Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+267: Infantry assaults and shifting narratives. (CyberWire) Russia shifts its narrative about the war: it's less a fight against Nazis, and now a fight for restoration of a historic unity and a struggle against "Russophobia."
Hamas chief ‘back from dead’ to lead attack (The Telegraph) Israeli spies believe Mohammed Sinwar has been hiding in tunnels beneath Gaza for years
Israel kills Hamas commander who held 1,000 Gazans ‘hostage’ in hospital (The Telegraph) Commander Ahmed Siam and other terrorists were killed while hiding out at a school building in Gaza
Netanyahu sets out uncompromising postwar vision as Israel pounds Gaza (the Guardian) Bombardment appears concentrated around al-Shifa hospital as PM says war is advancing ‘with full force’
Thousands flee Gaza hospital, health officials say, but many, including babies, still trapped (AP News) Health officials say thousands of people have fled Gaza’s largest hospital as Israeli forces and Palestinian militants battle outside its gates.
Beyond the Fighting in Gaza: A Regional (and Global) Powder Keg (Wilson Center) October 7 has fundamentally shaken Israel's sense of security and unleashed a chain of events threatening to engulf the Middle East—mostly due to provocations by Iran and its proxies. Absent urgent actions to douse the flames, these could spread globally.
Israel Expands Daily Combat Pauses to Let Civilians Flee, White House Says (New York Times) Israeli authorities, for their part, seemed intent on making clear that the pauses were limited in time and area, not a broader, sustained halt. Israeli soldiers have advanced deep into northern Gaza.
Dozens of Hamas terrorists killed in 10-hour battle underground, IDF says (The Telegraph) Israeli troops claim they found ‘significant’ attack plans after a battle with the terror group and Islamic Jihad just outside Gaza
Israel Must Destroy Hamas’s Tunnels (Foreign Affairs) But doing so takes airpower, not boots underground.
Fights in bread lines, despair in shelters: War threatens to unravel Gaza's close-knit society (AP News) Fistfights break out in bread lines. Residents wait hours for a gallon of brackish water that makes them sick.
Iranian hackers launch malware attacks on Israel’s tech sector (BleepingComputer) Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms.
Ukraine secures new positions along Dnipro river's left bank (The Telegraph) Kyiv forces are setting up ambushes in an effort to seize control of more territory and connect bridgeheads
40,000 Russian troops poised for major assault on Avdiivka (The Telegraph) Russia has amassed an estimated 40,000 troops around Avdiivka as it prepares for a third wave assault on the shattered eastern town, the Ukrainian military has said.
Russia ramps up attacks on key cities in eastern Ukraine (AP News) Ukraine says Russian forces have ramped up attacks in eastern Ukraine in an attempt to gain ground near two key frontline cities.
How Ukraine, With No Warships, Is Thwarting Russia’s Navy (New York Times) The commander of Ukraine’s Navy said in a rare interview that the Russian naval blockade of Odesa had been broken. He also described how the war is transforming naval tactics.
Russia-Ukraine war live: Ukrainian attempt to forge bridgehead on Dnipro river’s eastern bank thwarted, says Moscow (the Guardian) Russia claims to have killed about 500 Ukrainian soldiers in the region in the past week
Ukraine Says 'Resistance' Fighters Blew Up Russian HQ In Occupied Melitopol, While Zelenskiy Warns Of Difficult Winter (RadioFreeEurope/RadioLiberty) Kyiv said that "local resistance" fighters had blown up the headquarters of Russian forces in the occupied city of Melitopol, killing at least three officers, as the Kremlin’s troops continued to press attacks in the east and south of the country around the battered cities of Bakhmut and Avdiyivka.
Putin and top military leaders visit southern military headquarters to assess his war in Ukraine (AP News) Russian President Vladimir Putin has visited his southern military headquarters as he assesses the state of his country's forces in Ukraine as the war drags on toward winter.
Ukraine Needs to Hype-Proof Its Strategy for a Long War (World Politics Review) As Ukraine’s forces struggle to make headway against Russia, leaders in Kyiv and the West need a better long-term strategy.
Rheinmetall to deliver 100,000 rounds of mortar ammunition to Ukraine (Defense News) The German company has reported explosive growth in the ammunitions sector.
Ex-Nato chief proposes Ukraine joins without Russian-occupied territories (the Guardian) Former secretary general says partial membership would warn Russia it cannot stop Ukraine joining the alliance
Lack of Attribution as Critical Infrastructure is Damaged Again in the Baltic Sea (Wilson Center) Only a couple weeks after the anniversary of the Nord Stream explosions another incident affecting critical undersea infrastructure in the Baltic Sea took place.
