Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+606: Ukraine continues diversionary raids into Russian-occupied territory. (CyberWire) The Russian active defense around Avdiivka shows a modest result: a contested advance into a garbage dump, over which Russian forces have been unable to establish control.
Misinformation about the Israel-Hamas war is flooding social media. Here are the facts (AP News) False claims about the latest Israel-Hamas war are flooding social media, making it difficult for onlookers to sort fact from fiction. Here are the facts: The Israeli military didn't say in a Facebook post that it bombed a hospital in Gaza, the account was a fake.
Israel-Hamas war live: Israel says Hamas is holding 222 hostages as Gaza says more than 5,000 people killed (the Guardian) Israeli military raises number of confirmed hostages as Gaza health ministry says at least 5,087 Palestinians have died in Israeli strikes
Israel intensifies attacks on north Gaza as WFP says more aid urgently needed (the Guardian) Israel says anyone in northern Gaza will be considered ‘an accomplice in a terrorist organisation’
Israel hits Gaza with one of deadliest bombings so far in war against Hamas (the Guardian) At least 400 Palestinians killed in last 24 hours, including 70 in refugee camp and near hospitals
Israel-Hamas war live: Israel says 212 hostages held by Hamas in Gaza as Palestinian death toll rises over 4,600 (the Guardian) Release of two Americans on Friday raises hopes others may be freed as Gaza’s health ministry says 4,651 Palestinians have died in Israeli strikes
US Presses Israel to Delay Gaza Invasion to Get Hostages Out (Bloomberg) Negotiations on those held by Hamas are underway via Qatar. US confirms two American hostages were released from Gaza.
Hostages’ families pressure Israel to delay Gaza ground offensive (The Telegraph) US and European countries want to secure release of dozens of foreign nationals who are among some 200 being held captive
Israel says two Americans held hostage by Hamas, a mother and daughter, have been released (AP News) The Israeli government said Hamas militants on Friday freed two Americans. Judith Raanan and her 17-year-old daughter, Natalie, are from suburban Chicago. They had been held hostage in Gaza since militants rampaged through Israel two weeks ago.
AP visual analysis: Rocket from Gaza appeared to go astray, likely caused deadly hospital explosion (AP News) An Associated Press analysis of more than a dozen videos found that the deadly explosion at a Gaza hospital Tuesday was likely caused by a rocket fired from inside Palestinian territory that veered off course and broke up in the air before crashing back to the ground.
CNN Investigates: Forensic analysis of images and videos suggests rocket caused Gaza hospital blast, not Israeli airstrike | CNN (CNN) In the days since a blast ripped through the packed Al-Ahli Hospital in Gaza City, killing hundreds of Palestinians, dueling claims between Palestinian militants and the Israeli government over culpability are still raging. But forensic analysis of publicly available imagery and footage has begun to offer some clues as to what caused the explosion.
Video Analysis Shows Gaza Hospital Hit By Failed Rocket Meant for Israel (Wall Street Journal) A video analysis by the Wall Street Journal using security cameras and live feeds inside Israel and Gaza shows how a failed rocket caused the deadly explosion at Al-Ahli Arab Hospital. Photo illustration: Ryan Trefes
U.S. Intelligence Agencies Give Lower Estimate for Gaza Hospital Toll (New York Times) American officials say the blast on Tuesday likely killed 100 to 300 people. Gaza officials estimate the death toll closer to 500.
Geolocating Hamas-Led Attacks on Israeli Civilians (bellingcat) Bellingcat analysed footage from the Hamas-led attacks at two kibbutzim on October 7.
Israel-Hamas war live: strikes on Gaza to increase from today, Israeli spokesperson says (the Guardian) Israeli Rear Adm Daniel Hagari said: ‘We will deepen our attacks to minimize the dangers to our forces in the next stages of the war.’
Humanitarian Assistance for Gaza - United States Department of State (United States Department of State) The United States welcomes the delivery of a 20-truck convoy carrying much needed humanitarian assistance to the people in Gaza, the first since Hamas’s horrific October 7 terrorist attack on Israel. We thank our partners in Egypt and Israel, and the United Nations, for facilitating the safe passage of these shipments through the Rafah border […]
Cyberattacks Intensify on Israeli and Palestinian Human Rights Groups (Wall Street Journal) Websites of human rights groups are being ‘pummeled’ with low-level attacks.
