Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+609: Troll amplification. (CyberWire) Russia and Ukraine prepare for a winter war against the energy sector. Hackivists his propagandists' Spotify pages. A campaign of coordinated inauthenticity amplifies Mr. Musk's intemperate tweets.
Israel-Hamas War News: Live Updates on the Unfolding Conflict in Gaza (Wall Street Journal) Live updates and the latest news on the escalating conflict in Gaza between Israel and Hamas.
Israeli troops, tanks and bulldozers enter Gaza in overnight raid (the Guardian) Significant incursion comes as EU leaders finalise text calling for ‘humanitarian corridors and pauses’
A Close Look at Some Key Evidence in the Gaza Hospital Blast (New York Times) A widely cited missile video does not shed light on what happened, a Times analysis concludes.
What Palestinians Really Think of Hamas (Foreign Affairs) Before the war, Gaza’s leaders were deeply unpopular—but an Israeli crackdown could change that.
The gullible West is falling for Hamas's fictitious death figures (The Telegraph) Believing the terrorist group's blatant untruths is sowing havoc in the real world
Evil is real, and the West is in peril for forgetting that (The Telegraph) The refusal of so many to see Hamas’s wickedness for what it is speaks to a dangerous moral relativism
Israel collecting digital evidence for war crimes case against Hamas (Haaretz.com) "The Library" IDs the Hamas terrorists and documents how they murdered a thousand civilians and kidnapped hundreds into Gaza – based on video from their GoPro cams, social media and online sources.
Opinion | Putin Is Getting What He Wants (New York Times) Russia is emerging as a major beneficiary of the war in Gaza.
Connecting the wars: Intel analysis of Israel-Hamas and Russia-Ukraine (Security Magazine) In Episode 17 of the Cybersecurity & Geopolitical Discussion from Security magazine, Ian Thornton-Trump, Philip Ingram and Lisa Forte analyze the Russia-Ukraine and Israel-Hamas wars.
Russia-Ukraine war: List of key events, day 610 (Al Jazeera) As the war enters its 610th day, these are the main developments.
Ukraine-Russia war: Russian generals 'sacrificing own men' in eastern assault on Avdiivka (The Telegraph) Russian generals are throwing their troops forward in their assault on the eastern town of Avdiivka despite suffering heavy losses, Ukraine has claimed.
Russian drone debris downs power lines near Ukraine nuclear plant (C4ISRNet) Russia “is likely trying to expand and diversify its arsenal of drones," according to the Institute for the Study of War, a Washington think tank.
Finland says Chinese ship to blame for subsea pipeline break (Record) Finland's investigation into the damage found a dragging trail on the seabed leading to the point of damage in the gas pipeline. The report left open the question of whether the damage was intentional or accidental.
Russian forces simulate nuclear strike as upper house rescinds ratification of test ban treaty (AP News) Russia’s military has conducted a simulated nuclear strike in a drill overseen by President Vladimir Putin. The exercise came hours after the upper house of parliament voted to rescind the country’s ratification of a global nuclear test ban.
Kennan Cable No. 84: A Survey of Russian Grassroots Anti-War Resistance (Wilson Center) Many people throughout the world wonder if there is a lack of civil society within Russia, particularly after the February 24, 2022, invasion of Ukraine. Western analysts underestimate the status of civil society when they place significant emphasis on discussing contentious polling data, including figures from Kremlin-controlled pollsters, and incorrectly quote opposition leaders, such as Ksenia Sobchak, Vladimir Putin's goddaughter, as a voice of the opposition.
Russian artists’ Spotify accounts defaced by pro-Ukraine hackers (Record) A group of pro-Ukraine hackers recently compromised the Spotify accounts of several well-known Russian musicians, swapping out their profile pictures for images of Ukraine’s flag and a Ukrainian rapper with a call to stop Russia's war in Ukraine.
Elon Musk Mocked Ukraine, and Russian Trolls Went Wild (WIRED) Inauthentic accounts on X flocked to its owner’s post about Ukrainian president Vlodymr Zelensky, hailing “Comrade Musk” and boosting pro-Russia propaganda.
