway Vulnerability Analysis (CYFIRMA) EXECUTIVE SUMMARY A critical unauthenticated remote code execution vulnerability, denoted as CVE- 2023-3519, has been exposed within the architecture of...
U.S. Sounds Alarm on China's Leading Ship Logistics Software LOGINK (gCaptain) This article discusses US warnings about the risks posed by shippers using China's LOGINK software in the maritime, port and logistics sectors. With the U.S. raising concerns over cyber threats and data security, delve into the strategic implications of China's growing influence in global shipping and trade.
North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw (SecurityWeek) North Korea-linked Lazarus Group exploited a ManageEngine vulnerability to compromise an internet backbone infrastructure provider.
Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure (Help Net Security) Lazarus Group has exploited a ManageEngine ServiceDesk vulnerability to target internet backbone infrastructure and healthcare institutions.
Cyber scams keep North Korean missiles flying (Radio Free Asia) A team of hackers enables Kim Jong Un’s strategic ambitions, despite international sanctions.
MOVEit, the biggest hack of the year, by the numbers (TechCrunch) The mass-exploitation of MOVEit file transfer servers — the largest hack of the year so far — now affects at least 60 million people.
First Farmers Bank & Trust Announces Third-Party Data Breach Involving Vendor’s Use of MOVEit (JD Supra) On August 15, 2023, First Farmers Bank & Trust (“FFBT”) filed a notice of data breach with the Attorney General of Maine after discovering that an...
Lockbit leak, research opportunities on tools leaked from TAs (SecureList) In September of 2022, multiple security news professionals wrote about and confirmed the leakage of a builder for Lockbit 3 ransomware. In this post we provide the analysis of the builder and recently discovered builds.
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants (The Hacker News) The leak of LockBit 3.0 ransomware builder has led to the emergence of various new cyber threats: Bl00dy, Buhti, and NATIONAL HAZARD AGENCY.
Updated Kmsdx botnet targets IoT devices (Security Affairs) Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices.
Updated Kmsdx Binary Shows KmsdBot Is Targeting the IoT Landscape (Akamai) The Akamai Security Intelligence Response Team (SIRT) has continued to track the KmsdBot malware campaign, which has revealed an updated Kmsdx binary targeting Internet of Things (IoT) devices.
Bkav's warning: New malware steals Facebook business accounts (VietNamNet News) Cybersecurity firm BKAV warned of the new malware that has been stealing Facebook business accounts.
Un prestataire de Pôle emploi victime d’un acte de cyber-malveillance (Pôle Emploi) En fin de semaine dernière, Pôle emploi a pris connaissance de la violation du système d’information d’un de ses prestataires impliquant un risque de divulgation de données personnelles de demandeurs d’emploi. Des investigations sont en cours chez le prestataire pour connaître l’origine de cet évènement. La sécurité des systèmes d’information de Pôle emploi n’est pas en cause.
Data breach at French govt agency exposes info of 10 million people (BleepingComputer) Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals.
Claimant Data Breached in Genesis, FTX and BlockFi Bankruptcy Cases (Wall Street Journal) Claims agent Kroll says hackers accessed information after T-Mobile attack.
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors (BleepingComputer) Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants.
Crypto investor data exposed by a SIM swapping attack against a Kroll employee (Security Affairs) Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees.
Kroll Employee SIM-Swapped for Crypto Investor Data (KrebsOnSecurity) Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are…
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack (The Hacker News) Kroll reveals an employee's T-Mobile account was compromised due to a sophisticated SIM swap attack.
FTX bankruptcy handler Kroll discloses data breach (The Stack) The company handling bankruptcy claims for FTX investors has suffered a data breach that included personal information about its clients
A Brazilian phone spyware was hacked and victims’ devices 'deleted' from server (TechCrunch) The Portuguese-language spyware app has been used to compromise over 76,000 devices to date, the leaked data shows.
CloudNordic Faces Severe Data Loss After Ransomware Attack (Hackread) While facing a total loss of internal infrastructure and customer data, CloudNordic has declined to pay the ransom.
CloudNordic loses most customer data after ransomware attack | TechTarget (Security) Danish cloud host CloudNordic said a majority of customers 'lost all data' after it was devastated by a ransomware attack.
Huge cyberattack disables telescopes in Hawaii and Chile (Interesting Engineering) Around ten National Science Foundation-funded space telescopes in Chile and Hawaii have been offline for around two weeks by a curious cyberattack.
