Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+644: A hacktivist auxiliary is actively recruiting. (CyberWire) NATO conducts its annual cyber exercise against a background of hybrid war, heightened cyber espionage, and increased activity on the part of hacktivist auxiliaries.
Don’t Assume Hamas’ Attack Was a Miscalculation (World Politics Review) Hamas’ Oct. 7 attack on Israel may jeopardize much of what the group has achieved in almost 40 years of existence. So why did they do it?
Gaza war complicates U.S. efforts to normalize Arab relations with Israel (Washington Post) The war in Gaza is testing newly strengthened ties between Arab countries of the Persian Gulf and Israel, raising questions about an American-backed vision for regional order that emphasizes economic ties over political differences and historical rifts.
‘Storm of the century’ washes away Russia’s Crimea bridge barriers (The Telegraph) Pens holding specially trained dolphins that protect the Black Sea naval fleet are also likely to have been lost
Russian POWs Describe ‘Nightmare’ of Combat in Ukraine (Wall Street Journal) Russian soldiers captured in the battle for Avdiivka tell of the high price their army is incurring for its grinding advance.
Estonia Says 'Prepared' To Close Russia Border (Barron's) Estonia said Wednesday it was "prepared" to close its border with Russia following a similar move by Finland, with Tallinn citing a potential threat by its eastern neighbour.
Minister Umerov, IT Coalition members discuss asymmetric responses to Russia (Ukrinform) Ukraine’s victory on the battlefield will be ensured by asymmetric responses, which are possible thanks to technology. — Ukrinform.
Opinion In Russia, the shift in public opinion is unmistakable (Washington Post) Twenty months ago, after Vladimir Putin had launched his full-scale invasion of Ukraine, many high-ranking Russians believed that the end was near. The economy faced disaster, as they saw it, and the Putin regime was on the brink of collapse.
Russian Duma To Discuss 'Loyalty' Obligation For Foreign Visitors (RadioFreeEurope/RadioLiberty) Russia's Interior Ministry has outlined a bill that would oblige foreigners visiting the country to sign what it called a "loyalty agreement," the state news agency TASS said.
Russian Military Unit Admits To Hiring Women For Assault Detachments To Fight In Ukraine (RadioFreeEurope/RadioLiberty) Espanola, a military unit within the Redut network, is hiring women as fighters in its assault detachments, the media outlet iStories reported on November 28.
Another Russian General Reportedly Dies In Ukraine (RadioFreeEurope/RadioLiberty) Another Russian Army general has died in Ukraine, according to Ukrainian and Russian media reports on November 29.
Russians Banned From Leaving Country Will Have Passports Confiscated (RadioFreeEurope/RadioLiberty) Russians banned from traveling abroad must hand in their passports within five days of the date when they were notified of the travel ban, according to a government decree from November 22 published on the official portal of legal documents.
Migrants In Russia Face Raids, Political Attacks As Pressure To Fight In Ukraine Increases (RadioFreeEurope/RadioLiberty) Russian politicians have ramped up rhetoric against migrants in recent months with calls for more foreign-born workers to fight in the grueling war against Ukraine topping their list of demands. But as experts point out, Moscow’s labor-short economy needs migrants just as much as the military.
Putin’s Deal With Wife Killers (The Atlantic) The most violent criminals get a Kremlin pardon if they agree to fight in Ukraine.
Zelenskiy Faces Manpower Dilemma in Ukraine’s Stalled Offensive (Bloomberg) President has been stalling on conscript rules since June. Ukraine is grappling with dwindling number of volunteers.
Ukraine insists it sees no sign of NATO war fatigue even as fighting and weapons supplies stall (AP News) Ukraine's foreign minister insists that NATO allies are showing no sign of war fatigue and remain committed to helping his country defend itself against Russia.
Joe Biden’s secret Ukraine weapon: Liz Truss (POLITICO) The US president has an unlikely ally in Britain’s shortest-serving prime minister, who is in Washington this week to rally support for Ukraine.
NoName057(16) Gets Busy Recruiting an Online Hacktivist Army (Australian Cyber Security Magazine) The pro-Russian hacktivist group NoName057(16) is actively recruiting an online army to ramp up its cyber assaults on the websites of private entities and government agencies in countries it says display a bias against Russia. In a series of posts on its Telegram channel, NoName057(16) calls the formation of its online
Russian hackers pose ‘high’ threat level to EU, bloc’s cyber team warns (POLITICO) Moscow’s Fancy Bear group is targeting European governments, EU cyber response team warns.
