Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+594: Opportunisic misdirection. (CyberWire) Questions arise about Russian morale as the Kremlin welcomes Hamas's war as an opportunity for distraction and division.
Russia-Ukraine war: List of key events, day 595 (Ukraine Cyber) As the war enters its 595th day, these are the main developments.
In Ukraine, Russia’s winter attacks on infrastructure have started (Washington Post) After an initially balmy fall, temperatures are dropping in Ukraine — and Russia has already begun pummeling Ukraine’s energy system, in a reprise of its brutal attempt last autumn and winter to demoralize Ukrainians by plunging them into darkness and cold.
Ukraine’s Battle for Survival: A Report From the Front Line In Zaporizhzhia (The National Interest) To gain a better understanding of the Ukraine war, I traveled to the front together with Andrey Liscovich. Here is what I was able to see and experience firsthand.
Finland and Estonia See Likely Sabotage in Damage to Pipeline and Telecoms Cable (Wall Street Journal) A suspected leak in natural-gas conduit and a fault in communications cable were likely the result of “external activity” near the anniversary of the Nord Stream pipeline blasts, authorities said.
Subsea cable and pipeline in Baltic Sea damaged in possible act of sabotage (Record) The Balticconnector gas pipeline and adjacent telecommunications cable were likely damaged due to “external activity,” Finnish officials said.
Israel-Hamas Conflict Adds to Dangers for Ukraine’s War Effort (Bloomberg) Israeli military needs could compete with Kyiv for US supplies. Russia hopes Israel turmoil will distract allies from Ukraine.
Ukraine's Zelenskyy Sees Parallels Between Hamas, Russia Attacks (VOA) Ukrainian president says both attacks show 'the same evil'
Ukraine President Zelenskyy at NATO defense ministers meeting seeking more support to fight Russia (AP News) Ukraine President Volodymyr Zelenskyy has joined a meeting of more than 50 defense leaders from around the world to make a personal pitch for military aid.
Ukrainians fear becoming hostage to US political paralysis (Atlantic Council) The unprecedented removal of Kevin McCarthy as House speaker has thrust US politics into uncharted territory while also sparking alarm across the Atlantic as Ukrainians fear for the future of vital American military aid, writes Peter Dickinson.
Top US general faces tough task of assuring Europe of Ukraine support (Reuters) Air Force General Charles Q. Brown, on his first trip as the top U.S. general, needs to convince European allies that Washington is committed to supporting Ukraine, despite political chaos in Congress and the Middle East crisis, officials and experts said.
U.S. Envoy to NATO Says Aid to Israel Won’t Come at Ukraine’s Expense (New York Times) Julianne Smith, the U.S. ambassador to NATO, said Washington could “stay focused on our partnership and commitment to Israel’s security” and still support Kyiv.
TO: POTUS FROM: Ambassadors John Herbst, Steven Pifer, Alexander Vershbow, and 39 other national security leaders (Atlantic Council) SUBJECT: A bold agenda for the Washington summit: How to advance vital US interests by helping Ukraine win and defining its path to NATO membership
Army to Congress: Do your job so we can help Israel and Ukraine (POLITICO) Urgent requests for weapons will run up against the House speaker drama and the looming shutdown.
Some in Congress want to cut Ukraine aid and boost Taiwan's. But Taiwan sees its fate tied to Kyiv's (AP News) For some Republicans in Congress, Taiwan and Ukraine are effectively rivals for a limited pool of U.S. military assistance.
Russian imperialism shapes public support for the war against Ukraine (Atlantic Council) Modern Russia retains an imperialistic ideology that is fueling strong public support for the war in Ukraine amid deep-rooted perceptions of Ukrainians as misguided younger siblings in need of correction, writes Neringa Klumbytė.
Ukraine Military Opens New Cyber Defense Training Facility (The Defense Post) Ukraine has formally opened a new cyber classroom designed to train military specialists to effectively fend off sophisticated cyberattacks.
Former US Cyber Director Inglis on Israel, Russia and ONCD’s future (Record) Onstage at the Predict 2023 conference in Washington, D.C., Chris Inglis spoke to Recorded Future News’ Martin Matishak about the wars in Israel and Ukraine, plans for a national cyber alert system and potential regulations for AI.
‘As long as it takes’: US Army doubles down on Ukraine training goals (Defense News) Army and NATO officials highlighted their Ukraine training efforts despite uncertainty over whether U.S. funding will continue.
Suppressed GPS in Ukraine fuels development of US Army navigation tech (C4ISRNet) “You can see real-world, potential-adversary capabilities, and then we can put that up and measure how we’re doing on our side,” said one Army official.
