Dateline
Ukraine at D+581: Nuisance-level DDoS. (CyberWire) Nuisance-level hacktivism hits Russian airlines. The Russian Foreign Ministry blames Anglo-Saxonia for strikes against the Black Sea Fleet.
Russia-Ukraine war: List of key events, day 582 (Al Jazeera) As the war enters its 582nd day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 582 of the invasion (the Guardian) Ukraine claims to have shot down 34 of 44 drones; Greenpeace criticises monitoring of Zaporizhzhia nuclear power plant; UK defence secretary visits Kyiv
Ukraine-Russia war: Children evacuated from front line villages ahead of expected fighting (The Telegraph) Ukraine said it had evacuated all children from several towns and villages in Zaporizhzhia in a sign of possible intensified fighting in the area.
Who’s Gaining Ground in Ukraine? This Year, No One. (New York Times) Although both sides have launched ambitious offensives, the front line has barely shifted. After 18 months of war, a breakthrough looks more difficult than ever.
Russia accuses Ukraine's Western allies of helping attack its Black Sea Fleet headquarters (AP News) Russia has accused Ukraine’s Western allies of helping plan and conduct last week’s missile strike on the Black Sea Fleet’s headquarters in Crimea.
‘Pathetic remnants’ of Wagner return to fight in Ukraine (The Telegraph) Scattered mercenary fighters are having ‘no significant impact’ on the battlefield, claims Kyiv
Secretary General in Kyiv: Ukraine is closer to NATO than ever before (NATO) Secretary General Jens Stoltenberg visited Kyiv on Thursday (28 September 2023), underscoring NATO’s powerful support for Ukraine in talks with President Volodymyr Zelenskyy and his government. Calling Kyiv “a city with a special place in the hearts of the free world,” Mr Stoltenberg paid tribute to President Zelenskyy’s leadership and the heroism of the Ukrainian armed forces, welcoming that Ukraine is “gradually gaining ground” in its hard-fought counteroffensive.
Joint press conference by NATO Secretary General Jens Stoltenberg with the President of Ukraine Volodymyr Zelenskyy (NATO) (As delivered)
National Armaments Directors Meet in Support of Ukraine (U.S. Department of Defense) National Armaments Directors from more than 40 countries, the European Union and NATO gathered in Brussels to further ongoing efforts aimed at solving industrial base and sustainment challenges in
Poll Shows Slovaks Split Ahead Of Elections With Ukraine In Spotlight (RadioFreeEurope/RadioLiberty) Slovak opposition party Smer, led by former Prime Minister Robert Fico, holds a narrow lead over its liberal challenger ahead of weekend elections that have revealed stark dividing lines over whether the country should continue to support Ukraine or instead seek closer ties with Russia.
Zelensky’s blunders risk alienating Ukraine’s allies (The Telegraph) Kyiv‘s ingratitude towards Poland has escalated into active animosity
Russia seeks to rejoin UN Human Rights Council despite its war on Ukraine (CNN) Russia is formally seeking to rejoin the United Nations’ Human Rights Council, nearly 18 months after it was suspended from the body following its invasion of Ukraine.
1984 And George Orwell Live Again In Putin’s Russia (Forbes) Orwell’s message to Russians is that freedom and happiness go together, and dictators lie to promote tyranny over liberty.
Putin and Prigozhin went through an ‘amazing transformation,’ says former Kremlin speechwriter (Record) Abbas Gallyamov, now persona non grata with the Putin regime, talks with the Click Here podcast team about the Russian president and the late mercenary leader.
Aeroflot, other airlines’ flights delayed over DDoS attack (Cybernews) Aeroflot and several other Russian airlines were forced to delay flights after pro-Ukrainian attackers flooded Russia’s airline ticket reservation system.
The elite Russian spy embedded in the heart of Europe (The Telegraph) Jan Marsalek was a high-flying executive until his secrets began to spill out. Now, there’s been an astonishing twist...
Russia reminds Hillary Clinton of her own gaffe in response to dig at Putin (the Guardian) Speaking of Ukraine war, Clinton said ‘too bad Vladimir, you brought it on yourself’, to which Kremlin pointed out 2009 mistake
Binance to Exit Russia With Sale to New Crypto Exchange CommEX (Wall Street Journal) Binance, the world’s largest cryptocurrency exchange, is exiting Russia by selling its operations there to a new crypto exchange known as CommEX.
