Dateline Moscow and Kyiv: Shelling across static lines.
Ukraine at D+343: Preparing for an attack on the war's anniversary. (CyberWire) Ukraine expects a major Russian offensive to mark the war's first anniversary later this month.
Russia-Ukraine war: List of key events, day 344 (Al Jazeera) As the Russia-Ukraine war enters its 344th day, we take a look at the main developments.
Le ministre de la Défense ukrainien pense que la Russie va "tenter une offensive" vers le 24 février (BFMTV) Oleksiy Reznikov, le ministre de la Défense ukrainien, a appelé sur BFMTV à de nouvelles aides militaires des pays de l'Otan.
Russia planning major offensive to mark first anniversary of war: Ukraine defence minister (the Guardian) Oleksii Reznikov said that as many as 500,000 troops may have been mobilised by Russia as he calls for more weapons to be sent to Ukraine
Putin says military must stop Ukrainian shelling of Russian regions (Reuters) President Vladimir Putin said on Wednesday that Russia's military must stop the shelling of Russian regions from Ukrainian territory, which he said had left many people homeless or without power.
US to send new missiles to Ukraine with a 93-mile range (The Telegraph) The rockets, designed by Boeing, have fold-out wings and can hit targets as small as 3ft-wide
‘No solid decision’ on Britain sending fighter jets to Ukraine, says Ben Wallace (The Telegraph) Ben Wallace has refused to rule out sending British fighter jets to Ukraine, but suggested that it was “not the right approach” at the moment.
The argument for why the West should change course on Ukraine (Washington Post) The war in Ukraine, at least for some policymakers in Western capitals, can be measured in deliveries of weapons.
US accuses Russia of endangering nuclear arms control treaty (Defense News) Inspections of U.S. and Russian military sites under the New START agreement were paused by both sides because of the spread of the coronavirus.
Avoiding a Long War in Ukraine (RAND) The United States has a strong interest in avoiding a long war in Ukraine. Although Washington cannot alone determine the war's duration, it can take steps to make an eventual negotiated peace more likely.
Is Russia’s Wagner Group recruiting US veterans to fight in Ukraine? (Task & Purpose) Americans who join Wagner could face severe legal consequences for themselves and their families.
Hard Drinking and Murky Finances: How an American Veterans Group Imploded in Ukraine (New York Times) The Mozart Group was training Ukrainian soldiers and evacuating frontline residents until the money ran out. Its collapse sheds light on the stresses faced by such groups.
Another UAC-0010 Story (The State Cyber Protection Centre of the State Service of Special Communication and Information Protection of Ukraine) The Russian-sponsored UAC-0010 group (aka Gamaredon, Armageddon) continues to conduct frequent cyber attack campaigns against Ukrainian organizations. Despite using mainly repeated sets of techniques and procedures, adversaries slowly but insistently evolve in their tactics and redevelop used malware variants to stay undetected. Therefore, it remains one of the key cyber threats facing organizations in our country.
Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware (The Record from Recorded Future News) The Russian-sponsored hacker group known as Gamaredon remains one of the “key cyber threats” for Ukraine’s cyberspace, according to a report.
Dumped data shows widespread surveillance of Russian citizens (Computing) Hacking collective CAXXII has released around 128GB of data from Russia, which appears to reveal a vast domestic surveillance routine of civilians and private enterprises throughout the country.
City of London traders hit by Russia-linked cyber attack (The Telegraph) Key software provider targeted by ransomware gang behind Royal Mail attack
ChristianaCare recovers from cyberattack, restores website service (6abc Philadelphia) The ChristianaCare health network in Delaware says it was the victim of a cyberattack.
Attacks, Threats, and Vulnerabilities
Iran Blames Cyberattack for Internet Disruption, ISNA Says (Bloomberg) A nationwide drop in Iranian internet traffic last week was caused by a cyberattack, the semi-official Iranian Students’ News Agency reported.
