Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+610: Combat refusals. (CyberWire) The Russian army is pushing Storm-Z units forward under threat of harsh penalties. ESET offers a look at Russia's major players in the cyber phases of the war.
Israeli troops mount second ground raid into Gaza (the Guardian) Troops attack targets in eastern Gaza City and pre-dawn bombardments reportedly kill dozens
Israel’s Laws of War (Foreign Affairs) How IDF doctrine shapes the campaign against Hamas in Gaza.
If we’re forbidden from looking history in the eye during this horrific war, we’re doomed to repeat it | Gaby Hinsliff (the Guardian) Palestinians and Israelis are bound together in suffering. Seeking to untangle this, as the UN has, should not be seen as making excuses for Hamas, says Guardian columnist Gaby Hinsliff
Israel’s 4 Bad Options in Gaza (TIME) TIME outlines the choices Israel faces in the wake of Hamas' Oct. 7 massacre, based on conversations with experts.
Kids are attending pro-Palestinian protests on Roblox (CNBC) Kids are attending Israel-Hamas war protests on Roblox, and so far, a pro-Palestinian virtual protest has been visited more than 275,000 times.
Russia-Ukraine war: List of key events, day 610 (Al Jazeera) As the war enters its 610th day, these are the main developments.
Russia-Ukraine war live: Zelenskiy claims equivalent of Russian brigade lost near Avdiivka; Putin warns of weapon smuggling from Ukraine (the Guardian) Ukraine’s president tells British PM brigade’s worth of troops lost trying to encircle embattled city; Putin demands action on weapons trafficking
Russia goes back to prisons to feed its war machine (BBC News) Russia's defence ministry has taken over from Wagner in recruiting inmates to fight in Ukraine.
Russia prison population plummets as convicts are sent to war (Washington Post) Russia has freed up to 100,000 prison inmates and sent them to fight in Ukraine, according to government statistics and rights advocates — a far greater number than was previously known.
Ukraine war: Russia executing own retreating soldiers, US says (BBC News) The White House says heavy losses and poor morale are leading to mutinies in some units.
‘What’s this all for?’: Russian deserters call on former comrades to join them (the Guardian) Men tell of escape to Armenia, guilt and remorse as growing number of soldiers flee ‘criminal war’ in Ukraine
Putin ‘forming axis of terror’ as he welcomes Hamas and Iran to Moscow (The Telegraph) Russia condemned over invite which Western observers say should cause ‘extreme concern’
DOD Announces Up to $150M in Aid for Ukraine (U.S. Department of Defense) The Defense Department announced an additional security assistance package valued at up to $150 million to help Ukraine counter Russia's unprovoked invasion.
Biden Administration Announces Additional Security Assistance for Ukraine (U.S. Department of Defense) The Defense Department announced additional security assistance to meet Ukraine’s critical security and defense needs.
Lend-Lease Act expiration will not affect current US aid to Ukraine (Atlantic Council) A Lend-Lease Act introduced by the US in spring 2022 to support Ukraine's fight against Russian aggression has now expired, but it may be worth renewing as a tool to bypass possible political obstacles to aid, writes Olivia Yanchik.
Arming Ukraine is cheap compared to the far higher price of Russian victory (Atlantic Council) Anyone concerned by the cost of supporting the Ukrainian war effort should consider the far higher price the Western world would have to pay in order to stop Putin following a Russian victory in Ukraine, writes Peter Dickinson.
In the ultimate irony, Russia's obsession with Ukraine may have weakened its power over its other neighbors (CNBC) Analysts say the war in Ukraine has created the irony that Russia has lost a degree of control, power and influence over its backyard.
Ukrainian families turn to psychics and private eyes in search for missing loved ones (The Telegraph) The war has created an unregulated cottage industry tracking down the 24,000 people who have disappeared
Ukraine’s deputy minister of digital transformation on building a military tech sector from scratch (Record) On a recent trip to Ukraine, Click Here spoke with Ukraine's Alex Bornyakov about the country's booming drone sector and the Brave1 initiative, which aims to get innovative weapons into the hands of soldiers in a matter of weeks, not months.
Russian hackers claim takedown of WA’s Transperth transport agency with DDoS attack (Cyber Daily) The Noname057(16) hacking group has targeted four Australian websites, with varying success.
U.S. Tries New Tack on Russian Disinformation: Pre-Empting It (New York Times) The State Department’s Global Engagement Center is taking the unusual step of disclosing a covert Russian operation when it is barely off the ground.
Pro-Russia hackers target inboxes with 0-day in webmail app used by millions (Ars Technica) Previously unknown XSS in Roundcube let Winter Vivern steal government emails.
Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day (SecurityWeek) Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments.
European govt email servers hacked using Roundcube zero-day (BleepingComputer) The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.
