Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+683: Disinformation operations. (CyberWire) Russian leaders advance an expansive and ethnocentric narrative of the Russian world to justify Russian expansion.
Hamas and Israel exchange more hostages for prisoners on fifth day of temporary cease-fire (AP News) Hamas released 12 hostages and Israel released 30 Palestinian prisoners on the fifth day of a fragile cease-fire in the Gaza war that mediators hope to extend even as Israel has pledged to resume its offensive.
Fake babies, real horror: Deepfakes from the Gaza war increase fears about AI's power to mislead (AP News) The war in Gaza is highlighting the latest advances in artificial intelligence as a way to spread fake images and disinformation.
Federal officials investigating after pro-Iran group claims to have hacked water authority in Pennsylvania (CNN) Federal officials are investigating after a pro-Iran hacking group claimed to have committed a cyberattack at a water authority in Pennsylvania, according to a state congressman and water authority officials.
Ukraine strikes Russian aircraft factory 200 miles behind enemy lines (The Telegraph) Attack appears to have been part of a wave of 35 drones Ukraine launched in retaliation to a Russian strike over the weekend
Putin debunks his own propaganda by disarming Russia’s NATO borders (Atlantic Council) For the past twenty-one months, Vladimir Putin has consistently blamed NATO for provoking the invasion of Ukraine. According to the Kremlin dictator, years of NATO expansion posed an escalating security threat to Russia that eventually left the country with no choice but to defend itself. This NATO narrative has proven far more persuasive among international audiences than Russia’s more outlandish propaganda about “Ukrainian Nazis” and “Western Satanists.” However, it is now being debunked by Russia’s own actions.
Russia-Ukraine war live: Nato chief warns west not to underestimate Putin (the Guardian) Jens Stoltenberg says Putin’s invasion was a ‘strategic mistake’ but that does not mean Russia should be underestimated
Finland To Close Entire Border With Russia To Stem Flow Of Asylum Seekers (RadioFreeEurope/RadioLiberty) Finland will close its entire border with Russia to travelers for the next two weeks in a bid to halt a flow of asylum seekers to the Nordic nation, the government said.
Many Ukrainians see Putin’s invasion as a continuation of Stalin’s genocide (Atlantic Council) Many Ukrainians see today's ongoing Russian invasion as a continuation of the Stalin regime's genocidal attempts to eradicate Ukrainian national identity and destroy the Ukrainian nation, writes Kristina Hook .
Expert panel: How will Russia’s invasion of Ukraine develop in 2024? (Atlantic Council) How will Russia's invasion of Ukraine develop during 2024? The Atlantic Council hosted a panel of experts to explore the key issues that will likely shape Russia's war in Ukraine during the coming year.
Russia is poised to take advantage of political splits in Ukraine (The Economist) Politics has returned, but the fighting has gone nowhere
In Ukraine, Peace Now Means War Later (Bulwark) Ukraine's war aims are designed to guarantee a lasting peace, not a reprieve before another Russian attack.
Most Russians back war in Ukraine and buy Putin’s case for it, report says (Washington Post) Russians are growing weary of the war against Ukraine but are divided about how much harm it has done and how to end it, according to a report based on polling and focus groups by the Carnegie Russia Eurasia Center and the Levada Center, an independent polling group.
Ukraine to change conscription policies in drive to sustain fighting capacity (the Guardian) Changes to include use of commercial recruitment firms to carry out more targeted conscription, say officials
Stoltenberg Sees U.S. Support For Ukraine Continuing Despite Republican Impasse
(RadioFreeEurope/RadioLiberty) NATO Secretary-General Jens Stoltenberg said he expects the United States to continue its support of Ukraine in its fight to repel invading Russian forces despite opposition from some Republican lawmakers who have cast doubt on Washington's aid to Kyiv.
Beyond the SCIF with House Permanent Select Committee on Intelligence Chairman Mike Turner on Ukraine (Atlantic Council) Chairman Michael Turner of the House Intelligence Committee moderates an event highlighting Ukraine’s priorities and needs in the fight, and the role the US and the West play in providing support.
