Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+559: A Fancy Bear sighting. (CyberWire) A GRU cyber campaign against Ukainian energy infrastructure is detected. Ukrainian forces work to expand local breakthroughs amid reports of discontent in Russian ranks.
Russia-Ukraine war: List of key events, day 560 (Al Jazeera) As the war enters its 560th day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 560 of the invasion (the Guardian) US senate leaders express support for Ukraine; Russia closes airport amid Ukraine drone attack
Russia-Ukraine war live: Ukrainian parliament votes to approve Rustem Umerov as new defence minister (the Guardian) Parliament votes to appoint Umerov as the successor to Oleksii Reznikov
Ukraine’s Forces Try to Punch 2nd Hole in Russian Lines (New York Times) Ukrainian soldiers are trying to build on a new breach in enemy lines, but the battle will not be easy, military analysts said.
Ukraine's counteroffensive breakthrough: What does it mean? (Deutsche Welle) For weeks, Ukraine's long-awaited counteroffensive at the southern front seemed stuck. Now, troops have managed to break through Russia's first line of defense. Experts believe this is a dangerous time for Russia.
Ukraine war map shows Zaporizhzhia advances (Newsweek) Ukrainian troops have pushed past Russian defensive lines in the southern part of the front, an independent think tank has said.
Ukraine war: Kyiv digs in against Putin’s forces on ‘difficult’ eastern front line (The Independent) Ukrainian troops report gains in Bakhmut offensive
Romanian President Says Russian Attacks Have Come Close But Haven't Hit His Country (RadioFreeEurope/RadioLiberty) Romanian President Klaus Iohannis on September 5 said attacks are occurring close to Romania's border with Ukraine but no drone or other device landed in Romania during a weekend attack by Russian forces on Ukrainian port infrastructure.
The Russians Are Getting Better (Foreign Affairs) What Moscow has learned in Ukraine.
Zelenskiy Returns From Visits With Ukrainian Brigades Saying Soldiers' Requests Will Be Addressed (RadioFreeEurope/RadioLiberty) Ukrainian President Volodymyr Zelenskiy has returned to Kyiv after two days in eastern and southern Ukraine for meetings with commanders and Ukrainian troops to hear their requests, which he said would be passed on to top generals and other officials and addressed.
Germany ships first batch of new Gepard ammo to Ukraine (Defense News) Rheinmetall modified existing 35mm ammunition from the main armament of an infantry fighting vehicle for use in the Gepard.
Ukraine’s slow progress piles pressure on west to keep up supply of weapons (the Guardian) Kyiv’s counteroffensive slog means war is far from over – and Moscow still has chance of succeeding in its revised aims
Ukraine's Secret Boat Raids Are Exposing Cracks in Russia's Southern Front (Wall Street Journal) Small, secret boat raids along the Dnipro River are playing an outsized role in Ukraine’s counteroffensive strategy—revealing cracks in Russia’s southern front and creating tough choices for Russian commanders. Photo illustration: Jeremy Shuback
Russia says southeast Ukraine is now the main focus of fighting in war (Military Times) Russia's defense minister says southeast Ukraine has become the most recent hot spot for battles in the 18-month war.
Russian army has been trying to break through AFU defense near Novoyehorivka in Luhansk Region for almost 2 weeks now (Ukrainian News) The russian occupation army has been storming the positions of the Armed Forces of Ukraine in the area of the village of Novoyehorivka in the Luhansk Region for almost two weeks now. The occupiers want to break through the defense of the Ukrainian forces and advance in the direction of the Oskil River.
Russian infighting may have led to Ukraine retaking a key town in its counteroffensive: report (Business Insider) Ukraine has seized a strategically important village from Russia after mercenaries refused to fight in protest at the Kremlin.
Ukrainian intercepts show Russian soldiers’ anger at losses, disarray (Reuters) Excerpts from 17 phone calls placed in early July by Russian soldiers fighting in Ukraine - and intercepted by Ukrainian intelligence services - show them complaining about poor equipment and heavy losses.
