Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+676: Ukraine's infantry attacks east of the Dnipro. (CyberWire) Electronic attack and electronic countermeasures undergo a battlefield renaissance in Ukraine.
Israeli Cabinet approves cease-fire with Hamas that includes release of some 50 hostages (AP News) Israel’s Cabinet has approved a cease-fire deal with the Hamas militant group that would bring a temporary halt to a devastating war now in its seventh week. The Israeli government said that under the deal, Hamas is to free at least 50 of the roughly 240 hostages it is holding in the Gaza Strip over a four-day period.
Israel strikes a hostage deal but promises the Gaza war isn’t over (Economist) Hamas is desperate to split Israel and turn a pause into a ceasefire
Israel-Hamas war live: IDF cannot confirm when fighting will stop as sides agree four-day ceasefire and release of 50 hostages (the Guardian) Israel military says it has not got ‘nitty gritty’ of deal that will see 50 Israeli women and children released in exchange for 150 jailed Palestinians
Israel and Hamas agree deal for release of some hostages and four-day ceasefire (the Guardian) Fifty Israeli hostages held in Gaza will be freed over four days in exchange for the release of 150 Palestinian prisoners and a lull in Israeli military operations
Hamas used food aid sacks to smuggle bullets into Gaza, claims Israel (The Telegraph) Officials said they did not believe the bags had previously been used to store rice because it was not easy to remove ammunition from them
Israeli forces ‘found nothing’ in search for Hamas at Al-Shifa hospital, says doctor (The Telegraph) Medic claims IDF encountered no resistance in raid – and has yet to produce evidence that the complex sits above a Hamas command centre
The War Crimes Debate Over Israel’s Attack on Gaza Is Missing Something (World Politics Review) Israel must choose means and methods of war that can actually distinguish between Hamas fighters and the civilian population of Gaza.
Thousands of new honeypots deployed across Israel to catch hackers (TechCrunch) Cybersecurity experts have seen a significant increase in the number of honeypots deployed in Israel after the terrorist attacks on Oct. 7.
No Exit From Gaza (Foreign Affairs) Why Israel—and the United States—has only bad options for the day after.
Hamas’s Asymmetric Advantage (Foreign Affairs) What does it mean to defeat a terrorist group?
Russia-Ukraine war: List of key events, day 637 (Al Jazeera) As the war enters its 637th day, these are the main developments.
Tired Ukrainian Troops Fight to Hold Back Russian Soldiers: ‘They Come Like Zombies’ (Wall Street Journal) Russia is taking heavy casualties in the mud of eastern Ukraine as it presses to encircle the city of Avdiivka.
Opinion | Ukraine’s Counteroffensive Is Stalled, but Not at Sea (Wall Street Journal) Kyiv’s plucky navy uses missiles and drones to break the Black Sea blockade and force a Russian retreat.
Hours Before Declaring Mutiny, Prigozhin Secretly Planned Duma Speech to Win Back Putin’s Favor (The Moscow Times) On the evening of June 23, Wagner mercenary leader Yevgeny Prigozhin was preparing to give the order for his men to march to Moscow and demand the removal of Russia’s military leadership after months of rising tensions. Meanwhile, a seemingly unremarkable event was unfolding inside the State Duma’s imposing Stalinist headquarters a few hundred meters from the Kremlin — one that nearly became an unprecedented political scandal.
Austin: Ukraine Fight Has Implications Across Europe, Asia as China Watches Western Resolve (Voice of America) ‘Putin won’t stop if he takes Ukraine,’ US defense secretary tells troops
Arming Ukraine is the cheapest way to stop Putin’s resurgent Russia (Atlantic Council) Arming Ukraine may be expensive, but it is by far the cheapest way to stop Vladimir Putin's resurgent Russia, writes Ivan Verstyuk.
EU Prepares Plan to Give Ukraine Lasting Security Commitments (Financial Post) The European Union has presented member states with a framework to give Ukraine lasting security commitments, including a mechanism for longer-term military…
Wartime Ukraine is making historic progress toward EU membership (Atlantic Council) The Ukrainian authorities have made clear they view EU membership as a strategic priority and are fully committed to pursuing this goal, even while defending themselves against Russia’s ongoing invasion, writes Mark Temnycky.
