Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+645: Influence operations in a winter war. (CyberWire) Russian disinformation seeks to reach anglophone audiences, and makes some claims that would be too far-fetched to get past a science-fiction editor.
Warplanes hit targets in Gaza as Israel resumes its offensive and warns of attacks to come in south (AP News) Israel’s military blamed Hamas for breaking the cease-fire.
Israel Strikes Gaza After Truce Expires (TIME) Israeli fighter jets hit targets in the Gaza Strip minutes after a weeklong truce expired on Friday.
Does Hamas want to keep fighting Israel or start talking peace? (The Economist) A high-stakes struggle is taking place within the group
Israel-Hamas war live: dozens of Palestinians reported killed by Israeli strikes since ceasefire expired (the Guardian) Hamas-run health ministry says airstrikes have killed people since truce expired this morning and fighting resumes
Extend the Cease-Fire in Gaza—but Don’t Stop There (Foreign Affairs) Regional diplomacy and an overhaul of U.S. policy could produce lasting peace.
WSJ News Exclusive | Israel Plans to Kill Hamas Leaders Around the World After War (Wall Street Journal) The nation’s top spy agencies intend to hunt down militants living in Lebanon, Turkey and Qatar.
GPS Spoofing Signals Traced To Tehran (AVweb) A University of Texas student has traced the source of alarming GPS spoofing signals in the Middle East to the eastern outskirts of Tehran, but it would seem there is little anyone can do to stop the navigation interference. Todd Humphreys, who heads up the Radionavigation Laboratory at UT, said the grad student, Zach Clements, […]
GPS Spoofing Traced To Iran (Location Business News) Middle East GPS spoofing seems to have an epicenter...
NCSC statement following exploitation of Unitronics programmable logic controllers (NCSC) NCSC supports US advisory regarding exploitation of Unitronics programmable logic controllers used in the water sector.
Iran-Backed Cyber Av3ngers Escalates Campaigns Against U.S. Critical Infrastructure (SentinelOne) Water and wastewater treatment plants are the latest critical infrastructure to come under attack. Learn how to mitigate the risks.
Anti-Israel hacking campaign highlights danger of internet-connected devices (CyberScoop) The Iran-linked Cyber Av3ngers hacking crew has targeted water facilities in Pennsylvania and elsewhere in the United States.
Spillover from wars in the Middle East and Ukraine may spread to the Western Balkans, warns Albanian prime minister (Atlantic Council) Western Balkans countries must “work day and night to keep the conflict out of the borders of our region,” Prime Minister Edi Rama said at the Atlantic Council.
Poll finds strong support for arming Ukraine, Israel and Taiwan (Defense News) A Reagan Institute poll found high public support for arming friendly U.S. countries and high military spending as Congress negotiates a giant aid package.
The AP Interview: Ukraine's Zelenskyy says the war with Russia is in a new phase as winter looms (AP News) The Ukrainian president said he fears the Israel-Hamas war is threatening to overshadow the conflict in Ukraine.
Russia-Ukraine war live: no reason for Russia to change goals, says Lavrov (the Guardian) Russian foreign minister Sergei Lavrov says Moscow sees no signs to alter its ‘special military operation’
Putin’s War Party (Foreign Affairs) Russia’s 2024 election will validate autocracy—and permanent conflict with the West.
Putin seems to be winning the war in Ukraine—for now (The Economist) His biggest asset is Europe’s lack of strategic vision
A Containment Strategy for Ukraine (Foreign Affairs) How the West can help Kyiv endure a long war.
How Putin is reshaping Russia to keep his war-machine running (The Economist) He is creating a class of wealthy bureaucrats, who are the war’s biggest supporters
Putin’s pro-war majority: Most Russians still support Ukraine invasion (Atlantic Council) Putin’s pro-war majority: almost two years on, most Russians still support the Ukraine invasion and have reconciled themselves to the reality of a long war, writes Peter Dickinson.
Alternate Reality: How Russian Society Learned to Stop Worrying About the War (Carnegie Endowment for International Peace) Many Russians equate their country with the political regime that rules it, and believe it is their duty to support the state’s actions. This belief and the limited impact the war in Ukraine has had on the day-to-day lives of most Russians go some way to explaining continuing high levels of support for the war among Russians.
