From gaining buy-in to staying engaged during leadership churn, Fortra walks you through the ins-and-outs of bringing a culture of cybersecurity to your company. With over two decades of security awareness training expertise, we know the pitfalls and can prepare you for persistent success. Learn from our experience how to:
Join us for our quarterly Industry Insights Analyst Call on Tuesday, December 19th, 2023 at 2:00 PM EST. During this live and interactive event, Rick Howard and a panel of security experts will breakdown the most impactful news and events from the last 90 days, and dive into why it matters to organizations and our industry. Register now.
Late Friday evening the US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) released a joint Cybersecurity Advisory (CSA): IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors. The Joint Advisory amplifies guidance issued earlier last week in response to disclosures of the exploitation of a Unitronics programmable logic controller at certain water treatment facilities in the United States. The renewed warning is noteworthy on at least four counts:
The Joint Advisory notes, as others have, that the IRGC "persona" claiming responsibility for the attacks, the CyberAv3ngers, has a record of exaggerated claims, but it reviews some of the group's activity, both bad and bogus, over the past three months:
In the cloud, every second counts. Attacks move at warp speed; security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. We correlate signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Visit our website to learn more.
Cado Security warns that a new variant of the P2Pinfect botnet malware is targeting the MIPS (Microprocessor without Interlocked Pipelined Stages) architecture. The researchers say this “demonstrates increased targeting of routers, Internet of Things (IoT) and other embedded devices by those behind P2Pinfect.”
Cado explains, “Not only is this an interesting development in that it demonstrates a widening of scope for the developers behind P2Pinfect (more supported processor architectures equals more nodes in the botnet itself), but the MIPS32 sample includes some notable defence evasion techniques. This, combined with the malware’s utilisation of Rust (aiding cross-platform development) and rapid growth of the botnet itself, reinforces previous suggestions that this campaign is being conducted by a sophisticated threat actor.”
Researchers at Palo Alto Networks’s Unit 42 are tracking a newly discovered backdoor, “Agent Racoon,” that’s targeted organizations in the US, Middle East, and Africa. A suspected nation-state threat actor used the backdoor to compromise organizations in the education, real estate, retail, non-profit organizations, telecom companies, and government sectors. Agent Raccoon is “written using the .NET framework, and leverages DNS to establish a covert channel with the C2 server.” The researchers note, “This tool set is not yet associated with a specific threat actor, and not entirely limited to a single cluster or campaign.”
Cybersecurity is a national security priority. That’s why Microsoft is setting the standard with security built-in. And our 8,000 threat hunters analyze 65 trillion+ signals daily, partnering with federal agencies to protect their digital estate. We help strengthen cybersecurity at scale—from identity, data, and apps to endpoints, infrastructure, and networks—so you can focus on what matters: your mission. Visit aka.ms/FedCyber today to get started.
VulnCheck has published a report looking at repository hijacking (repojacking) in the Go module ecosystem. The researchers found more than 15,000 repositories that are vulnerable to repojacking due to GitHub username changes or account deletion. These repositories “support more than 800,000 Go module-versions.”
VulnCheck concludes, “[M]itigating all of these repojackings is something that either Go or GitHub will have to take on. A third-party can’t reasonably register 15,000 GitHub accounts. Until then, it’s important for Go developers to be aware of the modules they use, and the state of the repository that the modules originated from.”
A report from BioCatch has found that mobile banking fraud increased by 64% in 2023 compared to the previous year. The researchers found that criminals are increasingly shifting from using bots to conduct web-based banking fraud to using emulators to carry out mobile-based banking fraud. BioCatch notes an increase in both legitimate and illegitimate uses of emulators: “When we look at the emulators, we see an increase, in some cases very drastic. We see slower increases in fraud, but this should be caveated that some fraud will take time to be reported.”
Is cloud security posture management (CSPM) right for your organization? Watch the webinar to learn about the four generations of CSPMs and building versus buying CSPM tools as well as use cases and real-world CSPM examples. Register today.
Russian cybersecurity company F.A.C.C.T. reported last week that XDSpy has been conducting phishing attacks against a Russian metallurgical firm and a company specializing in the development of ballistic missiles. The phishing emails misrepresented themselves as originating from a nuclear weapons design institute. The Record summarizes what's known about XDSpy, which isn't much. The group is known to have been active since at least 2011, and it's believed to be state-directed. ESET, which tracked XDSpy closely until the company lost access to Russia and Belarus after Russia's invasion of Ukraine, says that the cyberespionage group doesn't have a particularly sophisticated toolkit, but that its operations security is excellent. That security has prevented attribution of XDSpy to any government, but the group's interests seem focused on Eastern Europe, including Russian and the Balkans. The Record doesn't offer any attribution either, but it does observe that most of the recent cyberespionage against Russia has originated with North Korea and China. Those two governments have been principally interested in theft of technical information, and that seems to be XDSpy's goal as well.