Israel's burial society website comes under cyberattack (Jerusalem Post) The website of the Israeli Chevra Kadisha (Jewish Burial Society) came under cyber attack on Saturday afternoon.
Sheba Medical Center Hit by Cyber Attack (Jewish Press) The medical center is continuing operations using paper, and service to its patients was uninterrupted, Israel’s Health Ministry said.
Health Ministry disconnects the remote connection of several hospitals following cyber attack (Jerusalem Post) Following the cyber attack on Sheba Medical Center, Tel Hashomer on Saturday, the Health Ministry has disconnected the remote internet connection to the hospital's network.
EU asks Meta, TikTok to account for their response to Israel-Hamas disinformation (Record) The European Commission sent Meta and TikTok letters Thursday, requesting information on the platforms’ efforts to rein in disinformation relating to the Israel-Hamas war.
Pro-Palestinian creators use secret spellings, code words to evade social media algorithms (Washington Post) From ‘terrier’ to ‘P*les+in1ans,’ creators are changing up their language with ‘algospeak’ to evade Big Tech’s content rules
Web Summit CEO resigns after comments on Israel-Hamas conflict (Reuters) Web Summit Chief Executive and founder Paddy Cosgrave resigned on Saturday after comments he made on the Israel-Hamas conflict prompted some technology companies and investors to withdraw plans to attend its conference in Portugal next month.
YouTube is Autogenerating Videos for Songs Advocating the Expulsion of Muslims from India (bellingcat) YouTube is autogenerating videos for “Hindutva Pop” songs, a genre affiliated anti-Muslim, right-wing Hindu extremism.
Palestinians Claim Social Media 'Censorship' Is Endangering Lives (WIRED) Alleged censorship of social media and disruptions to electricity and internet access have meant people under fire in Gaza can’t get the information they need to survive.
Column: On social media, the 'fog of war' is a feature, not a bug (Los Angeles Times) The torrent of fake videos, phony experts and enraged screeds unleashed by the Israel-Hamas war shows the failings of social media as a news source and underscores the need for something better.
The Israel-Hamas war is becoming a virtue signaling competition online (MSNBC.com) In the rush to make their opinions known, many social media users have spread dubious claims, hurting their efforts to help bring peace to the Middle East.
Bitdefender: Scam emails asking for donations for Gaza target Romania (Romania Insider) A report by Romanian antivirus company Bitdefender has underlined that cybercriminals are exploiting the crises in Israel and Gaza to financially benefit from users' solidarity, with Romania being in the top 3 countries targeted. A few days after the Hamas terrorist attack, fraudulent email...
Why Hamas Uses Crypto to Raise Money (Wall Street Journal) The militant group raised millions of dollars before its attacks in Israel, prompting lawmakers to call for tougher rules to curb crypto’s utility for criminals and groups under U.S. sanctions.
Qatar’s Hamas Ties Could Thwart $475 Billion Investing Ambition (The Information) Qatar last year signaled it wanted to be a much bigger investor in tech when its $475 billion sovereign wealth fund backed Elon Musk’s takeover of Twitter. Now, the war between Israel and Hamas—a Palestinian terrorist group with ties to Qatar—may hamper those ambitions. The petroleum-rich ...
US tells Sunak to ban Iran’s terrorist forces (The Telegraph) State department's call to proscribe Islamic Revolutionary Guard Corps comes amid growing suggestions Tehran was complicit in Israel attack
It is time to proscribe the Islamic Revolutionary Guard (The Telegraph) Let us hope that the Foreign Office mandarins are finally listening. Britain has been too slow to act on this threat
Blinken says Arab states don't want spillover from Israel-Hamas conflict (Reuters) U.S. Secretary of State Antony Blinken will return to Israel on Monday to talk "about the way forward" after several days of shuttle diplomacy between Arab states, which he said shared the U.S. determination to ensure Israel's conflict with Palestinian militant group Hamas does not spillover elsewhere in the region.