Attacks, Threats, and Vulnerabilities
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction (Microsoft Security) Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for organizations across multiple industries.
MGM Resorts hackers 'one of the most dangerous financial criminal groups’ (Record) Octo Tempest, a hacking group also known as Scattered Spider, has been in the limelight since its attack on MGM Resorts left parts of Las Vegas paralyzed for days and cost the casino giant an estimated $100 million.
ESET APT Activity Report Q2–Q3 2023 (We Live Security) This issue of the ESET APT Activity Report features an overview of the activities of selected APT groups as analyzed by ESET Research between April and September 2023.
Significant Volt Typhoon threat requires immediate US critical infrastructure action (SC Media) U.S. critical infrastructure organizations have been urged by Mandiant Intelligence Chief Analyst John Hultquist to accelerate efforts to discover and mitigate threats by Chinese state-sponsored threat operation Volt Typhoon, which has already targeted telecommunications, logistics, water, and power sector organizations across the U.S. and in Guam, according to SecurityWeek.
Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware (The Hacker News) Brazil's popular PIX payment system is under attack! Cybercriminals are using a new malware, GoPIX, to target users searching for "WhatsApp web."
The Wiki-Slack Attack (eSentire) In this blog, eSentire’s Threat Response Unit (TRU) breaks down how cybercriminals can use Wikipedia pages and Slack to lure victims into executing malware and how you can protect your organizations from similar Wiki-Slack attacks.
Examining Predator Mercenary Spyware (HYAS) HYAS Labs explores the mercenary spyware “Predator,” and how to identify and defend against it with HYAS threat intelligence and Protective DNS solutions.
Kaspersky reveals 'elegant' malware resembling NSA code (CyberScoop) The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.
Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data (SecurityWeek) Mirth Connect versions prior to 4.4.1 are vulnerable to CVE-2023-43208, a bypass for an RCE vulnerability.
Internet companies tackle the biggest ever denial of service attack (World Economic Forum) Leading internet companies including Amazon and Google are taking steps to fight off the biggest distributed denial of service attack ever recorded.
CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability (Rapid7) On October 10, 2023, Citrix published an advisory on two vulns affecting NetScaler ADC and NetScaler Gateway. The more critical of these is CVE-2023-4966.
Ghoulish spam invades email inboxes worldwide, Bitdefender Antispam Lab warns (Hot for Security) Spooky season is a fun time for kids and adults who delve into the annual
celebrations by trick-or-treating, carving pumpkins or setting up haunted
houses.
You are the Weakest Link: Assessing Vulnerabilities and Solutions for Cybersecurity in Agriculture (Avertium) This report examines vulnerabilities in agriculture and discusses solutions for a sector that is unaccustomed to tech-related concerns.
Fresh Phish: The Case of the PepsiCo Procurement Ploy (INKY) When a company generating more than $86 billion in net revenue reaches out to do business with you, chances are they’ll have your full attention.
CISA Adds One Known Exploited Vulnerability to Catalog | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability
Security Patches, Mitigations, and Software Updates
VMware Releases Security Advisory for vCenter Server | CISA (Cybersecurity and Infrastructure Security Agency CISA) VMware released a security advisory for a vulnerability (CVE-2023-34048) affecting the VMware vCenter Server and (CVE-2023-34056) affecting [VMware Cloud Foundation]. A remote cyber actor could exploit these vulnerabilities to obtain information or take control of an affected system.
Trends
7th Annual Hacker Powered Security Report (HackerOne) Insights from our customers & the world's top hackers—emerging threats, vulnerability rankings, & fighting cybercrime on a budget
You are the Weakest Link: Assessing Vulnerabilities and Solutions for Cybersecurity in Agriculture (Avertium) This report examines vulnerabilities in agriculture and discusses solutions for a sector that is unaccustomed to tech-related concerns.
Marketplace
AI Security Firm Cranium Raises $25 Million (SecurityWeek) AI cybersecurity firm Cranium has raised $25 million in Series A funding, which brings the total investment in the company to $32 million.
‘Musk destroyed all that’: Twitter’s business is flailing after a year of Elon (the Guardian) Advertisers are spending less, regulators are circling, staff is at less than 50% of what it used to be and user numbers are down
Google Announces Bug Bounty Program and Other Initiatives to Secure AI (SecurityWeek) Google announces a bug bounty program and other initiatives for increasing the safety and security of artificial intelligence (AI)
Hackers Surpass $300 Million in All-Time Earnings on the HackerOne Platform (HackerOne) New Revenue Opportunities Provided by Pentesting and Secure Code Review Expand Total Payouts
Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023 (SecurityWeek) Smart speakers, printers, routers, NAS devices, and mobile phones were hacked on the second day at Pwn2Own Toronto 2023.
