Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+567: Investigating Meduza's Pegasus infestation. (CyberWire) The Pegasus attack against Meduza remains unattributed. A representative of the IT Army of Ukraine shares some wartime lessons from the hacktivist auxiliary.
Russia-Ukraine war: List of key events, day 568 (Al Jazeera) As the war enters its 568th day, these are the main developments.
Live Briefing: Russia Invades Ukraine (RadioFreeEurope/RadioLiberty) RFE/RL's Ukraine Live Briefing gives you the latest developments on Russia's ongoing invasion, Western military aid, global reaction, and the plight of civilians. The Live Briefing presents the latest developments and analysis, updated throughout the day.
Russian submarine hit by British Storm Shadow missile strike (The Telegraph) Fires blaze at Sevastopol shipyard after Ukraine attacks Russia’s key Black Sea fleet base
Ukrainian intel confirms damage to Russian landing ship, submarine in Sevastopol (Ukrinform) Ukrainian intelligence has confirmed that a Russian large landing ship and submarine were hit by missile strikes in temporarily occupied Sevastopol. — Ukrinform.
Ukrainian missiles strike Russia’s Black Sea fleet in Crimea (the Guardian) Large vessel and submarine damaged beyond repair in Sevastopol in what could be biggest single attack of war, intelligence official confirms
Zelensky’s commandos are crushing their enemy behind the frontline – just like Britain in WWII (The Telegraph) Young, untrained Russian soldiers fear the prospect of daring Ukrainian raids, crossing vast rivers to capture them
First-Person Firepower: Ukrainian Drone Unit Hunts Down Russian Armor (RadioFreeEurope/RadioLiberty) Remotely piloting fast, light FPV (or First-Person View) drones, a Ukrainian aerial attack unit has become adept at chasing down Russian targets. RFE/RL's Maryan Kushnir travels to the front with the operators who are hunting down enemy artillery with increasing accuracy.
Zelenskyy heading to New York to court the rest of the world (POLITICO) Ukrainian leaders are trying to shore up support from dozens of countries and hope in-person talks will make a difference.
What Russia's Refusal to Restore the Ukraine Grain Deal Means for Its Ties With Turkey (RANE) Despite failing to achieve a new grain deal, Turkey and Russia will retain their pragmatic relationship due to economic benefits and weakening competition in other areas of foreign policy.
Is Armenia Turning To The West? (RadioFreeEurope/RadioLiberty) A series of demonstrative anti-Russian statements, and the hosting of an unprecedented military exercise with U.S. troops, has raised speculation that Armenia's slow drift away from Russia may be reaching a breaking point.
Boris Johnson attacks UK aid to Ukraine: ‘What the hell are we waiting for?’ (the Guardian) Former PM says west is dragging its feet in support for Ukraine and calls for urgent supply of weaponry in Spectator column
The Missing Escalation in Ukraine (Foreign Affairs) In defense of the West’s go-slow approach.
Former generals urge House to approve Ukraine aid as Republican resistance grows (Stars and Stripes) Retired Air Force Gen. Philip Breedlove, a former NATO Supreme Allied Commander, and retired Lt. Gen. Ben Hodges, the former commanding general for U.S. Army forces in Europe, made the appeal in a letter this week to House Speaker Kevin McCarthy.
Even in Europe, we are not safe A statement from Meduza editor-in-chief Ivan Kolpakov (Meduza) Meduza was launched in Riga in 2014. We’ve been working in the European Union for nearly 10 years. During that time, our publication has gone from being a tiny media startup with about 15 employees to being the world’s largest international Russian-language news outlet.
Pegasus Infection of Galina Timchenko, exiled Russian Journalist and Publisher (The Citizen Lab) In an investigative collaboration with Access Now, the Citizen Lab has analyzed forensic artifacts from the iPhone of award-winning exiled Russian investigative journalist Galina Timchenko and found with high confidence that on or around February 10th, 2023 it was infected with NSO Group’s Pegasus spyware.
Hacking Meduza: Pegasus spyware used to target Putin’s critic (Access Now) The publisher of Russian independent media org Meduza was hacked with NSO’s Pegasus spyware. As both Russia and Latvia are potential culprits, Access Now demands accountability and sanctions.
NSO Spyware Hacked Independent Russian Journalist, Researchers Say (Bloomberg) Digital-rights groups say Pegasus infected Meduza CEO’s iPhone. CEO’s phone attacked after Russia labeled media group a threat.