More than weapons would be riding on Kim Jong-un's train journey to meet Vladimir Putin (The Telegraph) If Kim does personally make the trip to Vladivostok, it suggests the meeting with Mr Putin goes far beyond an arms deal
North Korea will ‘pay a price’ if it supplies arms to Russia, says US (the Guardian) Providing weapons to Moscow for Ukraine war will not ‘reflect well on North Korea’, national security adviser says, amid reports of active talks
Putin is developing a sinister new plan for victory (The Telegraph) Moscow’s dealings with North Korea suggest an attempt to repeat a version of the 1918 Kaiserschlacht
Russia-Ukraine live updates: Cuba uncovers human trafficking for Russia's war in Ukraine (ABC News) Live updates on Russia's war in neighboring Ukraine.
Cuba Says Its Citizens Were Lured to Fight in Russia’s War in Ukraine (New York Times) The Cuban government said it had begun criminal proceedings against a “trafficking network” that had been recruiting its citizens in both Russia and Cuba for Russia’s armed forces.
Jewish president picks Muslim defense minister: Ukraine’s diverse leadership debunks Russia’s “Nazi” slurs (Atlantic Council) Ukraine now has a Jewish president and a Muslim minister of defense, underlining the diversity of the country's leadership while exposing the absurdity of Russia's “Nazi Ukraine” propaganda, writes Peter Dickinson.
Removal of defense minister shows wartime Ukraine is changing (Atlantic Council) The removal of Ukrainian Defense Minister Oleksii Reznikov in early September came following a series of minor but damaging corruption scandals and signaled a zero tolerance approach to graft in wartime Ukraine, writes Melinda Haring.
Ukrainian Foreign Ministry Rebukes Putin For Latest Anti-Semitic Comments (RadioFreeEurope/RadioLiberty) The Ukrainian Foreign Ministry has said the latest statements by Russian President Vladimir Putin about Ukrainian President Volodymyr Zelenskiy’s Jewish roots are "another manifestation of deep-rooted anti-Semitism of the Russian elites."
Ukraine’s Long and Sordid History of Treason (Foreign Policy) For money or out of conviction, some Ukrainians are helping Russia kill their compatriots.
Putin’s Next Scheme to Solidify Power on Stolen Ukraine Land (The Daily Beast) Russia is synchronizing voting in occupied territories with efforts to suppress Ukrainian resistance and to run intimidation schemes to force votes in favor of the Kremlin.
Ukraine will never be a Russian colony again (The Hill) Einbeck is a city in Germany with about 31,000 inhabitants. It survived the Thirty Years’ War, lived through Kristallnacht in 1938 and had the good fortune of becoming part of West Germany after World War II. Few Americans — or, one suspects, Germans — have probably heard of it.
UK to declare Wagner group a terrorist organisation (the Guardian) Draft order will make it illegal to support the ‘violent and destructive’ Russian mercenary organisation in the UK
Star tech enterprise: Emerging technologies in Russia’s war on Ukraine (ECFR) Russia’s war on Ukraine has featured many of the technological advances the world has made over the past decades. If Europeans are serious about their defence capabilities, they need to learn from…
APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469) (CERT-UA) The government computer emergency response team of Ukraine, CERT-UA, recorded a targeted cyber attack against a critical energy infrastructure facility in Ukraine.
Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure (The Hacker News) Ukraine's CERT-UA fends off a cyberattack on a critical energy infrastructure. Learn how a phishing email led to an infiltration attempt by APT28.
Ukraine says an energy facility disrupted a Fancy Bear intrusion (Record) A cybersecurity expert working for a Ukrainian energy facility thwarted an initial intrusion by Russian hackers, according to Ukraine’s computer emergency response team (CERT-UA).
Meet the man leading the front-line effort in Ukraine's cyber war with Russia (NPR) Illia Vitiuk is a top Ukrainian intelligence official. For him, the war with Russia is primarily in cyberspace — and in a rare exclusive interview with NPR, he says its far from over.
Ukraine war: Cyber-teams fight a high-tech war on front lines (BBC News) In 18 months of war, Ukraine has learnt new ways to integrate technology into the modern battlefield.
Bilyana Lilly on Western cybersecurity assistance to Ukraine (CyberScoop) Western aid to Kyiv has played a key role in keeping Ukraine's government up and running and in the fight against Russian forces.
What's in a NoName? Researchers see a lone-wolf DDoS group (Record) Every morning at roughly the same time, a Russian hacker group known as NoName057(16) carries out distributed denial-of-service (DDoS) attacks on European financial institutions, government websites or transportation services.