Rapattoni Cyber Attack Disrupts The Real Estate Industry (CPO Magazine) A cyber attack on a multiple listing service (MLS) has disrupted real estate operations nationwide in the US.
Prospect Medical stolen data listed for sale by emerging ransomware group (Cybersecurity Dive) Rhysida claims it stole more than 500,000 Social Security numbers, financial, legal and medical files. And it’s all for sale on the dark web.
29,000 affected in TUSD data breach (TucsonSentinel.com) Cybersecurity investigators contracted by Tucson Unified School District concluded approximately 29,000 people may have had personal information compromised during a network breach in January, 2023, and the district has set up a response line to help those affected.
Personal information at risk after cyber attack on Prince George's County Public Schools, officials respond with protective measures (WJLA) Prince George's County Public Schools announced that due to a cyber attack, the personal information of those impacted may be leaked.
IT Contractor Data Breach Affects 47,000 Met Police Personnel (Hackread) The Metropolitan Police Force faces a major security crisis as the contractor’s IT system is breached.
London Metropolitan Police IT supplier exposes data of 47,000 police officers in a breach (teiss) The London Metropolitan Police Force confirmed that cybercriminals breached the IT systems of a third-party supplier over the weekend, leading to the unauthorized acquisition of sensitive data concerning police force employees.
Met warrant cards hackers stole details from had been replaced at cost of £500k (The Sun) MET Police warrant cards at the centre of a huge data breach had been replaced as part of a security drive, The Sun can reveal. The force spent £467,587 on the cards and civilian passes, a Freedom …
Met should thoroughly investigate cyber security practices, say experts (Alloa and Hillfoots Advertiser) Scotland Yard said it was made aware of ‘unauthorised access to the IT system of one of its suppliers’.
Pepe confirms former team members stole $15 million from multisig wallet (The Block) Pepe said three former team members stole approximately 16 trillion Pepe tokens ($15 million) from the project’s multisig wallet.
Ivanti and Veeam bugs fall under attack (The Stack) CISA has sounded the alarm over a pair of actively targeted vulnerabilities in Ivanti and Veeam software
Security Patches, Mitigations, and Software Updates
Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software (Security Affairs) Cisco addressed three high-severity flaws in NX-OS and FXOS software that could cause denial-of-service (DoS) conditions.
Trends
Healthcare Governance Body Warns Hospitals Face Debilitating Cyberattacks (Wall Street Journal) Hospitals should prepare for downtime of a month or more, according to new cybersecurity guidelines from the Joint Commission.
Cyberattacks against governments are rising (AtlasVPN) According to the data presented by the Atlas VPN team, cyberattacks on government agencies around the world are increasing.
Hackers are watching your startup. Not many are prepared for the attack (Sifted) French unicorn Ledger once leaked a million customer email addresses — a worst-case scenario that many startups are at risk of.
Netskope CEO Sanjay Beri - AI bubble is partly hot air, and that is bad news for enterprise security (diginomica) Pricking the air bubble of a market, AI, that is noisy for a reason.
Social media algorithms fuel rise in public apologies (Axios) There has been a steady stream of public apologies coming from major beer brands, reality TV stars, tone-deaf bosses and even private individuals who go viral during their worst moments.
Americans’ Experiences with Fraud and ID Theft Data 2023 - IPX1031 (IPX1031 - Investment Property Exchange Services, Inc.) New survey data from IPX1031 provides insights into Americans’ experiences with fraud and identity theft and the steps they’re taking to protect themselves.
Marketplace
Honeywell to Acquire SCADAfence | TankTerminals (TankTerminals) Honeywell has announced it has agreed to acquire SCADAfence, a leading provider of operational technology (OT) and Internet of Things (IoT) cybersecurity solutions for monitoring large-scale networks.
Cyber Startup Wiz Is Weighing Potential Bid for SentinelOne (Bloomberg) Wiz, last valued at $10 billion, would need capital for deal. Startup has approached bankers to discuss possibility.
Parsons Beefs Up Cyber Capabilities With Acquisition Of Sealing Technologies (Defense Daily) Parsons Corp. on Wednesday said it has acquired Sealing Technologies, inc. for upward of $200 million in a deal that strengthens its capabilities in
Owl Cyber Defense Acquires Cloud Cyber Security Company (GlobeNewswire News Room) Owl has acquired Big Bad Wolf Security, a firm specializing in cloud cyber security and extending cross domain solutions into the cloud...