Putin Flack Claims ‘Ethnic Cleansing’ of Jews on Kremlin TV (The Daily Beast) The Israel-Gaza war has kicked off a profanity-laced firestorm among the Kremlin’s star propagandists.
German prosecutors handed evidence of Russian war crimes in Ukraine (the Guardian) Complainants hope to use principle of universal jurisdiction in three separate cases
Armenian Prime Minister Hopes For Peace Pact With Azerbaijan Soon (RadioFreeEurope/RadioLiberty) Armenia hopes to conclude a peace agreement with Azerbaijan in the coming months and establish diplomatic relations with Baku, Armenian Prime Minister Nikol Pashinian said.
Russia-Ukraine war live: Slovakia halts military aid to Ukraine; North Korea becoming ‘significant’ arms supplier to Moscow (the Guardian) New Slovakian prime minister says it will no longer supply weapons to Ukraine as UK says North Korea set to become one of Russia’s most important foreign arms suppliers
Attacks, Threats, and Vulnerabilities
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan (Cisco Talos Blog) Cisco Talos assesses with high confidence that YoroTrooper, an espionage-focused threat actor first active in June 2022, likely consists of individuals from Kazakhstan based on their use of Kazakh currency and fluency in Kazakh and Russian.
Kazakhstan-based hackers targeting gov’t websites in Central Asia, Cisco says (Record) Hackers believed to be based in Kazakhstan are targeting other members of the Commonwealth of Independent States in a wide-ranging espionage campaign, according to new research.
Mandiant Intelligence Chief Raises Alarm Over China's 'Volt Typhoon' Hackers in US Critical Infrastructure (SecurityWeek) Critical infrastructure defenders should urgently work to find and remove traces of Volt Typhoon, a Chinese government-backed hacking team.
Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner (Zeroday) Malware discovered in 2017 was long classified as a crypto miner. But researchers at Kaspersky Lab say it's actually part of a sophisticated spy platform that has infected more than a million victims.
Russian hacking group seen exploiting Roundcube webmail zero-day (Computing) ESET researchers have revealed that the Winter Vivern Russian hacking group has exploited a zero-day vulnerability in Roundcube Webmail, targeting various European government entities and think tanks.
Netskope Threat Coverage: Menorah (Netskope) Summary In October 2023, Netskope analyzed a malicious Word document and the malware it contained, dubbed “Menorah.” The malware was attributed to an
NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208) (Horizon3.ai) Mirth Connect, by NextGen HealthCare, versions prior to 4.4.1 are vulnerable to an unauthenticated RCE vulnerability, CVE-2023-43208.
Part 2 : Craxs Rat Latest Version with Dropper Module. (CYFIRMA) EXECUTIVE SUMMARY This report provides an additional overview of the destructive Remote Administration Tool, which has been developed by a...
CVE-2023-37460 | plexus-archiver vulnerability (JFrog) Vulnerability and POC info for plexus-archiver component used in many open source packages incl. maven WAR plugin
Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting (Horizon3.ai) Cisco IOS XE CVE-2023-20198 technical deep-dive, WebUI internals, patch diffing, and exploit theory crafting.
Exposed Passwords on Endpoints Are More Common Than You Think (Huntress) Discover the alarming prevalence of exposed passwords on endpoints and how to safeguard your credentials. Learn from Huntress' findings and insights.
How Fastly Protects its customers from Massive DDoS threats including the Rapid Reset attack (Fastly) The Rapid Reset DDoS attack did not affect Fastly traffic because we can automatically detect and defend against attacks that others can’t.
Amazon-themed PDF Phishing, Abusing LinkedIn and Twitter, Targets Microsoft Live Outlook Users (Netskope) Summary In August 2023, Netskope Threat Labs highlighted an increase in downloads of PDF phishing attachments in Microsoft Live Outlook, caused by a
Okta’s Latest Security Breach Is Haunted by the Ghost of Incidents Past (WIRED) A recent breach of authentication giant Okta has impacted nearly 200 of its clients. But repeated incidents and the company’s delayed disclosure have security experts calling foul.