Ukrainian military officer coordinated Nord Stream pipeline attack (Washington Post) Roman Chervinsky, a colonel in Ukraine’s special operations forces, was integral to the brazen sabotage operation, say people familiar with planning
Ukraine to Putin: You cut our power, we kneecap your biggest economic driver (POLITICO) “It would only be fair,” Galushchenko says of attacking Russian oil and gas in response to possible attacks against Ukraine's grid this winter.
New Strategies for Ukraine's Energy Security Amidst Russian Threats (EnergyPortal.eu) As tensions escalate between Ukraine and Russia, the Ukrainian Energy Minister Herman Halushchenko has hinted at a potential shift in strategy to protect Ukraine’s energy system this winter. In an interview with Politico, he acknowledged Russia’s regular cyber attacks on Ukraine’s power grid and anticipated an increase in physical attacks as temperatures plummet and energy consumption for heating homes rises.
Ukraine Has Enough Energy Resources To Get Through Winter, Says Minister (RadioFreeEurope/RadioLiberty) Ukraine will have enough energy resources to get through the coming winter, but an expected surge in Russian attacks may disrupt the supply networks, Ukraine's Energy Minister Herman Halushchenko said late on November 11.
Russia to limit only VPN services which pose a 'threat' to security, RIA reports (Reuters) Russia plans to block certain Virtual Private Networks (VPNs) and protocols which are deemed by a commission of experts to pose a threat, state news agency RIA reported citing correspondence from the digital ministry.
Russia-Linked Hackers Claim Credit for OpenAI Outage This Week (Bloomberg) Anonymous Sudan says OpenAI targeted over Israel investments. ChatGPT users faced high error rates earlier this week.
Major ChatGPT Outage Caused by DDoS Attack (SecurityWeek) ChatGPT and its API have experienced a major outage due to a DDoS attack apparently launched by Anonymous Sudan.
Anonymous Sudan and Skynet claim Cloudflare DDoS takedown (Cyber Daily) Less than a week after Cloudflare suffered a days-long outage, DDoS operators claim a strike against the company’s website.
Cloudflare website downed by DDoS attack claimed by Anonymous Sudan (BleepingComputer) Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
Russia Steps Up Efforts to Lure Wagner Veterans Back Into Ukraine War (New York Times) A force led by President Vladimir Putin’s former bodyguard is trying to recruit veterans of the paramilitary force, which mutinied against Russian military leaders and saw its leader killed in a plane crash.
Ukrainian PoWs being sent to fight their own army, Russian news claims (the Guardian) Unverified footage from state media shows captured soldiers swearing allegiance to Russia as part of new battalion
Latvia's president says West must arm Ukraine to keep Russia from future global adventures (ABC News) Latvia’s president says Russia is planning for a long war in Ukraine and he warns that countries need to keep supplying weapons to Kyiv to discourage Moscow from threatening other nations in the future
Historic progress: Ukraine receives green light for EU membership talks (Atlantic Council) The European Commission this week recommended opening EU membership negotiations with Ukraine. The move represents historic progress at a time when Ukrainians are fighting to defend their independence and their right to choose a European future, writes Peter Dickinson.
IMF Staff, Ukraine Reach Agreement On $900 Million In Funding Disbursement (RadioFreeEurope/RadioLiberty) Staff from the International Monetary Fund (IMF) and Ukrainian officials reached agreement on an updated set of economic and financial policies for the second review of the four-year Extended Fund Facility to allow disbursement of $900 million in funding, subject to approval by the IMF board.
DOD Implores Congress to Provide Ukraine Defense Funding (U.S. Department of Defense) The Defense Department is beseeching Congress to pass the supplemental budget request to continue to meet Ukraine's battlefield needs, Deputy Pentagon Press Secretary Sabrina Singh said.
On ATACMS for Ukraine, don’t settle for a job half done (Breaking Defense) In this op-ed, John Hardie and Bradley Bowman argue that the US should send Ukraine as many ATACMS as it can without impacting US military readiness.
Russia Says EU Won't 'Push' It Out Of Central Asia (RadioFreeEurope/RadioLiberty) Russian Foreign Minister Sergei Lavrov accused the European Union of attempting to drive his country out of Central Asia, and said the bloc was failing, in an interview broadcast on November 12.
Putin’s New Story About the War in Ukraine (Foreign Affairs) How Russian propaganda went from “denazification” to fighting the West.
Moscow Prosecutors Said To Be Investigating Social Media Star Yury Dud (RadioFreeEurope/RadioLiberty) Russian police say prosecutors have launched an investigation into popular social media personality Yury Dudy for potentially breaking recent laws enacted to defend the army from criticism after Kremlin war planners ordered the invasion of Ukraine.
At Least 13 More Moldovan Parishes Joining Romanian Orthodox Church Amid Anti-Russian Backlash (RadioFreeEurope/RadioLiberty) Orthodox priests in at least 13 parishes in Moldova expect to be accepted into the local branch of a Romanian church this week, furthering a trend of dozens of defections from the local arm of the Russian Orthodox Church.