Russian War Report: Pro-Kremlin surrogates accuse the US of using ‘climate weapons’ in Crimea (Atlantic Council) Following a severe storm in the Black Sea heavily impacted Crimea, pro-Kremlin sources circulated a conspiracy suggesting the US used a weather weapon.
Western leaders must choose: Arm Ukraine or enable Putin's genocide (Atlantic Council) Western leaders must decide whether they are finally prepared to arm Ukraine adequately or face the consequences of a Russian victory which would lead to genocide in the heart of Europe, writes Taras Kuzio.
We can outlast Russia in Ukraine, Lord Cameron tells Nato (The Telegraph) Foreign Secretary urges Western allies to collectively increase weapons production in order to help Kyiv towards victory
Ukraine's new long-range rocket delivery from US pushed to next year (Reuters) Ukraine will need to wait until next year before it receives its first big shipment of rocket-propelled bombs the U.S. has adapted to strike at a nearly 100-mile (160km) range, according to the Pentagon and people familiar with the timing.
Democrats consider new immigration rules to secure fresh Ukraine funding (The Telegraph) Senate Republicans make border control demands a potential condition of their support for Joe Biden's $106bn military aid request
War has spread to a sixth domain: the private sector (Financial Times) The conflict in Ukraine highlights the need for governments and private companies to collaborate on national security
Unprivileged Belligerency in a Deterritorialized Cyber Battlefield? Some Lessons Learned from the Russia-Ukraine Conflict (SpringerLink) Despite the fact that heightened geopolitical tensions brought about by the Russia-Ukraine Conflict may spur a stalemate in the UN’s consensus-based efforts to advance international law and norms in cyberspace, the conflict has given rise to a number of...
Putin Humiliated by Ukrainian Hackers Who Take Over Russian TV Broadcasts in Crimea, Insult President: Reports (MSN) Ukrainian President Volodymyr Zelensky made a surprise appearance overnight on Russian television screens across annexed Crimea.
How Ukraine defeated Russia’s cyber warriors (Australian Financial Review) Kyiv imported tens of thousands of modems after malware took down its satellite communications network. Western tech companies helped thwart other attacks too.
Russian region launches chatbot to report ‘extremist’ neighbors (Region) Named “The Agent is Writing,” the chatbot is available on Telegram. It was created by the anti-terrorism commission in Primorsky Krai, located in Russia's far east.
EU should go on the cyber offensive in defence reform - Charles Michel (Euronews) The European Union needs a bespoke "cyber force" to beef up its defensive capabilities, according to European Council chief Charles Michel. #EuropeNews
NATO to update artificial intelligence strategy amid new threats (Defense News) “We will need AI to defend ourselves,” a NATO official said.
Putin has been accused of starving civilians as a warfare tactic. Will the ICC agree? (Atlantic Council) New evidence about Russia’s actions in Ukraine offers the ICC an opportunity to prosecute starvation as a war crime or crime against humanity affecting Ukrainians and other global victims.
Attacks, Threats, and Vulnerabilities
Disruptive new wave of ransomware hits critical infrastructure (Axios) A wave of ransomware attacks targeting critical infrastructure in recent weeks is a stark reminder that the ransomware problem will continue to get worse before it slows down — despite the U.S. government's best efforts.
Adversarial Threat Report, Third Quarter 2023 (Meta) Our public threat reporting began over six years ago when we first shared our findings about coordinated inauthentic behavior (CIB) by a Russian covert influence operation.
Meta Takes Action Against Multiple Foreign Influence Campaigns (SecurityWeek) Meta removed three foreign influence operations from the Facebook platform during Q3, 2023. Two were Chinese in origin, and one was Russian, the company says.
HUMAN Satori Threat Intelligence Alert: Account Takeover Attacks Use ScrubCrypt to Deploy RedLine Stealer Malware (HUMAN) HUMAN's Satori Threat Intelligence Team uncovers a new build of ScrubCrypt used in account takeover attacks. Learn how this obfuscation tool is deployed to deploy RedLine Stealer malware. Find out how HUMAN stopped the attack and protects customers from such threats.