The pirates are back (Panda Security) A new study from the European Union’s Intellectual Property Office (EUIPO) suggest that online piracy has increased for the first time in years. In fact, piracy rates have been falling for several years, so a reverse in that trend is significant.
General Information | Potential Public List Widget Misconfiguration - Support and Troubleshooting (Now Support Portal) 1. Overview ServiceNow is aware of the recent publications describing a potential misconfiguration issue that could result in unintended access and is actively investigating the reports that we have observed
Breach Debrief Series: ServiceNow Data Exposure (Adaptive Shield) Earlier this week, ServiceNow acknowledged a misconfiguration that could expose sensitive corporate information to the public. In this blog, we analyze the issue, explaining why this critical application misconfiguration could have serious consequences for businesses, and offer remediation guidance.
Philadelphia: Hackers spent three months accessing city gov’t email accounts (Record) The government of Philadelphia said hackers spent at least three months inside city email systems, giving them wide access to health information stored in email accounts.
Seiko says ransomware attack led to leak of 60,000 ‘items’ of personal data (Record) Japanese watchmaker Seiko announced on Wednesday that a ransomware incident initially reported this summer resulted in the breach of about 60,000 pieces of personal data from customers, employees, business partners and job applicants.
New England Biolabs leak sensitive data (Security Affairs) On September 18th, the Cybernews research team discovered two publicly hosted environment files (.env) attributed to New England Biolabs.
Hackers that breached Las Vegas casinos rely on violent threats, research shows (CyberScoop) While best known for its social engineering techniques, a criminal hacking group known as "the Com" sometimes uses threats of violence.
Security Patches, Mitigations, and Software Updates
CISA Releases Nine Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Apple Ships Major iOS, macOS Security Updates (SecurityWeek) Apple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits.
Mozilla Releases Security Advisories for Multiple Products | CISA (Cybersecurity and Infrastructure Security Agency CISA) Mozilla has released security updates to address vulnerabilities in Firefox ESR 115.4 and Firefox 119. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
Grammarly says it corrected sign-in vulnerabilities after alert from cyber researchers (Record) The bugs, found by researchers at Salt Security, involved social sign-in — when someone accesses a web service through their credentials on another platform. Other companies were affected besides Grammarly.
Proton’s password manager now lets you securely share logins (The Verge) Free users can share vaults with up to two other people.
Trends
DDoS threat report for 2023 Q3 (The Cloudflare Blog) In the past quarter, DDoS attacks surged by 65%. Gaming and Gambling companies were the most attacked and Cloudflare mitigated thousands of hyper-volumetric DDoS attacks. The largest attacks we saw peaked at 201 million rps and 2.6 Tbps.
2023 Business Impact Report (Identity Theft Resource Center) Once upon a time, it was true that small businesses and solopreneurs were not a favorite target for cybercriminals. Attackers tended to go for larger, data-rich organizations with lots of cash and thousands of employees, where the law of averages meant it was easier to find someone to fall for a phishing attack.
Ransomware Soars as Myriad Efforts to Stop It Fall Short (Bloomberg) For the past two years, a loose coalition of government officials, law enforcement and cybersecurity companies have tried all kinds of tactics to curb ransomware attacks.
Ryan Gosling Tops McAfee’s 2023 Hacker Celebrity Hot List (Business Wire) McAfee Labs reveals the big-name celebrities whose names are most often exploited by scammers to lead you to malware or risky sites when searching online
SonicWall Data Confirms that Ransomware is Still the Enterprise's Biggest Fear (PR Newswire) As Cybersecurity Awareness Month comes to a close, SonicWall today released the findings of its 2023 SonicWall Threat Mindset Survey which...
Marketplace
What the mystery buyer of RTX's cyber business is getting (Washington Technology) RTX is fetching $1.3 billion for its cybersecurity, intelligence and services business unit. We can tell you all about the transaction even without (yet) knowing the acquirer's identity.