'Now He's Protected By A Candle': Amid War And Uncertainty, Russians Turn To Clairvoyants And Mystics (RadioFreeEurope/RadioLiberty) With Russia's invasion of Ukraine now 20 months old with no end in sight, many Russians are turning to psychics of various stripes for information about and protection for their loved ones at the front. Participation in online courses for astrology, card-reading, and the like has skyrocketed.
The shadowy network smuggling European microchips into Russia (Financial Times) A rare look inside a covert Russian-led operation to get strategic technology protected by European export controls into the hands of the state
Belarus Readies More Sweeping Intrusions For Mail From EU Countries (RadioFreeEurope/RadioLiberty) Belarus's customs body says a government document is being prepared that will expand the authority to inspect all postal parcels and other items originating from European Union countries and addressed to Belarusians.
Attacks, Threats, and Vulnerabilities
Microsoft warns LinkedIn users of fake skills assessment portals (Computing) Microsoft has issued a warning about fake skills assessment portals being used in social engineering campaigns by a North Korean hacking group known as Sapphire Sleet.
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers (The Hacker News) Lazarus Group's sub-cluster, Sapphire Sleet, is now impersonating skills assessment portals in social engineering campaigns targeting IT job seekers
NSA officials call out Chinese hackers’ stealthy and off-limits hacks (Washington Post) ‘Zero-days,’ ‘living off the land’ and other observations by the NSA and researchers on Chinese hackers
The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure (WIRED) US government officials continue to warn that the public and private sectors need to identify and root out China-backed attackers lurking in industrial control systems.
Android spyware delivered through infected news site targets Urdu speakers in Kashmir (Record) Hackers are targeting Urdu speakers with spyware delivered through an infected popular news site, according to a new report.
Critical Exploits for Sale on the Dark Web (CYFIRMA) Our investigation has unveiled the presence of critical vulnerabilities and exploits for sale on various dark forums and...
Freight giant DP World recovers from cyber attack, but warns investigation and remediation is 'ongoing' (ABC) DP World is a global behemoth in shipping and logistics. But a cyber attack on its Australian operation has crippled some of our busiest ports in the busy lead up to Christmas.
DP World port operations in Australia recovering after cyber-attack (The Loadstar) More disruption is likely at Sydney, Melbourne, Brisbane and Fremantle, which are resuming ops after a cyber attack on DP World Australia.
Major Australian Ports Reopen After Cyberattack Halts Operations (Wall Street Journal) Four terminals handling nearly 40% of the country’s imports had been offline since Friday.
Australia ports operator back online after cyber incident (Reuters) DP World Australia, one of the country's largest ports operators, said on Monday operations had resumed at all its facilities after a cyber security incident forced it to suspend operations for three days.
Australian ports shut down over cyber security incident impacting goods moving into and out of the country (ABC News) While ships remain able to unload freight, the freight cannot then leave the site, due to the shutdown impacting DP World Australia, which operates ports in Melbourne, Sydney, Brisbane and Fremantle.
Australia Struggles to Restart Port Operations After Cyberattack (Bloomberg) Interruptions at four largest ports could continue for days. Port operator the latest high-profile cyberattack victim.
Cyberattack Keeps Australian Ports Offline as Containers Pile Up (Bloomberg) Cyberattack limits access to four DP World Australia ports. Company says no ransom demand has been made, AFR reports.
Cyberattack Paralyzes Australia Ports in Threat to Supply Chains (Bloomberg) Internet connection halted to stop unauthorized network access. Company to prioritize transport of sensitive in-bound freight.
Major cyberattack on Australian ports suggests sabotage by a 'foreign state actor' (The Conversation) Port operator DP World handles roughly 40% of Australia’s sea freight. Over the weekend its ports were disrupted by what appears to be a malicious, targeted cyberattack.
Australian port operator hit by cyber-attack says cargo may be stranded for ‘days’ (Guardian) DP World pulls plug on its internet connection after finding hackers inside its systems
‘Cybersecurity incident’: Major Aussie ports locked down after breach rocks ports operator DP World (News.com.au) Major sea ports across Australia were locked down after a ports operator confirmed a “cybersecurity incident” had struck, with chaos expected to continue for days.
The growing cyber threat to global shipping (Yahoo News) The cyberattack that paralysed several major Australian ports was a sharp reminder of what governments and experts say is a growing threat to shipping, the lifeblood of the global economy.-
Shipping is crucial to the global economy, moving more than 80 percent of trade in goods, according to the UN's trade body UNCTAD.
