Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+589: Trends in the cyber phase of a hybrid war. (CyberWire) As Russia hits a village funeral with an Iskander hypersonic missile, its hacktivist auxiliaries protest "Russophobia" and President Putin blames NATO for his war against Ukraine.
Russia-Ukraine war at a glance: what we know on day 590 of the invasion (the Guardian) At least 51 killed in missile strike during village wake service; European leaders rally around Zelenskiy amid US funding uncertainty
Russia-Ukraine war: List of key events, day 590 (Al Jazeera) As the war enters its 590th day, these are the main developments.
Boy dies in fresh Russian strike as Kharkiv reels from attack that killed 51 (the Guardian) Zelenskiy condemns ‘Russian terror’ after missiles hit apartments in Kharkiv city on day after scores killed in Hroza
Russian War Report: Civilian cafe attacked and a fake Ukrainian news site is exposed (Atlantic Council) A suspicious website impersonating a Ukrainian news agency accused Ukrainian President Volodymyr Zelenskyy and Ukrainian leadership of corruption and misusing aid provided by the United States.
‘A new form of warfare’: how Ukraine reclaimed the Black Sea from Russian forces (the Guardian) Kyiv has turned the region into a no-go zone for Moscow’s bristling warships
Putin’s fleet retreats: Ukraine is winning the Battle of the Black Sea (Atlantic Council) Putin was already struggling to account for his army’s evident inability to conquer a nation that he insists does not exist. He must now also explain how his once vaunted Black Sea Fleet is being defeated by a country without a navy, writes Peter Dickinson.
Russia's Latest Threat: New Nuclear Tests (Time) Russia is using nuclear sabre-rattling in search of leverage on Ukraine, Western experts say.
Austin, Gen. Brown travel to Europe next week to weigh more aid for Ukraine (Stars and Stripes) Defense Secretary Lloyd Austin and Air Force Gen. CQ Brown will travel to Europe next week to size up what weapons Ukrainian troops need now to fight Russian forces as Pentagon funds used to supply Ukraine military aid begin to run dry.
Lawmakers mull Ukraine plans amid uncertainty after McCarthy ouster (Federal Times) Two Ukraine aid opponents want to become House speaker as the Senate leans toward passing a full-year aid package for Kyiv to last through the elections.
Biden team weighs using State Department grants to fund weapons for Ukraine (POLITICO) The program provides loans to help countries purchase military equipment.
As U.S. support for Ukraine wobbles, E.U. takes up membership question (Washington Post) In a week when financial support from Ukraine’s largest backer, the United States, suddenly looks shaky, European Union leaders gathered in southern Spain on Thursday to talk about what would need to happen to extend Ukraine the support of E.U. membership.
With Congress in chaos, Europe can show the world how to unite and deliver for Ukraine (Atlantic Council) Twenty-three European foreign ministers traveled to Kyiv on October 2 in another example of EU support for Ukraine.
Protecting US interests: How to defeat Putin and set Ukraine on the path to NATO (Atlantic Council) A new Atlantic Council “Memo to the President,” co-signed by 40 national security leaders, presents an array of measures that NATO can implement to help Ukraine win its war against Russian aggression, to guarantee Ukraine’s long-term stability, and to fortify Europe against further Kremlin aggression that directly jeopardizes the interests of the United States and its allies.
Vladimir Putin is still convinced he can outlast the West in Ukraine (Atlantic Council) Russia’s full-scale invasion of Ukraine has united the democratic world to a degree not seen in decades, but the Western response to the war continues to be hampered by excessive fear of provoking Putin, writes Dennis Soltys.
Putin will bankrupt Russia before he admits defeat in Ukraine (The Telegraph) While Xi Jinping’s China has provided assistance, even a totally co-opted Moscow can only rely on Beijing’s largesse for so long
To Putin’s relish, Ukraine’s support is crumbling (The Telegraph) Western leaders are losing the will to fight on, even if Kyiv’s commanders remain as steadfast as ever
Are Americans more supportive of Ukraine than Congress is? (Atlantic Council) New polling provides further evidence that American public support for Ukraine remains robust and bipartisan, and may even be more forward-leaning than the opinions of many in Congress or the White House.
Australia’s home affairs department hit by DDoS attack claimed by pro-Russia hackers (the Guardian) Telegram post says group would target department after Australia announced it would send Slinger anti-drone technology to Ukraine
Pro-Russia hacktivist group targets Australian government agencies over support for Ukraine (Cyberdaily.au) Hacking group Noname057(16) has taken down the websites of the Department of Home Affairs, the Administrative Appeals Tribunal, and the Immi Account portal webs
Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks (SBS News) The attack on the Department of Home Affairs website temporarily stopped people from being able to apply for Australian visas or citizenship online.
‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines (Record) This week, the Red Cross issued ethical guidelines for civilian hackers involved in armed conflicts, sparking ridicule from hacktivists in Ukraine and Russia.
Estonia sent offensive cyber tools to Ukraine after Russia invaded (Defense One) Tallinn expects Moscow’s cyber attacks to increase—even after Russia is ejected.
Top Dutch cyber official Hans de Vries on cyber defense in times of war (Record) Hans de Vries is the director of the National Cyber Security Center in the Netherlands and is one of the forces behind The Hague’s ONE Conference, one of Europe’s largest cybersecurity events.
NORTH KOREA–RUSSIA SUMMIT : A NEW ALLIANCE IN CYBERSPACE? - CYFIRMA (CYFIRMA) EXECUTIVE SUMMARY While their relationship is largely transactional, Russia and North Korea have much to gain from each other at...
Russian military chief's mail hacked (Yahoo News) Ukrainian activists from the Cyber Resistance (KiberSprotyv) have hacked the email of Colonel Roman Ershov, Chief of Russian National Guard OMON (Russia's riot police) special unit in Kaluga Oblast, who led the invasion of Ukraine's town of Prypiat in 2022.
Ukrainian Men Abroad Avoid War, and Are Racked by Guilt (Wall Street Journal) Thousands of Ukrainians abroad uprooted their lives to join the fight at home. Others opted to watch the conflict from afar and now wrestle with growing hostility and their own guilt.
Attacks, Threats, and Vulnerabilities
Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike (The Hacker News) Semiconductor companies in East Asia are under attack. Threat actors posing as TSMC deploy Cobalt Strike beacons via HyperBro backdoor
Suspected China-linked hackers target Guyana government with new backdoor (Record) A cyber espionage campaign has been targeting government agencies in Guyana with a previously undocumented backdoor used to harvest sensitive information, according to new research.
NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations (Cybersecurity and Infrastructure Security Agency CISA) Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations (NSA and CISA) A plea for network defenders and software manufacturers to fix common problems
Your next online dating match might actually be ChatGPT (Avast) Researchers at Avast have uncovered a romance scam that utilizes ChatGPT to increase the believability of their online dating conversations.
LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT (Avast Threat Labs) LoveGPT is a tool that provides vast functionality over several different dating platforms, providing the capability to create fake accounts, interact with victims, anonymize the access, and more. It also uses ChatGPT, to achieve its goals.
Zero-days for hacking WhatsApp are now worth millions of dollars (TechCrunch) Leaked documents show that zero-days that hackers can use to spy on WhatsApp users can cost between $1.7 and $8 million.
How government agencies conduct surveillance on smartphones (Cybernews) Digital surveillance of journalists and human rights activists is on the rise. Following the widely reported leaks of various confidential papers, such as the PANDORA papers and WikiLeaks, governments worldwide have become more active in monitoring journalists' communications to prevent potential leaks and, consequently, the embarrassment of revealing sensitive government secrets to the public.
Threat Actors Deployed Hundreds of Python Packages to Steal System Data (Cyber Security News) Beginning in April 2023, an unidentified attacker pounded the Python environment with dozens of closely related malicious packages.
Notice of Security Incident - Arietis Health | Healthcare Revenue Cycle Management (Arietis Health) Arietis Health, LLC (“Arietis Health”) provides healthcare billing services to NorthStar Anesthesia, which manages healthcare entities that provide anesthesia and pain management services (the “Healthcare Entities”). Arietis Health determined that information belonging to certain patients of those Healthcare Entities, which it received in connection with the billing services it provides, may have been involved in […]
DNA testing service 23andMe investigating theft of user data (CyberScoop) A member of an online forum where stolen data is bought and sold claims to be selling a large trove of user data obtained from 23andMe.
WSJ News Exclusive | MGM Resorts Refused to Pay Ransom in Cyberattack on Casinos (Wall Street Journal) MGM Resorts refused to pay a hackers’ ransom demand in a September cyberattack that threw its Las Vegas Strip resorts into chaos, according to a person familiar with the matter.
Clorox Warns of Accruing Costs From Cyberattack (Wall Street Journal) The attack came amid a $500 million digital overhaul at the consumer products maker.
Estes opens online portal for customers as cyberattack drags on (Freight Waves) LTL carrier also requests communication via X, tells customers, ‘We understand your frustration’
Do these computers sold at Navy Exchanges pose a cyber threat? (Military Times) Lawmakers say the exchange shouldn't sell the computers to service members or incentivize "purchases with tax-free, discounted prices."