Spy vs. spy: How Israelis tried to stop Russia’s information war in Africa (Washington Post) This never-before-told tale reveals how covert online battles in the French-speaking Sahel region helped topple governments.
Ukrainian spies with deep ties to CIA wage shadow war against Russia (Washington Post) The cluttered car carrying a mother and her 12-year-old daughter seemed barely worth the attention of Russian security officials as it approached a border checkpoint. But the least conspicuous piece of luggage — a crate for a cat — was part of an elaborate, lethal plot. Ukrainian operatives had installed a hidden compartment in the pet carrier, according to security officials with knowledge of the operation, and used it to conceal components of a bomb.
Russia-Ukraine war: List of key events, day 607 (AL Jazeera) As the war enters its 607th day, these are the main developments.
With Raids Across Dnipro River, Ukraine May Be Seeking New Front in War (New York Times) Military experts are reporting extensive strikes on Russian-held territory in the south, potentially with the goal of establishing a bridgehead on the east bank of the Dnipro.
We must ditch the ‘stalemate’ metaphor in Ukraine’s war Financial Times (Financial Times) Referring to the conflict as such only invites moral and strategic errors
Inside the Commando Raids Unnerving Russia in Crimea (New York Times) The lightning assaults are part of a larger campaign using drones and missiles to degrade Russian forces and demoralize the public.
Russia-Ukraine war at a glance: what we know on day 606 of the invasion (the Guardian) Six dead in Russian missile strike on Kharkiv postal distribution centre, says governor; Volodymyr Zelenskiy holds talks with Turkish counterpart ahead of peace summit next week
Russian missile strike on Kharkiv postal centre kills six people, officials say (the Guardian) Ministry of internal affairs says 16 injured in attack on civilian site in Ukrainian city
Ukraine-Russia war: Ukraine ‘facing new onslaught’ in Donetsk (The Telegraph) Ukraine is facing a new Russian onslaught in the eastern city of Avdiivka, senior military officials warned on Friday.
Russian Shelling, Strikes Leave Dead, Wounded Civilians In Several Ukrainian Regions (RadioFreeEurope/RadioLiberty) More civilians have been reported killed or wounded in fresh Russian shelling and air strikes in southern and eastern regions of Ukraine, officials reported on October 21, as several areas declared temporary air-raid alerts.
The leaders of Ukraine and Russia assess resources as their war heads toward another winter (AP News) Ukrainian President Volodymyr Zelenskyy says he spoke by phone with President Joe Biden about future U.S. support for Ukraine.
Biden Asks Congress to Approve Fiscal '24 Supplemental Request (U.S. Department of Defense) President Joe Biden has asked Congress to approve a supplemental budget request for fiscal 2024 that will allow Ukraine to continue its fight against Russian invaders and deliver military capabilities
The Ghost of Hetman Sahaidachny: Evaluating Ukraine’s Maritime Military Operations (Wilson Center) Ukraine’s ability to project power into the Black Sea has improved significantly since the start of the 2022 war when the Ukrainian navy was forced to scuttle its flagship Hetman Sahaidachny to avoid capture by Russian forces.
Ukrainian Corruption, Russian Corruption (Wilson Center) Ukraine is more than 30 spots ahead of Russia on the 2022 Rule of Law Index.
International Criminal Court says cyberattack was attempted espionage (TechCrunch) The court, which prosecutes crimes against humanity and war crimes, accused the hackers of attempting to "undermine the Court’s mandate."
War crimes tribunal says September cyberattack was act of espionage (Record) The September attack came at a time of “broader and heightened security concerns for the Court,” including threats against several of its elected officials.