And the entire infrastructure contains what experts have described as single points of failure -- where one cyberattack at a port can cause a logistical nightmare across the suppl
OracleIV - A Dockerised DDoS Botnet (Cado Security) Cado Security Labs researchers recently discovered a novel campaign targeting publicly-exposed instances of the Docker Engine API.
SysAid On-Prem Software CVE-2023-47246 Vulnerability (SysAid) Written by Sasha Shapirov CTO @ SysAid & Profero Incident Response Team On Nov 2nd, a potential vulnerability in our on-premise software came to our security team’s attention. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We...
Critical Vulnerability: SysAid CVE-2023-47246 (Huntress) Huntress has analyzed the emerging SysAid CVE-2023-47246 vulnerability and recreated the attack chain with a proof-of-concept exploit.
SysAid Zero-Day Vulnerability Exploited By Lace Tempest (Rapid7) A new zero-day vulnerability in SysAid IT service management software is being exploited by the threat group responsible for the MOVEit Transfer attack.
Lace Tempest Seen Exploiting SysAid Zero Day (Decipher) A path traversal zero day (CVE-2023-47246) in the SysAid on-premises product is under active attack by the ace Tempest threat group.
SysAid Zero-Day Vulnerability Exploited by Ransomware Group (SecurityWeek) CVE-2023-47246, a zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks (BleepingComputer) Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware.
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks (Infosecurity Magazine) Lace Tempest looks to spread Clop malware to victims
SysAid zero-day exploited by Clop ransomware group (Security Affairs) Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group.
Ransomware gang behind MOEVit attacks are targeting new zero-day, Microsoft says (Record) The Russian ransomware gang behind the exploitation of several popular file transfer tools is now exploiting a new vulnerability in SysAid IT support software, according to a new report.
MOVEit cybercriminals behind SysAid zero-day attack (Register) Second novel zero-day exploited by Lace Tempest this year offers notable demonstration of skill, especially for a ransomware affiliate
MOVEit Hackers Pivot to SysAid Zero-Day in Ransomware Attacks (Dark Reading) The Cl0p ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug.
CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild (SecurityWeek) CISA says a SLP vulnerability allowing for a DoS amplification factor of 2,000 is being exploited in attacks.
'BlazeStealer' Malware Delivered to Python Developers Looking for Obfuscation Tools (SecurityWeek) Checkmarx uncovers a malicious campaign targeting Python developers with malware that takes over their systems.
The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits (NSFOCUS, Inc.) NSFOCUS Research Labs unveils the new APT group DarkCasino and the proliferation of WinRAR 0-day exploits.
Microsoft briefly restricted employee access to OpenAI's ChatGPT, citing security concerns (CNBC) Microsoft told employees on Thursday that "a number of AI tools are no longer available" due to security reasons.
CSO’s Perspective: The Okta Breach and What It Means to the Broader Community (Banyan Security) Den Jones shares his perspective as a CSO on the recent Okta breach, and what that means for the broader security community.
Citrix Bleed Vulnerability: Background and Recommendations (ReliaQuest) The Citrix Bleed Vulnerability is actively being exploited by bad actors. In this blog, what's happening and how you should respond.
China's biggest lender ICBC hit by ransomware attack (Reuters) The Industrial and Commercial Bank of China's (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed this year.
Ransomware attack on ICBC disrupts trades in US Treasury market (Financial Times) Chinese bank says it has contained a hack that affected some fixed income and equities transactions
Hackers Hit Wall Street Arm of Chinese Banking Giant ICBC (Wall Street Journal) ICBC Financial Services, which helps clear trades of Treasury bonds, was targeted with ransomware—a rarity in cyberattacks against big banks.
Wall Street and Beijing fight fallout of ransomware attack on China’s biggest bank (Financial Times) New York arm of ICBC forced to use a USB stick to transmit data after its systems were compromised
World’s Largest Bank Hit By Ransomware Gang Linked to Boeing, Ion Attacks (Bloomberg) China’s biggest lender says attack only affected US unit. Attack disrupts clearing, trading on US Treasury market.
China's largest commercial bank hit by ransomware (Computing) The Industrial & Commercial Bank of China (ICBC), China’s largest commercial bank, was hit by a ransomware attack earlier this week.
Ransomware Attack on China's Biggest Bank Disrupts Treasury Market Trades, Reports Say (SecurityWeek) Ransomware attack on China’s Industrial and Commercial Bank of China Financial Services (ICBC), disrupted Treasury market trades.
Behind ICBC Hack Is Gang for Hire That Holds Systems Hostage (Bloomberg) LockBit is what’s known as a ‘ransomware as a service’ group. It is one of the most prolific ransomware attackers in world.
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack (Huntress) Huntress has uncovered a series of unauthorized access, revealing a threat actor using ScreenConnect to infiltrate multiple healthcare organizations.