NATO Holds Cyber Defense Exercise as Wartime Hacking Threats Rise (WSJ) NATO countries are taking part in a cyber defense exercise this week set against the backdrop of the continuing conflicts in Ukraine and Israel.
As US Army transforms, it's gleaning lessons about high- and low-tech fighting from Ukraine, Israel (Breaking Defense) Young Bang, principal deputy assistant secretary of the Army for acquisition, logistics and technology, said the effectiveness of high- and low-tech fighting was "pushing into our guiding principles."
Attacks, Threats, and Vulnerabilities
ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation (Ars Technica) Easy-to-exploit flaw gives hackers passwords and cryptographic keys to vulnerable servers.
New SugarGh0st RAT targets Uzbekistan government and South Korea (Cisco Talos Blog) Cisco Talos recently discovered a malicious campaign that likely started as early as August 2023, delivering a new remote access trojan (RAT) we dubbed “SugarGh0st.”
Crypto Country: North Korea’s Targeting of Cryptocurrency (Recorded Future) In a new report, Recorded Future’s Insikt Group examines North Korea’s success in its cybercriminal operations targeting the cryptocurrency industry.
LockBit claims cyberattack on India's national aerospace lab (TechCrunch) The notorious ransomware gang LockBit has claimed responsibility for a cyberattack targeting India's state-owned aerospace research lab. On Wednesday, LockBit ransomware gang has claimed responsibility for a cyberattack targeting India's state-owned aerospace research lab.
Black Basta ransomware victims have paid over $100 million (Elliptic) Joint research by Elliptic and Corvus Insurance has identified at least $107 million in Bitcoin ransom payments to the Black Basta ransomware group since early 2022.
Ransomware group 'Black Basta' has raked in more than $100 million -researchers (Reuters) A cyber extortion gang suspected of being an offshoot of the notorious Russian Conti group of hackers has raked in more than $100 million since it emerged last year, researchers said in a report published on Wednesday.
Black Basta ransomware made over $100 million from extortion (BleepingComputer) Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic.
Associated Press, ESPN, CBS among top sites serving fake virus alerts (Malwarebytes) A fake antivirus alert may suddenly hijack your screen while browsing. This latest malvertising campaign hit top publishers.
Hacker claims theft of Shadowfax users' information (TechCrunch) The hacker said the alleged breach happened in November, which led to the compromise of five million Shadowfax users' information.
Claiming Zoom Rooms Service Accounts to Gain Access to Tenants (AppOmni) Learn how Zoom Rooms service accounts could have been misused to gain unauthorized access to Zoom tenants and potentially disclose sensitive information.
New BLUFFS attack lets attackers hijack Bluetooth connections (BleepingComputer) Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks.
Okta Hack Update Shows Challenges in Rapid Cyber Disclosures (Wall Street Journal) Revision of hack’s impact demonstrates how information can change over the course of a cyberattack investigation.
Okta Broadens Scope of Data Breach: All Customer Support Users Affected (SecurityWeek) Okta expands scope of October breach, saying hackers stole names and email addresses of all its customer support system users.
Okta massively misjudged scale of October breach (Register) All customer support users told their info was accessed after analysis oversight
Okta: October data breach affects all customer support system users (BleepingComputer) Okta's investigation into the breach of its Help Center environment last month revealed that the hackers obtained data belonging to all customer support system users.
Okta: Breach Affected All Customer Support Users (KrebsOnSecurity) When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of…
Ransomware in the Cloud: Breaking Down The Attack Vectors (Dig Security) In this blog, we delve into the practical aspects of ransomware attacks within cloud environments. Drawing from real-world data and simulations, we explore these attack vectors and evaluate both their prevalence and potential impact to align our defense strategies and chart out the most effective approaches.
ChatGPT's training data can be exposed via a "divergence attack" (Stack Diary) This article delves into a recent comprehensive study examining the extent of data memorization in various language models, including open-source, semi-open, and closed models like ChatGPT.
Security Patches, Mitigations, and Software Updates
Google Chrome emergency update fixes 6th zero-day exploited in 2023 (BleepingComputer) Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks.