Singapore Police Force honors Group-IB for cooperation in combating cyber threats (Group-IB) Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has received prestigious recognition from the Singapore Police Force (SPF) for its contributions to the continued battle against cyber threats for the second consecutive year.
Products, Services, and Solutions
Malwarebytes Announces Consumer Identity Theft Protection Solution to Defend Against Online Fraud and Theft (PR Newswire) Malwarebytes, a global leader in real-time cyber protection, today launched an essential new consumer solution, Identity Theft Protection. The...
Technologies, Techniques, and Standards
Logging Made Easy | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA’s newest tool is an open-source logging and protective monitoring solution serving all organizations. Secure your Windows-based equipment today with Logging Made Easy.
Design and Innovation
Frontier risk and preparedness (OpenAI) To support the safety of highly-capable AI systems, we are developing our approach to catastrophic risk preparedness, including building a Preparedness team and launching a challenge.
The social engineering of the self: How AI chatbots manipulate our thinking (Computing) On Wednesday, ahead of the UK's upcoming AI Safety Summit, teams of students and specialists came together in a concerted effort to trick, get around, confuse or otherwise defeat the guardrails around Llama 2, Meta's open source AI model.
Mysterious bylines appeared on a USA Today site. Did these writers exist? (Washington Post) Staff writers at Reviewed suspect that management published stories written by AI under the names of non-existent writers. Parent company Gannett denies it.
Legislation, Policy, and Regulation
Rishi Sunak lays out vision for new global AI safety bodies (POLITICO) British PM defended seeking Chinese buy-in for a bevvy of new AI governance initiatives he is set to launch next week.
Rishi Sunak announces AI Safety Institute, outlines vision for global initiatives (Computing) Rishi Sunak has unveiled ambitious plans to establish a new AI Safety Institute and initiate a global expert panel on AI in a bid to foster international collaboration and ensure the safe development of AI technology.
The dangers of AI cannot be ignored (The Telegraph) We do not yet fully understand what AI is capable of. Rishi Sunak should be praised for drawing attention to these risks
The UK’s Controversial Online Safety Act Is Now Law (WIRED) The UK government says its Online Safety Act will protect people, particularly children, on the internet. Critics say it’s ineffective against dangerous misinformation and may be a threat to privacy.
UK government accused of ‘vandalism’ over abolishing biometrics safeguards (Record) The British government’s plans to remove safeguards around biometrics and public space surveillance were described on Thursday as “shocking” and “tantamount to vandalism” by an outgoing commissioner.
Inside the Biden administration’s transition to a post-quantum world (Washington Post) Checking in with the White House on future federal quantum standards
Health Care Hacks Are Proliferating. The White House Is Still Figuring Out What To Do (The Messenger) A meeting between government leaders and health-care professionals highlighted how many hacking risks the life-saving industry faces.
CISA, HHS Release Cybersecurity Healthcare Toolkit (SecurityWeek) CISA and the HHS have released resources for healthcare and public health organizations to improve their security.
Crypto Regulatory Affairs: FinCEN deems mixing transactions to be a Primary Money Laundering Concern (Elliptic) The move is significant as this entire class of transactions is now officially deemed by the US government to represent a heightened financial crime risk.
Litigation, Investigation, and Law Enforcement
The Second Quantum Revolution: The impact of quantum computing and quantum technologies on law enforcement (Europol Innovation Lab) Quantum computing and quantum technologies have the potential
to significantly impact law enforcement activities. These key
emerging technologies can help us become even more effective
in our fight against organised crime and terrorism to come up with
innovative ways of doing so
Brazilian authorities shut down major illegal filesharing site in Brazil (IFPI) Prominent illegal filesharing forum, FileWarez, shut down following co-ordinated action by record company bodies and local authorities 25th October, 2023 – IFPI, the organisation that represents the recorded music industry worldwide, alongside its Brazilian national group Pro-Musica, have welcomed the successful action against FileWarez.tv – one of the most prominent illegal file sharing sites in […]
Maine Mass Shooting Disinformation Floods Social Media as Suspect Remains at Large (WIRED) In the hours following the worst mass shooting in Maine’s history, disinformation about the suspected gunman flooded social media with false claims that he had been arrested.
SBF Agrees ‘Safeguarding’ Funds Includes Not Embezzling (Bloomberg) SBF to testify before jury on Friday. Bankman-Fried explains FTX communication protocols. Prosecutors press SBF on discussions with lawyers. SBF can’t recall details of handling of customer accounts. Judge: SBF has ‘interesting way’ of answering questions.
Michigan’s sign-stealing operation is a college football scandal to savor (Washington Post) A few years ago, I sat down with a former NCAA enforcement officer to compare notes now that their career in Indianapolis was over.