Microsoft Security this morning reported that the GRU threat group it tracks as Forest Blizzard (and formerly as Strontium) is "actively exploiting CVE-2023-23397 to provide secret, unauthorized access to email accounts within Exchange servers." Organizationally, Forest Blizzard (whose activity other firms call "Fancy Bear") is linked to Forest Blizzard to Unit 26165 of Russia’s military intelligence service, the GRU. Microsoft worked with Poland's Cyber Command (DKWOC) to contain and counter this hostile activity. CVE-2023-23397 is a privilege escalation vulnerability. Microsoft urges users to ensure that Outlook and Exchange are up-to-date: the vulnerability has been patched in current versions.
President Zelenskyy has appointed Yury Mironenko as the head of the State Service for Special Communications and Information Protection (SSSCIP). He replaces Yurii Shchyhol, who, with his deputy, Victor Zhora, were relieved and arrested on charges of embezzlement in the course of software procurements made between 2020 and 2022.
The CyberWire's continuing coverage of Russia's war against Ukraine, with special attention to the cyber phases of that war, may be found here.
Security Affairs reports that WeMystic, a service that specializes in "astrology, spiritual well-being, and esotericism," and that also runs an online shop that sells "natural stones, chakras, tarot cards, bracelets, and other products," has sustained a data exposure incident. Some 34 gigabytes of data, including customer information, were accessible to the Internet in an unprotected MongoDB database. The information exposed included more than thirteen-million files, and includes names, email addresses, dates of birth, IP addresses, gender, astrological signs, and user system data. WeMystic has since secured the database, but it was accessible for five days.
OpenAI's Q*, accounts of which have been rich in expectation but short on detail, is rumored to have shown surprising arithmetic chops, and has attracted much attention and speculation. Trapstrology explains, however, that analysts are overlooking the astrological dimensions of AI. The stars suggest both growth and healing, as the north node and Chiron simultaneously transit Ares. We now await the inevitable Meyer-Briggs typing of the AI. We're guessing Q* will be an ESFP, which seems about right for a Sagittarius.
Today's issue includes events affecting Belarus, China, Egypt, the European Union, France, Gaza, Indonesia, Iran, Israel, NATO/OTAN, New Zealand, Russia, Thailand, the United Kingdom, the United States, and Vietnam.
Ukraine at D+648: Cyberespionage from your besties? (CyberWire) Ukraine's SSSCIP gets a new chief, and Russian defense industries are targeted by foreign intelligence services. Who those services might be are unknown, but circumstantially they look a little like people from Shanghai or Pyongyang.
Israel-Hamas war: Hamas to blame for ceasefire collapse, says US (The Telegraph) The US has blamed Hamas for the collapse of the terror group’s truce with Israel.
Israel-Hamas war live: dozens of tanks enter southern part of Gaza Strip, witnesses say, as Israel says it has hit 200 ‘terror targets’ (the Guardian) Israel’s military says its ground troops are operating in the Gaza Strip and, with its air force, have hit ‘approximately 200 Hamas terror targets’
A brutal battle for southern Gaza beckons after the truce ends (The Economist) The next stage of fighting will be harder and more controversial
Israel says its ground forces are operating across ‘all of Gaza’ (the Guardian) IDF spokesperson says ‘troops coming face-to-face with terrorists and killing them’
Israel-Hamas war live: reports of fresh strike on Jabaliya refugee camp; ‘75% of Gaza’s population’ internally displaced (the Guardian) New estimate from UN humanitarian agency says around 1.8 million people in Gaza have been forced to leave their homes
Israel is now attacking the true Hamas stronghold (The Telegraph) The terrorists will have used the pause in fighting to improve their defences and prepare sniper positions, mines and explosive booby traps
Hamas Is Waging a War of Propaganda To Convince the World the Hostages Were Treated Well, Yet Freed Israelis Report the Opposite — in Harrowing Detail (The New York Sun) Some hostages are held in dark tunnels, not seeing sunlight for more than 50 days. Children were forced to watch footage of the massacre and threatened if…
National Security Council’s John Kirby: No indication U.S. intelligence was aware of Hamas’ Israel attack plan (NBC News) Kirby said on “Meet the Press” that the U.S. didn't have “any advance warning” or “any knowledge” of Hamas’ attack plan. The New York Times has reported that Israel obtained the plan over a year ago.
US intel not aware of Hamas’ plan for Oct. 7 attack on Israel, John Kirby says (New York Post) US intelligence has “indicated” that it was unaware of Hamas’ plans for its bloody Oct. 7 surprise attack, before the onslaught took place, a top official confirmed Sunday.
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities (Cybersecurity and Infrastructure Security Agency | CISA) The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated Advanced Persistent Threat (APT) cyber actors.
How a Pennsylvania cyberattack links to the war in Gaza — and how Israel is reacting (TPR) Israel's government has passed emergency wartime powers giving it more authority over cybersecurity, even within private companies. Cyberwar is playing an increasing role in the conflict with Hamas.
Breaches by Iran-affiliated hackers spanned multiple U.S. states, federal agencies say (ABC News) U.S. and Israeli authorities say a small western Pennsylvania water authority was just one of multiple organizations breached by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made
'Very alarming': Aliquippa's hacked water authority exposes the threat to operational technology (Pittsburgh Post-Gazette) Industrial control systems could be vulnerable to cyber threats, the nation's top cyberdefense agency warned last week, days after a water treatment facility...