Russia is defeated in its bid to regain a seat on the UN's top human rights body (AP News) Russia has been defeated in its bid to regain a seat in the United Nations premiere human rights body by a significant majority in an election in the General Assembly, which voted last year to suspend Moscow after its invasion of Ukraine.
Attacks, Threats, and Vulnerabilities
Hackers make their mark in Israel-Hamas conflict (Axios) Politically motivated hackers have already started to mobilize in response to the Hamas attack on Israel over the weekend.
Hacktivists take sides in Israel-Palestinian war (Record) Since Hamas fighters launched their assault on Saturday, nearly 60 groups have targeted Palestinian and Israeli entities.
Cyberattacks Targeting Israel Are Rising After Hamas Assault (Time) Hacking groups, including some tied to Russia, are attacking Israeli government and media websites.
Hacktivists stoke Israel-Gaza conflict online (Reuters) Hacktivist groups say they are hitting Israeli targets online amid the war in Israel and Gaza, disrupting and defacing websites like the Jerusalem Post.
Hackers, some tied to Russia, target Israeli media and government websites (MSN) Hacking groups, including some tied to Russia, are attacking Israeli government and media websites, allying themselves with the Palestinian military group Hamas that launched a series of deadly strikes on the country over the weekend.
Hamas Militants Behind Israel Attack Raised Millions in Crypto (Wall Street Journal) The digital currency transactions highlight how the U.S. and Israel have struggled to sever the access of Hamas, Palestinian Islamic Jihad and Hezbollah to foreign funding.
Cryptocurrency fueled Hamas' war machine (Quartz) Bitcoin and Tether funnel millions of dollars to terror groups
The Israeli police cyber unit, Lahav 433, has frozen the cryptocurrency accounts of Hamas (Odessa Journal) The Israeli police cyber unit, Lahav 433, has frozen the cryptocurrency accounts of Hamas. According to the Israeli ...
U.S. surging cyber support to Israel (POLITICO Pro) The United States is scrambling to provide military support to the nation days after Hamas breached the borders of the Gaza Strip and set off a new round of armed conflict.
Savvy Israel-linked hacking group reemerges amid Gaza fighting (CyberScoop) Predatory Sparrow, which has been linked to an attack on an Iranian steel facility last year, reemerged Monday after a long hiatus.
Israeli Cyber Companies Rally as Digital, Physical Assaults Continue (Wall Street Journal) Disruptive cyberattacks in Israel are growing, hitting business and government websites as Israeli soldiers mass at the Gaza border. Cybersecurity companies in Israel, concerned about more digital attacks in the coming days, are finding ways to keep products and services available.
Hamas Seeds Violent Videos on Sites With Little Moderation (New York Times) The strategy mirrors efforts by extremist groups like the Islamic State and Al Qaeda in years past.
Social media platforms foment disinformation about war in Israel (Record) Disinformation about the fighting between Israel and Hamas has spread like wildfire on social media platforms like X and Facebook.
Hamas terrorists post murder of Israeli grandmother on her Facebook page (The Telegraph) Families of victims share their horror so that the 'whole world would hear and know' of the atrocities
How to limit graphic social media images from the Israel-Hamas war (Washington Post) Also, stop and think before you watch, share or comment on online posts that show human suffering.
Briefing: EU Commissioner Asks Musk for Information on “Illegal Content and Disinformation” Spreading on X (The Information) European Union commissioner Thierry Breton sent a letter to X owner Elon Musk on Tuesday, writing that his team has “indications” that X is being used to “disseminate illegal content and disinformation in the EU” and asking Musk to respond within 24 hours on the measures X is taking to mitigate disinformation.
EU warns Elon Musk of 'penalties' for disinformation circulating on X amid Israel-Hamas war (CNN) European officials warned X on Tuesday that the company formerly known as Twitter appears to have been hosting misinformation and illegal content about the war between Hamas and Israel, in potential violation of the European Union’s signature content moderation law.
How the attacks in Israel are changing Threads (Platformer) Three months into its existence, the app’s purpose may be coming into focus — if Meta will embrace it
Hamas Got Around Israel’s Surveillance Prowess by Going Dark (Bloomberg) Militant group went low-tech in its attack against Israel. Group may have exploited IDF overconfidence, analysts say.
Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks (SecurityWeek) An APT group tracked as Storm-0062 has been hacking Confluence installations since mid-September, three weeks before Atlassian’s disclosure.