Tinder, Twitch fined in Russia for refusing to localize data (Cybernews) A court in Moscow has slapped Match Group, which operates Tinder, and Twitch, which is owned by Amazon, with fines over “repeatedly refusing” to localize Russian users’ data.
Blinken makes unannounced visit to Kyiv hours after Russian missile strike (Washington Examiner) Secretary of State Antony Blinken arrived in Kyiv early Wednesday morning Washington time mere hours after Russia launched a missile strike on the Ukrainian capital.
3 ships with Ukrainian metalware break through naval blockade first since war start (Ukrainian News) Three ships loaded with the products of Ukrainian metallurgists broke through the naval blockade for the first time since the beginning of the war.
Attacks, Threats, and Vulnerabilities
Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster (The Hacker News) Learn about North Korean Andariel group's advanced malware attacks on South Korean corporations using Go language-based strains.
Analysis of Andariel's New Attack Activities (ASEC BLOG) The Andariel threat group which usually targets Korean corporations and organizations is known to be affiliated with the Lazarus threat group or one of its subsidiaries. Attacks against Korean targets have been identified since 2008.
New Agent Tesla Variant Being Spread by Crafted Excel Document (Fortinet Blog) An in-depth analysis of a phishing campaign that continues to exploit a known vulnerability with a new Agent Tesla variant. Learn more.…
W3LL oiled machine: Group-IB uncovers covert BEC phishing empire targeting Microsoft 365 – report (Group-IB) Group-IB, a global cybersecurity leader headquartered in Singapore, has today published a new threat report “W3LL DONE: HIDDEN PHISHING ECOSYSTEM DRIVING BEC ATTACKS”. The report details the operations of W3LL, a threat actor behind a phishing empire that has remained largely unknown until now.
Exposing RocketMQ CVE-2023-33246 Payloads (VulnCheck) VulnCheck demonstrates the use of the RocketMQ remoting protocol to retrieve the broker configuration file, and shares attacker payloads used in the wild for exploitation with CVE-2023-33246.
CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusion File Manager (Application Security Blog) Synopsys researcher discovers vulnerabilities CVE-2023-2453, CVE-2023-4480 in PHPFusion.
International agencies warn risk managers must update systems to avoid cyber attacks (Strategic Risk Europe) New advisory highlights that cybercriminals are routinely exploiting older software vulnerabilities. Here's how risk managers can shut down the threats
Atlas VPN zero-day vulnerability leaks users' real IP address (BleepingComputer) An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website.
Buggy, Vulnerable Open-Source Code Seeps Into Business Tech (Wall Street Journal) Hackers could target companies that use old code with known problems, and software with poor programming from Russian and Chinese authors, open-source veterans say.
Years-old Microsoft bugs are still hot targets for criminals (Register) We're number one! We're number one! We're...
New BLISTER Malware Update Fuelling Stealthy Network Infiltration (The Hacker News) New BLISTER update spotted! It's now part of SocGholish attacks, spreading an open-source C2 framework called Mythic.
Generative AI Could Revolutionize Email—for Hackers (Wall Street Journal) Phishing attempts can already be made indistinguishable from legitimate emails, with all red flags eliminated. But some security experts are using the technology to get ahead of attackers.
World's Largest Cryptocurrency Casino Stake Hacked for $41 Million (Hackread) Ethereum Network Stake Loses $41 Million Worth of Crypto After Private Key Leak.
Crypto casino Stake.com loses $41 million to hot wallet hackers (BleepingComputer) Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with over $40 million in crypto reportedly stolen.
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach (KrebsOnSecurity) In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.
A Combined 1.2 Million CalPERS and CalSTRS Members' Data Exposed in Vendor Software Breach (Trend Micro News) Two of California's most significant pension funds, CalPERS and CalSTRS suffered a significant data breach that exposed the personal information of their retired individual and beneficiary members.
Camosun College students impacted by security breach (Nexus newspaper | Camosun College's student newspaper) Some Camosun College students had their student ID, name, and date of birth accessed in a data breach incident that happened earlier this year. On March 10, 2023, Gallivan—a partner organization to the Camosun College Student Society (CCSS) that provides post-secondary organizations with health and dental plans—was notified about the breach. The data breach happened
More Schools Hit By Cyber-Attacks Before Term Begins (Infosecurity Magazine) Highgate Wood School forced to delay new term for six days
EXCLUSIVE: 'I had my bank account drained last week': Teachers, parents left furious in wake of ransomware attack on Minneapolis schools (The Daily Dot) Parents, teachers, and students in Minneapolis were furious after their data was compromised in a ransomware attack.