Dozens of DEA Agents Exposed in Colombian Prosecutor’s Office Leak (InSight Crime) A cyber breach at Colombia’s attorney general’s office has exposed dozens of anti-drug agents in the United States, Colombia, and beyond.
Chess.com Faces Second Data Leak: 476,000 Scraped User Records Leaked (Hackread - Latest Cybersecurity News, Press Releases & Technology Today) The most recent data leak of Chess.com user records occurred on Friday, November 10th, 2023.
Hacker Leaks 800,000 Scraped Chess.com User Records (Hackread) Chess.com has not experienced a cyber attack or security breach.
Maine government says data breach affects 1.3 million residents (TechCrunch) Maine is the latest to disclose a hack related to MOVEit, said to be the largest hacking incident of the year by the numbers of victims alone.
State of Maine disclosed a data breach that impacted 1.3M people (Security Affairs) The State of Maine disclosed a data breach that impacted about 1.3 million people after an attack hit its MOVEit file transfer install.
1.3 Million Maine Residents Impacted by MOVEit Hack (SecurityWeek) The State of Maine says the personal information of 1.3 million individuals was compromised in the MOVEit attack.
Maine govt notifies 1.3 million people of MOVEit data breach (BleepingComputer) The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population.
Massive Data Breach Hits Maine: Over One Million Residents' Information Compromised in Ransomware Attack (Tech Times) This security incident raises concerns about the potential exposure of sensitive information, including Social Security numbers and dates of birth, for those affected.
Allen & Overy data hit by hackers in ransomware attack (Financial Times) The London-headquartered law firm is the latest major corporate targeted by cyber criminals
Mr. Cooper says customer data exposed during cyberattack (TechCrunch) The mortgage and loan giant with more than four million customers says it's investigating what customer data was compromised.
Mr. Cooper Admits Mortgage Customers’ Data Exposed During Payment-Blocking Cyber Attack (Forbes Advisor) Millions of borrowers who were unable to transfer their November mortgage payments on time due to a massive cyber attack on their home loan servicer, Mr. Cooper, now have a new headache: Their personal data might have leaked.
“We now believe that certain customer data was exposed” during the targ
Justin Sun offers 5% deal to $120M Poloniex crypto-robbers (Register) White hat bounty looks more like a beg bounty
Boeing data published by Lockbit hacking gang (Reuters) Internal data from Boeing , one of the world's largest defence and space contractors, was published online on Friday by Lockbit, a cybercrime gang which extorts its victims by stealing and releasing data unless a ransom is paid.
LockBit releases Boeing's stolen files (Computing) Russian-linked cyber gang LockBit claims to have leaked all the data is stole from Boeing earlier this year, after the aerospace giant refused to pay the ransom.
Boeing suffers data breach by Lockbit ransomware group (Interesting Engineering) The company said it was confident that the incident did not affect the safety of its aircraft or flight operations.
Boeing Hit with LockBit Ransomware (National Law Review) Boeing has confirmed that its parts and distribution site has been attacked by LockBit ransomware, which is believed to be Russian based. Boeing has said that the attack has not affected flight safety. Boeing is investigating the attack.
Data Breach Exposed Nearly 400k Documents Connected to the America Family Law Center (Website Planet) Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password protected database that held nearly 400k
McLaren Heatlh Care Provides Notice of Data Security Incident (McLaren Heatlh Care) McLaren Health Care (“McLaren”) is issuing notice regarding a data security event that may involve information related to certain patients of McLaren. We are committed to providing updated information about the event, our response, and steps for potentially impacted individuals to take to better protect against the possibility of identity theft and fraud, should they feel it is appropriate to do so.
Tri-City Medical Center experiencing cyber attack (FOX 5 San Diego) Tri-City Medical Center in Oceanside fell victim to a cyber attack Thursday, a hospital spokesperson confirmed the news to FOX 5.
Personal data of employees stolen during Toronto hospital cyberattack (CP24) Personal information of employees and clinicians were stolen during an October cyberattack at Michael Garron Hospital, officials confirmed this week.
MGM Resorts anticipates no further disruptions from September cyberattack (Cybersecurity Dive) The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.
Here’s How Violent Extremists Are Exploiting Generative AI Tools (WIRED) Experts are finding thousands of examples of AI-created content every week that could allow terrorist groups and other violent extremists to bypass automated detection systems.
Security Patches, Mitigations, and Software Updates
SysAid warns customers to patch after ransomware gang caught exploiting new zero-day flaw (TechCrunch) The Russia-linked gang behind the MOVEit mass-hacks are now targeting SysAid systems in an effort to "exfiltrate data and deploy ransomware."
Trends
Key Ransomware Indicator Up 56% Year-on-Year: October Data (Corvus Insurance) In October 2023 attacks fell by 15.12% from the prior month, but remained high from a year-on-year perspective with a 54.67% increase over October 2022.