“As we look toward the future, we recognize that operating in Russia is not compatible with Binance's compliance strategy,” said Noah Perlman, Binance's
Attacks, Threats, and Vulnerabilities
How a Google loophole lets drug dealers hijack nearly any website — including our own (Business Insider) When Google updated how it crawled the web, drug dealers took advantage, turning unsuspecting websites into advertisements for their wares.
‘Snatch’ Ransom Group Exposes Visitor IP Addresses (KrebsOnSecurity) The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is…
Threat Actors Exploit the Tensions Between Azerbaijan and Armenia (Fortinet) In 1923, the Soviet Union created the Nagorno-Karabakh Autonomous Oblast (an oblast is an administrative region or province) within the Azerbaijan Soviet Socialist Republic. This oblast has a 95% ethnically Armenian population.
Budworm: APT Group Uses Updated Custom Tool in Attacks on Government and Telecoms Org (Symantec Enterprise Blogs) Previously unseen version of SysUpdate used in August 2023 campaign.
Apache NiFi CVE-2023- 34468 RCE Vulnerability Analysis and Exploitation (CYFIRMA) EXECUTIVE SUMMARY CVE-2023-34468 is a critical security vulnerability affecting the Apache NiFi project; a data integration and automation tool. The...
HiddenGh0st Malware Attacking MS-SQL & MySQL Servers (Cyber Security News) A remote control malware called Gh0st RAT, which is popular with Chinese threat actors and has publicly available source code was created by China's C. Rufus Security Team.
Vulnerability in popular ‘libwebp’ code more widespread than expected (Record) Initial alerts about a bug in the obscure but widely used libwebp library have expanded into concerns that it affects not only web browsers like Chrome, but also many other common pieces of software.
Building automation giant Johnson Controls hit by ransomware attack (BleepingComputer) Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company's and its subsidiaries' operations.
Johnson Controls reports data breach after severe ransomware attack (BeyondMachines) On September 27, 2023, multinational manufacturing conglomerate Johnson Controls International was impacted by a severe ransomware attack affecting critical IT infrastructure, including VMware ESXi servers, and causing disruptions across the company and its subsidiaries. The attack originated from Johnson Controls' Asia offices, encrypted vital devices, claimed theft of 27 terabytes of corporate data. The attackers are demanding a $51 million ransom.
Russian zero-day seller offers $20M for hacking Android and iPhones (TechCrunch) A company that acquires and sells zero-day exploits — flaws in software that are unknown to the affected developer — is now offering to pay researchers
Security Patches, Mitigations, and Software Updates
Mozilla Releases Security Advisories for Thunderbird and Firefox | CISA (Cybersecurity and Infrastructure Security Agency CISA) Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
Trends
Cyber Security Report 2023 (Check Point Software) Check Point’s 2023 Cyber Security Report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war.
Aprio Releases U.S. National Manufacturing Survey, Highlighting the Need for Improved Operational Excellence, Digitization and Cybersecurity Practices (Aprio) Aprio Insights on the Aprio Releases U.S. National Manufacturing Survey, Highlighting the Need for Improved Operational Excellence, Digitization and Cybersecurity Practices. Read the article.
Forrester Research into Future-proofing Fleet Management in a Hybrid World (HP Wolf Security) Don’t let cyber threats get the best of you. Read our post, Forrester Research into Future-proofing Fleet Management in a Hybrid World, to learn more about cyber threats and cyber security.
IRONSCALES Q3 Threat Index Reveals AI is Ushering in a Golden Age of Social Engineering (IRONSCALES) IRONSCALES Threat Index reveals emerging threats created by generative AI evade traditional defenses, BEC attacks are on the rise.
Behaviors and Attitudes of IT Leaders Toward Their Organizational Approach to Data Management (Veritas) The effect of improper data management goes far beyond security—so it’s critical to get it right
Marketplace
Palo Alto Networks in advanced negotiations to acquire Dig Security in $300-$400 million deal (CTech) Palo Alto is closing on two acquisitions of Israeli startups, with negotiations currently also ongoing to purchase Talon Cyber Security for $600-$700 million
Sources: Palo Alto Networks in advanced talks to buy Talon and Dig in a $1B security sweep (TechCrunch) Palo Alto Networks' stock price has been on the rise on the back of strong earnings and growing demand for cybersecurity services, and now the company is
CrowdStrike makes a breakout move (Security | TechTarget) CrowdStrike's annual Fal.Con event brought promises of platform expansion, generative AI features and cloud security.