American tanks are fighting Russia. It’s time to see how they perform (The Telegraph) The US Abrams tank is facing off against its Russian equivalents. The gulf in class will soon be clear to all
US Air Force Secretly Deploys Cybersecurity Tech to Safeguard Ukraine's Power Grid Amid Conflict (SOFREP) In a covert yet potent gesture of solidarity, the US has stealthily bolstered Ukraine's defense against cyber threats, marrying technological prowess with a humanitarian spirit in the shadow of conflict.
Ukraine hacks into Russian media database (Cybernews) Ukrainian hacktivists have exposed what appears to be a Russian military propaganda website that cherry-picks Western media sources to make it look like the Kremlin’s war is going well.
Hacking the Infocomms Department of the Russian Ministry of Defense. Katyusha and the secrets of General Konashenkov (InformNapalm) Ukrainian hacktivists of the Cyber Resistance group penetrated the Department of Information and Mass Communications of the Russian Ministry of Defense (DIMC) and handed over unique internal documentation and provided access to the software used by Russian military propagandists to InformNapalm volunteer intelligence community.
Stickers Demanding Return Of Husbands From War In Ukraine Pop Up On Vehicles Across Russia (RadioFreeEurope/RadioLiberty) Stickers demanding Russian husbands be returned from fighting in the Kremlin's war against Ukraine appeared on cars across Russia on November 28.
Officials Confirm Wife Of Ukrainian Military Intelligence Chief Budanov, Others Poisoned (RadioFreeEurope/RadioLiberty) Marianna Budanova, the wife of the chief of Ukraine's military intelligence, Kyrylo Budanov, has been poisoned with heavy metals and is currently in hospital, media reported.
Attacks, Threats, and Vulnerabilities
Emerging MaaS Operator Sordeal Releases Nova Infostealer (CYFIRMA) EXECUTIVE SUMMARY The report highlights a surge in malicious activities by Malware-as-a-service (MaaS) operators Sordeal – particularly with their new...
DJVU Ransomware's Latest Variant 'Xaro' Disguised as Cracked Software (The Hacker News) Beware of Xaro! This DJVU ransomware variant spreads through cracked software, endangering users who download from untrusted sources.
Japan’s space agency suffers cyber attack (Register) JAXA is having a tough time in cyberspace and outer space, the latter thanks to an electrical glitch
200+ Malicious Android Apps Targeting Iranian Banks: Experts Warn (The Hacker News) A new report reveals an ongoing Android malware campaign targeting Iranian banks with over 200 malicious apps.
GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ (Fortinet) This past October, Apache issued a critical advisory addressing CVE-2023-46604, a vulnerability involving the deserialization of untrusted data in Apache.
CVE-2023-46214: the Splunk Remote Code Execution (RCE) Vulnerability (Uptycs) Take a deep dive into the critical CVE-2023-46214 RCE vulnerability in Splunk, learn about its exploitation & find out how to stay secure.
Qlik Sense Exploited in Cactus Ransomware Campaign (Arctic Wolf) Arctic Wolf Labs has observed a new Cactus ransomware campaign which exploits publicly-exposed Qlik Sense installations.
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens (The Hacker News) A vulnerability in Microsoft Access that could be exploited to leak a Windows user’s NTLM tokens.
Exploitation of Critical ownCloud Vulnerability Begins (SecurityWeek) Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
Critical Vulnerability Found in Ray AI Framework (SecurityWeek) A critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes.
Exploitation of Unitronics PLCs used in Water and Wastewater Systems (Cybersecurity and Infrastructure Security Agency | CISA) CISA is responding to active exploitation of Unitronics programmable logic controllers (PLCs) used in the Water and Wastewater Systems (WWS) Sector. Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility.
(TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (WaterISAC) While few details are currently known, according to open-source reporting, on Saturday the Municipal Water Authority of Aliquippa in western Pennsylvania was attacked by an Iranian-backed cyber group known as CyberAv3ngers. The authority reported the actors were able to gain control of a remote booster station serving two townships, but stressed there is no known risk to the drinking water or water supply. CyberAv3ngers claims to be an active group focused on targeting Israeli water and energy sites – including ten water treatment stations in Israel as of Oct.