Iranian hackers attempt to damage critical infrastructure through Israeli Unitronics products (CTech) According to a joint warning from American and Israeli cyber security agencies, since November 22, a group linked to the Iranian Revolutionary Guards has attacked Israeli company Unitronics devices which are used to control and automate machines.
Hackers steal IDF patient records from cyberattack on Israeli hospital (The Jerusalem Post) A hacker group allegedly linked to Iran says it stole 100,000 IDF medical records from a cyberattack on Ziv Medical Center in Safed in the Galilee.
How hackers linked to Iran, Hezbollah and Hamas are increasing their efforts to attack Israeli targets (CTech) Cyber attacks not only aim to damage infrastructure but also to deter business with Israeli companies, creating a complex threat landscape
Fighting Slows In Ukrainian Frontline Town Avdiivka: Official (APF via Barron's) The Ukrainian town of Avdiivka, under constant Russian fire, has seen fewer ground attacks in the past 24 hours due to heavy Russian losses and harsh weather, the mayor said on Sunday.
One Dead As Russian Shelling, Drone Strikes Hit Ukraine's Donetsk, Kherson, And Odesa Regions (RadioFreeEurope/RadioLiberty) At least two civilians were killed in Ukraine's Donetsk and Kherson regions in shelling by Russian troops that also caused damage to infrastructure and property, regional officials said on December 2.
Ukraine’s Zelensky Orders Construction of Defenses to Hold Back Russia (Wall Street Journal) The call to bolster fortifications is the Ukrainian leadership’s clearest public acknowledgment of a defensive turn.
Russian General Killed In Ukraine: Russian Governor (Barron's) A Russian general has died while deployed in Ukraine, the governor of Russia's Voronezh region said on Monday, the latest high-ranking Russian military figure to die during the 21-month offensive.
Dead or Alive? The Hunt for a Ukrainian Soldier Missing on a Chaotic Battlefield (Wall Street Journal) Ruslan Finchuk, a Ukrainian senior sergeant and experienced soldier, was last seen in enemy territory under machine gun fire. His unit told his wife he was missing, presumed dead.
Russia Boosts Troop Numbers By 15 Percent (Barron's) Russian President Vladimir Putin signed a decree on Friday boosting troop numbers by 15 percent, in a move the army said was due to "threats" associated with the Ukraine offensive.
Putin orders Russian army to add 170,000 troops for a total of 1.32 million (CNN) Russian President Vladimir Putin has ordered the country’s military to increase its number of troops by 170,000, as Moscow’s invasion of Ukraine enters its 22nd month.
Second Train In Days Explodes On Main Russian Railway Line In Siberia (RadioFreeEurope/RadioLiberty) A second train has exploded on Russia's major railway line in the Siberian region of Buryatia in recent days.
Ukrainian troops undergo advanced Patriot system training in Germany (Yahoo) Seventy more Ukrainian soldiers have completed training on the Patriot air defense system in Germany, German broadcaster Deutsche Welle reported on Dec. 2, citing Germany’s dpa news agency.
Why Russia now has to use its A-50U closer to the fight in Ukraine (Breaking Defense) "They will have to decide what costs them more: to lose one or more of these A-50s or to continue to see their combat aircraft and S-400 units progressively degraded," a Ukrainian expert told Breaking Defense.
Belarus, China Hail Deepening Ties In Beijing Talks (Barron's) Chinese President Xi Jinping and Alexander Lukashenko hailed strengthening ties on Monday, as they held talks during the Belarusian leader's second trip to Beijing this year.
Give the Kremlin an Inch and it Will Take Half of Europe (CEPA) Signs of Western hesitation over support for Ukraine encourage Russian Kremlin propagandists to speculate on which country might be next.
NATO should be ready for ‘bad news’ from Ukraine, Stoltenberg warns (POLITICO) ‘We have to support Ukraine in both good and bad times,’ NATO chief says in ARD interview.
Miscalculations, divisions marked offensive planning by U.S., Ukraine (Washingto Post) On June 15, in a conference room at NATO headquarters in Brussels, Defense Secretary Lloyd Austin, flanked by top U.S. commanders, sat around a table with his Ukrainian counterpart, who was joined by aides from Kyiv. The room was heavy with an air of frustration.
Congress Must Avoid Interruption Of U.S. Support, White House Says (RadioFreeEurope/RadioLiberty) The U.S. Congress should act swiftly to provide aid to Ukraine before the end of the month to avoid an interruption in support provided by the United States, White House national-security spokesman John Kirby said.
White House warns it will run out of money for Ukraine unless Congress acts by end of year (The Hill) The White House on Monday sounded the alarm that it will run out of money to provide weapons to Ukraine in its fight against Russia without congressional action by the end of the year. In a letter …
Mike Johnson Becomes Surprise Champion of More Ukraine Aid (Wall Street Journal) The effort to secure funding for Kyiv is part of a complicated set of negotiations that will again test the newly elected House speaker’s leadership.
Watchdog: Western arms companies failed to ramp up production capacity in 2022 due to Ukraine war (AP News) An independent watchdog says many Western arms companies failed to ramp up production in 2022 despite a strong increase in demand for weapons and military equipment.