Nexusflow Raises $10.6 Million Seed, Harnessing Generative AI to Revolutionize Cybersecurity (Business Wire) Nexusflow was founded by AI experts Professor Kurt Keutzer from the Berkeley AI Research (BAIR) Lab and Professor Jiantao Jiao, along with industry AI leader Jian Zhang. (Photo: Business Wire)
Absolute Software Recognized as a Leader in G2 Fall 2023 Grid Reports for Endpoint Management and Zero Trust Networking (Business Wire) Overwhelming majority of Secure Endpoint and Secure Access users rate Absolute 4 or 5 stars
Checkly Named a Cool Vendor in the 2023 Gartner Cool Vendors in Monitoring and Observability Report (PR Newswire) Checkly, the leading provider of monitoring solutions powered by a Monitoring as Code (MaC) workflow, today announced its inclusion in the 2023 Gartner Cool...
VulnCheck Expands Executive Leadership Team to Accelerate Growth and Meet Surging Demand for Vulnerability, Threat and Exploit Intelligence (Business Wire) Former [redacted], Rapid7, Finite State, and runZero leaders bring decades of experience building, scaling, and marketing world-class cybersecurity organizations and products
Niloo Razi Howe Joins NetSPI Board of Directors (PR Newswire) NetSPI, the global leader in offensive security, today announced the appointment of Niloo Razi Howe to its Board of Directors. Niloo brings an...
CrowdStrike hires Blackberry vet as channel and distribution strategy lead (CRN) Lucy Evans joined the cybersecurity vendor in September
Products, Services, and Solutions
Visa Program Combats Friendly Fraud Losses For Small Businesses Globally (Business Wire) New Changes to its Dispute Rules and Processes Gives Small Businesses More Tools to Fight Fraud and Could Save Small Businesses Over $1 Billion Globally Over the Next Five Years
Meet MadPot, a threat intelligence tool Amazon uses to protect customers from cybercrime (US About Amazon) Curbing cybercrime is no easy task, but Amazon has been quietly doing its part with exceptional results.
How AWS threat intelligence deters threat actors | Amazon Web Services (Amazon Web Services) Every day across the Amazon Web Services (AWS) cloud infrastructure, we detect and successfully thwart hundreds of cyberattacks that might otherwise be disruptive and costly. These important but mostly unseen victories are achieved with a global network of sensors and an associated set of disruption tools. Using these capabilities, we make it more difficult and […]
Noname Security’s API Security Report Reveals API Security Incidents are Escalating (GlobeNewswire News Room) Report finds 94% of security professionals are confident in their current application testing tools yet, 78% have experienced an API security incident in...
Open Sourcing Our Lateral Movement Detection Tool: LATMA (Silverfort) We have created an open-source lateral movement analyzer tool (LATMA) which identifies all suspicious movements in an environment.
Musk's X disabled feature for reporting electoral misinformation - researcher (Reuters) Elon Musk's X, formerly called Twitter, disabled a feature that let users report misinformation about elections, a research organisation said on Wednesday, throwing fresh concern about false claims spreading just before major U.S. and Australian votes.
Musk’s X Cuts Half of Election Integrity Team After Promising to Expand It (The Information) Elon Musk’s X, formerly known as Twitter, is cutting around half of the global team devoted to limiting disinformation and election fraud on the platform, including the head of the group, according to three people familiar with the situation. The cuts come less than a month after the company ...
Codasip picks Verilock for secure hardware authentication (eeNews Europe) Hardware authentication implements future-proof security functionality based on patented Entropy Extraction Device (EED) technology.
Bitwarden Adds Passkey Two-Factor Authentication to the Individual Free Account (Business Wire) Providing everyone access to passwordless 2FA extends the Bitwarden mission to deliver security for all
Bitdefender Unveils Powerful New Threat Intelligence Solution (Bitdefender) New Offering for Security Operation Centers, Managed Security Service Providers and Technology Partners Delivers Contextualized Security Intelligence to Drive Better Cybersecurity Decision Making, Product Capabilities, and Operational Efficiency
The Future of Travel Has Arrived: Entrust Emerges as Global Leader in Seamless Travel and Digital Travel Credentials (Business Wire) With several successful implementations now facilitating seamless travel and border crossing, Entrust is now a global leader in implementing Digital Travel Credentials to transform the travel experience
Aviatrix Certified Engineer (ACE) Program Launches Multicloud Network Security Specialty Training (Aviatrix) Aviatrix, the pioneer of Secure Cloud Networking, today announced the launch of its Aviatrix Certified Engineer
Technologies, Techniques, and Standards
Tech giants ramp up cloud security under pressure from Washington (Washington Post) The moves are prompted by a hack over the summer that allowed imposters access to email accounts of U.S. government officials
IT vs. OT: Understanding the Key Differences in Cybersecurity (Cybersecurity Exchange) Explore the key differences between Information Technology (IT) & Operational Technology (OT). Learn how IT & OT differ and their significance in Cybersecurity
Nationwide Wireless Emergency Alert Test Set for Oct. 4 (US Cellular) The Federal Emergency Management Agency (FEMA), in coordination with the Federal Communications Commission (FCC), will conduct a national test of the Integrated Public Alert and Warning System (IPAWS) on Oct. 4, 2023*. This is inclusive of Wireless Emergency Alerts (WEA), and a test alert will be sent to all wireless...