Prove Identity 2023 Online Shopping & AI-Based Fraud Report (Prove Identity) Prove Identity’s 2023 Online Shopping and AI-Based Fraud Report reveals findings from two surveys commissioned by Prove and conducted by market research company Dynata in October 2023. Each survey targeted 1,000 U.S. consumers.
Insider Threat - Almond (Almond) Did you ever imagine that you or your colleagues could be a serious threat to your company? Discover our study: Insider Threat !
Marketplace
SentinelOne® Launches PinnacleOne Strategic Advisory Group (SentinelOne) PinnacleOne Strategic Advisory Group offers a comprehensive suite of services that address security challenges facing organizations today.
SentinelOne to acquire cybersecurity consulting firm Krebs Stamos Group (Register) Cybersecurity giant SentinelOne said it is acquiring advisory firm Krebs Stamos Group and creating a new entity called PinnacleOne Strategic Advisory Group.
Tidal Cyber raises $5 million to accelerate the growth of its platform (Help Net Security) Tidal Cyber raised $5 million in seed funding led by Squadra Ventures to bring threat-informed defense to security operators.
Cavelo Raises CA$5 Million for Attack Surface Management Platform (SecurityWeek) Cavelo has raised CA$5 million (~US$3.6 million USD) to help organizations comply with data protection regulations.
Parsons awarded $91 million cyber capabilities contract (NYSE:PSN) (Seeking Alpha) Parsons secures $91 million contract with US Cyber Command for cyber capabilities services, including a base year and four option years.
Startup’s Annus Horribilis—and What Comes Next (The Information) If 2022 was a year of shock and denial for tech founders and investors as stocks collapsed, 2023 was a year of acceptance of their harsh new reality. Startups slashed headcount. Founders swallowed their pride and accepted ego-shattering down rounds just to survive. Venture capitalists cut ...
WSJ News Exclusive | Key Witness at Sam Bankman-Fried Trial to Launch New Crypto Exchange (Wall Street Journal) Ex-FTX lawyer Can Sun and other former company executives want the new exchange to allow customers to verify holdings at any time.
Top 10 Best CyberSecurity Companies In 2024 (Inventiva) Cybersecurity has emerged as a critical concern for individuals, businesses, and governments worldwide. As cyber threats continue to evolve and become more
Alkira Earns Spot on the CRN® 2023 Stellar Startups List (Alkira) Alkira®, the pioneer in agentless, multi-cloud networking, announced today that CRN®, a brand of The Channel Company, has named Alkira to its 2023 Stellar Startups list in the cloud category.
Noname Security Named an Overall Leader in KuppingerCole API Security and Management Leadership Compass (Noname Security) Noname Security has been named an Overall Leader in the KuppingerCole Leadership Compass report for API Security and Management.
BAE Systems hosts inaugural OSINT Foundation Awards (BAE Systems) The OSINT Foundation Awards honored individuals and organizations who have made significant advancements in the field of open-source intelligence (OSINT)
CyberArk Appoints Mary Yang to its Board of Directors (Business Wire) CyberArk (NASDAQ: CYBR), the identity security company, today announced Mary Yang as the newest member of its board of directors. Yang has more than 25 years of experience in technology-related fields and has built a successful career serving in executive leadership positions focused on strategy execution, corporate development, alliance opportunities and global M&A activity.
Cyolo Promotes Industry Veteran Joe O’Donnell to Effectively Address the Growing Needs of CISOs Operating at the Intersection of IT and OT (Cyolo) Cyolo announces the promotion of security industry veteran Joe O’Donnell to Executive VP of Corporate Development, a role in which he will strengthen key alliances.
True Anomaly Names Diana Lovati as First-Ever Chief Information Security Officer (PR Newswire) True Anomaly, Inc., the technology company safeguarding global security by ensuring space access and sustainability for all, today announced...
Products, Services, and Solutions
New infosec products of the week: November 10, 2023 (Help Net Security) The featured infosec products this week are from: Aqua Security, ARMO, Druva, IRONSCALES, Malwarebytes, and Varonis.
Network Perception and Claroty Integrate Technology for Continuous OT Cybersecurity Threat Detection (Business Wire) Combined audit platform proactively alerts network administrators to at-risk changes or vulnerabilities
ManageEngine Empowers MSPs With Unveiling of Cloud-based Remote Monitoring and Management Solution for Endpoints (ManageEngine) ManageEngine Empowers MSPs With Unveiling of Cloud-based Remote Monitoring and Management Solution for EndpointsLaunch Establishes First Stage of the Company's Unified Platform for MSPs
Endace Wins Most Innovative Cloud Threat Detection Investigation & Response (TDIR) in InfoSec Innovator Awards 2023 (Business Wire) Packet capture authority Endace won Top InfoSec Innovator Award for Most Innovative Cloud Threat Detection Investigation & Response (TDIR) at Cyber Defense Magazine’s InfoSec Awards, held at CyberDefenseCon 2023 last week.