Kennan Cable No. 85: Elections in Wartime Ukraine Would Test Ukraine’s Legal-Political Flexibility (Wilson Center) President Volodymyr Zelensky and the current Ukrainian parliament are approaching the hour when their formal legitimacy, their mandate, comes to an end. Under normal conditions, elections to the Verkhovna Rada would have been held last October, while candidates for the presidency would have started preparing for elections scheduled for the last Sunday in March of 2024.
Ukraine-Russia war: Germany to supply Ukraine with 20,000 more shells in £1.1bn aid package (The Telegraph) Germany will supply Ukraine with 20,000 more strategically-important 155mm artillery shells as part of a new £1.
In Ukraine, Russia's Military Has A Manpower Problem. Now It's Becoming A Political Problem. (RadioFreeEurope/RadioLiberty) Russian officials are resorting to creative tools to keep military manpower in Ukraine at strength. That's causing grumbling, and public dissent, from relatives of exhausted soldiers. But if the Kremlin wants to decisively change the battlefield, they'll need a second mobilization.
As the war grinds on, Ukraine needs more troops. Not everyone is ready to enlist (CNN) On the global stage, Ukrainian President Volodymyr Zelensky has been consistently on message: In visits to Washington and other Western capitals, he has focused on keeping Kyiv supplied with more advanced arms, ammunition and financing.
The Invisible War in Ukraine Being Fought Over Radio Waves (New York Times) Using electromagnetic waves to flummox and follow smarter weapons has become a critical part of the cat-and-mouse game between Ukraine and Russia. The United States, China and others have taken note.
Exclusive: This pizza box-sized equipment could be key to Ukraine keeping the lights on this winter | CNN Politics (CNN) Staring down another frigid winter and desperate to keep the lights on, Ukraine’s power grid operator has surreptitiously imported custom-built equipment designed to withstand Russian electronic warfare attacks with the help of US officials, CNN has learned.
Top Ukraine cyber officials fired amid IT bribery probe (Register) Duo probed over alleged $2M embezzlement plot
U.N.: Civilian deaths in Ukraine war surpass 10,000 - UPI.com (UPI) The United Nations on Tuesday reported that more than 10,000 civilians have died in Ukraine since Russia invaded in early 2022.
Ukrainians accuse Russia of kidnapping, indoctrinating Ukrainian children (CBS News) Ukraine's government says about 20,000 children have been taken by Russia, but adds it could be closer to 300,000. Ukrainian moms are traveling behind enemy lines to rescue their abducted children.
Ukraine aims to hold Russia accountable for heritage site attacks (Atlantic Council) Ukraine is working to document Russian attacks on the country's cultural heritage that Ukrainians argue are part of a broader Kremlin campaign to erase Ukraine's national identity, writes Mercedes Sapuppo.
Moscow Court Rejects Nobel Winner Muratov's Appeal Against 'Foreign Agent' Label (RadioFreeEurope/RadioLiberty) A Moscow court on November 21 rejected journalist and Nobel laureate Dmitry Muratov's appeal against the Justice Ministry's September decision to add him to the so-called foreign agents registry.
Ukrainian teenagers win peace prize for developing apps to help young refugees (the Guardian) Sofia Tereshchenko, Anastasiia Feskova, and Anastasiia Demchenko awarded 2023 International Children’s Peace prize
Attacks, Threats, and Vulnerabilities
Scattered Spider Attack Analysis (ReliaQuest) ReliaQuest recently detected an intrusion by the Scattered Spider cybercrime group. Inside, we map the attack and the TTPs involved and provide recommendations.
InfectedSlurs Botnet Spreads Mirai via Zero-Days (Akamai) The Akamai Security Intelligence Response Team (SIRT) has uncovered two zero-day vulnerabilities with remote code execution (RCE) functionality exploited in the wild.
CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: LockBit Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability (along with an accompanying analysis report MAR-10478915-1.v1 Citrix Bleed), in response to LockBit 3.0 ransomware affiliates and multiple threat actor groups exploiting CVE-2023-4966. Labeled Citrix Bleed, the vulnerability affects Citrix’s NetScaler web application delivery control (ADC) and NetScaler Gateway appliances.
‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA (Record) The bug has caused alarm for weeks as cybersecurity experts warned that many government agencies and major companies were leaving their appliances exposed to the internet — opening themselves up to attacks.
Ransomware groups rack up victims among corporate America (CyberScoop) A new generation of cybercriminals have breached a slew of major firms, even those that have made major investments in security.
Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto (Dark Reading) Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
Sumo Logic Completes Investigation Into Recent Security Breach (SecurityWeek) Sumo Logic has completed its investigation into the recent security breach and found no evidence of impact to customer data.