Microsoft warns of new ransomware campaign by Twisted Spider group (Computing) According to a series of posts on X by Microsoft Threat Intelligence, Russia-based ransomware actor Storm-0216 (aka Twisted Spider, UNC2198) is deploying Danabot, an advanced banking Trojan, to deploy Cactus ransomware.
North Texas water utility the latest suspected industrial ransomware target (Cybersecurity Dive) Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.
Staples confirms cyberattack behind service outages, delivery issues (BleepingComputer) American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data.
Thanksgiving hack on North Carolina city caused leak of employee data (Record) A city in North Carolina is warning government employees that data from its systems may have been accessed in a pre-Thanksgiving holiday incident.
Data for over 1 million Michiganders, Corewell Health patients compromised after massive Welltok cyber attack (WWJ News) Roughly 1 million Michiganders were impacted after a cyber security breaches was discovered at Welltok Inc., a healthcare software-as-a-service company contracted by Corewell Health.
Security Patches, Mitigations, and Software Updates
Apple fixes two new iOS zero-days in emergency updates (BleepingComputer) Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year.
Apple Patches WebKit Flaws Exploited on Older iPhones (SecurityWeek) Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
Critical Zyxel NAS vulnerabilities patched, update quickly! (Help Net Security) Zyxel has patched six vulnerabilities affecting its network attached storage (NAS) devices, including several (OS) command injection flaws.
Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices (SecurityWeek) Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks.
CISA Releases Four Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) CISA released four Industrial Control Systems (ICS) advisories on November 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-334-01 Delta Electronics DOPSoft
ICSA-23-334-02 Yokogawa STARDOM
ICSA-23-334-03 PTC KEPServerEx
ICSA-23-334-04 Mitsubishi Electric FA Engineering Software Products
Trends
Global Threat Intelligence Report (Mimecast) Because email is the channel through which most cyber threats launch, Mimecast sees many new threats before they become widely known.
Marketplace
Irish cybersecurity start-up Cytidel raises €1.3m in funding round (The Irish Times) Cyber risk management platform helps organisations predict threats
Clear Ridge Defense Awarded Prime Contract to Support CYBERCOM’s J7 Cyber Adversary Tactics Office (Business Wire) Clear Ridge Defense CRD recently announced their award of a prime contract to support U.S. Cyber Command's Exercise and Training Directorate J7, Cyber Adversary Tactics Office CATO. The contract’s total value if all options are awarded could total approximately $25 million.
Broadcom to eliminate jobs of 1,267 VMware employees based in Palo Alto (Silicon Valley Business Journal) The job cuts are directly connected to Broadcom's completed acquisition of VMware.
To Continue Innovating, OpenAI Should Return to Its Nonprofit Roots (The Information) There’s much speculation about the reasons for the abrupt removal and subsequent return of Sam Altman as the CEO of OpenAI. Irrespective of who leads the company going forward, OpenAI faces a fundamental challenge in reconciling its mission with its choice of corporate structure and business ...
OpenAI CEO Sam Altman went on an 18-month, $85 million real-estate shopping spree — including a previously unknown Hawaii estate (Business Insider) OpenAI CEO Sam Altman has snapped up multimillion-dollar properties in San Francisco, Napa, and Hawaii — all managed by his discreet family office.
Menlo Security Strengthens Executive Leadership Team with Chief Marketing Officer and Chief Financial Officer Appointments (Business Wire) Both Pejman Roshan, the company’s new CMO, and Naresh Bansal, CFO, bring decades of experience in SaaS, AI and Security as the company sets its sights on the next level of growth and product innovation
David A. Hoffman Joins Paladin Capital Group as Strategic Advisor (Paladin Capital Group) Paladin Capital Group, the multi-stage investor specializing in cyber and advanced technology, is delighted to announce that Duke University Professor David A. Hoffman will join the firm as a Strategic Advisor.
Products, Services, and Solutions
Exabeam Enhances Compliance Portfolio with Completion of IRAP Assessment in Australia (Business Wire) Exabeam, a global leader in cybersecurity that delivers AI-driven security operations, today announced the successful completion of an Information Security Registered Assessors Program (IRAP) assessment at the Protected level for the Exabeam Security Operations Platform.