Avium Digital and WISeKey Join Forces to Enhance Secure Communications and Fortify Avium's SaaS Solution for Vertiport Infrastructures (GlobeNewswire News Room) WISeKey International Holding Ltd. (“WISeKey”) (SIX: WIHN, NASDAQ: WKEY), leader in cybersecurity, digital identity, and Internet of Things (IoT) solutions operating as a holding company, today announced the signing of a Memorandum of Understanding (MoU) with Avium Inc. (“Avium”), a leading provider of innovative Software as a Service (SaaS) solutions for vertiport infrastructures.
Group-IB, CORVIT sign strategic partnership to enhance MEA cybersecurity education offering (Group-IB) Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, and CORVIT, the premiere source of IT and business knowledge and training in the UAE and surrounding areas, are pleased to announce the signing of a strategic partnership that will enhance the cybersecurity education offering available to organizations across the entire Middle East and Africa (MEA) region. The agreement, signed by both parties in late September, has already entered into force.
Keeper Security announces integration with ServiceNow to empower DevOps teams (ETCIO.com) Keeper Security: New integration enables ServiceNow customers to use Keeper Secrets Manager for on-demand discovery, incident response and as a custom credential provider.
YesWeHack Launches Continuous Threat Exposure Management Product That Unifies Offensive Security Testing (Business Wire) YesWeHack has unveiled a powerful Attack Surface Management (ASM) product that enables clients to orchestrate their offensive security and vulnerability remediation strategy through a risk-based approach.
OpenTitan® Partnership Announces First Public Secure Execution Environment for Integrated (GlobeNewswire News Room) lowRISC C.I.C. and zeroRISC today announced the first OpenTitan integrated design....
1touch.io and QuintessenceLabs Join Forces to Address Quantum Computing Security Challenges (QuintessenceLabs) 1touch.io, a pioneer in sensitive data intelligence, and QuintessenceLabs today announced a strategic Independent Software Vendor (ISV) partnership.
Cohesity Announces Sign Up for Early Access for Cohesity Turing Integration with Amazon Bedrock (Cohesity) Cohesity Turing Integration with Amazon Bedrock to Provide Customers Valuable Insights into Their Data with Responsible AI and Governance
Technologies, Techniques, and Standards
ACSC and CISA Release Business Continuity in a Box (Cybersecurity and Infrastructure Security Agency | CISA) Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) and CISA released Business Continuity in a Box. Business Continuity in a Box, developed by ACSC with contributions from CISA, assists organizations with swiftly and securely standing up critical business functions during or following a cyber incident.
CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption.
US Government Issues Guidance on SBOM Consumption (SecurityWeek) CISA, NSA, and ODNI issue new guidance on managing open source software and SBOMs to maintain awareness on software security.
Combating Maritime Cyberattacks (The Maritime Executive) On September 11, cyberattacks on Caesars Entertainment and MGM Resorts attracted worldwide attention. The companies’ global operations, share prices –...
SQL Server Containers are Exploding Like the VMs Before (DH2I) Learn about the SQL Server containers vs. virtual machines debate and understand why containers represent the newest technology explosion.
2023 Cybersecurity Insights Report: Stay Ahead of Emerging Threats (AT&T) Get the latest insights on cybersecurity threats and trends with our comprehensive report. Stay informed and protect your business in 2023.
How to Develop a Cybersecurity Strategy: Step-by-Step Guide (Security | TechTarget) Learn how to build a cybersecurity strategy that helps organizations prevent and respond to threats effectively.
Design and Innovation
Tensions Simmer at Meta Over How to Limit Content That’s Risky to Youth (The Information) Before Meta Platforms decided in June to lower the minimum age for usage of some Quest virtual headsets to 10 from 13, employees had warned that the move increased the risk that children would see content on the app store meant for older people, two people with knowledge of the situation said. ...
Personalized A.I. Agents Are Here. Is the World Ready for Them? (New York Times) The age of autonomous A.I. assistants could have huge implications.
The promise of collective superintelligence (VentureBeat) Why Collective Superintelligence is an alternative method that can amplify rather than replace human intelligence.
Academia
Record number of schoolgirls and cyber specialists to gather amid UK digital skills crisis (IT Security Guru) On 17th November a record number of Year 8 schoolgirls, government cyber specialists and business leaders will gather at one the UK’s leading cyber hotspots, for what will be the largest ever cybersecurity workshop in the UK. Now in its third year and hosted by the UK’s largest non-profit cybersecurity cluster, CyNam, this year’s #EmPowerCyber2023
Legislation, Policy, and Regulation
Secretary General: Through NATO, we can build a secure cyberspace for all (NATO) Secretary General Jens Stoltenberg addressed the first annual NATO Cyber Defence Conference in Berlin, Germany on Thursday (9 November 2023). He stressed the importance of bringing together senior Allied political, military and technical decision-makers: “NATO is perfectly positioned to share information, to spread innovation, and to coordinate our collective defence in cyberspace.”