4 Lessons From the Ukraine IT Army’s Cyber Operations Against Russia (Techopedia) Harv Xavier, an IT Army of Ukraine representative, shares details on some of the operations the group has been involved in against Russia.
Electronic warfare in Ukraine informing US playbook (Defense News) “Both sides are doing the cat-and-mouse game very, very well,” said Col. Josh Koslov, the commander of the 350th Spectrum Warfare Wing.
Ukraine's Fight on the Front Lines of the Information Environment (Modern War Institute) In early August 2023, residents of Russian-annexed Crimea received phone calls containing a recorded message urging them to avoid military infrastructure, naval bases, and assembly areas for military equipment in […]
Putin will give me a jail sentence for opposing his war in Ukraine, but he won’t silence me | Alexander Rodnyansky (the Guardian) Russia’s president is wrong if he mistakes the silence of most of his people for tacit support, says film-maker Alexander Rodnyansky
Attacks, Threats, and Vulnerabilities
Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes (Akamai) Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-3676 with a CVSS score of 8.8.
macOS Info-Stealer Malware 'MetaStealer' Targeting Businesses (SecurityWeek) The MetaStealer macOS information stealer has been targeting businesses to exfiltrate keychain and other valuable information.
“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments (Security Intelligence) Get top insights from the 2023 Cloud Threat Landscape Report, provided by IBM X-Force.
The Nigerian Prince is Alive and Well: Cybercriminals Use Generative… (Abnormal) Scams about the Nigerian Prince that promise millions have been around for decades. But they are transitioning, now using ChatGPT and similar tools to seem more convincing.
Caesars Entertainment Paid Millions to Hackers in Attack (Bloomberg) Hackers stole data, extorted company, people familiar said. Caesars breach came in weeks before MGM announced cyberattack.
Caesars Paid Ransom After Suffering Cyberattack (Wall Street Journal) Caesars is second major casino operator hit by hackers in recent weeks.
The Cyberattack That Sent Las Vegas Back in Time (Wall Street Journal) The security issue left MGM Resorts hotels on the Strip with an oddly analog vibe.
Pro Take: MGM Casino Hack Shows Challenge in Defending Connected Tech (Wall Street Journal) The attack shows how hacks can significantly disrupt operations.
ALPHV Ransomware Used Vishing to Scam MGM Resorts Employee, Researchers (Hackread) The responsibility for the MGM Resorts cyberattack has been claimed ALPHV ransomware group.
PSA: Ongoing Webex malvertising campaign drops BatLoader (Malwarebytes) Corporate users performing Google searches for the popular conferencing software Webex are being targeted in a malvertising campaign.
Data stolen from Hong Kong Cyberport includes staff details, credit card records (South China Morning Post) Tech hub, which did not disclose the hacking until last week after hacking came to light on social media, says data leakage took place on August 18.
Rollbar discloses data breach after hackers stole access tokens (BleepingComputer) Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens.
Airbus data leaked via infected customer computer (Register) Ransomware group nicked info from employee of airline, say researchers
DEED's jobs website for unemployed Minnesotans hacked (Star Tribune) The Department of Employment and Economic Development has notified jobseekers of the unauthorized access to information in the MinnesotaWorks.net website.
Vendor used by Baylor College of Medicine for employee wellness portal reports possible data breach (KPRC) A vendor used by Baylor College of Medicine for its employee wellness portal has reported a potential data security breach.
City of Tomball, Texas, Announces Data Breach in the Wake of 2022 Ransomware Attack (JD Supra) On September 12, 2023, the City of Tomball, Texas (“Tomball”) filed a notice of data breach with the Attorney General of Texas after learning that the...
Microsoft's Security Culture Just Isn't up to Scratch (Seriously Risky Business) Last week, Microsoft released its latest report into how its services were compromised by a China-based actor it called Storm-0558. It's an eye opening document that raises some red flags about Microsoft's security culture.
Wi-Fi radio signal data can be used 'to predict passwords' (Register) Fun technique – but how practical is it?
Malware Detection: Evasion Techniques (Cyfirma) In today’s ever-evolving cybersecurity landscape, the role of malware detection solutions has reached a critical juncture in safeguarding against...