International Criminal Court investigating “unprecedented” cyberattack (Cybernews) The International Criminal Court (ICC) has fallen victim to a sophisticated cyberattack, suspected to be an espionage operation
Hague war crimes tribunal blames cyber spies for intrusion (Register) Tell us it's Russia without telling us it's Russia
UN finds further evidence of Russian war crimes in Ukraine (the Guardian) Report points to ‘wilful killing, torture, rape and other sexual violence, and the deportation of children to the Russian Federation’
Electric cables, hammers and guns: Ukrainians tell of Russian torture (the Guardian) As prosecutors prepare war crimes case, victims reveal how they were beaten and made to dig own graves in Balakliia
Russian anti-war activist dies after ‘fall from height’ (The Telegraph) Olga Nazarenko was well-known for her stubborn protests against the Kremlin
Attacks, Threats, and Vulnerabilities
Russia is undermining election integrity in democracies, cable warns (Washington Post) Russian election interference has expanded to emphasize undermining the integrity of elections in at least nine countries during the 2020 and 2022 cycles, according to a State Department cable intended to be sent to more than 100 democracies and revealed on Friday.
Russia, shifting tactics, fans doubt in election integrity, U.S. says (Washington Post) A new intelligence assessment indicates the Kremlin appears to be expanding its long-running efforts to weaken the world’s democracies
What a Chinese invasion of Taiwan could look like in cyberspace (Washingtonn Post) China could conduct cyber campaigns against Taiwan before and during any conflict to take it, an annual Defense Department report on Chinese power predicted.
North Korean hackers are targeting software developers and impersonating IT workers (Help Net Security) State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years.
Additional Guidance on the Democratic People's Republic of Korea Information Technology Workers (IC3) The United States (U.S.) and the Republic of Korea (ROK) are updating previous warnings and guidance to the international community, the private sector, and the public to better understand and guard against the inadvertent recruitment, hiring, and facilitation of Democratic People's Republic of Korea (DPRK, a.k.a. North Korea) information technology (IT) workers.
DarkGate malware campaign (WithSecure) Vietnamese cybercrime groups are using multiple different Malware as a Service (MaaS) infostealers and Remote Access Trojans (RATs) to target the digital marketing sector. These actors greatly value Facebook business accounts and hijacking these accounts appears to be one of their primary goals. The targeting and methods of these groups heavily overlap to an extent that suggests that they are a closely related cluster of operators/groups. It is possible to identify campaigns carried out by these groups through non-technical indicators, such as their lure topics, lure files, and associated metadata.
DarkGate Malware Campaigns Linked to Vietnam-Based Cybercriminals (Infosecurity Magazine) WithSecure has found strong indicators that DarkGate attacks are being perpetrated by attackers also using the Ducktail infostealer
Vietnamese hackers attack UK, US and India with DarkGate malware (Computing) In a recent surge of cyberattacks, malicious actors from Vietnam have been identified using a variety of Malware-as-a-Service (MaaS) infostealers and Remote Access Trojans (RATs) with an aim to target the digital marketing sector in the United States, United Kingdom and India.
Fake Corsair job offers on LinkedIn push DarkGate malware (BleepingComputer) A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine.
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover (Dark Reading) SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.
Critical RCE flaws found in SolarWinds access audit solution (BleepingComputer) Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges.
Okta says hackers used stolen credentials to view customer files (Record) Hackers accessed files from customer support cases, exposing the information of an undisclosed number of people.
SolarWinds Access Rights Manager Flaw Let Attackers Execute Remote Code (Cyber Security News) SolarWinds Access Rights Manager 2023.2 was impacted with multiple flaws that let a remote attacker escalate privileges and execute RC.
Quasar RAT Leverages DLL Side-Loading Techniques (Uptycs) The Quasar RAT employed a novel technique known as DLL side-loading, designed to drop, deploy, and execute malicious payloads without raising suspicions.
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs (Horizon3.ai) Technical deep-dive, indicators of compromise, and exploit POC for CVE-2023-34051 which affects VMware vRealize Log Insight RCE as reported in VMSA-2023-0021. This vulnerability leads to remote code execution and full system compromise.
Number of hacked Cisco IOS XE devices plummets from 50K to hundreds (BleepingComputer) The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline.
Cisco discloses new IOS XE zero-day exploited to deploy malware implant (BleepingComputer) Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices (The Hacker News) Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install malware.