4chan Uses Bing to Flood the Internet With Racist Images (404 Media) A coordinated campaign to flood the internet with racist images is using Bing and DALL-E 3’s text-to-image AI tool.
Ransomware Dwell Time Hits Low of 24 Hours (PR Newswire) Ransomware is being deployed within one day of initial access in more than 50% of engagements, says Secureworks® (NASDAQ: SCWX) Counter Threat...
Cybercrime gangs now deploying ransomware within 24 hours of hacking victims (Record) Over the past year, ransomware gangs have dramatically decreased their dwell time before extorting victims, according to Secureworks.
Ransomware dwell times now measured in hours, says Secureworks (Computer Weekly) Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report
TRACKING RANSOMWARE - SEPTEMBER 2023 - CYFIRMA (CYFIRMA) EXECUTIVE SUMMARY This report is a monthly spotlight on the period’s most significant ransomware attacks, and the top five ransomware...
CISA Adds Three Known Exploited Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation:
CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability
CVE-2023-42824 Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability
CVE-2023-22515 Atlassian Confluence Data Center and Server Privilege Escalation Vulnerability
Security Patches, Mitigations, and Software Updates
CISA Releases Three Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products
ICSA-23-278-02 Qognify NiceVision
ICSA-23-278-03 Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch
Atlassian Releases Security Advisory for Confluence Data Center and Server (Cybersecurity and Infrastructure Security Agency CISA) Atlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system.
Trends
Espionage fuels global cyberattacks (Microsoft On the Issues) While headlines about cyberattacks from the past year focused on ransomware, data shows the predominant motivation has swung back to stealing information, covertly monitoring communication, or manipulating what people read, according to the fourth annual Microsoft Digital Defense Report.
Microsoft Digital Defense Report 2023 (Microsoft) How we’re building and improving Cyber Resilience
Cyber Security in Critical National Infrastructure Organisations: 2023 (Bridewell) What are the top cyber threats, trends and challenges in 2023 and how are CNI organisations positioned to address them? Learn more from the Bridewell latest report.
Why operators need to mitigate against the rising crop of ‘access broker’ spy firms (Telecoms.com) The surveillance landscape has evolved dramatically since whistle-blower Edward Snowden leaked evidence that the USA and its ‘Five Eyes’ intelligence allies were responsible for a surveillance dragnet spanning the globe.
Marketplace
The Cyber Guild Celebrates the 'Who's Who' of Cybersecurity at Annual VIP Awards Reception (Yahoo Finance) The Cyber Guild held their third annual VIP Celebration and Awards ceremony on the evening of October 3 at the Army Navy Country Club, Arlington, where they honored cybersecurity VIPs from across the industry.
Quorum Cyber Broadens Senior Leadership With Steven Marandola as VP of Innovation and Rebecca Court as Marketing Director (Yahoo Finance) Quorum Cyber, founded to help organizations defend themselves in an increasingly hostile digital landscape, has named Steven Marandola as Vice President of Innovation to lead the company's solution directors, the technical solutions and innovation team, and the emerging innovation and development team. The company has also appointed Rebecca Court as its Marketing Director to fuel the next phase of growth worldwide. Quorum Cyber is currently one of the fastest-growing companies in the cybersecuri
Products, Services, and Solutions
SafeGuard Cyber Launches Contextual-AI Powered Platform to Investigate and Remediate Unmonitored Communications in Minutes (Business Wire) SafeGuard Cyber FirstSight Provides Unified Visibility, Actionable Evidential Data, and Critical Impact Analysis Across Multi-Channel Business and Social Communication
Virtru Named ‘Encryption Solution of the Year’ in 2023 CyberSecurity Breakthrough Awards for Second Consecutive Year (GlobeNewswire News Room) Virtru has been selected as the winner of the “Overall Encryption Solution of the Year“ award in the 2023 CyberSecurity Breakthrough Awards....
Startup Rootly Wins 2023 CyberSecurity Breakthrough Award for its Enterprise-Grade Incident Management Platform (GlobeNewswire News Room) Rootly is proven to help accelerate incident resolution times by 80 percent or more...
Omada Named "Overall ID Management Solution of the Year" in 7th Annual CyberSecurity Breakthrough Awards Program (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), today announced that it has been selected as winner of...