Critical WebP bug: many apps, not just browsers, under threat (Stack Diary) A significant vulnerability in the WebP Codec has been unearthed, prompting major browser vendors, including Google and Mozilla, to expedite the release
CISA Adds Three Known Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-35674 Android Framework Privilege Escalation Vulnerability
CVE-2023-20269 Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
CVE-2023-4863 Google Chrome Heap-Based Buffer Overflow Vulnerability
Security Patches, Mitigations, and Software Updates
Mozilla Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Thunderbird. A cyber threat actor can exploit this vulnerability to take control of an affected system.
New Windows 11 feature blocks NTLM-based attacks over SMB (BleepingComputer) Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks.
Trends
A Cyber Attack's Emotional Toll Is More Impactful Than Financial Loss Reveals KnowBe4 (The Fintech Times) KnowBe4 research shows 50% of victims feel a significant psychological impact as a result of falling for a scam.
GRIT Ransomware Report: August 2023 (Guidepoint Security) August’s trends in ransomware highlight that as much as the ransomware environment changes, it also stays the same. While at first glance August’s statistics reflect a 25% decrease in total observed victims, the removal of Clop’s mass campaign victims across the past two months results in a different picture, in which the total victims across other groups modestly increased or remained constant month-over-month.
Enterprise Strategy Group Research Reveals Majority Organizations View Ransomware as a Top-three Threat to the Viability of the Business (Business Wire) To mitigate ransomware attacks, IT professionals must consider both business-related and infrastructure data equally
ICS Computers in Western Countries See Increasing Attacks: Report (SecurityWeek) ICS computers in the Western world have been increasingly attacked, but the percentages are still small compared to other parts of the globe.
Marketplace
Digital forensics firm Binalyze raises $19M to investigate cyber threats (TechCrunch) Binalyze, a digital forensics and investigation platform, has raised $19 million in a venture funding round.
Alarum Announces Closing of $4.25 Million Private Placement (GlobeNewswire News Room) The Company’s Chairman of the board, its Chief Executive Officer and its Chief Financial Officer invested more than $1.0 million in the Offering TEL AVIV,...
Goldilock Secures 1.7 million USD Seed Round Led by New York Angels and Harvard Business School Alumni Angels of Greater New York (Business Wire) British company gains support of well-known US angel investors for its unique hardware approach to cybersecurity
Google to cut hundreds of jobs out of its global recruiting team (Silicon Valley Business Journal) Google LLC intends to cut hundreds of jobs from its global recruiting team, the Mountain View-based company confirmed Wednesday.
Google lays off hundreds of employees (ET CIO) Google is laying off hundreds of employees from its recruiting team globally, as the new hiring has slowed down at the Alphabet company, the media reported.
Dell Technologies’ August Layoffs Cost $364M In Severance Charges, SEC Filings Show (CRN) Dell Technologies has shelled out $740 million this year in two rounds of layoffs which have targeted the infrastructure leader’s sales force.
Serial cybersecurity founders get back in the game (Help Net Security) Serial cybersecurity founders enter the new game with more maturity, confidence, and focus for the startup journey.
Introducing BlackBerry Fact Check (BlackBerry) BlackBerry Fact Check is an initiative dedicated to calling out and correcting untrue or misleading information about BlackBerry that could adversely affect our customers. There is no trust without truth and while everyone is entitled to their own opinion, they are not entitled to their own facts.
Aryaka SD-WAN and SASE Services Delivered 113% ROI and $2.48 Million in Net Present Value Over Three Years According to Total Economic Impact Study (PR Newswire) Aryaka®, the leader in Unified SASE solutions, today announced the results of a business benefit analysis and its ability to aid businesses...
Dell’Oro Group Again Ranks Versa Networks as the Current Worldwide Unified SASE Market Share Leader (Versa Networks) Dell’Oro Group Research Ranked Vendors Based on Q2 2023 Worldwide Revenue; Reveals Worldwide SASE Market Annual Revenue will Increase to More Than $14B in 2027
Virtru unveils new headquarters and technology hub in Washington, D.C. (GlobeNewswire News Room) The HUB, Virtru’s new headquarters on Pennsylvania Avenue, will serve as an innovation center for local cybersecurity leaders...
Qrypt Appoints FS-ISAC CEO, Steven Silberstein, to Board of Advisors (Business Wire) Qrypt, the pioneering quantum-secure encryption company, today announced Steven Silberstein, the CEO of FS-ISAC (the Financial Services Information Sharing and Analysis Center), is joining its Board of Advisors. With more than 25 years of experience in financial services, technology and cybersecurity, Silberstein is a longstanding leader in promoting data security and protecting the financial sector from cybersecurity threats.