The Chainalysis 2023 Crypto Crime Report (Chainalysis) Did you spend 2022 navigating the fallout from the blowups of FTX, Terra, and the like? Well, you weren’t alone — crypto criminals had to face the same market conditions. And in some cases, one could argue their actions moved markets.
Crypto Thefts Hit Record $3.8 Billion Last Year on North Korean Hacks (Bloomberg) Sanctions on North Korea drove pickup in stolen crypto, according to Chainalysis report
Crypto hacks stole record $3.8 billion in 2022, led by North Korea groups - report (Reuters) Last year was the worst on record for cryptocurrency heists, with hackers stealing as much as $3.8 billion, led by attackers linked to North Korea who netted more than ever before, a U.S.-based blockchain analytics firm said in a report on Wednesday.
MalVirt | .NET Virtualization Thrives in Malvertising Attacks (SentinelOne) .NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.
HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign (Aquasec) Aqua Nautilus uncovers threat actor HeadCrab has created an advanced malicious Redis framework that has compromised over 1200 servers and how to protect yourself
OneNote Documents Increasingly Used to Deliver Malware | Proofpoint UK (Proofpoint) The use of Microsoft OneNote documents to deliver malware via email is increasing.
Everything You Need to Know About the Data Extortion Group, RansomHouse (Avertium) RansomHouse is a fairly new operation that focuses on breaching networks via vulnerabilities to steal their targets’ data.
Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware (The Record from Recorded Future News) The Russian-sponsored hacker group known as Gamaredon remains one of the “key cyber threats” for Ukraine’s cyberspace, according to a report.
US Plays Down ION Cyberattack, Sees No ‘Systemic Financial Risk’ (Bloomberg) Cyberattack tied to notorious ransomware gang LockBit. Incident affects processing of trades in derivatives markets.
DoubleVerify Takes Down First Large-Scale Ad Impression Fraud Scheme in Audio (Business Wire) DoubleVerify (“DV”) (NYSE: DV), a leading software platform for digital media measurement, data and analytics, today announced the discovery of “BeatS
LockBit ransomware goes 'Green,' uses new Conti-based encryptor (BleepingComputer) The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware.
Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover (Dark Reading) Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.
Vulnerability in Cisco industrial appliances is a potential nightmare (CVE-2023-20076) (Help Net Security) Cisco releases patches for a high-severity vulnerability (CVE-2023-20076) in some of its industrial routers, gateways and enterprise WAPs.
New Prilex PoS Malware evolves to target NFC-enabled credit cards (Security Affairs) Authors of the Prolex PoS malware improved their malicious code to target contactless credit card transactions. The threat actors behind the sophisticated point-of-sale (PoS) malware Prilex have have improved its capabilities to block contactless payment transactions. Researchers from Kaspersky Lab discovered three new versions of the PoS malware designed to target credit cards using NFC technology. […]
Password-stealing “vulnerability” reported in KeePass – bug or feature? (Naked Security) Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Google Fi data breach let hackers carry out SIM swap attacks (BleepingComputer) Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks.
Mortgage Financial Technologies Company Exposed Hundreds of Thousands of Records Online (Website Planet) Security researcher Jeremiah Fowler together with the Website Planet research team discovered an open and non-password protected database that
School districts in Tucscon, Nantucket are responding to active ransomware attacks (Axios) Nantucket Public Schools canceled classes Wednesday as it responds the ongoing incident.
Arnold Clark customer data stolen in attack claimed by Play ransomware (BleepingComputer) Arnold Clark, self-described as Europe's largest independent car retailer, is notifying some customers that their personal information has been stolen in a December 23 cyberattack claimed by the Play ransomware group.
Security Patches, Mitigations, and Software Updates
VMware Releases Security Update for VMware vRealize Operations (CISA) VMware released a security update that addresses a cross-site request forgery bypass vulnerability affecting VMware vRealize Operations. A malicious user could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0002 and apply the necessary updates.