Vladimir Putin cannot keep funding his war for ever (The Economist) Russia needs more men and more weapons for a long war. But Putin is likely to postpone another wave of mobilisation until after the 2024 presidential election
Zelenskyy hoping West will deny legitimacy of Putin's rule after upcoming 'sham election' (Yahoo) After the Russian presidential election in March 2024, Western leaders will have to decide whether to recognize Vladimir Putin's legitimacy if he runs and wins, Ukrainian President Volodymyr Zelenskyy has said in an interview with the Associated Press.
Putin betrayed us, say wives and mothers of Russian soldiers (The Telegraph) Influential campaign group demand end to indefinite mobilisation for troops in Ukraine and plan major demonstration in Moscow
Guidance for investigating attacks using CVE-2023-23397 (Microsoft Security) Microsoft has identified a nation-state activity group tracked as Forest Blizzard (STRONTIUM), based in Russia, actively exploiting CVE-2023-23397 to provide secret, unauthorized access to email accounts within Exchange servers. The Polish Cyber Command (DKWOC) partnered with Microsoft to take action against Forest Blizzard actors, and to identify and mitigate techniques used by the actor:
Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says (Record) The software giant, in tandem with Poland's Cyber Command, is warning that the group known as Fancy Bear, APT28 or Forest Blizzard is still exploiting an Outlook bug that drew attention earlier in 2023.
XDSpy hackers attack military-industrial companies in Russia (Record) A cyberespionage group known as XDSpy recently targeted Russian military-industrial enterprises, according to new research.
Ukraine appoints new cyber chief following ouster of top officials (Record) The Ukrainian government has appointed Yury Myronenko, a decorated serviceman and air defense commander, as head of one of its main cybersecurity agencies amid a corruption probe.
Ukrainian cyber experts lend skills to NATO's largest-ever digital warfare drills in Estonia (Yahoo News) Ukraine has taken part in the largest-ever NATO Cyber Coalition exercise, held in Tallinn, Estonia, from Nov. 27 to Dec. 1, news agency Interfax-Ukraine has reported.
No time to drop guard, but full-on cyber war has been a non-event (The Canberra Times) So far we have not seen devastating hacks some expected.
One App To Rule Them All: Coming Soon To Russia's Internet (RadioFreeEurope/RadioLiberty) A single app that can be used for everything from social media and instant messaging to government services like paying taxes. It’s a “dream scenario” for the Russian authorities, a way to dramatically expand surveillance -- and manipulate public opinion. And it’s getting close to reality.
Russia-China Alliance Would Build Artificial Intelligence For Dictators (The Moscow Times) Opinion | President Vladimir Putin struck a triumphant tone at last week’s Artificial Intelligence Journey Conference in Moscow.
Ukraine takes part in largest NATO cyber defense exercises (Interfax-Ukraine) Ukraine took part in the largest exercise in the history of NATO, the Cyber Coalition, which took place in Tallinn (Estonia) from November 27 to December 1.
International collaboration leads to dismantlement of ransomware group in Ukraine amidst ongoing war (EU NEIGHBOURS east) In an unprecedented effort, law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations wreaking havoc across the world.
VEON’s Kyivstar and Amazon Web Services Sign Memorandum of Cooperation to Support the Development of Ukrainian Businesses (GlobeNewswire News Room) Amsterdam and Kyiv, 4 December 2023: VEON Ltd. (NASDAQ: VEON, Euronext Amsterdam: VEON), a global digital operator that provides converged connectivity and...
Ukraine Accuses Russia Of Killing Surrendering Soldiers (Barron's) Kyiv accused Russia on Saturday of committing a war crime by executing Ukrainian soldiers who had signalled their intention to surrender.
Ukraine Says Apparent Shooting Of Surrendering Soldiers A Russian War Crime (RadioFreeEurope/RadioLiberty) Ukraine's military has decried the apparent killing of two surrendering Ukrainian troops by Russian forces and said it considers the incident evidence of a war crime.
Hundreds Of Ukrainian Monuments Threatened Or Damaged By War Documented (RadioFreeEurope/RadioLiberty) Scientists from the German cities of Marburg and Hanover, along with Ukrainian photographers, have documented 250 architectural monuments that have been threatened or damaged by the Russian war in Ukraine.
'No evidence' of reports of hacks linked to China and Russia, says Sellafield (Times and Star) CUMBRIA'S nuclear site has denied accusations made in a national newspaper that it has been hacked by groups linked to Russia and China.
Sellafield nuclear site hacked by groups linked to Russia and China (the Guardian) Exclusive: Malware may still be present and potential effects have been covered up by staff, investigation reveals
New proxy malware targets Mac users through pirated software (BleepingComputer) Cybercriminals are targeting Mac users with a new proxy trojan malware bundled with popular, copyrighted macOS software being offered on warez sites.
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia (The Hacker News) Researchers uncover FjordPhantom, a sophisticated malware targeting users in Southeast Asia.
DanaBot Stealer : A Multistage MaaS Malware Re-emerges with Reduced Detectability (CYFIRMA) EXECUTIVE SUMMARY At Cyfirma, our dedication lies in providing current insights into the predominant threats and strategies employed by malicious...
Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs (Dark Reading) Hundreds of consumer and enterprise-grade x86 and ARM models from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover.
New Tool Set Found Used Against Organizations in the Middle East, Africa and the US (Unit 42) A new toolset comprised of malware (Agent Raccoon and Ntospy) and a custom version of Mimikatz (Mimilite) was used to target organizations in the U.S., Middle East and Africa.
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S. (The Hacker News) A mysterious malware called Agent Racoon is infiltrating organizations in the Middle East, Africa, and the U.S.
P2Pinfect - New Variant Targets MIPS Devices - Cado Security | Cloud Forensics & Incident Response (Cado Security) Cado Security Labs has been monitoring on the rapid growth of a cross-platform botnet, named “P2Pinfect”. Here's the latest updates.
CVE-2023-49103: Critical Information Disclosure in ownCloud Graph API (Rapid7) On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information disclosure vulnerability affecting ownCloud.
IBM identifies zero-day vulnerability in Zyxel NAS devices (Security Intelligence) IBM X-Force uncovered two new flaws when investigating a vulnerability affecting Zyxel NAS devices. Learn more about the risks and the patch put in place.
How to Not Get Hacked by a QR Code (WIRED) QR codes can be convenient—but they can also be exploited by malicious actors. Here’s how to protect yourself.
DePauw University warns of data breach as ransomware attacks on colleges surge (Record) DePauw University warned students this week that their personal information may have been accessed by hackers who attacked the school.
‘Shock and dismay’ after Clare data leak (Varsity Online) The financial data of hundreds of students at the College was leaked in an all-student email
Hackers demand £300,000 to not leak royal family's medical records (Computing) A hacking group has targeted the prestigious King Edward VII's Hospital and is threatening to expose private health data of royal family members unless a ransom of £300,000 in bitcoin is paid.
Dollar Tree Supply Chain Attack Could Affect Millions of People (MSSP Alert) Discount retailer Dollar Tree has been hit by a supply chain cyberattack that has put some two million people’s personal information at risk.
Data Breach Exposed Thousands of Pet Medical Records Including Owner Information (Website Planet) Data Breach Exposed Thousands of Pet Medical Records Including Owner Information Cybersecurity Researcher, Jeremiah Fowler, discovered and reported
23andMe says hackers accessed 'significant number' of files about users' ancestry (TechCrunch) 23andMe revealed new details about its data breach. The company says it's notifying at least 14,000 users, but the actual number is likely far higher.
Fortune-telling website WeMystic exposes 13M+ user records (Security Affairs) WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data.
The Impact of Mayseeds Leaks: A Comprehensive Analysis (Digital Weekly) Mayseeds leaks have become a significant concern in recent years, affecting individuals, organizations, and even governments.
LockBit on a Roll - ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order (Security Affairs) LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks
Apple Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency | CISA) Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Google Chrome's new cache change could boost performance (BleepingComputer) Google is introducing a significant change to Chrome's Back/Forward Cache (BFCache) behavior, allowing web pages to be stored in the cache, even if a webmaster specifies not to store a page in the browser's cache.
Mobile Emulators Eclipse Bots in 2023 as Preferred Fraud Vector in North America (PR Newswire) BioCatch, the global leader in digital fraud and money laundering detection and response powered by behavioral biometric intelligence, today...
BlackFog State of Ransomware Report (BlackFog) We recorded eighty-nine publicly disclosed ransomware attacks in November, the highest number we’ve recorded since starting our State of Ransomware blog in 2020.
AWS re:Inforce Watch on demand | Amazon Web Services (AWS) Check out the re:Inforce 2023 keynote, leadership sessions, and breakout sessions.
Cyber Security NCC Group Resource Hub articles The Hidden Opponent: Cyber Threats in Sport (NCC Group) The global sports industry, projected to generate over $700 billion in 2026, is becoming an appealing target for cyber criminals due to its vast revenues and rapid digital transformation.
CYFIRMA Industry Report : MATERIALS (CYFIRMA) EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven statistics of global industries, covering one sector each...
Senetas launches $5M capital raise for high-growth subsidiary Votiro (Stockhead) Senetas (ASX:SEN) has a $5 million capital raise to seize growth opportunities in the cybersecurity sector.
Wilmington software startup raises $40M funding round led by one of the world's largest VC firms (Philadelphia Inno) After tripling revenue, opening an office in London and expanding its reach into Australia, a Wilmington-based company specializing in connecting governments with defense software has raised $40 million in one of the largest funding rounds for a tech firm in the Philadelphia area this year.
ArmorCode Raises $40 Million in Series B Funding to Help Companies Ship Secure Software and Ship It Fast (Business Wire) Following more than 400% year-over-year growth in annual recurring revenue, ArmorCode continues to expand on its goal to unify Application Security and Infrastructure Vulnerability Management for security and developer teams
Goldilock Selected For Prestigious NATO DIANA Accelerator Programme (Business Wire) British cybersecurity firm named one of 30 companies taking part in exclusive NATO-backed programme, following rigorous selection process
NATO picks first flock of startup pitches in push for fresh tech (Defense News) Alliance officials are looking for breakthroughs in the areas of undersea sensing, energy resilience and secure information sharing.