Products, Services, and Solutions
ConnectWise Announces Integrations with Microsoft in Collaboration to Benefit Managed Service Providers, Worldwide (GlobeNewswire News Room) MSPs Gain Strengthened Cybersecurity Management, Streamlined IT Management, Improved Operational Efficiency...
SentinelOne® Launches Singularity™ RemoteOps Forensics for Incident Response and Evidence Acquisition (Business Wire) New solution combines forensics evidence with real-time telemetry to deliver unified insights into security incidents analysts need to perform investigation and response activities with efficiency and speed
Alkira Boosts Global Expansion Efforts for Enterprises with Cloud Exchange Point Presence in China (PR Newswire) Alkira®, the pioneer in agentless, multi-cloud networking, today announced availability of Alkira Cloud Exchange Point® (CXP) in China,...
SecurityScorecard Joins Forces with Measured Analytics and Insurance to Deliver Industry-First Cyber Insurance Discounts for Top Security Ratings (Business Wire) Continuous cyber risk assessments with actionable threat mitigation plans reduce breach likelihood and financial vulnerability
Adaptive Shield Now Available on Google Cloud Marketplace (Business Wire) Delivers Businesses Fast Path to Securing Growing SaaS Environments
BackBox Announces Strategic Partnership and Product Integration with Paessler AG – BackBox Software (BackBox Software) Paessler PRTG and BackBox now integrate seamlessly to provide a complete NOC stack DALLAS, TX – Sept. 13, 2023 — BackBox, the world’s most trusted network automation company, today announced a strategic partnership with Paessler AG, the monitoring experts for IT infrastructures and networks. In addition, BackBox and Paessler PRTG now work together seamlessly to support
Adlumin Unveils Warranty and Cyber Insurance Offerings that Make Coverage Attainable and Affordable for Previously Unprotected Small and Mid-Sized Organizations (Business Wire) Adlumin Protection Plus Suite Receives Cysurance Certification to Provide Low Friction Path to Complementary Financial Protection
Ivanti and Catchpoint Partner to Proactively Address Remote Connectivity Issues and Enhance Workforce Productivity (Business Wire) The partnership expands the Ivanti Digital Experience Score with application and network visibility to detect and troubleshoot remote connectivity issues before they impact the workforce.
OneSpan Named a Leader in Worldwide eSignature Software Vendor Assessment by the IDC MarketScape (OneSpan) OneSpan™, the digital agreements security company, announced it was named a Leader in the “IDC MarketScape Worldwide eSignature Software 2023 Vendor Assessment."
Checkly Expands Monitoring Capabilities with Introduction of Heartbeat Checks (PR Newswire) Checkly, the leading provider of monitoring solutions powered by a Monitoring as Code (MaC) workflow, today announced the introduction of...
SentinelOne Earns Top Honors Across Five Key Security Categories in 2023 PeerSpot Awards (Business Wire) Trusted customer review platform validates company’s leadership in XDR, EDR, EPP, MDR, and Anti-Malware solutions through verified user feedback
DoControl Integrates with HRIS Platforms to Mitigate Insider Threats (PR Newswire) DoControl, the leading SaaS Security Platform (SSP), today announces integration with popular Human Resources Information System (HRIS)...
Technologies, Techniques, and Standards
CISOs and Board Reporting – an Ongoing Problem (SecurityWeek) For CISOs to gain board support, they must translate and report technical cybersecurity concerns and solutions into language that can be understood.
Why executives should never be exempted from cybersecurity policy (CSO Online) Some are fine with C-suite executives opting out of cybersecurity measures for the sake of convenience. It’s a bad idea.
180 minutes to kill: Can the Air Force update EW within 3 hours of detecting a new threat? (Breaking Defense) “Our mindset has to be that we use the spectrum to kill faster, not to protect things,” said Col. Joshua Koslov. “The more things we kill, the less things that can hurt us.”
Defining Shadow Access: The Emerging IAM Security Challenge | CSA (CSA) Shadow Access is the unmonitored, unauthorized, invisible, unsafe and generally over-permissioned access in your cloud environment. In short, the unintended access to your applications and data. The consequences of Shadow Access are massive and threaten to impact any organization that has an evolving cloud. This short document intends to summarize the background, causes, impact and path forward to regain the benefits of a dynamic and secure cloud environment.