Trends
Coalition Releases First-Ever Cyber Threat Index for 2023 (Business Wire) Coalition, the world's first Active Insurance provider designed to prevent digital risk before it strikes, today published its first-ever Coalition Cy
Download Here: Coalition's Cyber Threat Index (Coalition) This report includes insights on internet security, cyber risk, and security trends that organizations have faced over the last year and what they need to prepare for in 2023.
Expel Releases Annual Great eXpeltations Report on Cybersecurity Trends and Predictions (Expel) Threat report breaks down the biggest attack trends of 2022 and shares predictions for the year ahead
Great eXpeltations 2023: EOY report (Expel) Great eXpeltations 2023 is Expel’s end of year report sharing data and insights on the biggest cybersecurity threats, how to handle them, and what to expect in the year ahead.
US manufacturing & utility businesses leaked nearly 38 million records in 136 data breaches in 2022 (Comparitech) Over the last three years, US businesses that specialize in manufacturing and utilities have suffered 562 data breaches affecting nearly 91 million records. Based on the average cost per breached record (as reported by IBM each year), we estimate these breaches may have cost these businesses more than $14.7 billion. In 2022 alone, 136 data […]
WiCyS State of Inclusion (WiCyS - Women in Cybersecurity) Previous studies have shown that the representation of women in cybersecurity is not where it should be, but it is not as clear why this is the case, or how exactly we can improve matters.
Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report (CSO Online) This article explores the top trends in nation-state threats as identified in the Microsoft Digital Defense Report. These trends may be alarming, but the good news is that companies have a number of tools at their disposal.
Microsoft Digital Defense Report 2022 (Microsoft Security) Illuminating the threat landscape and empowering a digital defense.
Data breaches now include 'less sensitive' information but still proving valuable to hackers (CBS17.com) It’s not just online activities that expose people to data breaches, but it’s everyday activities such as driving a car, going food shopping or dining out.
Marketplace
Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC (Business Wire) Radiant Logic, the Identity Data Fabric company, announced today that it has entered into a definitive agreement to acquire Brainwave GRC, a leader in
Cofense Continues Strong 2022 Momentum with Expansion into Mid-Size Market (Business Wire) Cofense, a global email security company and leading provider of phishing detection and response (PDR) solutions, today announced its future expansion
Splunk to Cut About 325 Jobs, Scale Back Outsourcing (Wall Street Journal) The software company also said it would scale back the use of external agencies and consultants as it seeks to cut costs.
Layoffs Broke Big Tech’s Elite College Hiring Pipeline (WIRED) Students from top schools used to waltz from Silicon Valley internships into lucrative jobs. Now, some are reconsidering their options.
Darktrace announces stock buyback as short-sellers circle (Computing) Plans to buy back up to 35 million shares as finance firms QCM and Marshall Wace bet against it
Axiad Appointed to FIDO Alliance Board - Axiad (Axiad) Leader in Passwordless Orchestration Brings Extensive Experience, Understanding of Enterprise Authentication Requirements, to Help Strengthen...
Cyberhaven Appoints Chris Hodson as Chief Security Officer (PR Newswire) Cyberhaven, provider of the industry's first Data Detection and Response (DDR) platform, today announced the expansion of its leadership team...
Janes Secures Sam Gordy as President of Janes US via Benchmark Executive Search (Cybersecurity Insiders) [ This article was originally published here ] RESTON, Va.–(BUSINESS WIRE)–Benchmark Executive Search, an award-winning search firm, announced today the placement of Sam Gordy as President of Janes US. He will be responsible for Janes continued growth in the US market and will develop and execute a comprehensive strategy focused on accelerated organic and inorganic […]
Redbot Security Promotes Keith Cox to Principal Security Engineer (GlobeNewswire News Room) Veteran ethical hacker Keith Cox has been promoted from Sr. Penetration Testing Engineer to Principal Security Engineer to help drive company growth and...
Products, Services, and Solutions
Taking the next step: OSS-Fuzz in 2023 (Google Online Security Blog) Posted by Oliver Chang, OSS-Fuzz team Since launching in 2016 , Google's free OSS-Fuzz code testing service has helped get over 8800 vul...