Coffee Meets Bagel says recent outage caused by destructive cyberattack (BleepingComputer) The Coffee Meets Bagel dating platform confirms last week's outage was caused by hackers breaching the company's systems and deleting company data.
TissuPath hack: patient data possibly exposed in cyber-attack on Melbourne pathology clinic (the Guardian) Company says it is investigating the potential exposure of referral letters, patient names, contact details and Medicare numbers
Security Patches, Mitigations, and Software Updates
CISA Releases Two Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series
ICSMA-23-248-01 Softneta MedDream PACS Premium
Trends
TRACKING RANSOMWARE - CYFIRMA (CYFIRMA) This report thoroughly analyses ransomware activity in August 2023, covering significant attacks, the top five ransomware families, geographical...
Proofpoint’s Second Annual Board Perspective Report Reveals Nearly Three in Five Board Members View Generative AI as a Security Risk (Proofpoint) Proofpoint, Inc., a leading cybersecurity and compliance company, today released its second annual Cybersecurity: The 2023 Board Perspective report, which exp...
Cybersecurity: The 2022 Board Perspective Report (Proofpoint) As cyber attacks become increasingly sophisticated and impact organizations of all sizes, the board-CISO relationship has never been more important. To protect people and data and ensure continued organizational success, CISOs must communicate effectively with their boards, put threats in perspective, foster collaboration, and drive accountability.
Traceable AI Releases 2023 State of API Security Report: A Global Study on the Reality of API Risk (Business Wire) Findings expose the true scale of API-related data breaches, top API security challenges, and the profound impact on global cybersecurity
2023H1 Threat Review: Vulnerabilities, Threat Actors and Malware (Forescout) In a new threat briefing report, Forescout Vedere Labs looks back at the most relevant cybersecurity events and data between January 1 and July 31, 2023 (2023H1) to emphasize the evolution of the threat landscape.
2023H1 Threat Review Vulnerabilities, Threat Actors and Malware (Forescout) In the first half of 2023, Forescout Vedere Labs has published numerous blog posts and reports sharing analyses of prominent vulnerabilities, threat actors and malware. We also published a 2022 threat roundup summarizing our data from last year and highlighting the emergence of mixed IT/IoT threats, such as botnets that allow lateral movement from an infected IoT entry point to a vulnerable IT network.
New Research from TechTarget’s Enterprise Strategy Group and the ISSA Reveals Continuous Struggles within Cybersecurity Professional Workforce - ISSA International (ISSA International) The sixth version of the landmark global study shows escalating career complexities and job discontent faced by cybersecurity professionals while the ongoing global skills shortage impacts 71% of organizations Newton MA and Vienna VA (September 6, 2023)—Enterprise Strategy Group, a division of TechTarget and ISSA announced the publication of its research study titled, “The Life … New Research from TechTarget’s Enterprise Strategy Group and the ISSA Reveals Continuous Struggles within Cybersecurity Professional Workforce Read More »
Life and Times 2023 Download Landing Page (ISSA International) In the 6th edition of "The Life and Times of Cybersecurity Professionals 2023," the glaring challenges of the cybersecurity profession intensify. The cybersecurity skills shortage continues unabated, leaving a majority of organizations with an ever-growing gap in the cybersecurity skills needed to reduce their cyber risk from the latest threats.
E-book: The Life and Times of Cybersecurity Professionals Volume VI (ESG Global) The cybersecurity skills shortage continues unabated, leaving organizations with an ever-growing gap in the cybersecurity skills needed to reduce their cyber-risk from the latest threats.
Global DevSecOps Report on AI Shows Cybersecurity and Privacy Concerns Create an Adoption Dilemma (GitLab) Global DevSecOps Report on AI Shows Cybersecurity and Privacy Concerns Create an Adoption Dilemma
How Telling People to Die Became Normal (Atlantic) Merciless trolling is a fact of online life that may never go away.
Marketplace
Arm is seeking to raise nearly $5B in its IPO (Silicon Valley Business Journal) Apple, Google and Intel could be new Arm shareholders after the offering.