Broadcom's confirmed VMware cuts surpass 2,000 as Massachusetts, NY disclose layoffs (CRN) Broadcom has still not said how many of VMware’s 38,000 employees it plans to cut now that the deal is closed, but state-by-state Worker Adjustment and Retraining Notification (WARN) disclosures show the layoffs have surpassed 2,000.
HYAS Infosec Groundbreaking Research on AI-Generated Malware Contributes to the AI Act, Other AI Policies and Regulations (Business Wire) Provides AI Regulation Initiatives with Deep Insight into the Potential Harms of Fully Autonomous and Intelligent Malware and Helps Advance Cybersecurity Protections Against AI-Driven Threats
Thales Completes the Acquisition of Imperva, Creating a Global Leader in Cybersecurity (Investors Observer) Thales Completes the Acquisition of Imperva, Creating a Global Leader in Cybersecurity
Thoma Bravo exits cybersecurity firm Imperva (PE Hub) The deal puts Imperva at a valuation of about $3.6 billion.
Inside Morgan Stanley’s OpenAI Push (The Information) During the most harrowing moments of the OpenAI leadership crisis, one of the startup’s biggest partnerships—a deal with Morgan Stanley that is supposed to demonstrate how AI can change the game at a giant, highly regulated Wall Street bank—was left twisting in the wind. Executives at Morgan ...
The Inside Story of Microsoft’s Partnership with OpenAI (The New Yorker) The companies had honed a protocol for releasing artificial intelligence ambitiously but safely. Then OpenAI’s board exploded all their carefully laid plans.
Home Office inks £450m cloud deal with AWS amidst growing scrutiny (Computing) The UK's Home Office has finalised a ground-breaking contract with Amazon Web Services (AWS).
Walmart Stops Ads on X, Joining the Advertising Exit (Wall Street Journal) The retailer says its halt isn’t a boycott, but due to poor performance.
Circle Security Now Available on Auth0 Marketplace (PR Newswire) Circle Security, a decentralized, threat prevention platform, today announced the availability of its Credential-Free Authentication solution...
NordVPN introduces a vulnerability detection feature (NordVPN) NordVPN and Threat Protection present a software vulnerability detection feature to up your cybersecurity game.
Consultancy to develop a data protection framework for the project (ReliefWeb) Information Management Consultancy about Safety and Security, requiring 5-9 years of experience, from ACF; closing on 11 Dec 2023
SentinelOne® Wins Multiple CRN 2023 Products of the Year Awards (Business Wire) Singularity™ Cloud Workload Security and Singularity Data Lake identified by editors and solution providers as top offerings for cloud security and endpoint protection
CISA's Goldstein wants to ditch 'patch faster, fix faster' model (CyberScoop) The Cybersecurity and Infrastructure Security Agency wants large companies to shoulder greater responsibility for securing computer systems.
OpenSSF Announces New Members, Guiding Software Security Principles at OpenSSF Day Japan (Open Source Security Foundation) The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software (OSS), announced new members from leading technology firms and a new set of Secure Software Development Guiding Principles at OpenSSF Day Japan.
OpenSSF Releases Top 10 Secure Software Development Guiding Principles (Open Source Security Foundation) Today, we are excited to announce version 1.0 of the Secure Software Development Guiding Principles. These 10 principles describe a series of foundational practices that, if followed, can help provide better assurance and security for organizations leveraging them. Though aspirational, they provide a set of core practices that producers and suppliers of software can pledge to align with and follow throughout their development lifecycles helping create more secure software.
Effective AI Regulation Requires Adaptability and Collaboration (HYAS) HYAS Labs research on AI-generated malware helps shape the AI Act and other AI policy and regulations.
Put guardrails around AI use to protect your org, but be open to changes (Help Net Security) The guardrails that CISOs set in agreement with the broader organization will change as AI begins to play a bigger role in enterprise life.
Don't Bring Your Own Device (D-BYOD): How Businesses are Adapting to Cybersecurity Realities in Hong Kong (Enea) Use of burner phones in Hong Kong rises amidst growing cybersecurity concerns, signifying a crisis of confidence in mobile network security.
IBM's John Dwyer on using AI offensively and defensively in cybersecurity (CyberScoop) IBM speaks with CyberScoop at CyberTalks 2023.
Generative AI ‘helping criminals create more sophisticated cyber attacks' (The Irish News) The UK's National Cyber Security Centre has also highlighted the use of AI to create and spread disinformation as a key threat.
Google Postpones Big AI Launch as OpenAI Zooms Ahead (The Information) Google has quietly delayed the public debut of Gemini, a conversational artificial intelligence that aims to compete with OpenAI, to January, two people with knowledge of the decision said. Google CEO Sundar Pichai recently decided to scrap a series of Gemini events, originally scheduled for ...
One Year In, ChatGPT’s Legacy Is Clear (The Atlantic) The technology is less important than the ideas it represents.
These Clues Hint at the True Nature of OpenAI’s Shadowy Q* Project (WIRED) Reports of a mysterious breakthrough called Q* at OpenAI sparked anxious rumors. AI experts say it’s probably just a conventional attempt to make ChatGPT a little smarter.