Lumen wins $223 million Defense Information Systems Agency contract (PR Newswire) Lumen Technologies (NYSE: LUMN) recently won a $223 million contract from the U.S. Defense Information Systems Agency (DISA) to provide secure,...
Cowbell Partners with Millennial Shift Technologies to Deliver Cowbell Prime 100 and 250 (PR Newswire) Cowbell, the leading provider of cyber insurance for small and medium-sized enterprises (SMEs), today announced a partnership with Millennial...
Sonatype Launches Industry's First ‘Run Anywhere’ Platform for Software Supply Chain Management (GlobeNewswire News Room) The addition of cloud to on-premises and fully disconnected deployment options make it the most versatile software composition analysis and application...
Check Point Software Join Forces with Samsung to Elevate Mobile Security (Check Point Software) The move to mass remote working saw the mobile attack surface expand dramatically, resulting in 97% of organizations facing mobile threats from several
Check Point Unveils Risk Management Engine for Cloud Native Application Protection Platform (MSSP Alert) Check Point bolsters its CloudGuard Cloud Native Application Protection Platform (CNAPP) to help security teams quickly respond to alerts.
NTT enhances its Managed Campus Networks portfolio with Palo Alto Networks Prisma® SASE to address networking, security and business management challenges (NTT) NTT Ltd., a leading global IT infrastructure and services company, today announced the addition of Palo Alto Networks Prisma SASE to its Managed Campus Networks portfolio. The new offering is a comprehensive managed Secure Access Service Edge (SASE) solution that includes SD-WAN, cloud-delivered security, and enhanced automation and reporting.
NordLocker’s new feature allows users to share files via a link (GlobeNewswire News Room) NordLocker, an encrypted cloud storage provider, is pleased to announce that both business and individual...
Splashtop Launches New Antivirus Capabilities Powered by Bitdefender (GlobeNewswire News Room) Further Protects Businesses of All Sizes with Sophisticated, Unified Endpoint Security...
Keyfactor Achieves Payment Card Industry Data Security Standard Compliance Certification (Business Wire) Keyfactor, the machine and IoT identity platform for modern enterprises, today announced it is now Payment Card Industry Data Security Standard (PCI D
Technologies, Techniques, and Standards
Spoofy: An Email Domain Spoofing Tool (Bishop Fox) In this blog, learn about Spoofy an open source tool with bulk domain lookups by SPF and DMARC records.
Phishing Resistance – Protecting the Keys to Your Kingdom (NIST) If you own a computer, watch the news, or spend virtually any time online these days you have probably heard the term “phishing.” Never in a positive context…and possibly because you have been a victim yourself.
Federal Cybersecurity vs. Private: How Do Agencies Stack Up? (Technology Solutions That Drive Government) A recent report finds the public sector struggles more when it comes to threat detection and prevention.
The high cost of cloud agnosticism (Computing) While some organisations see the value of having multiple cloud suppliers, there's no rush to diversify, finds research
Design and Innovation
Security in Style: Perimeter 81 Releases Limited Edition Fashion Capsule (Business Wire) Perimeter 81 launches limited edition fashion capsule
Research and Development
Intel and UC San Diego Join DARPA Program to Prevent Exploitation of Computing Systems (Intel Corporation) Intel and the University of California, San Diego have been selected for the DARPA Hardening Development Toolchains Against Emergent Execution Engines program.
Academia
KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship (Dark Reading) KnowBe4 partners with the Center for Cyber Safety and Education to support Black Americans in recognition of Black History Month to help further education.
Legislation, Policy, and Regulation
EU Tightens Oversight of Data-Privacy Regulators to Speed Up Decisions (Wall Street Journal) Regulators must report details of large-scale investigations, amid complaints of case backlogs in Ireland, where many tech giants have their European headquarters.
Stop Passing the Buck on Cybersecurity (Foreign Affairs) Why companies must build safety into tech products.