Recorded Future Announces Strategic Investment in Hunt.io (PR Newswire) Recorded Future, the largest threat intelligence company, today announced a strategic investment in advanced adversary hunting company Hunt.io...
Darktrace shines brighter after auditors’ findings (Times) Since Darktrace’s initial public offering in 2021, many investors in the City have felt a sense of unease given its links to the former Autonomy boss Mike Lynch
3 Tailwinds Driving Palo Alto Networks To Fresh Highs (ValueWalk) Just as it looked like shares of Palo Alto Networks (NASDAQ:PANW) were on the verge of topping July’s all-time high earlier this month
The rise of single-vendor SASE: Palo Alto Networks takes the lead (SDxCentral) Gartner’s first-ever Magic Quadrant for Single-Vendor SASE sheds light on the adoption state, competitive landscape, trends and its future.
IBM Security is holding a strong promising position in the US Security Testing Market; can it keep its dominance? (openPR.com) The International Business Machine Corporation IBM is a multinational technology company excelling in security testing with inclusion of protocols such as cloud testing Iot testing and many more With a market value of US 60 Bn this giant has been ...
Cybersecurity 101: How to Start Your Career? (Analytics Insight) Uncover the keys to success in this ever-evolving field and secure your path to a promising cybersecurity profession. Read on!
Expel Appoints Seasoned Hyper-Growth Chief Product Officer to Leadership Team (Expel) Herndon, VA, August 28, 2023 – Expel, the security operations provider that aims to make security easy to understand, use, and improve, today announced the addition of Yonni Shelmerdine to its leadership...
Products, Services, and Solutions
Styra Announces New Capabilities for Enterprise OPA Users, Making its Enterprise-Grade Decision Engine Source Available (Benzinga) Enterprise OPA continues to reduce infrastructure costs and increase authorization performance while giving customers more agility to meet their unique needs Styra, Inc., the creators and maintainers of Open Policy
Fortinet to offer free cybersecurity awareness training for every teacher in Australia (iTWire) Nicole Quinn, head of government affairs, APAC, Fortinet, said, “Fortinet Australia is proud to bring our Information Security Awareness and Training service at no cost to every public and private school in Australia. Building on our successful rollout in the United States, we are thri...
Trulioo enhances identity verification with “person match” intelligent routing (CSO Online) Workflow Studio accelerates global person matching through personally identifiable information (PII) and identity documents.
RTX to deliver 5G mobile ad hoc networks to the tactical edge (RTX) RTX's (NYSE: RTX) BBN division will lead a team to create multi-hop mobile ad hoc networks, or MANETs, for the Department of Defense. The technology will allow forward-deployed service members with 5G equipment to communicate directly without the need for a complex 5G infrastructure.
Pax8 brings Cyrisma into the security stack (Channel Asia) Pax8 has continued to build upon its cloud marketplace with the addition of risk management platform Cyrisma.
NordLabs: NordVPN Unveils New Platform for Emerging Tech (VPNOverview.com) NordVPN has launched a new platform called NordLabs, which will be dedicated to experimental projects using emerging technologies like AI.
Fortinet Expands its SASE Solution to Bring Cloud-Delivered Enterprise-Grade Protection to Microbranches (Fortinet) FortiSASE integration with Fortinet WLAN portfolio enables more options to securely connect remote workers and distributed edges; Digital experience monitoring innovations ensure optimal user experience end to end
Technologies, Techniques, and Standards
Tor tweaks onion routing software to fend off DDoS attacks (Register) No miners were involved in this story
Health Industry Cybersecurity Information Sharing Best Practices (HIC-ISBP) (HIC-ISBP) Information-sharing program produces significant benefits
CISA: Public researchers tipped feds to 1,300 ‘valid’ vulnerabilities last year (SC Media) The agency says 1,119, or approximately 85%, of those bugs have been remediated thus far, and it took agencies 38 days on average to fix or address flaws reported through its Vulnerability Disclosure Policy Platform.
U.S. conducts first Hunt Forward Operation in Lithuania (U.S. Cyber Command) At the invitation of the Lithuanian government, U.S. Cyber Command’s Cyber National Mission Force deployed a hunt forward team to conduct defensive cyber operations alongside partner cyber forces,
Academia
As cyberattacks rise, officials urge schools to take precautions (Eagle-Tribune) When the Concord School District experienced a cybersecurity attack in 2016, Pamela McLeod was the director of technology. The aftermath, she recalled, was crushing.