Why Won’t OpenAI Say What the Q* Algorithm Is? (The Atlantic) Supposed AI breakthroughs are frequently veiled in secrecy, hindering scientific consensus.
Astrological Insights and Advice on How OpenAI’s Q* Model Is a Sign of the Times (Medium) A recent article by Karen Hao discusses the recent rumors about a new AI model developed by OpenAI, codenamed Q*, that allegedly can solve grade-school math problems and has sparked safety concerns…
Think you can spot a fake AI-generated news story? Take this quiz to find out (ZDNET) Some 47% of people surveyed by Netskope believed that a fake AI-created news story was real. Can you do better?
My Teacher, the Robot: President Biden's Executive Order on Artificial Intelligence and the Implications for Schools (JD Supra) On October 30, 2023, President Biden issued Executive Order No. 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial...
Increasing the University's Network Security by Blocking Unsafe Sites (University of Arkansas News) Beginning today, Dec. 4, BloxOne Threat Defense will be implemented to help protect the campus community from malware, exploits, phishing, data exfiltration and ransomware.
Inside America's School Internet Censorship Machine (WIRED) A WIRED investigation into internet censorship in US schools found widespread use of filters to censor health, identity, and other crucial information. Students say it makes the web entirely unusable.
NATO deepens cyber coalition with Asian partners (C4ISRNet) Alliance officials work to coordinate their virtual defenses with like-minded governments in Japan and South-Korea.
The Path to AI Arms Control (Foreign Affairs) America and China must work together to avert catastrophe.
‘Machines set loose to slaughter’: the dangerous rise of military AI (the Guardian) The long read: Autonomous machines capable of deadly force are increasingly prevalent in modern warfare, despite numerous ethical concerns. Is there anything we can do to halt the advance of the killer robots?
EU Council president proposes ‘European cyber force’ with ‘offensive capabilities’ (Record) There should be “a European cyber force … equipped with offensive capabilities,” according to the president of the European Council, which sets the EU's political priorities.
IoT vulnerability reporting obligations set to apply in EU from 2027 (Record) The new Cyber Resilience Act is intended to increase security standards for the Internet of Things. Manufacturers would face penalties for not properly reporting actively exploited vulnerabilities.
Provisional Agreement Reached on Proposed EU Cyber Resilience Act (Productwise) Provisional agreement on the text of the proposed new European Union Cyber Resilience Act (CRA) was reached by the EU institutions on 30 November 2023. The first regulation of its kind, the CRA seeks to impose new cybersecurity requirements, as well as requirem
Commission welcomes political agreement on Cyber Resilience Act (European Commission - European Commission) The Commission welcomes the political agreement reached last night between the European Parliament and the Council on the Cyber Resilience Act, proposed by the Commission in September 2022.
French government recommends against using foreign chat apps (BleepingComputer) Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid.'
US sanctions North Korean ‘Kimsuky’ hackers after surveillance satellite launch (Record) The U.S. partnered with several nations in the Pacific to hand down sanctions on North Korea — particularly the country’s Kimsuky cyber espionage group — after the country launched a surveillance satellite last week.
Bipartisan House legislation calls for two new federal cybersecurity training programs (FedScoop) The Federal Cybersecurity Workforce Expansion Act would establish an apprenticeship program at CISA and a VA pilot program to train veterans on cyber work.
Medical AI Tools Can Make Dangerous Mistakes. Can the Government Help Prevent Them? (Wall Street Journal) Health regulators want to create a ‘nutrition label’ for AI apps in one of Washington’s first attempts to impose safety requirements on the technology.
Cyber Command, NSA nominee now double-blocked (Record) Air Force Lt. Gen. Timothy Haugh was already subject to a long-running blockade of nominations in the Senate. Now Sen. Ron Wyden is holding it up as leverage to get more information about the NSA's potential connections with the data broker industry.
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere (SecurityWeek) Members of Congress asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting CISA to warn other water and sewage-treatment utilities that they may be vulnerable.
SEC Cybersecurity Rules Go Live in Days. Companies Still Aren't Sure What to Expect (Corporate Counsel) Companies are faced with this conundrum of wanting to provide more detail but not wanting to give too much, Orrick partner Aravind Swaminathan said.
Meta faces more questions in Europe about child safety risks on Instagram (TechCrunch) Meta has received another formal request for information (RFI) from European Union regulators seeking more details of its response to child safety Meta has received another formal request for information from European Union regulators seeking more details of its response to child safety concerns on Instagram.
Meta Is Struggling to Boot Pedophiles Off Facebook and Instagram (Wall Street Journal) The social-media company has stepped up enforcement, but its algorithms continue to promote problematic content.
Russian National Pleads Guilty to Trickbot Malware Conspiracy (US Department of Justice) A Russian national pleaded guilty today to his role in developing and deploying the malicious software known as Trickbot, which was used to launch cyber-attacks against American hospitals and other businesses.
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware (The Hacker News) Russian national Vladimir Dunaev found guilty for developing TrickBot malware, facing up to 35 years in prison.
