Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+659: Russian attrition tactics count on war-weariness in the West. (CyberWire) A battle of attrition continues in Marinka as Russia sees hope in Western war-weariness. Kyivstar works toward full restoration of service, but it will be a long process.
Israel-Hamas War: Washington Urges Israel to Scale Back Ground War in Gaza by Year’s End (New York Times) The Biden administration has called on Israeli officials to move to a more precise and targeted strategy.
Opinion | What Worries Me About the Gaza War After My Trip to Arab States (New York Times) A legitimate Palestinian partner and a commitment to negotiating a two-state solution are key.
Hamas plot to attack Jewish sites across Europe foiled by police (The Telegraph) Seven suspected members of the terror group have been arrested during raids in Germany, Denmark and the Netherlands
Images of stripped and humiliated Palestinians draw condemnation (Washington Post) The images of the Palestinian men, stripped to their underwear, forced to kneel, some bound, some blindfolded in the custody of Israeli soldiers, were certain to provoke extreme emotions.
Hungry, thirsty and humiliated: Israel's mass arrest campaign sows fear in northern Gaza (AP News) The Israeli military has rounded up hundreds of Palestinians across the northern Gaza Strip, separating families and forcing men to strip to their underwear before trucking some to an undisclosed location.
OilRig’s persistent attacks using cloud service-powered downloaders (We Live Security) ESET researchers document a series of new OilRig downloaders, all relying on legitimate cloud service providers for C&C communications.
Iran-Linked 'OilRig' Cyberattackers Target Israel's Critical Infrastructure, Over & Over (Dark Reading) The prolific APT repeatedly compromised targets in healthcare, manufacturing, and government with new lightweight downloaders that blend into network traffic for evasion.
OilRig targets Israel organizations with new lightweight downloaders (Help Net Security) ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns in the past two years.
Israeli CEO recruits Muslim hackers to fight Hamas in cyberwarfare (The Jerusalem Post) Doron Amir, CEO of CyTaka, successfully recruited hackers from Muslim countries to combat Hamas. In this interview, he explains their motivations.
Israeli Company Hires Overseas Attackers in 'Hack Back' Effort (Dark Reading) CEO of CyTaka says offensive actions would create a deterrent against cyberattacks.
Putin says there will be no peace in Ukraine until his goals, still unchanged, are achieved (AP News) Russian President Vladimir Putin says his objectives with the Ukraine war remain unchanged, with 617,000 Russian soldiers currently there.
Russia and China are part of the same problem for the United States (Atlantic Council) China and Russia act together as an autocratic axis to endanger the United States and its democratic allies, writes Glenn Chafetz. Any attempt to appease Russia in Ukraine would only benefit China and weaken the US.
Historic breakthrough for Ukraine as EU agrees to begin membership talks (Atlantic Council) European leaders have agreed to officially start EU membership talks with Ukraine in a morale-boosting victory for Ukrainians as they defend their country against Russia’s ongoing invasion, writes Peter Dickinson.
Hungary blocks Ukraine aid deal but EU opens door to membership talks (CNN) European leaders agreed to open EU membership talks with Ukraine, in a move hailed as a “victory” by the country’s President Volodymyr Zelensky, but the regional group was unable to pass a crucial aid package for Kyiv after Hungary blocked it.
Ukraine war live: EU to open membership talks with Kyiv as Putin admits heavy losses (The Independent) Vladimir Putin held first major news conference in two years as Ukrainian leader Volodymyr Zelensky headed to Brussels
Against the odds, European Union agrees to open membership negotiations with Ukraine (AP News) The European Union has decided to open accession negotiations with Ukraine and Moldova. European Council President Charles Michel called it “a clear signal of hope for their people and our continent.”
Ukrainian troops unable to respond to Russian attacks, says lawmaker (ABC News) "We can’t win the war single-handed."
Ukraine war: Shell shortages force us to limit firing, Ukrainian troops tell BBC (BBC) The BBC visits a front line where ammunition is low and hears troops' fears of wavering Western support.
U.S. Aid to Ukraine by the Numbers (New York Times) Here’s a look at the assistance the United States has provided for Ukraine’s defense and the political debate about whether more should be sent.
How the US keeps funding Ukraine's military — even as it says it's out of money (AP News) The White House says funding for Ukraine has run out and it has been increasing pressure on Congress to pass stalled legislation to support the war against Russia.
Opinion | This Is the World If Ukraine Loses (POLITICO) If the West doesn’t help Ukraine beat back Russia, your lives will not be the same.
The High Price of Losing Ukraine Military-Strategic and Financial Implications of Russian Victory (Institute for the Study of War) The United States has a much higher stake in Russia's war on Ukraine than most people think. A Russian conquest of all of Ukraine is by no means impossible if the United States cuts off all military assistance and Europe follows suit.