Morphisec Fortifies Capabilities with Next-gen Risk-Based Vulnerability Prioritization for Exposure Management (Morphisec) Vulnerability-based breach events persist, despite ample mitigation investment. Learn how risk-based vulnerability prioritization improves remediation efforts.
Palo Alto Networks Unveils New Rugged Firewall for Industrial Environments (SecurityWeek) Palo Alto Networks has launched a new rugged firewall for industrial environments and announced several OT security improvements.
Tangem Sets New Standards for Crypto Hardware Wallet Integrity: Introducing Firmware Attestation, Audited by Riscure (Financial Post) ZUG, Switzerland, Nov. 30, 2023 (GLOBE NEWSWIRE) — Tangem AG, a leading crypto hardware wallet manufacturer, is thrilled to announce an in-depth software…
Trulioo Partners With Public for Its UK Launch (Business Wire) Trulioo Person Match Delivers Industry-Leading Match Rates, Highest Assurance to Ensure Investment Platform’s Worldwide Compliance
Technologies, Techniques, and Standards
Partners Support Cyber Defence During NATO's Premier Cyberspace Exercise (NATO SHAPE) SHAPE’s Deputy Chief of Staff Partnerships Directorate, Rear Admiral Gunnstein Bruåsdal, visited NATO partners participating in exercise Cyber Coalition 2023 from Nov. 27 to Dec. 1 in Tallinn, Estonia.
New Yorkers feel betrayed as police radio dispatches end: ‘You’d hear about nine shootings a day’ (the Guardian) The NYPD has communicated via public channels for nearly a century. Now the system is being encrypted
Research and Development
A novel hybrid feature selection and ensemble-based machine learning approach for botnet detection - Scientific Reports (Nature) Scientific Reports - A novel hybrid feature selection and ensemble-based machine learning approach for botnet detection
Legislation, Policy, and Regulation
Europe agrees on rules to protect smart devices from cyber threats (Reuters) EU countries and EU lawmakers on Thursday agreed to rules to protect laptops, fridges, mobile apps and smart devices connected to the internet from cyber threats following a spate of such attacks and ransom demands in recent years around the world.
Advancing an Affirmative Vision for Cyberspace at the Inaugural Global Conference on Cyber Capacity Building - United States Department of State (United States Department of State) Ambassador at Large for Cyberspace and Digital Policy Nathaniel C. Fick participated in the inaugural Global Conference on Cyber Capacity Building (GC3B) from November 29 to 30, 2023 in Accra, Ghana, alongside other U.S. government officials including Chief Digital Development Officer for the U.S. Agency for International Development Chris Burns. In remarks at the conference, […]
A high school’s deepfake porn scandal is pushing US lawmakers into action (MIT Technology Review) Legislators are responding quickly after teens used AI to create nonconsensual sexually explicit images of more than 30 girls.
Wyden to block Senate vote on new NSA, Cyber Command lead (POLITICO) The senator is pledging to stop a vote on Lt. Gen. Timothy Haugh to lead the agencies until the NSA releases details on potential surveillance of Americans.
Litigation, Investigation, and Law Enforcement
US Justice Department urged to investigate after foreign hackers breach Pennsylvania water supply (Fox News) Members of Congress have called on the U.S. Justice Department to investigate a cyberattack by on a Pennsylvania water utility. The hacking group is believed to be from Iran.
Meta Sues FTC on Privacy Move in Challenge to In-House Court (Bloomberg) Suit says agency proceedings violate constitutional rights. FTC sought to amend privacy pact over alleged broken promises.
Montana Judge Says TikTok Ban Likely Violates First Amendment (Wall Street Journal) The social-media app sued after the state passed a law banning TikTok to protect residents’ privacy.
Legal challenge launched against NHS-Palantir data deal (Computing) Campaigners have launched legal action in a bid to halt a contentious data sharing deal between the NHS and US tech company Palantir citing concerns over patient privacy.
About 4 million New Yorkers impacted by medical company's data breach, New York Attorney General Letitia James says (CBS News) The breach has affected Northwell Health and Crouse Health.