Bit-Wizards Urges Businesses to Assess BCDR Plans Amidst Height of Hurricane Season (GlobeNewswire News Room) Managed IT Services company, Bit-Wizards, encourages businesses of all sizes to assess their...
Research and Development
Distributed Energy Resources Get Cybersecurity Boost With $39M DOE Funding (SecurityWeek) The US Department of Energy gives $39 million in funding for nine projects to advance the cybersecurity of distributed energy resources.
Legislation, Policy, and Regulation
UN debates how to define cybercrime (Ideastream Public Media) While cybercrime is a problem around the world, agreeing on a definition on the international stage has been a huge challenge. That's plainly been on display at the United Nations recently.
Musk Warns Senators About AI Threat, While Gates Says the Technology Could Target World Hunger (Wall Street Journal) Tech leaders debate perils and possibilities of artificial intelligence at closed-door Senate session.
Regulation of Artificial Intelligence in Insurance: Balancing consumer protection and innovation | The Geneva Association (The Geneva Association) Artificial intelligence (AI) can allow insurers to provide more personalised services as well as coverage for risks that were previously difficult to insure. Enhanced risk assessment and claims management, as well as lower costs due to increased efficiency, may also increase the affordability and attractiveness of insurance.
China’s Apple iPhone Ban Appears to Be Retaliation, US Says (Bloomberg) The White House said it believes China’s moves to institute and expand a government ban on iPhones is an attempt to retaliate against the US as it weighed in for the first time on the backlash against Apple Inc.
China Flags ‘Security Incidents’ With Apple’s iPhones (Bloomberg) The Chinese government’s position on Apple Inc. only grew more muddled Wednesday, with Beijing both pushing back on reports about iPhone restrictions but also raising concerns about security problems with the device.
White House urging dozens of countries to publicly commit to not pay ransoms (Record) The National Security Council wants all members of the International Counter Ransomware Initiative to sign on to a statement saying their governments won't pay ransoms to cybercrime groups.
NSA plans new ‘innovation pipeline’ to focus on China (Federal News Network) The new concept, “Red Ventures,” will help the NSA coordinate both internal ideas and work with outside partners on technology innovation.
Readout from CISA’s 2023 Third Quarter Cybersecurity Advisory Committee Meeting (Cybersecurity and Infrastructure Security Agency) Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its third quarter Cybersecurity Advisory Committee (CSAC) meeting.
CISA advisory committee urges action on cyber alerts and corporate boards (CyberScoop) The advisory committee delivered a lengthy list of recommendations to CISA Director Jen Easterly on Wednesday.
Lawmaker slams White House refusal to create plan for economy after potential cyberattack (Record) Rep. Andrew Garbarino, chairman of a House cybersecurity subcommittee, says it's "scary" that the Biden administration won't produce a "COTE" plan specifically for a cyberattack. The White House argues that such plans already exist elsewhere.
Litigation, Investigation, and Law Enforcement
FBI probing MGM Resorts cyber incident as some casino systems still down (Reuters) The FBI said on Wednesday it was investigating a cybersecurity incident at gaming giant MGM Resorts International that kept several of the casino operator's systems paralyzed for a third straight day.
MGM Resorts says cyberattack could have material effect on company (NBC News) The company’s corporate email, restaurant reservation and hotel booking systems remain offline as a result of the attack, as do digital room keys.
MGM Resorts cybersecurity breach could cost millions, expert says (KLAS) The breach suffered by MGM Resorts International may cost the company millions of dollars, cybersecurity experts said Tuesday.
Google Antitrust Trial: Google Viewed Exclusive Search Deals as a ‘Weapon,’ Justice Department says (New York Times) A lawyer for the federal government argued that Google has illegally protected its internet search monopoly using deals struck with smartphone makers. Google’s lawyer says governments want people to use inferior products.
CareFirst Data Breach Suit Moves Forward Despite ‘Thin’ Evidence (Bloomberg Law) Customers of CareFirst Inc. advanced a proposed class action alleging it failed to protect the personal information of more than one million people that was exposed in a 2014 data breach.
Capita class action: 2,000 sign up in wake of data theft (Register) Pensioners, employees and medical pros among those aiming to be compensated for data exposure
The Twisted Eye in the Sky Over Buenos Aires (WIRED) A scandal unfolding in Argentina shows the dangers of implementing facial recognition—even with laws and limits in place.