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability (Ars Technica) If a site is redirecting visitors to scam sites, it was likely hacked by Balada.
Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites (SecurityWeek) Recently patched TagDiv Composer plugin vulnerability exploited to hack thousands of WordPress sites as part of the Balada Injector campaign.
‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History (SecurityWeek) A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.
New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records (BleepingComputer) A new DDoS (distributed denial of service) technique named 'HTTP/2 Rapid Reset' has been actively exploited as a zero-day since August, breaking all previous records in magnitude.
The largest cyberattack of its kind recently happened. Here’s how. (Washington Post) A massive DDoS attack shines a spotlight on vulnerabilities in core parts of the internet
New technique leads to largest DDoS attacks ever, Google and Amazon say (Record) The companies said that a bug in the HTTP/2 protocol allowed threat actors a fresh angle for overwhelming websites with a flood of traffic, making them temporarily unavailable to users.
LinkedIn Smart Links Fuel Credential Phishing Campaign (Cofense) Learn what LinkedIn Smart Links are and how they're being used to bypass email security gateways. Get up-to-date information on this credential phishing threat
Spanish airline Air Europa hit by credit card system breach (Reuters) Spanish airline Air Europa has suffered a cyberattack on its online payment system that let some of its customers' credit card details exposed, the company said on Tuesday.
Report: Decathlon Employee Data Leak Exposed by Hacker in Web Forum in 2023 (vpnMentor) A hacker shared the data leaked of a previously reported breach involving nearly 8,000 Decathlon employees and customers around the globe.
Clorox Say Cyber Attack Is Still Impacting Operations (The Seattle Medium) Michael Coates, the chief security officer at CoinList, gets into the issues Clorox is facing over an ongoing cyberattack.
Cyber Attack Disrupts Food Shipment To Mannford Grocery Store (News on 6) An Oklahoma grocery store's shipment of food got delayed due to a cyber attack on another company. Phelps Grocery Store in Mannford was impacted by this, which meant it didn't get its grocery store shipment.
Vulnerability Summary for the Week of October 2, 2023 (Cybersecurity and Infrastructure Security Agency CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
CISA Adds Five Known Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation:
CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability
CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
CVE-2023-41763 Microsoft Skype for Business Privilege Escalation Vulnerability
CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability
CVE-2023-44487 HTTP/2 Rapid Reset Attack Vulnerability
Security Patches, Mitigations, and Software Updates
HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 (Cybersecurity and Infrastructure Security Agency CISA) Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023.
Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business (SecurityWeek) Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild.
Microsoft's October Patch Tuesday update resolves three zero-days (Computing) Microsoft on Tuesday released its monthly security update, targeting 104 security vulnerabilities across its product range.
Microsoft Releases October 2023 Security Updates (Cybersecurity and Infrastructure Security Agency CISA) Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system.
Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop (SecurityWeek) Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks.
Citrix Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities take control of an affected system.
Passwordless by default: Make the switch to passkeys (Google) Google is making it even easier to get started with passkeys by offering the ability to set them up for all users — by default.
Google starts prompting users to set up passkey login (The Verge) Just in case you needed encouragement to ditch your password.
Trends
New Synopsys Research Reveals Vast Majority of Organizations Report DevOps Delays Due to Critical Security Issues (PR Newswire) Synopsys, Inc. (Nasdaq: SNPS) today announced the publication of its "Global State of DevSecOps 2023" report examining the strategies, tools,...
[Report] Global State of DevSecOps 2023 (Synopsys) Discover the latest insights and trends in secure software development and operations with our report on the State of DevSecOps in 2023. Stay ahead of the game and ensure your organization's security.
Marketplace
Cybersecurity Stocks With Ties to Israel Are Under Pressure as War Unfolds (Barrons) Israel is home to 33% of the world's unicorns in cybersecurity, the Israel National Cyber Directorate said last year.
Nvidia cancels AI Summit in Tel Aviv following Hamas attack on Israel (CNBC) Nvidia canceled its AI conference in Tel Aviv next week due to safety concerns as the death toll rises in Israel and the Gaza Strip.
Billington Recognized by Ukrainian Government (Billington Defense Cybersecurity Summit) FOR IMMEDIATE RELEASE
Contact: Shawn Flaherty, 703-554-3609
Billington CyberSecurity
Arctic Wolf Announces Intent to Acquire Revelstoke to Accelerate Security Operations Efficiency and Outcomes through Automation and AI (GlobeNewswire News Room) Customers to benefit from tailored response actions, enhanced threat detection, and game changing noise reduction delivered by Revelstoke’s cutting-edge...