Microsoft touts demand for its security services in fiscal Q1, driven by AI appetite (Cybersecurity Dive) The company said it is gaining market share in the cybersecurity segment and is opening access to its AI-based Security Copilot after an early preview.
Cohesity Names Industry Leaders – Indra Nooyi, Jim Snabe, Ken Denman, and Tami Erwin – to Newly Formed CEO Advisory Council (Cohesity) Council to Serve as Senior Advisors to the CEO to Advance Cohesity’s Leadership Position and Provide Strategic Insights
Products, Services, and Solutions
The California Department of Technology tackles digital divide, taps network giant Lumen for massive fiber expansion (Lumen Newsroom) The State of California Department of Technology and Lumen Technologies (NYSE: LUMN) are tackling digital inclusion head-on with a multi-billion dollar network investment to bring equitable,...
DataPivot Technologies - Data Protection, Cloud and Security Solutions (DataPivot Technologies) DataPivot Technologies, a prominent data protection, cloud, and security solutions provider, is honored to announce its prestigious recognition as Commvault’s Partner of the Year. This remarkable achievement highlights DataPivot’s proven expertise, best practices approach and overall innovative sol
Azion Earns Frost & Sullivan’s 2023 North American New Product Innovation Award (Azion Technologies) Azion's state-of-the-art platform requires minimal coding to create fully customizable applications that are easily built, deployed, secured, and observed.
Progress Unveils AI-powered Contextual Threat Event Analysis with Latest Release of Flowmon (Progress) Flowmon Anomaly Detection System (ADS) 12.2 offers new capabilities to manage the growing volume of cyber threats with speed and precision
N2K Cyber and Microsoft expand collaboration with the launch of The Microsoft Threat Intelligence Podcast. (N2K Cyber) N2K Cyber, previously The CyberWire Network, today announced the launch of The Microsoft Threat Intelligence Podcast, the latest series from the Microsoft Security team to join the leading cybersecurity media network. The show joins other well-known Microsoft Security podcasts on the N2K Cyber networks, including Afternoon Tea with Ann Johnson and Uncovering Hidden Risks.
Cado Security Launches Incident Response Preparedness with New Readiness Dashboard - Cado Security | Cloud Forensics & Incident Response (Cado Security) Cloud forensics and incident response company introduces new product features to enable organizations to embrace a proactive approach to incident response in the cloud Cado Security Launches Incident Response Preparedness with New Readiness Dashboard Cloud forensics and incident response company introduces new product features to enable organizations to embrace a proactive approach to incident response […]
Amazon Web Services to Launch AWS European Sovereign Cloud (Press Center) AWS European Sovereign Cloud will be a new, independent cloud for Europe that gives customers in highly regulated industries and the public sector further choice and flexibility to address evolving data residency and resilience requirements in the European Union (EU)
Strider Technologies Launches New Data Catalog Enabling Government Agencies to Identify and Analyze State-Sponsored Risk (Strider Intel) Curated data collections illuminate key indicators of state-sponsored risks to intellectual property, talent, and supply chains
At-Bay Launches New MDR Cybersecurity Solution for SMBs (At-Bay) At-Bay announced the launch of At-Bay Stance™ Managed Detection and Response (At-Bay Stance MDR) – a new MDR solution designed to help emerging and mid-sized businesses advance their security defenses and threat preparedness in light of rising cyber crime rates. By analyzing its claims data from the past two years, At-Bay estimates that more than 50% of its customers’ cyber insurance claims could have been mitigated with an effective MDR solution.
MainTegrity ushers in a new era of ransomware and malicious encryption protection for IBM mainframes (GlobeNewswire News Room) Cyber security pioneer MainTegrity® Inc. today announces a groundbreaking step in the battle against...
Tufin Orchestration Suite R23-2: Pioneering the Evolution of NetSec (Tufin) The core values and capabilities Tufin brings to the table are indispensable in an increasingly hybrid and complex corporate environment.