Cisco Finds New Zero Day Bug, Pledges Patches in Days (Dark Reading) A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
Hackers Hit Secure File Transfer Software Again and Again (BankInfoSecurity) The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
BeyondTrust Discovers Breach of Okta Support Unit (BeyondTrust) This blog shared details of the Okta support unit attack to educate other Okta users and infosec professionals. For BeyondTrust customers who leverage our Identity Security Insights product, we have also outlined the various detections that would alert you to this type of attack and recommendations…
Okta Support System Hacked, Sensitive Customer Data Stolen (SecurityWeek) Okta warns that hackers broke into its support case management system and stole sensitive data that can be used to impersonate valid users.
Okta says its support system was breached using stolen credentials (BleepingComputer) Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials.
Hackers Stole Access Tokens from Okta’s Support Unit (KrebsOnSecurity) Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a "very…
Software firm Okta's shares slump on cyber breach (Reuters) Okta on Friday disclosed a breach of its customer support system that allowed some hackers to view files uploaded by certain clients, pushing the software company's shares down about 12%.
Okta shares fall 11% after company says client files were accessed by hackers via its support system (CNBC) Cybersecurity firm Okta said an unidentified hacker had accessed the company's support system and viewed client files.
Casio says customers in 148 countries affected by breach (Recotd) The company said hackers accessed the company’s education web application ClassPad.net. The breach was traced back to "insufficient operational management.”
Council Post: Four Telltale Signs Your Infrastructure Is Being Abused For A DDoS Attack (Forbes) While there are a multitude of signals that indicate the launch of a DDoS attack, these four telltale signs will often stand out above the rest.
Thousands of drivers have sensitive data exposed to hackers in major IT breach (Independent) The driving licences of thousands of motorists who had vehicles towed on behalf of the gardaí were left at the mercy of hackers in a major data breach, the Irish Independent can reveal.
Thousands of Irish drivers exposed to data breach (FM104) More than half a million documents have been exposed.
Irish National Police Records of Seized Vehicles Exposed in 3rd Party Contractor Data Breach (vpnMentor) Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained over 500k records containing identification
Telemarketer at centre of charity cyber hack collapses, putting more than 100 out of work (ABC) Pareto Phone folds less than two months after the ABC revealed the company had potentially breached Australian privacy laws by keeping donor details for more than a decade.
Cyber attacks hit NY state casino operation, two Hudson Valley hospitals (New York Post) The state Gaming Commission confirmed that its central operating system serving the state’s slot parlors was impacted by a cybersecurity attack — forcing the closure of Jake 58 casino i…
Cyberattack hits 2 New York hospitals, forces ambulance diversions (Niagara Gazette) Two hospitals in New York were hit with a cyberattack and are diverting patients to other facilities, hospital officials said Friday.
State Gaming Commission says 'cybersecurity event' shut down Jake’s 58 (News 12 - Long Island) The incident, which remains under investigation, affected Everi, which is the licensed operator of New York’s video lottery gaming central system.
City of Philadelphia discloses data breach after five months (BleepingComputer) The City of Philadelphia is investigating a data breach after attackers "may have gained access" to City email accounts containing personal and protected health information five months ago, in May.
Chambersburg staff, students personal data compromised in cyber attack (ABC27) CHAMBERSBURG, Pa. (WHTM) – Personal data of Chambersburg Area School District staff and students was “taken” as a result of a cyber attack discovered in August. According to the C…
Kwik Trip finally confirms cyberattack was behind ongoing outage (BleepingComputer) Two weeks into an ongoing IT outage, Kwik Trip finally confirmed that it's investigating a cyberattack impacting the convenience store chain's internal network since October 9.
Security Patches, Mitigations, and Software Updates
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA, in response to active, widespread exploitation, released guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). An unauthenticated remote actor could exploit these vulnerabilities to take control of an affected system. Specifically, these vulnerabilities allow the actor to create a privileged account that provides complete control over the device.
Trends
Ransomware attacks on US healthcare organizations cost $20.8bn in 2020 (Comparitech) We've gathered data on ransomware attacks involving hospitals and healthcare organisations to understand the true cost of this crime in the US.