Betterworks Announces New Generative AI Capabilities to Help Make Managers More Effective (Business Wire) The solution enables better, less biased employee feedback
BlackFog wins CyberSecurity Breakthrough Award for 2023 (BlackFog) BlackFog Recognized as Data Leak Detection Solution of the Year in 2023 CyberSecurity Breakthrough Awards Program
Infobip introduces Signals: The Innovative Solution to SMS Pumping Fraud (Infobip) Infobip introduces Signals: The Innovative Solution to SMS Fraud
Redspin Announces Contract With DoD Prime Contractor to Provide CMMC Services (Yahoo Finance) Redspin, a division of Clearwater and the first Authorized CMMC Third-Party Assessor Organization (C3PAO), is proud to announce a strategic partnership with a renowned international technology-led defense, aerospace, and security prime contractor to the U.S. Department of Defense (DoD). This collaboration highlights Redspin's expertise in providing Cybersecurity Maturity Model Certification (CMMC) services that help safeguard sensitive information and protect data flowing through our national de
NordPass launches fully multi-platform passkey support (GlobeNewswire News Room) With Google introducing Android 14 a few days ago, NordPass announced that its customers are now able to...
Technologies, Techniques, and Standards
New CISA, NSA guidance highlights pain points in identity and security management (Nextgov.com) A public-private working panel recommends vendors invest more in security measures like multifactor authentication.
ITI: New FAR Guidance Can Help Achieve Supply Chain Risk Management - Information Technology Industry Council (ITI) Today, global tech trade association ITI reacted to the Federal Acquisition Regulatory (FAR) Council’s interim rule to standardize supply chain risk information sharing involving federal contracting and procurement. This interim rule implements exclusion or removal orders consistent with the Federal Acquisition Supply Chain Security Act (FASCSA).
New cryptographic protocol aims to bolster open-source software security (ZDNET) The Linux Foundation, BastionZero, and Docker believe OpenPubkey bolsters zero-trust passwordless authentication.
Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol (SecurityWeek) The Linux Foundation has announced OpenPubkey, an open source cryptographic protocol that should help boost supply chain security.
Keeper Security Becomes a CVE Numbering Authority (PR Newswire) Keeper Security, the industry leader in password and passkey management, secrets management, secure remote access, encrypted messaging and...
Delete your digital history from dozens of companies with this app (Washington Post) Americans finally have some privacy rights. Permission Slip makes telling companies to delete or not sell your data simple. Really.
Think You’re Too Lazy to Protect Your Privacy? Try the Permission Slip. (Gizmodo) The naysayers will tell you privacy is a lost cause. Don’t listen to them. A free new app from Consumer Reports makes it easy to take meaningful steps to protect your data, and it takes less than a minute to start.
Research and Development
Fujitsu and RIKEN develop superconducting quantum computer at the RIKEN RQC-Fujitsu Collaboration Center, paving the way for platform for hybrid quantum computing (Fujitsu Global) Fujitsu and RIKEN develop superconducting quantum computer at the RIKEN RQC-Fujitsu Collaboration Center, paving the way for platform for hybrid quantum computing
Legislation, Policy, and Regulation
Lawmakers call on tech giants to address AI in political ads (Computing) Democratic lawmakers have told social media firms to explain how they are addressing the use of AI on their platforms.
CISA pivots focus to China-linked threats against critical infrastructure (Cybersecurity Dive) The agency now considers China the top nation-state threat, after a heavy emphasis on risks related to the Russia-Ukraine war.
DHS sees need to be ‘aggressive adopters’ of AI tools to advance cyber mission (Federal News Network) Defense and national security community officials, speaking Wednesday at the Institute for Critical Infrastructure Technology (ICIT)’s AI DC conference in Arlington, Virginia, said their agencies see…
Litigation, Investigation, and Law Enforcement
Predator Files | EIC (European Investigative Collaborations) How European companies supplied dictators cyber-surveillance tools for more than a decade.
Meet the ‘Predator Files,’ the latest investigative project looking into spyware (Washington Post) Investigators tackle a lesser-known spyware outfit
Italy police crack down on Chinese shadow network laundering mafia money (Firstpost) Several recent investigations have shown how drugs cartels in Italy are increasingly using shadow networks of unlicensed Chinese money brokers to conceal cross-border payments
Casino giant MGM expects $100 mln hit from hack that led to data breach (Reuters) MGM Resorts International said on Thursday a cyberattack last month that disrupted its operations would cause a $100 million hit to its third-quarter results, as it works to restore its systems.
Court Rules in Favor of Auto-Repair Companies in Car-Data Dispute (Wall Street Journal) In a case involving Fiat Chrysler, the European Court of Justice says a U.N. cybersecurity regulation for automakers shouldn’t block access to data needed for car maintenance.
SEC Seeks to Force Musk Testimony on Twitter Stock Purchases (Bloomberg) Agency says that billionaire failed to appear last month. Musk attorney says that his client testified multiple times.
Apple Considered, Rejected Switch to DuckDuckGo From Google (Bloomberg) DuckDuckGo spoke with Apple about 20 times on possible change. Apple exec testified he viewed it as ‘probably a bad idea’.