Sumo Logic says customer data untouched during breach (Register) Compromised AWS account led to fears that user info could have been exposed to cybercriminals
Appin group legacy: Indian cyber mercenaries will hack for coin (Cybernews) With numerous global cyber intrusions from Norway to China, espionage, surveillance, and disruptive actions, Appin Security Group, mercenary hackers from India, demonstrated a successful criminal business model that was unstoppable without global cooperation.
Commercial Flights Are Experiencing 'Unthinkable' GPS Attacks and Nobody Knows What to Do (Vice) New "spoofing" attacks resulting in total navigation failure have been occurring above the Middle East for months, which is "highly significant" for airline safety.
Greater Paris wastewater agency dealing with cyberattack (Record) The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack last week.
British Library: Employee data leaked in cyber attack (BBC) A group of cyber criminals have claimed they are behind the ransomware attack and are auctioning off the data.
Rhysida threatens dark web auction of British Library data (Computing) Since reporting a "technical issue" on October 28, the library has faced significant disruption
Cyber criminals demand £600,000 ransom for stolen British Library data (The Independent) The Rhysida group has demanded 20 Bitcoin (roughly £602,500) for the return of the stolen data
Cyber attack on British Library raises concerns over lack of UK resilience (Financial Times) Hackers open week-long auction of stolen data on dark web after breach in October
Auto parts giant AutoZone warns of MOVEit data breach (BleepingComputer) AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks.
Kansas court officials confirm details of 'evil, criminal' international cyberattack - Kansas Reflector (Kansas Reflector) Kansas Supreme Court offers detail of "evil" cybersecurity attack on judicial branch by foreign operatives who threatened to post information to dark web.
McAfee Study Unwraps Holiday Shopping Behavior and Shares Tips for a Safer Online Shopping Season (Business Wire) 36% of Americans have fallen victim to an online shopping scam during the holiday season, with 1 in 4 losing over a thousand dollars to cybercriminals.
Guide to Retail Security: Protecting Against Cyber and Physical Threats During the Holidays (Flashpoint) The 2023 holiday shopping period brings a heightened focus on retail security, blending advanced cyber threats with traditional in-store challenges.
Vulnerability Summary for the Week of November 13, 2023 | CISA (Cybersecurity and Infrastructure Security Agency CISA) High Vulnerabilities Primary Vendor -- Product Description Published
CISA Adds One Known Exploited Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency | CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-4911 GNU C Library Buffer Overflow Vulnerability
Security Patches, Mitigations, and Software Updates
CISA Releases Five Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-325-01 WAGO PFC200 Series
ICSA-23-325-02 Fuji Electric Tellus Lite V-Simulator
ICSA-23-208-03 Mitsubishi Electric CNC Series (Update C)
ICSA-23-115-01 Keysight N8844A Data Analytics Web Service (Update A)
ICSA-23-297-01 Rockwell Automation Stratix 5800 and Stratix 5200 (Update A)
Mozilla Releases Security Updates for Firefox and Thunderbird (Cybersecurity and Infrastructure Security Agency | CISA) Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Trends
Cyberbullying, a growing problem in Europe (Panda Security Mediacenter) 15% of Europeans have experienced some form of cyberbullying because of their gender or sexual identity according to Panda Security's study.
CYFIRMA Industry Report : AUTOMOTIVE (CYFIRMA) EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven statistics of global industries, covering one sector each...
Marketplace
Jacobs Sells Government, Cyber Units to Amentum for $1B (Engineering News-Record) Transaction, set to close by third quarter next year, would create new public company with more than 53,000 employees, of which Jacobs shareholders would have a 63% ownership stake.
China approves Broadcom-VMware deal amid lingering cybersecurity concerns: GlobalData (Daily Host News) China's approval of the Broadcom-VMware merger marks a significant step in the tech world, despite ongoing cybersecurity concerns: GlobalData
Broadcom-VMware: Deal of the decade makes it to the finish line as $61bn acquisition closes (CRN) As of today, VMware will operate as VMware by Broadcom
Sam Altman is back as OpenAI CEO just days after being removed, along with a new board (AP News) The ousted leader of ChatGPT-maker OpenAI is returning to the company that fired him late last week, culminating a days-long power struggle that shocked the tech industry and brought attention to the conflicts around how to safely build artificial intelligence.