US readies prison cell for another Russian Trickbot dev (Register) Hunt continues for the other elusive high-ranking members
Russian developer of Trickbot malware pleads guilty, faces 35-year sentence (Record) According to court documents, Vladimir Dunaev, 40, was a member of a cybercriminal organization that deployed Trickbot to steal money and install ransomware on victims’ computers.
Te Whatu Ora data breach: Man arrested for allegedly accessing Covid vaccination info (NZ Herald) A 56yr old man is charged with accessing a computer system for dishonest purposes.
'Truly distressing': Woman who lost parents during pandemic furious over Te Whatu Ora vaccination data breach (NZ Herald) Te Whatu Ora says it is doing 'everything [it] can' to respond to the incident.
Ex-FBI Counterintelligence Leader Seeks No Prison Time in Russia Sanctions Case (New York Law Journal) Bracewell partner Seth DuCharme filed a classified addendum to the sentencing memorandum to share more information about McGonigal's service to the United States during his career at the FBI, which DuCharme described as extraordinary.
AG Considers Right To Compensation Under GDPR For Stolen Data (MarketScreener) In a recent opinion delivered by Advocate General Collins before the Court of Justice of the European Union , the Advocate General found that individuals have a right to compensation under Article...
For a complete running list of events, please visit the Event Tracker.
AWS re: Inforce (Philadelphia, Pennsylvania, USA, Jun 10 - 12, 2024) AWS re: Inforce is a conference that addresses AWS security and confidentiality for customers. The conference covers: Proactive security: Considerations and approaches; How AWS secures data, even from trusted operators and services; Identity and access management; Security mindfulness; Cryptography from the future: Research & innovation to protect customer data; Compliance and governance; Data protection and privacy; and Security operations.
Insider Threat Program Development - Management Training Course (Washington, DC, USA, Dec 4 - 5, 2023) The training course will be taught on December 4-5, 2023. This highly sought after and very comprehensive 2 day training course will ensure that the Insider Threat Program (ITP) Manager and others who support the ITP (Insider Threat Analyst, FSO, CSO, CISO, Human Resources, CIO - IT, Network Security, Counterintelligence Investigators, Behavioral Science Professionals, Legal Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing, enhancing an ITP / ITP Working Group. This training will also provide students with an in depth view of how to obtain visibility of potential or malicious employee actions on computer systems and networks, using Insider Threat Detection software. Our student satisfaction levels are in the exceptional range. Over 900+ individuals have attended this training course and received ITP Manager Certificates.
SANS Phoenix-Tempe 2023 (Phoenix, Arizona, USA, Dec 4 - 9, 2023) At SANS Phoenix-Tempe 2023, choose from 41 interactive courses with hands-on labs. Practice your skills and compete against your peers during NetWars Tournaments, and network with your instructor and industry colleagues in real-time. Each course includes electronic and printed books, and several courses align with GIAC certifications!
Russia’s Cyber War Against Ukraine: Lessons and Policy Challenges (Virtual, Dec 5, 2023) Ukraine has become a crucible for a new breed of warfare—one fought not only with traditional battlefield weapons but also with lines of code and keystrokes. The country has faced for almost a decade an unrelenting wave of cyberattacks, with this invisible front blurring the line between state and nonstate actors, and introducing hackers, volunteers, and private companies to the fight. Ukraine’s experience has implications that go beyond national security to include the future of international cyber policy, the role of technology giants in warfare, and the rights and responsibilities of civilians in a conflict. This event will discuss the various questions of cyber warfare that Russia’s war on Ukraine has brought to the fore: How has the conflict influenced Ukrainian cyber policy and where is it headed? What role do citizens and other nonstate actors play in developing digital resilience? How can legal and policy challenges relevant to “cyber troops” be addressed? How should international humanitarian law treat evolving cyber warfare?
Immersive Tech Panel Series: Kids & Teens (Virtual, Dec 6, 2023) The Future of Privacy Forum has kicked off its Immersive Tech Panel Series, examining the new privacy risks and policy questions that arise when immersive technologies are integrated into domains like health, advertising, transportation, AI, and education. While young people may be the generation most interested in immersive spaces, the concern for how kids and teens engage with technology is greater than ever. Companies must tread cautiously in designing immersive spaces for kids and teens and consider privacy, safety, and design. Learn about the key issues at the intersection of youth and immersive technology and hear from leaders in the space on considerations, best practices, and where the technology is headed.
2023 CyberMaryland Conference (Hyattsville, Maryland, USA, Dec 6 - 7, 2023) For over 10 years The CyberMaryland Annual Conference, presented by the Federal Business Council (FBC), has brought together the leading Cybersecurity and IT professionals in the state of Maryland across academia, government, and industry to promote the community of cybersecurity. This networking and educational event is an incredible opportunity to connect with the best and brightest professionals as well as up and coming newbies and the latest in industry products and services. This exclusive event connects cybersecurity on all levels to ensure the cyber-safety of today and educate the cybersecurity professionals of tomorrow. Additionally, Maryland is a notable hub of natural leadership in the cybersecurity field. This unique community of people share in the same passion - to strengthen the cyber security industry through unity, improved security awareness while helping Marylanders lead safer digital lives.