Forward Networks Named 2023 Hot Company In Compliance By Cyber Defense Magazine's Top InfoSec Innovator Awards (PR Newswire) Forward Networks announced today that it has been named the winner of the 2023 Hot Company in Compliance award by Cyber Defense Magazine...
AU10TIX Recognized as a Leading Innovator in Frost & Sullivan's 2023 KYC Radar (PR Newswire) AU10TIX, a global technology leader in identity verification and management, today announced that the company has been named an innovation...
Horizon3.ai NodeZero™ Autonomous Pentesting Users Saved $325K+/Year in Improved SecOps Productivity, and Third-party Pentesting and Vulnerability Scanner Costs, Independent Study Shows (Business Wire) Customers Recognized $1.63 Value per Every Dollar Spent.
Darktrace Unveils New Cloud-Native Security Solution Using AI to Provide Real-Time Cyber Resilience for Cloud Environments (PR Newswire) Darktrace, a global leader in cyber security AI, today unveiled a new Darktrace/Cloud™ solution based on its unique Self-Learning AI. The new...
Varonis Leads the Way in DSPM, Receiving Most Innovative in Data Security Posture Management Award (GlobeNewswire News Room) Varonis received the Most Innovative in Data Security Posture Management (DSPM) award from Cyber Defense Magazine (CDM)....
Cycode Named Winner of the Coveted Top InfoSec Innovator Awards for 2023 (GlobeNewswire News Room) Cycode Named Most Innovative in Application Security in the 11th Cyber Defense Magazine’s Annual InfoSec Awards during CyberDefenseCon 2023...
First-of-its-kind Imprivata facial recognition technology transforms clinician and patient experiences by enabling EPCS order signing from mobile devices (Imprivata) Advanced authentication solution supports secure and DEA-compliant EPCS order signing at any time and from anywhere with Epic Haiku and Canto iOS mobile applications
Blues and RAKwireless Announce Partnership to Streamline IIoT Product Development (PR Newswire) Blues, a leader in IIoT technology enabling global connectivity solutions, today announced its partnership with industrial-focused connectivity...
TeamViewer Adds Additional Security and Productivity Features for its Enterprise Connectivity Solution TeamViewer Tensor in Latest Major Update (PR Newswire) TeamViewer, a leading global provider of remote connectivity and workplace digitalization solutions, today announced a major update of its...
Technologies, Techniques, and Standards
CISA, HHS Release Collaborative Cybersecurity Health Care Toolkit (Cybersecurity and Infrastructure Security Agency) Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) co-hosted a roundtable discussion on the cybersecurity challenges that the U.S. healthcare and public health (HPH) sector system faces, and how government and industry can work together to close the gaps in resources and cyber capabilities. Ahead of the roundtable, CISA and HHS released a cybersecurity tool kit that includes resources tailored for the healthcare and public health sector.
New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding (SecurityWeek) A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions
A Cybersecurity Framework for Mitigating Risks to Satellite Systems (Dark Reading) Cyber threats on satellite technology will persist and evolve. We need a comprehensive cybersecurity framework to protect them from attackers.
CISA Issues Request for Comment on Software Identification Ecosystem Analysis White Paper (Cybersecurity and Infrastructure Security Agency) The Cybersecurity and Infrastructure Security Agency (CISA) is announcing a request for comment on our analysis or approaches in “Software Identification Ecosystem Option Analysis,” white paper that was published today outlining a collective, community goal for a more harmonized software identification ecosystem that can be used across the complete, global software space for all key cybersecurity use cases.
The Cybersecurity Resilience Quotient: Measuring Security Effectiveness (SecurityWeek) The Cybersecurity Resilience Quotient is a dynamic metric that can be applied in several ways and isn't a one-time assessment.
Mobile Networks: The New Battleground Where Signaling Security is the Weakest Link (Enea) Why mobile network resilience relies on secure signaling networks, and how Enea's signaling handbook for regulators and operators can help.