Netskope Supercharges Proactive Digital Experience Management for SASE with Acquisition of Kadiska (Netskope) Integration of Kadiska digital experience platform sets new standard for SASE performance
Tenable in advanced talks to buy Israeli cybersecurity co Ermetic (Globes) Tenable is in negotiations to pay $350 million for the Israeli identity first cloud security company, sources close to the deal have told "Globes."
Cerberus invests in Resonant Sciences (Intelligence Community News) Resonant Sciences announced a strategic investment from an affiliate of Cerberus Capital Management, L.P., a global leader in alternative investing with a dedicated platform focused on supply chain integrity and national security.
Is CrowdStrike Dancing On SentinelOne's Grave? (NASDAQ:CRWD) (Seeking Alpha) Discover the intriguing dynamics and potential impact on investors as CrowdStrike's CEO references SentinelOne's struggles in the endpoint protection market.
Layoffs list extended by Malwarebytes, Fortinet, Veriff, SecureWorks (Cybernews) Thousands of employees have been cut from at least 46 cybersecurity companies in 2023. The streak is extended by Malwarebytes, announcing a second round of layoffs.
Inside Meta’s AI Drama: Internal Feuds Over Compute Power (The Information) Meta Platforms’ releases of its large-language models, Llama and Llama 2, in the past six months have won the company praise for offering free, open-source alternatives to models from OpenAI and Anthropic. But for some of the scientists and engineers who worked on Llama, that praise was too little, too late.
TikTok Hires UK Security Firm to Audit European Data Protection (Bloomberg) NCC Group to perform ongoing audits as part of Project Clover. TikTok plans to run three European data centers for user data.
BioCatch Continues to Set New Sales Records in 2023 (PR Newswire) BioCatch, the global leader in digital fraud and money laundering detection and response powered by behavioral biometric intelligence, today...
Zscaler likely to post strong 4Q growth as adoption of its security platform continues to scale (Proactiveinvestors NA) Zscaler Inc. (NASDAQ:ZS) is likely to reveal a strong rise in revenue and earnings when it reports fourth-quarter results after the closing bell on Tuesday,...
Xage Security Recognized in the 2023 Gartner® Market Guide for Zero Trust Network Access (GlobeNewswire News Room) Featuring Universal ZTNA for OT-IT-Cloud, Xage accelerates Zero Trust adoption across critical cyber-physical and digital infrastructure...
Demand for Zero Trust Cybersecurity Mesh in Operational Enterprise Environments Drives 420% Revenue Growth for Xage Security (GlobeNewswire News Room) Xage Appoints Cybersecurity Executive Geoffrey Mattson as CEO...
Illumio Appoints John Lens as Chief Revenue Officer (GlobeNewswire News Room) Former Alteryx and VMware sales leader to seize momentum in Zero Trust Segmentation and lead all revenue operations to fuel global growth...
Products, Services, and Solutions
Keeper Security Joins Forces With Atera to Provide Robust Cybersecurity Solutions to Managed Service Providers (PR Newswire) Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords and passkeys, privileged...
TXOne Networks’ New Edge V2 Engine for OT Cybersecurity Delivers Industry’s First Capability for Automatic Rule Generation, Enabling Effortless Network Segmentation (Business Wire) At SEMICON Taiwan 2023, TXOne Networks to showcase new Edge V2 engine, industry’s first practical solution for cost-effectively defining rules across OT network segments to isolate security breaches and safeguard reliable operations
Azion Named a Leader and Fast Mover in GigaOm Radar for Edge Platforms (Azion Technologies) GigaOm radar report recognized Azion as a Market Leader and Fast Mover for Edge Platforms.
Holiday Season Cyber Alert: Reflectiz Declares War on Magecart (Hackread - Latest Cybersecurity News, Press Releases & Technology Today) Reflectiz, a cybersecurity company specializing in continuous web threat management offers an exclusive, fully remote solution to battle Magecart web-skimming attacks, a popular type of cyberattack involving injecting malicious code into the checkout pages.
Arctic Wolf Advances Global Security Operations Portfolio with Launch of Incident Response Services in EMEA and ANZ Regions (GlobeNewswire News Room) International customers, channel community, and cyber insurance partners can now leverage Arctic Wolf’s response and recovery expertise...