Bugcrowd Announces Rapid Growth of Customer Base Year Over Year (PR Newswire) Bugcrowd, the only multi-solution crowdsourced cybersecurity platform, today announced significant global customer momentum, highlighting the...
Omada Expands in Iberian Market (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), today announced its expansion in the Iberian market. This...
Lacework Appoints Kevin Kiley as Chief Revenue Officer (PR Newswire) Lacework, the data-driven cloud security company, today announced the appointment of Kevin Kiley as its new Chief Revenue Officer (CRO). As...
Products, Services, and Solutions
Blue Mantis Launches Dedicated GitOps Technology Practice to Help Customers Optimize Software Code Delivery for Cost, Scale and Security (GlobeNewswire News Room) Blue Mantis today launched its dedicated GitOps technology practice to help clients transform their software development lifecycle...
Veza Introduces Next-Gen IGA (Veza) New products include lifecycle management for access provisioning and deprovisioning, automation for access reviews, access visibility and access intelligence PALO ALTO, CA – October 10, 2023 – Today Veza , the identity security company, announced the launch of its Next-Gen IGA (Identity Governance…
Fortanix Introduces New Data Security Manager Capabilities (Fortanix) Fortanix introduces enhanced Data Security Manager capabilities for data sovereignty, while also offering client-side encryption for Google Workspace.
Portal26 Announces the General Availability of its Breakthrough Generative AI Visibility and AI TRiSM SaaS Platform; Debuts New Name (PR Newswire) Portal26, the Silicon Valley-based tech start-up formerly known as Titaniam, today announced the general availability of its breakthrough...
Ontinue and Telarus Partnership Delivers AI-Driven MXDR Services to a Growing Number of Organizations in Financial, Healthcare and Education Industries (PR Newswire) Ontinue, a leading provider of AI-powered extended managed detection and response (MXDR) services and winner of the 2023 Microsoft Security...
CISO Global Listed on PCI Marketplace as Qualified Security Assessor (GlobeNewswire News Room) Global cybersecurity provider working with clients to ready them for transition to upcoming PCI 4.0 standard Scottsdale, Ariz., Oct. 11, 2023 (GLOBE...
International Recruitment Platform Workforce360 Selects authID’s Identity Services for Automated Candidate Onboarding (GlobeNewswire News Room) Adding best-in-class identity fraud prevention to secure and streamline a global recruitment marketplace. Denver, Oct. 11, 2023 (GLOBE NEWSWIRE) --...
Asimily Launches Partner Program Dedicated to its Channel Partners’ Success — Delivering Best-in-Class IoT Security and Risk Management (GlobeNewswire News Room) Asimily's new partner program, Launch, enables partners to deliver best-in-class IoT security and risk management solutions to their clients....
Aware Ranks Top Performer in NIST Face Analysis Technology Evaluation (FATE) Benchmarking Test While Optimizing Demographic Parity (GlobeNewswire News Room) Aware’s facial presentation attack detection (PAD) algorithms achieved top ranking among 82 tested systems in the newly introduced NIST Face Analysis...
Security Journey Launches Role-based Learning Paths to Enhance Application Security Training for Development Teams (GlobeNewswire News Room) Purpose-built role and compliance-based paths help enterprises build more secure software and reduce risk....
Varonis Launches Data Center in Canada for Cloud-Native Security (Yahoo Finance) Company's newest international data center enables Canadian customers to achieve automated data security outcomes with Varonis SaaS
Corero Releases Major DDoS Protection Platform Update with Edge Router Integration, DNS Protection, and Expanded Software Appliances (PR Newswire) Corero Network Security (LON: CNS), the specialists in distributed denial of service (DDoS) protection solutions, today announced a significant...
Technologies, Techniques, and Standards
CISA, Government, and Industry Partners Publish Fact Sheet for Organizations Using Open Source Software (Cybersecurity and Infrastructure Security Agency) Fact sheet provides software security challenges and recommendations to improve security and risk management of OSS use at operational technology vendors and critical infrastructure facilities
CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control systems (ICS). In alignment with CISA’s recently released Open Source Security Roadmap, the guidance provides recommendations to OT/ICS organizations on:
Cybersecurity Awareness Month 2023 Blog Series | Using Strong Passwords and a Password Manager (NIST) Today’s blog is the second one in our 2023 Cybersecurity Awareness Month series and examines different factors associated with
No, You Aren’t Getting a Bonus. Your Company Is Just Testing You. (Wall Street Journal) Companies are getting creative with phishing tests. Employees are getting annoyed.