FEMA and FCC Plan Nationwide Emergency Alert Test for Oct. 4, 2023 (FEMA) FEMA, in coordination with the Federal Communications Commission (FCC), will conduct a nationwide test of the Emergency Alert System (EAS) and Wireless Emergency Alerts (WEA) this fall.
Space Force contracts for new ‘zero-trust’ data protection (Defense One) It’s hard to upgrade infrastructure, especially if it's related to space.
Design and Innovation
Secure Code Warrior to Host 3rd Annual Devlympics Competition (Business Wire) Held during Cybersecurity Awareness Month, global tournament enables DevOps community to test their skills against vulnerabilities
Legislation, Policy, and Regulation
UK government disbands independent AI and data ethics advisory board (Computing) Decision comes ahead of global AI safety sumit being held in the UK in November
New Zealand Bolsters Cybersecurity in US Defense Exercise (The Defense Post) The New Zealand Defence Force has tested its cybersecurity capabilities and cyber threat preparedness in a US-led exercise.
Report on the Surveillance Program Operated Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (U.S. Privacy and Civil Liberties Oversight Board) The Privacy and Civil Liberties Oversight Board’s July 2014 Report on the Surveillance Program Operated Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (hereinafter “2014 PCLOB Report”) is a comprehensive public report that for the first time provided an unclassified description of the intricacies of this complex program.
Split privacy board urges big changes to Section 702 surveillance law (Washington Post) The fight over an expiring program gets messier, with a key panel divided 3-2 over how to curb abuses
Democrats fear cyberattacks as government shutdown looms (Nextgov.com) Lawmakers are expressing concerns that the shutdown could radically hinder the work of the Cybersecurity and Infrastructure Security Agency in responding to major ransomware incidents and other digital intrusions.
CISA and FEMA Open the Application Process for the Tribal Cybersecurity Grant Program (Cybersecurity and Infrastructure Security Agency) Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) announced the opening the application process for $18.2 million available through the Tribal Cybersecurity Grant Program (TCGP) to help tribal governments address cybersecurity risks and threats.
NSTAC report details abuse of domestic infrastructure findings and recommendations (Center for Cybersecurity Policy and Law) We've seen a growing number of foreign actors using U.S. commercial network infrastructure to launch cyber-attacks and a new report from the National Security Telecommunications Advisory Committee (NSTAC) details findings and recommendations to deal with the abuse of domestic infrastructure (ADI).
Litigation, Investigation, and Law Enforcement
RICO class-action data privacy lawsuit filed against H&R Block, Google, Meta (Record) The suit alleges the three companies’ joint conduct with tracking pixels should be considered a pattern of racketeering on a “massive scale.”
Crypto Regulatory Affairs: arrests made in Hong Kong after JPEX exchange warning (Elliptic) Police in Hong Kong have arrested six individuals following regulatory warnings about an alleged rogue crypto exchange.
Chase U.K. to Block Crypto Payments Citing Fraud, Scams (Coindesk) Starting Oct. 16, the bank will decline customer attempts to make payments related to crypto assets via debit card or outgoing bank transfers.
A 23-year-old was arrested for gun possession. It led the FBI to a global Satanic cult (the Guardian) Angel Almeida’s alarming social media posts led authorities to 764, a group that abuses minors and circulates violent videos
Public bodies expose victims' details to domestic abusers (Computing) Poor procedures and training have been blamed for human errors in matters of life and death.
Domestic abuse victims put at risk after data breaches revealed their locations to alleged abusers (Sky News) In one case a family had to be immediately moved to emergency accommodation - with the breaches having taken place at organisations including a law firm, a police service and local councils.
Over 50 arrested after mobs ransacked Philadelphia stores. Dozens of liquor outlets are shut down (AP News) Dozens of people face criminal charges after authorities said groups of thieves working together smashed their way into stores in several areas of Philadelphia and fled with merchandise.