Pennsylvania water facility hit by Iran-linked hackers (CyberScoop) An anti-Israel hacking group with links to Iran forced a water facility in Pennsylvania to go into manual operations.
Daixin Team group claimed the hack of North Texas Municipal Water District (Security Affairs) The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.
North Texas water utility serving 2 million hit with cyberattack (Record) A water utility serving two million people in North Texas is dealing with a cybersecurity incident that caused operational issues.
North Texas Municipal Water District hit by 'cybersecurity incident,' officials say (WFAA) Water, wastewater, and solid waste services for customers and cities have not been affected by the incident.
Slovenian power company hit by ransomware (Help Net Security) Slovenian power company Holding Slovenske Elektrarne (HSE) has been hit by ransomware and has had some of its data encrypted.
DP World confirms data stolen in cyberattack, no ransomware used (BleepingComputer) International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack.
Okta Says Hackers Stole Data for All Customer Support Users (Bloomberg) Okta had earlier said breach affected about 1% of customers. Company said some Okta employee information was also stolen.
Line operator says 440,000 personal records leaked in data breach (Kyodo News+) Some 400,000 items of personal data, including some linked to the Line messaging app, may have been leaked by its operator Japanese tech giant LY Corp., according to a company official
Cyber-attack closes hospital emergency rooms in three US states (the Guardian) Ardent Health, which oversees hospitals in states including Texas, New Mexico and Oklahoma said it was targeted over Thanksgiving
Hospitals in at least 4 states diverting patients from emergency rooms after ransomware attack (USA TODAY) Hospitals run by Ardent Health Services in at least four states were diverting patients from their emergency rooms after the health care company was hit by a ransomware attack.
Sexual health and fertility details leaked in ACL data breach (Australian Financial Review) ASX-listed pathology provider Australian Clinical Labs faces potentially millions of dollars in fines for failing to protect sensitive financial and health data.
US healthcare giant Henry Schein hit by second major cyberattack (TechRadar) After a successful attack in October, BlackCat decided to come back for more
Healthcare giant Henry Schein hit twice by BlackCat ransomware (BleepingComputer) American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October.
N.Y. Attorney General: Syracuse Crouse Health Affected by Data Breach (WKTV NewsChannel2) Over four million New Yorkers, including patients of Crouse Health in Syracuse, were impacted by a recent data breach.
Egyptian E-Payment Vendor Recovering From LockBit Ransomware Attack (Dark Reading) Fawry confirms addresses, phone numbers, and dates of birth, leaked online.
Ethyrial: Echoes of Yore Hit by Ransomware, Player Accounts Deleted (Hackread - Latest Cybersecurity News, Press Releases & Technology Today) The victim company, Gellyberry Studios, an independent game studio, developed Ethyrial: Echoes of Yore.
November 2023 Security Update: LockBit claims responsibility for Canadian Government Employee Data Breach (DevPro Journal) Security updates for November include action items for people impacted by the Canadian employee data breach and a study that shows email inboxes sustain attacks even when SEG security is implemented.
Google Drive users angry over losing months of stored data (BleepingComputer) Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
Google search ads spotted in compromising placements (TechCrunch) Research delving into a less visible component of Google's search ads business -- a network of third-party sites called Google Search Partners (also known Research delving into a less visible component of Google's search ads business -- a network of third party sites it calls Google Search Partners (or the GSP network) -- has documented scores of instances of Google search ads being served on non-Google websites the media buyers paying for the marketing campaigns probably weren't bargaining for...
Telegram’s Bans on Extremist Channels Aren't Really Bans (WIRED) A WIRED analysis of more than 100 restricted channels shows these communities remain active, and content shared within them often spreads to channels accessible to the public.
Elon Musk Is Giving QAnon Believers Hope Just in Time for the 2024 Elections (WIRED) Musk’s recent use of the term “Q*Anon” is his most explicit endorsement of the movement to date. Conspiracists have since spent days dissecting its meaning and cheering on his apparent support.