Appdome and NetSPI Join Forces to Bring Cyber Discovery and Delivery Together for the First Time in History (CXOToday.com) New Partnership Improves Mobile DevSecOps for Everyone Appdome, the one-stop shop for mobile app defense, today announced a unique collaboration with NetSPI, the global leader in offensive security as part of its launch of Appdome’s new Mobile App Defense Project, a community program aimed at improving mobile DevSecOps for everyone. This collaboration aims to create a
McAfee Launches Privacy & Identity Guard in Staples Stores Nationwide, Helping Americans Take Control of Their Personal Data Online (Business Wire) McAfee’s newest product release helps Americans take control of their personal information online with the ability to remove personal information from data brokers and help clear unused or risky online accounts.
Arqit and SecureCloud+ partner to deliver cyber resilience using Symmetric Key Agreement (GlobeNewswire News Room) Arqit Quantum Inc. (Nasdaq: ARQQ, ARQQW) (Arqit), a leader in quantum-safe encryption, and SecureCloud+, the...
Netsurion and Radius Channels Ink Distribution Partnership (GlobeNewswire News Room) Netsurion Managed Detection & Response (MDR) Rounds Out Cybersecurity Portfolio...
Sophos Supports Shift to Hybrid Environments with New Generation of Remotely Managed Wi-Fi 6 Access Points (GlobeNewswire News Room) Sophos, a global leader in innovating and delivering cybersecurity as a service, today...
Veriti Recognized as a Cool Vendor in the 2023 Gartner® Cool Vendors™ for Modern Security Operations Center Report (PR Newswire) Veriti, is a leading consolidated security platform that maximizes the value of your existing security stack without impacting business...
Darwinium Hires Cybersecurity Leader Leah Evanski as Chief Commercial Officer (PR Newswire) Darwinium, a next-generation digital security and fraud prevention company, today announces the appointment of Leah Evanski as Chief Commercial...
Gartner’s 2022 Hype Cycle for Digital Identity: Veridas recognized as key vendor (Veridas) Learn more about why Gartner recognizes Veridas as a top 10 vendor in 2022 Hype Cycle for Digital Identity
Foresite Cybersecurity adds Horizon3.ai’s NodeZero™ to their ProVision Platform for Continuous Security Posture Verification (Business Wire) Channel-focused Managed Security Services Provider partners with award-winning pentesting platform
Cohesity and Carahsoft Partner to Provide Data Security and Management Solutions to the Public Sector (GlobeNewswire News Room) Cohesity’s Comprehensive Multi-Cloud Data Management Platform Now Available Through Carahsoft’s Contract Vehicles...
Expel Demonstrates Partner-first Commitment with Revamped Partner Program (Expel) Investments in go-to-market resources and re-designed program aimed at making it easier for channel partners to grow revenue and collaborate with Expel
RapidFort Launches Runtime Protection to Automatically Monitor and Secure Kubernetes Workloads (Business Wire) RapidFort Runtime Protection enhances software visibility, empowering security and development teams to easily mitigate software vulnerabilities
AUCloud Keeps Critical Infrastructure Safe with SentinelOne® (Business Wire) Leading Australian cloud provider deploys Singularity™ Platform to shield operations from threats and keep customers safe
LogicGate Unveils Comprehensive SEC Cyber Compliance Solution To Help Organizations Prepare for Upcoming Regulatory Changes (PR Newswire) LogicGate, a leading provider of Governance, Risk, and Compliance (GRC) solutions through its Risk Cloud® platform, announced today the...
Cybersecurity Leader eSentire Announces Partnership with Kterio, the Leader in Building Data Control Solutions, to Reduce Cyber Risk and Prevent Business Disruption Across Critical Infrastructure Organizations (Business Wire) eSentire, Inc., the Authority in Managed Detection and Response (MDR), and Kterio, the leading provider of smart building operating systems, today announced that they have formed an ecosystem partnership for the Healthcare, Industrial and Commercial Real Estate sectors.
Technologies, Techniques, and Standards
NSA, Cyber Command recently wrapped studies on AI use, Nakasone says (Record) The National Security Agency and U.S. Cyber Command both recently completed respective examinations of how they would use artificial intelligence in the future, the organizations’ leader said Tuesday.
How the US is going Dutch on quantum research (Nextgov.com) One of many recent international partnerships on quantum sciences, the U.S.-Netherlands collaboration has led to advancements in post-quantum cryptography and standards discussions.