Improving Text Classification Resilience and Efficiency with RETVec (Google Online Security Blog) Elie Bursztein, Cybersecurity & AI Research Director, and Marina Zhang, Software Engineer Systems such as Gmail, YouTube and Google Play rel...
Your Unused Gmail Account May Be Permanently Deleted Friday (Wall Street Journal) How to revive your Google account before it’s too late.
Trends
Security Concerns Keep Half of IT Business Leaders Awake at Night, Reveals AppDirect’s IT Business Leaders 2024 Outlook Report (Business Wire) Study also explores the top causes of security breaches, which include human error
WatchGuard's 2024 Cybersecurity Predictions (WatchGuard Technologies) 2024 cybersecurity predictions from the WatchGuard Threat Lab, including Zero Trust, space hacks, cyber insurance, password-less authentication, and more
Marketplace
Why is cybersecurity venture funding so tepid despite the strong demand? (TechCrunch) Has late-stage investing declined so much that no technology subsector can really post impressive investment numbers?
Broadcom to relocate headquarters to former VMware campus in Palo Alto (Silicon Valley Business Journal) CEO Hock Tan has been a longtime admirer of the 1.6 million-square-feet VMware campus.
BlackDice Selected for Vodafone Mentoring Program (Investors Observer) BlackDice Holdings Corp. ("BlackDice," or the “Company,”) an emerging player in AI-powered cybersecurity for the Telecom industry, has been selected for the Fall cohort of the Vodafone Mentoring Program, offered by Vodafone Power Lab based in Lisbon, Portugal.
Seattle cloud giant F5 lays off 120 employees (Geekwire) Seattle-based application security and delivery giant F5 this week laid off 120 people, the company confirmed to GeekWire.
Tech’s New Normal: Microcuts Over Growth at All Costs (Wall Street Journal) Amazon, Google, Microsoft and Meta are making strategic trims even as they rebound from the tech downturn.
Elon Musk claims advertisers are trying to 'blackmail' him, says 'Go f--- yourself' (CNBC) Elon Musk, the owner of social media site X (formerly Twitter), scoffed at advertisers boycotting the platform because of his controversial statements.
Briefing: Elon Musk Rejects Advertiser Concerns in Profanity-Laden Interview (The Information) Elon Musk has a simple message for the advertisers who have paused spending on his social media platform, X, following Musk’s endorsement of an antisemitic conspiracy theory: “Go f— yourself.”
In recent weeks, major advertisers including Apple, Disney and IBM have paused advertising amid the controversy over antisemitism on X. On stage at The New York Times’ DealBook summit, Musk called the
Cyber Talent Acquistion Woes for Enterprises (N2K Networks) Enterprises face significant challenges when it comes to acquiring and retaining top cybersecurity talent. Here are top challenges and how to address them.
Cybersecurity and Burnout: The Cybersecurity Professional's Silent Enemy (ISACA) The demands on cybersecurity professionals can lead to mental health challenges, making it important that practitioners integrate mindfulness and proactively find ways to reduce burnout.
Microsoft to Become Non-Voting Observer on OpenAI Board as Three Directors Resign (The Information) Microsoft is to become a non-voting observer on the non-profit board that governs OpenAI, newly reinstated CEO Sam Altman told employees on Wednesday, while confirming he had officially rejoined the firm. Microsoft’s new status will give it some insight into the board’s deliberations, but it won ...
OpenAI Director Who Helped Oust Altman Now Key Player in Startup's Future (Bloomberg) Adam D’Angelo will continue to serve on the board despite previously agreeing to oust Altman as CEO and running a company that competes with ChatGPT.
Google opens biggest European cyber centre (ET Telecom) Google: The Silicon Valley firm said it opened the new centre in the southern Spanish city of Malaga after a year of conversations with policy makers.
Cisco’s SVP, Corporate Treasurer and Head of Global Corporate Security, Roger Biscay, Joins Qrypt’s Board of Advisors (Qrypt) Roger Biscay of Cisco joins Qrypt's Board of Advisors, bringing vast expertise in finance and security to advance quantum-secure encryption solutions.