Elon Musk boosts Pizzagate conspiracy theory that led to D.C. gunfire (Washington Post) The far-right theory motivated a gunman to fire multiple rounds inside the Comet Ping Pong pizzeria in Northwest Washington in 2016. Musk boosted the theory to his 164 million followers anyway.
Substack Has a Nazi Problem (The Atlantic) The newsletter platform’s lax content moderation creates an opening for white nationalists eager to get their message out.
SMBs face surge in "malware free" attacks (Help Net Security) In Q3 2023, attacks targeting SMBs increasingly relied on legitimate tools and scripting frameworks instead of malware.
Whitepaper: IT Threats Impacting OT Infrastructure (Dragos) Download this whitepaper to gain greater insight into how IT threats can impact OT operations for better IT/OT cybersecurity alignment.
This Job Post Will Get You Kidnapped: A Deadly Cycle of Crime, Cyberscams, and Civil War in Myanmar (DFRLab) In Myanmar, cybercrime has become an effective vehicle through which nonstate actors can fund and perpetuate conflict.
How Your Child’s Online Mistake Can Ruin Your Digital Life (New York Times) Google has a zero-tolerance policy for child abuse content. The scanning process can sometimes go awry and tar innocent individuals as abusers.
Security Patches, Mitigations, and Software Updates
Google Chrome emergency update fixes 6th zero-day exploited in 2023 (BleepingComputer) Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks.
Microsoft shares temp fix for Outlook crashes when sending emails (BleepingComputer) Today, Microsoft shared a temporary fix for a known issue causing Outlook Desktop to crash when sending emails from Outlook.com accounts.
Tails 5.2.0 comes with several improvements, updated Tor Browser (Help Net Security) Tails 5.2.0 is a portable operating system that protects against surveillance and censorship, and is available as a free download.
CISA Releases Four Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) CISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-331-01 Delta Electronics InfraSuite Device Master
ICSA-23-331-02 Franklin Electric Fueling Systems Colibri
ICSA-23-331-03 Mitsubishi Electric GX Works2
ICSMA-23-331-01 BD FACSChorus
Trends
Global Threat Intelligence Report (Mimecast) Because email is the channel through which most cyber threats launch, Mimecast sees many new threats before they become widely known.
New Betterworks Study Reveals AI Use and Workforce Views One Year After ChatGPT’s Launch (Business Wire) The report shows AI has generated excitement, experimentation, innovation, fear, and uncertainty among employees and organizations
Cassie study finds 82% of connected car drivers are unaware of the extent of data their vehicle collects (PR Newswire) Today Cassie, the consent and preference management platform serving Fortune 500 companies globally, unveiled a new research report breaking...
2023 AT&T Cybersecurity Insights Report: Focus on Transportation (AT&T Cybersecurity) Based on the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem, this report focuses on transportation companies worldwide. It explains how edge computing is changing transportation to solve operational issues and reduce costs. Our 2023 report reveals what your peers are planning and doing to embrace edge computing.
So, You Think of Cybersecurity Only as a Cost Center? Think Again. (Foley & Lardner LLP) U.S. manufacturers face a multitude of cybersecurity challenges that threaten their operations, reduce productivity, and jeopardize their intellectual property and data.
Marketplace
The big lie of millions of information security jobs (Medium) How can you know how many security jobs there are if there’s no real statistical data available?
BlueVoyant Acquires Conquest Cyber to Meet Market Need for Comprehensive Managed Detection and Response and Cyber Risk Posture Solutions (PR Newswire) BlueVoyant, a cybersecurity company that illuminates, validates, and mitigates internal and external risks, today announced the acquisition of...
Ahead of IPO, Rubrik’s Revenue Growth Slows as It Targets Long-Term Customers (The Information) Microsoft-backed cloud startup Rubrik, which has been preparing for an initial public offering, may have the same problem that complicated the recent IPOs of Instacart and Arm: unusually slow revenue growth. Rubrik’s revenue grew about 8% year over year during the six months that ended in July, ...