OpenAI Says Sam Altman to Return as CEO (Wall Street Journal) The announcement marks the end of an impasse over who would lead the company that has become synonymous with the boom in AI technology.
Sam Altman Returns as OpenAI CEO in Chaotic Win for Microsoft (Bloomberg) Reinstatement follows intense pressure from OpenAI’s investors. Altman agreed to internal investigation around his dismissal.
What Comes Next for Sam Altman’s OpenAI (The Information) Sam Altman is back as OpenAI’s CEO. Now he faces the hard part: mending the fracture that led to his ouster less than five days before—and repairing an image that had lost its shine as the corporate drama spilled into the public view. Among the most immediate challenges will be determining the ...
Altman Agrees to Internal Investigation Upon Return to OpenAI (The Information) Sam Altman, who was fired on Friday as CEO ofOpenAI and wasreinstated Tuesday night after a dramatic battle withthe company's board, has agreed to an internal investigation into alleged conduct that prompted the board to oust him, according to a person with knowledge of the situation. On Friday, ...
Everything You Need to Know About the Fight for the Future of OpenAI (Bloomberg) The surprise firing of Sam Altman plunged startup into chaos, Nearly all employees are now threatening to quit the company,
Who were the OpenAI board members that sacked Sam Altman? (Financial Times) Their botched decision to oust the AI start-up co-founder has led to all but one departing their role
Altman’s polarizing past hints at OpenAI board’s reason for firing him (Washington Post) Before OpenAI, Altman was asked to leave by his mentor at the prominent start-up incubator Y Combinator, part of a pattern of clashes that some attribute to his self-serving approach
Airbnb CEO Chesky Emerges as Altman Ally, Adviser (The Information) Silicon Valley executives and investors rushed to Sam Altman’s corner over the weekend after news of his ouster from OpenAI. Among them was Brian Chesky, the well-known co-founder and CEO of travel behemoth Airbnb, who has spent the past five days as a behind-the-scenes adviser to Altman. At one ...
Sam Altman, OpenAI Board Open Talks to Negotiate His Possible Return (Bloomberg) Negotiations center on Altman’s reinstatement as CEO. CEO Shear has asked board for proof of Altman wrongdoing.
Sam Altman, OpenAI Board Open Talks to Negotiate His Possible Return (Bloomberg) Negotiations center on Altman’s reinstatement as CEO. CEO Shear has asked board for proof of Altman wrongdoing.
OpenAI’s Chief Scientist Made a Tragic Miscalculation (The Atlantic) What was Ilya Sutskever thinking when he tried to overthrow Sam Altman?
Altman Argued With OpenAI Board Member Toner Before Ouster (The Information) In the weeks leading up to his firing as OpenAI CEO, Sam Altman had a conflict with artificial intelligence researcher Helen Toner, one of the directors on the non-profit board that governs the company, according to a person familiar with the situation. Altman tried to get Toner off the board ...
Before Altman’s Ouster, OpenAI’s Board Was Divided and Feuding (New York Times) Sam Altman attacked a member over a research paper that discussed the company, while directors disagreed about who should fill board vacancies open for months.
The Sam Altman effect: ‘His superpower is getting people onside’ (Financial Times) Ousted OpenAI chief inspires staff and investors as leader of the generative AI revolution
The Quiet Silicon Valley Insider Complicating Sam Altman’s Return (The Information) Quora CEO Adam D’Angelo, one of the central figures in the power struggle over OpenAI, has gained a reputation for stubbornness among Quora employees, a facet of his personality that may be playing into the debate on OpenAI’s board about whether to reinstate Sam Altman as CEO. At the ...
Microsoft Hiring Sam Altman Won’t Solve Its OpenAI Problem (Bloomberg) OpenAI left Microsoft with no easy choices.
OpenAI’s New CEO Spent Decade Trying to Rein In Abuse at Twitch (Bloomberg) Emmett Shear made progress clearing video service of misogyny and racism, though problems remain
OpenAI Is a Strange Nonprofit (Bloomberg) One way to look at the OpenAI situation is that OpenAI is a nonprofit organization, and it is not that uncommon for nonprofits to have tension between their mission and their staff.
Inside Linda Yaccarino's X all-hands after Elon Musk's platform sued Media Matters (Fortune) "By all means, put your heads together to bring new revenue into the company."