HR emails dominate phishing attacks - IT-Online (IT-Online) HR related email subjects continue to be utilised as a phishing strategy and make up more than 50% of top email subjects, according to KnowBe4’s Q3 2023 global phishing report. Phishing emails continue to be one of the most common methods to effectively perpetuate malicious attacks on organisations around the globe. In fact, KnowBe4’s 2023 […]
Marketplace
‘From This Abyss, Something Better Will Grow’: Israel’s Tech Leaders Brace for an Uncertain Future (The Information) Since the Hamas terror attacks of Saturday, October 7, Israel’s tight-knit tech community has rallied to the country’s defense. Some executives have children in the Israeli military or serve themselves; others immediately launched civil aid programs to support the Israel Defense Forces, war ...
Cybersecurity Spending Slows as Investment Patterns Shift (Security Boulevard) There was a 65% drop in growth in cybersecurity spending during the 2022-23 budget cycle, according to an IANS report.
Protos Labs Raises SGD $3 Million in Oversubscribed Seed Round to Revolutionize Cyber Risk Management (Yahoo Finance) Protos Labs, a pioneering cyber risk management company, today announced a successful seed round funding of SGD $3 million. The company plans to use the funds to accelerate its global expansion and product development, as it works to revolutionize the cyber insurance and risk management landscape. The company's innovative solutions have already garnered the attention of leading organizations such as the Lloyd's of London and the Cybersecurity Agency of Singapore.
Fraud Detection Firm Spec Raises $15 Million (SecurityWeek) Silicon Valley fraud detection startup attracts $15 million in new financing from SignalFire, Legion Capital and Rally Ventures.
Who Got Poorer This Week: Three Tech Titans Lose $37 Billion (Forbes) Markets were slightly down this week but three of America’s top 30 richest —Dell Technologies’ Michael Dell, Nvidia’s Jensen Huang and Tesla’s Elon Musk—took especially big tumbles.
Insider Sell: CEO & President Sumedh Thakar Sells 5,005 Shares of Qualys Inc (Yahoo Finance) On October 16, 2023, Sumedh Thakar, the CEO and President of Qualys Inc (NASDAQ:QLYS), sold 5,005 shares of the company.
Tim Massey Promoted to Chief Growth Officer Role at Radiance Technologies (GovCon Wire) Looking for the latest GovCon News? Check out our story: Tim Massey Promoted to Chief Growth Officer Role at Radiance Technologies. Click to read more!
Products, Services, and Solutions
New infosec products of the week: October 20, 2023 (Help Net Security) The featured infosec products this week are from: Arcitecta, AuditBoard, BackBox, Prevalent, and Thales.
Semperis and Veritas to Protect Enterprises from Cyberattacks on Active Directory Systems (Business Wire) Semperis, a pioneer in identity-driven cyber resilience, today announced a global relationship with Veritas Technologies, a leader in secure multi-cloud data management, to protect enterprises’ most critical assets and identity systems from cyberattacks.
Veritas™ 360 Defense to Deliver Cyber Resilience On-Prem and Across Clouds (Veritas) Extensible architecture based on real-world testing with industry-leading security vendors
Elon Musk confirms X is soon launching two new premium tiers (TechCrunch) Elon Musk today said that X (formerly Twitter) is going to soon launch two new premium tiers, confirming previous reports and code sightings.
Dashlane Diminishes Free Password-Manager Tier (PCMAG) The free service now comes with a limit of 25 saved passwords and no 1:1 customer support.
Radiflow partners with Cyolo to secure OT networks against unauthorised device access (ETCIO.com) To elevate threat detection capabilities and proactively safeguard against attacks, Radiflow leverages Cyolo's Edge technology, ensuring access is exclusively authorised.
Palo Alto Networks Revolutionizes Cloud Security With Industry-First Integrated Code to Cloud Intelligence (PR Newswire) Prisma Cloud's "Darwin" release simplifies cloud security and improves productivity and collaboration across code, infrastructure and runtime security for...
Seattle Kraken name WatchGuard official cybersecurity partner of team, Climate Pledge Arena (Sports Business Journal) Seattle Kraken will upgrade its cyber defenses with the WatchGuard Unified Security Platform architecture. WatchGuard will also assume a partner role with Climate Pledge Arena.