Uncertainty lingers with Broadcom’s VMware acquisition (Computer Weekly) Large enterprises with complex VMware environments are looking to de-risk their businesses from potential changes resulting from the Broadcom-VMware deal
OpenAI Isn’t Expected to Offer Microsoft, Other Investors a Board Seat (The Information) OpenAI’s revamped board of directors doesn’t plan to include representatives from outside investors, according to a person familiar with the situation. It’s a sign that the board will prioritize safety practices ahead of investor returns. The new board hasn’t been officially seated and things ...
The OpenAI saga isn’t over just yet (Platformer) A new board and a promised investigation could threaten Altman’s happy ending
Proofpoint Appoints Sumit Dhawan as Chief Executive Officer (Proofpoint) Former VMware President brings over 25 years of experience in building category-leading, scaled enterprise software companies and businesses
Products, Services, and Solutions
WSJ News Exclusive | Amazon Debuts Cyber Insurance Program for Speedy Policy Estimates (Wall Street Journal) AWS customers will be able to receive quotes from cyber insurers within two days, the cloud provider says.
SentinelOne® and Pax8 Double Down on Partnership to Secure SMBs (Business Wire) Long-time partners expand relationship to deliver more market-leading, enterprise-class AI security solutions to large and fast-growing segment more quickly
Trend Micro First to Integrate Cloud Risk Management and XDR Across Customers' Entire Attack Surface (Trend Micro | Newsroom) Security teams proactively eliminate threats with new automated risk prioritization DALLAS, Nov. 28, 2023 /PRNewswire/ -- Global cloud security leader Trend Micro Incorporated (TYO: 4704; TSE:...
Egress enhances cloud email security offering with advanced graymail detection to improve employee productivity and reduce admin overhead (Yahoo Finance) November 29, 2023 – Boston, US – Leading cybersecurity provider Egress has launched a highly accurate graymail solution, with full end-user control, dedicated to improving employee productivity and reducing the time administrators spend reviewing incorrectly reported phishing emails. The graymail feature is architected into Egress’ inbound threat detection product, Egress Defend, and integrates seamlessly into customers’ Microsoft 365 environments. Graymail is bulk solicited emails which are gen
XM Cyber unveils advanced Kubernetes exposure management for hybrid cloud environments (SiliconANGLE) XM Cyber unveils advanced Kubernetes exposure management for hybrid cloud environments - SiliconANGLE
Novel Code Scanner by Piiano Helps Enterprises Prevent Data Leaks Proactively (GlobeNewswire News Room) Newly launched Flows offers complete visibility of sensitive data usage leveraging AI powered static code analysis...
MM-ISAC and AttackIQ Join Forces to Improve Cybersecurity Resiliency in the Mining and Metals Industry (Business Wire) Partnership empowers mining and metals organizations of all sizes to proactively test their security
FileCloud Partners with Votiro to Offer Next-Gen File Security (PR Newswire) FileCloud, a preeminent secure enterprise file-sharing and content collaboration provider, is pleased to announce a partnership with Votiro,...
ManageEngine Enhances Its SIEM With Industry-First, Dual-Layered System for Precise and Accurate Threat Detection | ManageEngine (ManageEngine) ManageEngine Enhances Its SIEM With Industry-First, Dual-Layered System for Precise and Accurate Threat DetectionSOCs Can Leverage the Dynamic Learning Capabilities of the Company's Reinforced TDIR Module, Vigil IQ, To Optimize Threat Detection and InvestigationAdopt dual-layer ML for improved automation, correctness and reliability in threat detectionSmart and dynamic learning enhances threat detection precision by spotting overlooked threats due to manual configurationsExplore Log360's TDIR module, Vigil IQ:
Pension Benefit Guaranty Corporation Renews Comprehensive Risk Management Services Contract with CISO Global (GlobeNewswire News Room) The Pension Benefit Guaranty Corporation (PBGC), a federal agency tasked with protecting the...
MetTel and Sotera Team Up to Bring the Highest Security Standard to Mobile Communications (Mettel) MetTel will introduce the ultra-secure Sotera SecurePhone from Sotera Digital Security to government and commercial enterprise customers.