Infinigate Group Appoints Caroline Hutchins as Chief People Officer (MarketScreener) The Infinigate Group, the value-add distributor of cybersecurity, secure networks and secure cloud, is appointing Caroline Hutchins as the new Chief People Officer
Optiv + ClearShark Appoints Daniel Wilbricht as President (Optiv) Optiv + ClearShark has named Daniel Wilbricht as the company’s new president. He’ll focus on growing the cyber advisory and solution leader’s presence in the U.S. public sector.
Andrew McCabe and Michael Morell Join Flare Advisory Board (ACCESSWIRE News Room) Former Deputy Director of the FBI and former Deputy Director of the CIA to provide strategic counsel to Flare on intersection of threat intelligence and security
Products, Services, and Solutions
Camelot Secure Wins CSO50 Award with Cybersecurity Maturity Model Certification (CMMC) Compliance eDiscovery Tool (WATE 6 On Your Side) Camelot’s CEO Stanford Oliver, Chief Revenue Officer Sherri Thomas, and VP of Product Development Jacob Birmingham accepted the CSO50 Award Camelot Secure's Cybersecurity Maturity Model Certification (CMMC) compliance eDiscovery Tool
Camelot Secure Announces Award-Winning CMMC Compliance Readiness Process (Digital Pulse HQ: Your guide to the latest tech trends.) Camelot Secure’s Award-Winning CMMC Compliance Process,
HUMAN Achieves the New AWS Advertising and Marketing Technology Competency (Business Wire) HUMAN Defense Platform ensures ad inventory offers complete fraud protection on AWS from start to finish reaching real humans across all media channels
Improve the Resilience Posture of Your Workloads with AWS Resilience Competency Partners (Amazon Web Services) Organizations today face a number of resilience challenges—from data and state failures to downtime caused by code deployment issues or unexpected events—with high expectations from customers to be 'always on, always available'. That's why we're excited to announce the AWS Resilience Competency, which helps AWS customers improve the availability and resilience of critical workloads in the cloud.
Access Affordable Policies with New Security Posture Assessment from AWS Cyber Insurance Competency Partners (Amazon Web Services) We’re excited to announce the AWS Cyber Insurance Competency, which makes it easy for customers—particularly Small and Medium Businesses—to find affordable policies from insurers that integrate their security posture assessment through a new, simplified customer experience with AWS Security Hub. AWS Cyber Insurance Competency Partners worked with AWS to digitally transform their assessment and onboarding process, which rewards customers that present a security posture following AWS best practices.
Uptycs Unveils Cross-Cloud Anomaly Detection Engine to Identify Potential Security Breaches Across Workloads Running on AWS and Hybrid Multicloud Environments (GlobeNewswire News Room) Anomaly detection engine one of several cloud security early warning systems showcased at AWS re:Invent 2023
GuidePoint Security announces Compliance Management as a Service (Help Net Security) GuidePoint Security’s Compliance Management as a Service helps organizations maintain compliance with multiple cybersecurity standards.
Cofense Announces Solution to Combat QR Code Phishing (Cofense) Protect your business from the 2,400% rise in QR code phishing threats with Cofense's first end-to-end email security solution. Find out what's new.
New Zero Trust Data Resilience Model Introduced by IT Security and Data Protection Experts (Veeam Software) Numberline Security and Veeam Extend the Zero Trust Maturity Model for Improved Cyber Resilience
Bitdefender Achieves Highest Scores in AV-Comparatives Advanced Threat Protection Tests (Bitdefender) Independent Testing Illustrates Superior Ability to Detect and Prevent Advanced Threats to Both Enterprises and Consumers
The Latest Delinea Secret Server Release Boosts Usability with New Features (PR Newswire) Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced new features for Secret...
Goldilock Selected For Prestigious NATO DIANA Accelerator Programme (Yahoo Finance) Goldilock, British cybersecurity company and creator of the unique physical network isolation solution "Drawbridge", has today announced that it has been selected as one of 30 participants out of 1,300 applicants, to be accepted into the NATO DIANA accelerator programme, on merit of its unique physical disconnection solution.
Technologies, Techniques, and Standards
How to maintain a solid cybersecurity posture during a natural disaster (CSO Online) Fire, flood, eathquake, hurricane, tornado: natural disasters are becoming more prevalent and they’re a threat to cybersecurity that isn’t always on a company’s radar. Here are some ways to prepare for the worst.