Ripcord and Carahsoft Partner to Make Intelligent Document Processing Solutions Available to Government Agencies (GlobeNewswire News Room) Partnership Enables Procurement of Document Intelligence as a Service™ Software Public Sector...
Alarum: NetNut launches new website enhancing marketing and sales capacity and experience (GlobeNewswire News Room) NetNut' new and upgraded website allows enterprises with limitless web data extraction TEL AVIV, Israel, Oct. 23, 2023 (GLOBE NEWSWIRE) -- Alarum...
Technologies, Techniques, and Standards
NSA Shares Recommendations to Advance Device Security Within a Zero Trust Framework (National Security Agency/Central Security Service) The National Security Agency (NSA) has released a Cybersecurity Information Sheet (CSI) to enable federal agencies, partners, and organizations to assess devices in their systems and be better poised
More Companies Adopt Board-Level Cybersecurity Committees (Decipher) The hope is that these types of committees will tighten collaboration between boards and CISOs and lead to more support and resources for organizations’ cybersecurity strategies.
Securing generative AI starts with sustainable data centers (VentureBeat) Too much focus on cost reduction alone without sustainability designed into data center infrastructure leaves them vulnerable to cyberattacks that capitalize on weak points in infrastructure.
Attack Surface Management & its Role in Cybersecurity (Swimlane) What is attack surface management? Learn how to protect attack surfaces and keep your organization from vulnerabilities and security breaches here, with Swimlane.
Ransomware gangs take less than a day to breach Microsoft Active Directory. Here’s what to do (SC Media) Once attackers penetrate Active Directory, they can move laterally from system to system through the network, steal data, access applications and servers, plant backdoors and ransomware, and cause other types of disruption.
How the CIA’s top-ranking woman beat the agency’s men at their own game (Washington Post) In the early history of the CIA, marked by towering male figures like Allen Dulles, William Colby and William “Wild Bill” Donovan, few careers proved more remarkable — and unlikely — than that of a Southern blue blood named Eloise Randolph Page.
Design and Innovation
What Is Generative AI and How It Impacts the Cybersecurity Industry (CrowdStrik) In this post, we’ll look at the integral role of generative AI in contributing to a robust cybersecurity posture.
AI Is Becoming More Powerful—but Also More Secretive (WIRED) The companies behind ChatGPT and other popular and powerful AI systems aren’t transparent enough about their training data and how they work, according to a new report from Stanford University.
Newspapers want payment for articles used to power ChatGPT (Washnington Post) The artificial intelligence gold rush is creating uncertainty over the future of online information — and pushing publishers and tech firms to make deals
Research and Development
The Race to Save Our Secrets From the Computers of the Future (New York Times) Quantum technology could compromise our encryption systems. Can America replace them before it’s too late?
How Does AI ‘Think’? We Are Only Starting to Understand That (Wall Street Journal) Despite all the talk about the AI revolution, the only thing we know for sure is that we can’t really know what’s coming
Academia
'Cyber warriors': LSU opens new center to protect universities from hackers, train for jobs (The Advocate) LSU added another gadget to its cybersecurity tool belt Thursday with the opening of a new center dedicated to protecting higher education statewide and providing a pathway to careers in
Loughborough Uni to create five cyber AI research posts (Computer Weekly) Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security
Legislation, Policy, and Regulation
A stern glance from all Five Eyes. (CyberWire) The Five Eyes offer an unusually direct warning about the threat of Chinese industrial espionage.
Responsible Cyber Operations: From Theory to Reality (Infosecurity Magazine) Nick Beecroft discusses how to create a doctrine for being a responsible cyber power
CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP) | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, the Cybersecurity and Infrastructure Security Agency (CISA) released a fact sheet on the effort to revise the National Cyber Incident Response Plan (NCIRP). Through the Joint Cyber Defense Collaborative (JCDC), CISA will work to ensure that the updated NCIRP addresses significant changes in policy and cyber operations since the initial NCIRP was released.
GOP Rep: Government, Private Sector Must Plan for Big Attack (GovInfoSecurity) U.S. government agencies and the private sector embraced information sharing but lack a coordinated response plan in the event of a massive cyberattack, a House
Conservatives are increasingly knives out for the nation’s top cyber agency (POLITICO) Lawmakers are racing to defuse attacks the hard-right has levied against the Cybersecurity and Infrastructure Security Agency.