Securin Joins the Ranks of the Joint Cyber Defense Collaborative (PR Newswire) Securin, the industry's leading proactive security solutions provider, announced today that it has joined the Joint Cyber Defense...
Free Whitepaper - How Dragos Activity Groups Obtain Initial Access Into Industrial Environments (Dragos) This white paper steps through the most common initial access techniques Dragos observes being utilized by activity groups.
Tigera, the Creator of Calico, Achieves AWS Security Competency Status (Tigera) November 29, 2023– Tigera, provider of the industry’s only active security platform for containers and Kubernetes, announced today that it has achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes the security capabilities...
Announcing Fortanix Key Insight – An Industry-First Solution to Discover and Remediate Data Security Risks in Hybrid Multicloud Environments (Business Wire) Key Insight introduces data-driven insights to assess the risk posture of encryption keys and cloud data services, fortifying data security and compliance with policies and regulations
Cowbell Partners with Microsoft and Ingram Micro Inc. to Provide Enhanced Policyholder Security and Reduce Cyber Risk (Cowbell) Collaboration connects Cowbell with Microsoft and Ingram Micro
Technologies, Techniques, and Standards
CISA Announces Secure by Design Alert Series: How Vendor Decisions Can Reduce Harm at a Global Scale (Cybersecurity and Infrastructure Security Agency | CISA) CISA leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. We continuously we publish alerts and advisories to help defenders prioritize their work based on the current threats and software vulnerabilities. We additionally provide defenders with ongoing help prioritizing their scarce resources; for example, our Known Exploited Vulnerabilities (KEV) program identifies the common vulnerabilities and exposures (CVEs) that malicious actors are actively exploiting in the wild.
New AI Guidelines Focus on Safety and Security of Models, Data (Decipher) New AI guidelines authored by CISA and the UK’s NCSC stress the importance of secure design, development, deployment, and operation of AI models and tools.
TIA's New SCS 9001™ 2.0 Supply Chain Security Management System Helps Improve Global Organizations' Security Posture (Yahoo Finance) The Telecommunications Industry Association—the trusted industry association for the connected world— today announced the release of SCS 9001™ 2.0 Supply Chain Security Management System. SCS 9001 Release 2.0 is a certifiable standard designed to help organizations operationalize the National Institution of Standards and Technology (NIST) and other government guidelines and frameworks. The SCS 9001 2.0 standard builds on its predecessor by providing a more comprehensive global cybersecurity and
Stop panic buying your security products and start prioritizing (Help Net Security) It is crucial that before purchasing a new cybersecurity tool or hiring specialists, you understand their functionality and purpose.
2023 Authenticate Pulse Report: Two-Thirds of Organizations Moving to Passwordless Authentication (SecureAuth) Majority of companies are not confident about traditional MFAs protecting against cyberattacks
'Central to everything we do': Army unveils first-ever doctrine for 'information' (Breaking Defense) “We no longer regard information as a separate consideration or the sole purview of technical specialists,” the new ADP 3-13 says. “Instead, we view information as a resource that is integrated into operations” — from cyberwar to psyops, reconnaissance to deterrence, social media to camouflage.
More than you want to know about gift cards (Bits about Money) Gift cards are a loosely-regulated quasi-financial product and frequently misunderstood. Here's how they operate under the hood.
Design and Innovation
My techno-optimism (Vitalik) Last month, Marc Andreessen published his "techno-optimist manifesto", arguing for a renewed enthusiasm about technology, and for markets and capitalism as a means of building that technology and propelling humanity toward a much brighter future.
Academia
Pentagon Opens Scholarship for US Navy Cybersecurity Specialists (The Defense Post) The US Department of Defense has launched a project offering professional development opportunities to US Navy cybersecurity personnel.