CISA Offers Guidance on Cybersecurity Awareness Month's 20th Anniversary (Insurance Journal) As the world's digital ecosystem has grown and become more complex, Trent Frazier, deputy assistant director in the stakeholder engagement division at
How much cybersecurity expertise does a board need? (CSO Online) Whether a specific requirement or not, companies must either educate their board of directors in cybersecurity and risk management or look to recruit directors with specific cybersecurity experience to improve organizations' response and decision-making.
Design and Innovation
Google Image Search Will Now Show a Photo’s History. Can It Spot Fakes? (WIRED) The new “About this image” feature will help you discern whether a photo search result can be trusted. But it’s not a surefire safeguard against misinformation.
AI doesn't care what you think (Computing) There seem to be two key moments when I really understand something. The first is when I build ‘that’ something, and the second is when I teach the subject. So, I sometimes experience a stinger question from a student that makes me think through my understanding and generally realise a greater clarity.
AI Laggard Intel Expands Effort to Help Companies Build ChatGPT-Like Apps (The Information) Intel has been largely left behind as an artificial intelligence boom has catapulted rival chipmakers such as Nvidia and Broadcom. While the once-iconic U.S. chipmaker still hopes to grab a piece of the fast-growing AI chip market, in the short term it is trying something different—selling ...
Legislation, Policy, and Regulation
How resilient is UK Critical National Infrastructure to cyber-attack? (UK Parliament) The UK is the third most targeted country in the world for cyber-attacks, after the US and Ukraine.
Neuberger: New global initiatives will include information sharing, ransomware payment tracking (Record) A global coalition of government cybersecurity leaders will announce efforts to boost information sharing about digital threats and take on nefarious cryptocurrency payments when they convene in Washington next week, a senior White House official said on Tuesday.
Biden Moves to Embrace AI as National Security Tool in Executive Order (Wall Street Journal) The order also is expected to include provisions designed to ensure that companies develop the technology safely.
Joint Industry statement of support for Consumer IoT Security Principles (Google Online Security Blog) David Kleidermacher, VP Engineering, Android Security & Privacy and DSPA Security & Privacy, and Eugene Liderman, Director, Android Security...
CISA budget cuts would be "catastrophic," official says (CyberScoop) A top CISA official said at a House hearing that Republican proposed cuts could hamper the agency's ability to monitor threats.
US cybersecurity agency funding under fire from Sen. Rand Paul (Federal Times) The lawmaker says his legislation would "require CISA to come clean about its actions that violated the First Amendment."
New House Speaker is a skeptic of U.S. cybersecurity agency (Washington Post) Rep. Mike Johnson, as House speaker, could play a key role in the fate of some cyber issues
California goes rough on data brokers - Panda Security (Panda Security Mediacenter) California legislators accepted amendments on aspects of the existing law to help residents scrub personal information from the internet.
Litigation, Investigation, and Law Enforcement
PayPal fined 900 mln won for customer data breach (Yonhap News Agency) SEOUL, Oct. 26 (Yonhap) -- PayPal Holdings, Inc., the multinational operator of an online ...
The AI-Generated Child Abuse Nightmare Is Here (WIRED) Thousands of child abuse images are being created with AI. New images of old victims are appearing, as criminals trade datasets.
Sam Bankman-Fried Will Testify in His Own Trial. It’s a Legal Hail Mary (WIRED) Received wisdom is that defendants shouldn’t take the stand in fraud trials. FTX founder Sam Bankman-Fried’s choice to do so is a bold gamble.
Advocate Aurora Health agrees to settlement in data breach lawsuit (WISN) Patients of Advocate Aurora Health could get as much as $50 as part of a data breach lawsuit.
NCAA probe began after firm obtained evidence from Michigan computers (Washington Post) The sign-stealing investigation threatening to disrupt Michigan’s football season began after an outside investigative firm approached the NCAA with documents and videos the firm said it had obtained from computer drives maintained and accessed by multiple Michigan coaches, according to two people familiar with the matter, evidence that suggests the scandal’s impact could broaden beyond the suspension of one low-level assistant.