Design and Innovation
AI Trust Foundation Launches at AvePoint #shifthappens | AVPT Stock News (Stock Titan) AvePoint (Nasdaq: AVPT), the most advanced platform to optimize SaaS operations and
"Godfather of Artificial Intelligence" Geoffrey Hinton on the promise, risks of advanced AI (CBS News) There's no guaranteed path to safety as artificial intelligence advances, Geoffrey Hinton, AI pioneer, warns. He shares his thoughts on AI's benefits and dangers with Scott Pelley.
Research and Development
Mathematician warns US spies may be weakening next-gen encryption (New Scientist) Quantum computers may soon be able to crack encryption methods in use today, so plans are already under way to replace them with new, secure algorithms. Now it seems the US National Security Agency may be undermining that process
Legislation, Policy, and Regulation
Biden Says US Is Boosting Military Aid to Israel Following Hamas Attack (Bloomberg) At least 14 US citizens killed in Hamas assault, Biden says. Biden denounces ‘act of sheer evil’ against civilians.
Lawmakers shift gears on TikTok ban (POLITICO) The administration is throwing its weight behind a new bill after previous legislative and national security efforts faltered.
Neuberger provides details on ratings effort to determine security of pipeline, rail sectors (Inside Cybersecurity) Deputy National Security Advisor for Cyber Anne Neuberger detailed how the government is gaining visibility to cyber readiness in the pipeline sector based on steps taken at the Transportation Security Agency following the Colonial Pipeline hack.
FBI Looks to Build Diverse Workforce to Meet Cyber Needs (Meritalk) Many Federal government agencies are having a difficult time filling cybersecurity roles with skilled personnel, but going forward, the FBI is placing an emphasis on building a diverse workforce to support its mission.
Newsom signs bill that would make it easier to delete online personal data (Los Angeles Times) The California Privacy Protection Agency would create a way by 2026 for consumers to make a single request to ask data brokers to delete their personal information.
Litigation, Investigation, and Law Enforcement
China’s e-commerce inroads are back in focus amid Alibaba’s “possible espionage” in Europe (Quartz) The proliferation of Chinese e-commerce companies heightens national security concerns
Italy police crack down on Chinese shadow network laundering mafia money (Firstpost) Several recent investigations have shown how drugs cartels in Italy are increasingly using shadow networks of unlicensed Chinese money brokers to conceal cross-border payments
SEC Probes Twitter Security Lapse Before Elon Musk Took Over (Bloomberg) Agency scrutinizes how former leadership managed security flaw. Security flaw exposed user information on the platform.
Congressman George Santos Charged With Conspiracy, Wire Fraud, False Statements, Falsification of Records, Aggravated Identity Theft, and Credit Card Fraud (U.S. Attorney's Office for the Eastern District of New York) A 23-count superseding indictment was filed today in the United States District Court for the Eastern District of New York, charging George Anthony Devolder Santos, better known as “George Santos,” the United States Representative for the Third District of New York, with one count of conspiracy to commit offenses against the United States, two counts of wire fraud, two counts of making materially false statements to the Federal Election Commission (FEC), two counts of falsifying records submitted to obstruct the FEC, two counts of aggravated identity theft, and one count of access device fraud.
George Santos Indicted On Ten Additional Charges And Accused Of Stealing Donors’ Identities (Forbes) Santos and his campaign have faced a swath of charges in 2023.
More charges for George Santos: stealing donors’ identities and credit cards (the Guardian) New 23-count indictment accuses Republican congressman of charging contributors’ credit cards to fund his bank account
Rep. Santos faces new charges he stole donor IDs, made unauthorized charges to their credit cards (AP News) A new indictment filed Tuesday charges U.S. Rep. George Santos with stealing the identities of donors to his campaign and then using their credit cards to ring up tens of thousands of dollars in unauthorized charges.
Caroline Ellison Says Bankman-Fried Steered FTX Deception (Wall Street Journal) The former deputy—and sometime girlfriend—of Sam Bankman-Fried testified the crypto-exchange founder ordered her and others to commit criminally fraudulent acts.
US Navy sailor admits taking bribe, sharing military data with China (Reuters) A U.S. Navy sailor pleaded guilty on Tuesday to accepting nearly$15,000 in bribes from a Chinese intelligence officer in exchange for photographs of unclassified private U.S. military information, according to court papers.
Utah sues TikTok, alleging it lures children into addictive and destructive social media habits (Quartz) Utah has become the latest state to sue TikTok, alleging the social media company is “baiting” children into addictive and unhealthy habits