Legislation, Policy, and Regulation
UK government rings the death knell for SIM farms (Register) Acts under the guise of protecting the public from fraud, yet history suggests Home Office has other motives
A key senator has a proposal to reauthorize controversial spy powers. Will it become law? (Washington Post) A major player in the delicate debate over renewal of surveillance powers that national security officials have touted as vital to cybersecurity has put forward their first legislative proposal within weeks of the expiration data of the spy powers.
Senate proposes surveillance bill without FBI warrant requirement (Record) The bipartisan Senate legislation would not require the FBI to obtain a warrant before searching the NSA’s massive data trove for information related to Americans.
US used its Section 702 spy tool to disrupt Iran’s weapons program (POLITICO) The disclosure is the administration’s latest argument that the Section 702 tool is essential as it pushes for renewal ahead of a year-end expiry.
DHS aims to lead in defense against ‘adversarial’ AI (Nextgov.com) The agency’s secretary noted artificial intelligence has proven useful for DHS operations in many ways, but also cautioned that the technology can be used for more nefarious purposes.
Expanding CISA’s Zero Trust Role Is Smart: Here’s Why (Booz Allen Hamilton) An independent CSIS report on CISA’s evolving mission proposes ways to strengthen federal cybersecurity.
Litigation, Investigation, and Law Enforcement
Ransomware group dismantled in Ukraine in a major international operation supported by Eurojust and Europol (Eurojust) Judicial and law enforcement authorities from seven different countries have joined forces in an action against a criminal network responsible for significant ransomware attacks across the world. These attacks are believed to have affected over 1,800 victims in 71 countries. The perpetrators targeted large corporations, effectively bringing their business to a standstill and causing losses of at least several hundred millions of euros. A recent operation supported by Eurojust and Europol led to the arrest of the ringleader and the detention of four suspects in Ukraine. A total of 30 places were searched and over a hundred digital equipment tools were seized.
International collaboration leads to dismantlement of ransomware group in Ukraine amidst ongoing war (Europol) On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne and Vinnytsia, resulting in the arrest of the 32-year-old ringleader. Four of the ringleader's most active accomplices were also detained.More than 20 investigators from Norway, France, Germany and the United States were deployed to Kyiv to assist the Ukrainian National Police with their investigative measures. This...
Ransomware hackers 'wreaking havoc' arrested in Ukraine (BBC) Cyber police carry out raids to dismantle gang responsible for hacking hundreds of organisations.
High-profile ransomware gang suspects arrested in Ukraine (Record) The international operation, centered on Kyiv, essentially neutralized a group known for deploying variants of LockerGoga, MegaCortex, Hive and Dharma ransomware, authorities said.
Europol arrest hackers allegedly behind string of ransomware attacks (TechCrunch) An international law enforcement operation has arrested five individuals said to be behind ransomware attacks on more than 1,800 victims.
Ukraine Police Dismantle Major Ransomware Group (Infosecurity Magazine) Affiliate deployed LockerGoga, MegaCortex, Hive and Dharma
Police bust ransomware ring behind attacks in 71 countries (Cybernews) Law enforcement agencies from seven countries have busted “key figures” behind an international ransomware operation operating from several locations inside Ukraine.
Ukrainian ransomware gang behind high-profile attacks dismantled (Help Net Security) Law enforcement dismantled and apprehended key figures in a Ukrainian gang behind significant global ransomware operations.
Principal Associate Deputy Attorney General Marshall Miller Delivers Remarks at the New York Bar Association’s International White Collar Crime Symposium (U.S. Department of Justice) Good morning. Thank you for that warm welcome. It is a true pleasure to discuss the Justice Department’s corporate criminal enforcement work with such a knowledgeable, experienced, and international group of subject matter experts.
Los Angeles SIM Swapper Sentenced to 8 Years in Prison (SecurityWeek) Amir Golshan of Los Angeles was sentenced to 96 months in prison for perpetrating multiple cybercrime schemes.
'Serial cybercriminal and scammer' jailed for 8 years (Register) Crook did everything from SIM swaps to fake verified badge scams
Hospitals urged to review their security policies after bizarre data breach at Scottish hospital (ITPro) An ICO investigation found that serious security failings led to an unauthorized individual gaining access to a ward and patient data