Twitter’s Former Head of Trust and Safety Finally Breaks Her Silence (WIRED) From Israel vs. Hamas threats to Donald Trump’s “wild” posts, Del Harvey helped make the platform’s hardest content moderation calls for 13 years. Then she left in 2021 … and disappeared.
CrowdStrike on LinkedIn: AWS & CrowdStrike Cybersecurity Accelerator Roundtable (LinkedIn) We're launching a Cybersecurity Startup Accelerator with Amazon Web Services (AWS) to foster the next generation of cyber leaders in the EMEA region.
Iron Bow’s John McGloughlin Named to 2023 NVTC Cyber50 (Business Wire) Iron Bow Technologies, the next generation technology solutions provider to government, commercial, and healthcare markets, today announced that John McGloughlin, VP of Cybersecurity for Iron Bow and Founder of GuardSight, has been recognized by the Northern Virginia Technology Council (NVTC) as one of its 2023 Cyber50 Executives.
Products, Services, and Solutions
CrowdStrike Brings AI-Native Cybersecurity to Small Businesses (crowdstrike.com) CrowdStrike’s AI-powered cybersecurity offering for small and medium businesses, CrowdStrike Falcon Go, is now officially available on Amazon Business.
Ripjar Expands AI Risk Profile Capabilities with Generative AI (Ripjar) Enhanced capabilities will utilise large language model (LLM) technology to provide users with fast and concise AI Summaries of adverse media mentions for
Radware Signs Managed Security Service Provider Reseller Agreement with Feenix Communications (Yahoo Finance) Radware®, a leading provider of cyber security and application delivery solutions, announced it signed a managed security service provider (MSSP) reseller agreement with Feenix Communications Limited, a multi-carrier telecommunications company providing solutions to the service provider industry. Based on the agreement, Feenix C
WithSecure Co-Monitoring powering partners’ DRT offerings (Cision) WithSecure’s new Co-Monitoring service makes industry-leading detection and response capabilities
Technologies, Techniques, and Standards
Philippines to Make Cyber Defense ‘Common Fixture’ in Military Drills (The Defense Post) The Philippine military said cyber defense will be included and treated as a “common fixture” in future military exercises.
Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges (SecurityWeek) Interview with Craig Martell, Chief Digital and AI Officer (CDAO) for the U.S. Department of Defense, about AI use in the military.
The 7 Deadly Sins of Security Awareness Training (Dark Reading) Stay away from using these tactics when trying to educate employees about risk.
Legislation, Policy, and Regulation
Labor to reconsider mandatory data retention laws for companies in light of major hacks (the Guardian) New cyber security strategy cites business concerns at having to store large amounts of data for excessive periods of time, increasing breach risk
UK regulator demands websites let users ‘Reject All’ cookies (Record) Top websites in the United Kingdom have 30 days to comply with the country’s privacy laws or they will “face the consequences,” the Information Commissioner's Office said.
What to Know About New Federal and State Cyber Rules (Wall Street Journal) New stiffer rules from the New York State Department of Financial Services and ones that go into effect in December from the U.S. Securities and Exchange Commission are of the same spirit but have key practical differences.
Navy publishes first cyber strategy, prioritizing defense of 'information ecosystem' (Breaking Defense) The document's release comes several months later than expected and lays out seven lines of effort, including partnering with industry.
Litigation, Investigation, and Law Enforcement
China Rounds Up 31,000 Suspects in Sweeping ‘Pig-Butchering’ Crackdown (Wall Street Journal) The suspects were swept up in raids in neighboring Myanmar, part of Beijing’s efforts to stamp out online scams with victims in China and across the world.
DOJ Seizes $9 Million Tether (USDT) Linked to Pig Butchering Scam (Coinpaper) The U.S. Department of Justice (DOJ) has seized $9 million worth of Tether (USDT) stablecoin linked to a "pig butchering" scam.
DOJ Charges Binance With Vast Money-Laundering Scheme and Sanctions Violations (WIRED) From Russia to Iran, the feds have charged Binance with allegedly conducting well over $1 billion in transactions with sanctioned countries and criminal actors.
WSJ News Exclusive | Binance Founder Changpeng Zhao Agrees to Step Down, Plead Guilty (Wall Street Journal) The chief executive of the largest global cryptocurrency exchange, plans to plead guilty to violating criminal U.S. anti-money-laundering requirements.
Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records (WIRED) A WIRED analysis of leaked police documents verifies that a secretive government program is allowing federal, state, and local law enforcement to access phone records of Americans who are not suspected of a crime.