NATO allies express support for collective response to cyberattacks (Record) NATO delegates gathered on Thursday for the alliance’s first annual Cyber Defence Conference, marking a growing acceptance among allies that new methods are needed to tackle cyberattacks beyond resilience.
Speech by Foreign Minister Annalena Baerbock at the First Annual NATO Cyber Defence Conference in Berlin (German Federal Foreign Office) I want to start with three images, three incidents.
Hundreds of men, women and children, crammed around one satellite internet terminal. Desperate to call their loved ones after weeks of uncertainty…
EU to protect elections against foreign saboteurs and Big Tech (Computing) European lawmakers have agreed a range of measures designed to protect elections and prevent a fragmentation of policies across the EU.
Australian regulators will compel businesses to report cyberattacks: Report (Cointelegraph) Australia joined almost 40 other nations in a pledge not to pay ransomware demands made against government agencies.
France, UK Seek Greater Regulation of Commercial Spyware (SecurityWeek) France and the UK are calling for greater global regulation of commercial surveillance software in the wake of recent Pegasus and Predator spyware scandals.
INSA Foils About 98 Percent of Cyber Attacks in Last Quarter of EFY (ENA English) The Information Network Security Administration (INSA) has successfully thwarted close to 98 percent of the 2,556 attempted cyber attacks in the first quarter of this Ethiopian Fiscal Year (EFY), INSA Director-General Solomon Soka disclosed.
Biden AI order could lead to reforms in how federal agencies work with data brokers (Record) A little-noticed provision of the Biden administration’s recently issued executive order on artificial intelligence could lead to important reforms of the federal government’s data collection practices, experts say.
WSJ News Exclusive | New York Plans Cyber Rules for Hospitals (Wall Street Journal) New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities.
Litigation, Investigation, and Law Enforcement
Ports to remain closed as AFP investigates cybersecurity breach (The Sydney Morning Herald) The government has invoked the national crisis management framework used during COVID-19 after DP World, which manages terminals in Sydney, Melbourne, Brisbane and Fremantle, said it detected the cybersecurity incident.
SolarWinds fires back at SEC over fraud charges (Security | TechTarget) SolarWinds publicly responded to the SEC's recent charges against the company and its CISO, Timothy Brown, claiming the lawsuit is 'fundamentally flawed.'
SolarWinds Claps Back at Federal Cyber Charges Over 2020 Hack (Bloomberg Law) SolarWinds Corp. accused the US Securities and Exchange Commission of “twisting the facts” in the government’s lawsuit alleging the software company misled investors about its cybersecurity posture before and after its flagship product was targeted by supposed Russian hackers.
Optus loses court bid to keep report into cause of cyber-attack secret (the Guardian) Federal court rejects legal privilege claim over Deloitte’s assessment of 2022 breach that affected millions
Lawyers move for class certification in lawsuit against cybersecurity company (Legal Newsline) Public pension funds unhappy with their investment in a cybersecurity company want a federal judge to certify a class in their class action lawsuit.
Ransomed[.]vc Sunsets Operations, Auctions Off Infrastructure (ZeroFox) Key Findings The ransomware and data extortion (R&DE) collective known as Ransomedvc announced in its Telegram channel that it no longer wanted to
Google, Meta win court fight against Austrian online content rule (Reuters) Alphabet's Google, Meta Platforms and TikTok on Thursday won backing from Europe's top court in their fight against an Austrian law requiring them to delete hate speech or face fines of up to ($10.69 million).
Ransomed.vc gang claims to shut down after six affiliates allegedly arrested (Record) A Telegram account claiming to be behind the operation initially tried to sell the ransomware tools, before saying the group was shutting down for good this week.
Suspicious letters sent to elections offices in at least five states (Washington Post) At least one letter contained fentanyl. The letters forced evacuations and in some cases disrupted ballot counting.
Intel Sued Over 'Downfall' CPU Vulnerability (SecurityWeek) A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall.
Police takes down BulletProftLink large-scale phishing provider (BleepingComputer) The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.
Police Cyber Crime Division Trying To Determine Source Of Bomb Threats (Radio Jamaica News) The Communication Forensic and Cyber Crime Division is trying to deter
‘Hello Sir/Ma’am’: Person Linked to Scam Asks FBI for His Seized Cryptocurrency Back (Court Watch) The FBI froze cryptocurrency stored in a Binance account the agency believes is linked to a scam targeting an elderly victim. The apparent owner would like it back.