Design and Innovation
ChatGPT one year on: How 10,000+ AI tools have changed the workplace and redefined data security (Harmonic) On ChatGPT’s one year anniversary, Harmonic analyzes the proliferation of AI tools, how employees are using them, and the risks security teams must consider.
Google Researchers’ Attack Prompts ChatGPT to Reveal Its Training Data (404 Media) ChatGPT is full of sensitive private information and spits out verbatim text from CNN, Goodreads, WordPress blogs, fandom wikis, Terms of Service agreements, Stack Overflow source code, Wikipedia pages, news blogs, random internet comments, and much more.
Academia
Purdue University Global partners with Google to enhance educational and employment opportunities through the Google IT Support Certificate (Purdue University) Purdue University Global is partnering with Google in a shared educational initiative designed to enhance meaningful employment opportunities for adult learners through the Google Career Certificate program.
CybeReady Announces Strategic Alliance with Securus360 to Empower Cybersecurity Education (KSNT 27 News) CybeReady, a global leader in security awareness training, is pleased to announce a strategic partnership with Securus360, a respected authority in K-12 cybersecurity solutions. This marks the beginning of a collaborative advancement in cybersecurity education to bolster organizational defenses against the dynamic and complex nature of current and emerging threats. Committed to a shared vision, both organizations are ...
Legislation, Policy, and Regulation
Lawmakers warn Hill leaders against linking surveillance program to massive defense bill (POLITICO) The group warned attaching a short-term extension to the NDAA would “undermine the credibility of any legislation employed for this reauthorization.”
U.S. stops helping Big Tech spot foreign meddling amid GOP legal threats (Washington Post) The federal government is no longer warning Meta about foreign influence campaigns, a shift that comes amid a legal campaign against the Biden administration’s communication with tech platforms
Meta Tells US Officials 2024 Plan Will Look Like Past Elections (Bloomberg) Facebook owner to block political ads one week before US vote. First US election with broad generative AI will test democracy.
Cyber Incident Reporting May Be “Material” for Federal Contractors (JD Supra) Last month, the Federal Acquisition Regulatory Council proposed new cybersecurity and incident reporting regulations for federal contractors on behalf...
Senators introduce bipartisan legislation ending involuntary facial recognition screening (The Hill) Sens. John Kennedy (R-La.) and Jeff Merkley (D-Ore.) introduced bipartisan legislation on Wednesday to end involuntary facial recognition screening at airports. The pair of senators are aimin…
Litigation, Investigation, and Law Enforcement
Supreme Court Looks Poised to Curb SEC Enforcement Powers (Wall Street Journal) A ruling limiting the agency’s in-house court system could clear the way for attacks on similar executive-branch bodies.
Treasury Sanctions Mixer Used by the DPRK to Launder Stolen Virtual Currency (U.S. Department of the Treasury) Mixing services that enable cybercriminals continue to face consequences
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers (BleepingComputer) The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group.
Ukrainian gets 8-year sentence for running marketplace for Americans' data (Record) Vitalii Chychasov
ran a marketplace called SSNDOB — a series of websites that sold the personal information of Americans.
Members of Congress Plan to Grill OCC Over Fintech Regulator Who Faked His Resume (The Information) A congressional committee is preparing to question officials from the federal banking regulator, the Office of the Comptroller of the Currency, over the appointment of its first chief financial technology officer, who The Information reported fabricated his work history to get the ...
Medical test company’s ‘serious and systemic failures’ led to cyber-attack, watchdog says (the Guardian) Australian Clinical Labs hack alleged to have resulted in more than 200,000 health records and credit card details being published on dark web
Ex-Motorola tech pleads guilty to cybercrime, passport fraud (Register) Pro tip: Don't use your new work email to phish your old firm
No Laws Protect People From Deepfake Porn. These Victims Fought Back (Bloomberg) A group of young women in a New York City suburb, horrified to learn their photographs had been manipulated and posted online, took matters into their own hands.
Arizona officials charged with conspiring to delay midterm election outcome (Washington Post) Two Republicans who lead a rural county in southern Arizona were indicted by a state grand jury this week for allegedly flouting last year’s deadline to formally accept the results of the 2022 midterm election.
Founder of spyware maker Hacking Team arrested for attempted murder: local media (TechCrunch) Italian authorities accuse David Vincenzetti, the former founder and CEO of spyware maker Hacking Team, of attempted murder.