Watchdog warns FDIC fails to test banks’ cyberdefenses effectively (CyberScoop) The agency’s Office of Inspector General says staff at the prudential regulator are not being kept abreast of the latest cyberthreats.
TikTok Dealt Another Hit as Democratic Senator Joins Calls for Banning the App (Wall Street Journal) Colorado Sen. Michael Bennet is calling on Apple and Google to bar TikTok from their app stores, saying it is a national security risk.
Top Dem on House intel seeks briefings on classified records (AP NEWS) The new top Democrat on the House Intelligence Committee on Wednesday called for more information about the classified records discovered in the private possession of President Joe Biden and former President Donald Trump.
Biden appoints new supply chain risk cyber chief (Supply Chain) US Government's Cybersecurity and Infrastructure Security Agency launches new office to protect country against malware when procuring IT services
US: Indian-American Ami Bera appointed to House Intelligence Committee (ThePrint) Washington [US], February 2 (ANI): Indian-American Congressman Ami Bera on Wednesday (local time) was appointed as a member of the influential US House Permanent Select Committee on Intelligence for the 118th Congress. The Intelligence Committee is charged with providing oversight of the nation’s intelligence activities, including the Central Intelligence Agency (CIA), the Office of the […]
Here's who intelligence insiders tip for the next GCHQ director (The Record from Recorded Future News) The search is on for one of the British intelligence community's most important roles — the director of GCHQ.
Litigation, Investigation, and Law Enforcement
Pakistan 'degrades' Wikipedia, warns of complete block over 'sacrilegious' content (TechCrunch) Pakistan has “degraded” Wikipedia for 48 hours for not removing “sacrilegious contents” and warned of fully blocking the service in the event of non-compliance.
SEC suit ‘charts a perilous new course,’ hacked law firm says (Washington Post) Courtroom battle between law firm and SEC raises questions about cyber regulators, out-of-bounds information
GoodRx Leaked User Health Data to Facebook and Google, F.T.C. Says (New York Times) The popular drug discount app deceptively shared details on users’ illnesses and medicines with ad firms, regulators said in a legal complaint.
Meta Wins Court Nod to Buy Virtual Reality Startup in Loss for Khan’s FTC (Bloomberg) Judge paused Meta from closing deal while FTC considers appeal. Decision represents first major loss for FTC Chair Lina Khan.
FTC Loses Antitrust Challenge to Facebook Parent Meta (Wall Street Journal) A federal judge declined to halt Meta’s acquisition of the virtual-reality startup Within Unlimited, delivering a setback to antitrust enforcers at the Federal Trade Commission seeking to block the deal.
Congress presses Secret Service for info on state-sponsored foreign hackers stealing Covid relief funds (NBC News) At a House Oversight Committee hearing Wednesday, members from both parties cited an NBC News report about a group linked to China's government stealing millions.
Biden admin report criticizes Apple, Google app stores (Axios) The White House is keeping up a push for new competition laws for tech.
FBI finds no classified documents at Biden's Delaware vacation home (CNN) The FBI completed a search of President Joe Biden's Rehoboth Beach, Delaware, home on Wednesday and found no documents with classified markings, according to Biden's personal lawyer.
Air Force Intel Officer Had Hundreds of Classified and Secret Files at His Florida Home (Military.com) A retired Air Force intelligence officer accepted a plea deal with federal prosecutors last year admitting to illegally possessing hundreds of top secret and classified documents.
Sam Bankman-Fried Blocked From Contact With Former Co-Workers Ahead of Bail Hearing (New York Law Journal) Manhattan federal prosecutors expressed alarm about Bankman-Fried’s communications with FTX U.S. General Counsel Ryne Miller.
Judge Bans Sam Bankman-Fried From Contacting FTX Employees and Using Signal (CoinDesk) The tentative order was granted by a New York court on Wednesday after prosecutors asked the former FTX CEO's bail conditions to be amended last week.
Teenager who created a computer virus which attacked police and financial websites gets suspended sentence (The Irish News) A CO Down teenager has received a suspended sentence for creating a computer virus which attacked police and financial institution websites.