CISA, MITRE shore up operational tech networks with adversary emulation platform (Record) The Cybersecurity and Infrastructure Security Agency (CISA) has partnered with the nonprofit MITRE to develop a cyberattack emulation platform specifically for operational technology (OT) networks in an attempt to protect critical infrastructure.
CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance:
Why Are Lawyers So Terrible At Cybersecurity? (Above the Law) Let us count the ways in which lawyers are terrible at cybersecurity – and then talk about the new ABA resolution on cybersecurity.
Design and Innovation
Proofpoint Launches Industry-First Innovations to Break the Attack Chain (Proofpoint) New integrated solutions solve for the most critical risks facing organizations when it matters most—spanning threat, identity, and data—to detect more attacks pre-delivery, quantify the impact of...
CyberArk Establishes Artificial Intelligence Center of Excellence to Combat Attacker Innovation with Identity Security Innovation (Business Wire) 93% of Security Professionals Expect AI-Enabled Threats to Affect Their Organization
Legislation, Policy, and Regulation
Official Slams Aussie Firms for Data Breach Reporting Delays (Bank Info Security) Australia's information commissioner has urged organifzations to quicken the process of notifying those affected by data breaches instead of spending months
Malaysia mulls rules for Google, Meta to pay news outlets for content (Reuters) Malaysia said on Tuesday it is considering regulations that will make internet giants Alphabet Inc's Google and Facebook parent Meta Platforms compensate news outlets for content sourced from them.
NSA chief Nakasone offers a cybersecurity retrospective (Washington Post) As the chief of the National Security Agency and U.S. Cyber Command since 2018 who’s now waiting to hand over the reins to his successor, Gen. Paul Nakasone sits as a link between the past and future of cyber.
What businesses need to know to comply with SEC’s new cyber disclosure rules (SC Media) On the disclosure front, one of the biggest questions businesses have had centers around “materiality,” or how the SEC will define a covered incident.
Pipeline safety agency's proposed pilot for ChatGPT in rulemaking raises questions (FedScoop) The Pipeline and Hazardous Materials Safety Administration is considering using OpenAI in the rulemaking process, according to a Transportation Department AI inventory.
Prosecutors in all 50 states urge Congress to strengthen tools to fight AI child sexual abuse images (AP News) The top prosecutors in all 50 states are calling on Congress to study how artificial intelligence can be used to exploit children through pornography, and come up with legislation to further guard against it.
The young activists shaking up the kids’ online safety debate (Washington Post) Student-led advocacy groups are commanding attention from lawmakers and the White House as they consider new rules
Huawei's new chip breakthrough likely to trigger closer US scrutiny, analysts say (Reuters) The company's breakthrough in making an advanced chip underscores China's determination and capacity for fighting back against U.S. sanctions, but the efforts are likely very costly.
California legislature advances closely watched bill on data brokers (Record) The Delete Act would make it far easier for individuals to block data brokers from collecting and selling their information without their consent.
Litigation, Investigation, and Law Enforcement
FBI’s Qakbot operation opens door for more botnet takedowns (Record) Last week's global takedown of the Qaknet botnet was momentous, but if history is a lesson there is no guarantee the malware won't resurface.
Huawei files lawsuit in Portugal over ban on supplying 5G equipment (Reuters) Chinese technology giant Huawei has filed a lawsuit with a Lisbon court against a resolution by Portugal's cybersecurity council CSSC that effectively bars operators from using its equipment in high-speed 5G mobile networks, the company said.
Dallas to Reveal Cyber Attack Details This Week (Governing) City officials will disclose more information regarding the April data breach in which hackers accessed personal information of at least 30,000 people. Officials have waited until the report was finalized to share details of the cyber attack.
More than 800,000 files stolen during ransomware attack, Dallas officials say (Dallas News) An internal review of Dallas’ ransomware attack determined files associated with the breach were on roughly 996 of more than 15,000 computers, servers and...
Catholic PSNI officers told to ‘bring personal protection weapons to Mass’ after huge data leak (The Telegraph) A serious breach last month exposed the names of almost 10,000 officers and staff working at the Police Service of Northern Ireland
Catholic PSNI officers ‘urged to bring weapons to Mass’ after data breach (BelfastTelegraph.co.uk) Some PSNI officers have been advised to bring personal protection weapons to Mass following the police data breach, the head of an organisation representing Catholic officers has said.