Marshall professor named head coach of US Cyber Team (Herald-Dispatch) Marshall University’s Dr. Josh Brunty, a faculty member in Cyber Forensics & Security, has been named head coach of the US Cyber Team, a team of talented cybersecurity athletes, coaches, and industry leaders put together by the US Cyber Games to represent the United States in global cybersecurity competitions.
Elmhurst U. Named a CyberPatriot Center of Excellence (Elmhurst University) The U.S. Air Force Association recently designated Elmhurst University a CyberPatriot Center of Excellence.
Metro State University launches new cybersecurity clinic to protect local businesses and non-profits from hackers (kare11.com) The National Security Agency recently awarded Metro State University a $1.45 million grant to start a cybersecurity clinic on campus.
Concord offering degree in cybersecurity (Beckley Register-Heralds) This fall Concord University is offering a new Bachelor of Science in Cybersecurity designed to give students a thorough understanding of the core tenets of cybersecurity, effective
New cyber range coming to Utica University (Spectrum News 1) There will be 20 mobile computing stations.
Schools are a prime target for ransomware attacks; How to protect your child's information (WJAR) Parents and students aren't the only ones gearing up for back-to-school; scammers are ready too!
Legislation, Policy, and Regulation
Generative AI and intellectual property — Benedict Evans (Benedict Evans) If you put all the world’s knowledge into an AI model and use it to make something new, who owns that and who gets paid? This is a completely new problem that we’ve been arguing about for 500 years.
Europe is Cracking Down on Big Tech. This Is What Will Change When You Sign On (SecurityWeek) The Digital Services Act aims to protect European users when it comes to privacy, transparency and removal of harmful or illegal content.
All hail the new EU law that lets social media users quiet quit the algorithm (TechCrunch) Internet users in the European Union are logging on to a quiet revolution on mainstream social networks today: The ability to say 'no thanks' to being Internet users in the European Union are logging on to a quiet revolution on mainstream social networks today: The ability to say 'no thanks' to being attention hacked by AI.
Taking ‘bold’ bets: new UK agency prepares to fund breakthrough technologies (Financial Times) Head of Advanced Research and Invention Agency tells FT it has appointed directors charged with selecting projects
U.S. Tackles Crypto Tax Mess (Wall Street Journal) Long-delayed regulations would treat crypto platforms more like brokers who handle stocks and mutual funds.
U.S. government board looks to curb teen enthusiasm for cybercrime (Axios) A U.S. government advisory board is pushing Washington to reckon with an unpleasant reality: Teenagers are increasingly participating in underground cybercrime.
Proposed Bill Would Mandate Federal Contractor VDPs (Decipher) The newly proposed Federal Cybersecurity Vulnerability Reduction Act mandate vulnerability disclosure policies for contractors.
Inside New York’s new cyber strategy (StateScoop) On the Priorities podcast, N.Y. Chief Cyber Officer Colin Ahern says a new statewide cyber strategy provides a unified response to threats.
The Scourge of Commercial Spyware—and How to Stop It (Lawfare) Enforceable regulation of commercial spyware requires human rights, transparency, oversight & accountability, & exclusion of private industry.
Litigation, Investigation, and Law Enforcement
Telegram hacker sentenced to 20 years in Brazil (Cybernews) Walter Delgatti, known as the Vaza Jato Hacker, will spend 20 years in prison and pay a fine for hacking into the Telegram accounts of important government officials.
What the SEC’s Investigation of SolarWinds Means for CISOs and Cybersecurity Disclosures (CPO Magazine) On June 23, 2023, the information security software company SolarWinds disclosed that certain executives, including Chief Financial Officer (“CFO”) J. Barton Kalsu and Chief Information Security Officer (“CISO”) Tim Brown, had been issued Wells Notices by the U.S. Securities and Exchange Commission (“SEC”) concerning potential securities violations allegedly related to a 2020 data breac
Cyber-hacker of contractor scams $700K from Macomb County Public Works (Macomb Daily) The incident, which took place in August 2022, was publicly revealed earlier this month during the county’s audit presentation by UHY Advisors in front of the county Board of Commissioners.
Anne Arundel joins parade of school districts suing social media giants (Maryland Daily Record) Anne Arundel County Public Schools alleges social media companies have exacerbated the mental health challenges faced by the district's students.