Defending federal networks requires more than money, CSIS study finds (CyberScoop) A six-month study dove into the services offered by the Cybersecurity and Infrastructure Security Agency to protect federal networks.
US Army Adapts to the Evolving Cyber Battlefield with High Demand for Cyber Officers (SOFREP) The demand for cyber officers in the US Army is skyrocketing, driving early recruitment and tech training to secure our digital future.
GEN Nakasone selects Matteo G. Martemucci as Deputy Chief, Central Security Service (National Security Agency/Central Security Service) General Paul M. Nakasone, Commander, U.S. Cyber Command and Director, National Security Agency (NSA)/Chief, Central Security Service (CSS) has chosen Major General Select Matteo G. Martemucci to serve
Litigation, Investigation, and Law Enforcement
Supreme Court Lifts Limits for Now on Biden Officials’ Contacts With Tech Platforms (New York Times) The court also agreed to hear the administration’s appeal, paving the way for a major ruling on how far government can go to encourage sites to delete asserted misinformation.
Belgium investigating alleged criminal breach of data protection laws over London Ulez fines (the Guardian) Thousands of fines sent to EU drivers by TfL debt collection agent may be unlawful, Belgian transport ministry believes
China’s state security agency reveals US espionage case (Global Times) A concerning espionage case uncovered by Chinese national security organs was revealed through media reports on Sunday, involving a US spy agency's efforts to turn Chinese nationals studying in the US. The case dug out the intelligence informers planted by the US in China's key defense military institutes and eliminated major hidden dangers.
The suspect, surnamed Hou, began providing classified information on China's defense and military industry to the US spy agency from 2013 until he was captured by the Chinese security agencies in 2021.
Feel-good story of the week: 2 ransomware gangs meet their demise (Ars Technica) One is fatally hacked, the other shut down in international police dragnet.
Alleged developer of the Ragnar Locker ransomware was arrested (Security Affairs) A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation.
U.S., European Authorities Disrupt Ragnar Locker Ransomware Operation (Decipher) Law enforcement agencies from Europe and the U.S. seized the infrastructure and arrested alleged members of the Ragnar Locker ransomware gang this week.
Europol: ‘Key target’ in Ragnar Locker ransomware operation arrested in Paris (Record) The announcement was the first official word from law enforcement after the gang’s leak site was replaced a day earlier with a banner featuring the insignias of several agencies.
Ragnar Locker Ransomware Gang Dismantled, Key Suspect Arrested, Site Seized (Hackread) Global law enforcement involving 11 countries has shuts down Ragnar Locker ransomware gang.
Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer (The Hacker News) Europol takes down Ragnar Locker's infrastructure, arrests key suspect in France.
Hacker accused of breaching Finnish psychotherapy center facing 30,000 counts (Record) Kivimäki allegedly hacked into the Finnish firm Vastaamo, which managed dozens of psychotherapy centers throughout the country, in 2018, stealing the private treatment records of over 33,000 patients.
Opinion Did Sam Bankman-Fried know what he was doing? (Washington Post) As Sam Bankman-Fried (popularly known as SBF) gets ready to take the stand in his own trial, some fundamental questions remain unanswered.
Lack of accountability breeds mistrust on IRS leak (Washington Examiner) With trust in the federal government at an all-time low, government officials should particularly avoid the appearance of bias and favoritism in all their actions.
Statement of Senator Jinggoy Ejercito Estrada on the Cyber Libel Conviction of His Critic Jessant So (Senate of the Philippines) I welcome the decision of the Quezon City Regional Trial Court Branch 90 finding the accused in my cyber libel complaint, Jessant So, guilty beyond reasonable doubt for seven counts under Section 4(c)(4) of Republic Act No. 10175, otherwise known as the Cybercrime Prevention Act of 2012 and sentenced to suffer the penalty of imprisonment of prisión correccional in its maximum period from 4 years, 2 months and 1 day to 6 years to prisión mayor in its minimum period of six (6) years and one (1) day to eight (8) years for each of the seven (7) cases.