Russia is exploiting JetBrains TeamCity users at large scale (Register) National security and infosec authorities band together to help victims sniff out stealthy Russian baddies hiding in networks
Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach (Hackread - Latest Cybersecurity News, Press Releases & Technology Today) Polish authorities and FortiGuard Labs have issued a warning to customers about a new wave of cyberattacks associated with TeamCity.
US Officials Say Russian Hackers Are Launching Potential SolarWinds-Style Operations (Insurance Journal) U.S. officials say that Russian hackers are targeting servers hosting outdated versions of software made by the Czech tech company JetBrains for potential
Cyberattack on Ukraine’s telecom giant Kyivstar one of largest ever recorded in Europe (Ukrinform) The cyberattack on Kyivstar was one of the most powerful telecom breaches seen in Europe in its entire history.
Kyivstar restores voice services across Ukraine, starts the reactivation of mobile data services (GlobeNewswire News Room) VEON Ltd. (NASDAQ: VEON, Euronext Amsterdam: VEON), a global digital operator that provides converged connectivity and online...
Stunned Putin double-takes as he is confronted with AI deepfake (Mail Online) A student from Saint Petersburg State University had constructed a 'deepfake' likeness of the Russian President, and took the opportunity to ask the real Putin his thoughts on dangers of AI
Why Putin’s awkward Q&A may not be all it seemed (The Telegraph) Text messages on a live feed seemed to pose tough questions, but the Kremlin is not averse to manufacturing manageable criticism
‘They’re also learning’: Russia, Ukraine race to out-innovate each other (Breaking Defense) Tactics and technology advance so fast that a drone that’s cutting-edge today will be obsolescent in two months, Ukrainian and NATO officers say.
Ukraine’s innovative edge counters Russian mass, official says (C4ISRNet) "With whatever capabilities we have now, with whatever capabilities we can be provided by our partners, we are going to fight."
Putin says Russia, U.S. in talks over jailed Wall Street Journal reporter (Washington Post) Russian President Vladimir Putin said Thursday that Moscow and Washington are in contact over U.S. journalist Evan Gershkovich, who has been jailed in Russia since March on espionage charges that the Biden administration and the Wall Street Journal have denounced forcefully as baseless.
Attacks, Threats, and Vulnerabilities
Zscaler ThreatLabz Finds Most Cyberattacks Hide In Encrypted Traffic (GlobeNewswire News Room) 86% of Cyberattacks Are Delivered Over Encrypted Channels, with Manufacturing Being The Most Targeted Industry...
'Disrupt or destroy’: China-linked hackers have targeted U.S. infrastructure ‘to cause societal chaos,’ officials warn — are your finances also vulnerable? (Yahoo Finance) Banks have upped their security in response to new threats.
Rhadamanthys v0.5.0 - a deep dive into the stealer’s components (Check Point Research) Research by: hasherezade Highlights Introduction Rhadamanthys is an information stealer with a diverse set of modules and an interesting multilayered design. In our last article on Rhadamanthys [1], we focused on the custom executable formats used by this malware and their similarity to a different family, Hidden Bee, which is most likely its predecessor. In […]
CVE-2023-50164: Another vulnerability in the widely used Apache Struts2 component (Sonatype) The recent identification of CVE-2023-50164 in Apache Struts is quite similar to other vulnerabilities Sonatype has seen and covered in the past.
Vulnerabilities Now Top Initial Access Route For Ransomware (Infosecurity Magazine) More ransomware attacks now start with vulnerability exploitation than phishing, says Corvus Insurance
USPS Smishing Scam 2023 (Uptycs Threat Advisory) Uptycs has uncovered an increase in the phishing campaign targeting the United States Postal Service (USPS). The severity has been deemed critical, with more than 1,400 live phishing websites discovered globally.
U.S. nuclear research lab data breach impacts 45,000 people (BleepingComputer) The Idaho National Laboratory (INL) confirmed that attackers stole the personal information of more than 45,000 individuals after breaching its cloud-based Oracle HCM HR management platform last month.
Hacker Hits One of Crypto Industry’s Biggest Names in Security (Bloomberg) Ledger is one of the largest makers of digital wallets. The hack saw hundreds of thousands of dollars stolen.
Kraft Heinz launches investigation after ransomware gang claims to have stolen data (SiliconANGLE) Kraft Heinz launches investigation after ransomware gang claims to have stolen data - SiliconANGLE
Kraft Heinz investigates hack claims, says systems ‘operating normally’ (BleepingComputer) Kraft Heinz has confirmed that their systems are operating normally and that there is no evidence they were breached after an extortion group listed them on a data leak site.
Giving Platform for Nonprofit Organizations Exposed Donor Records in Major Data Breach (vpnMentor) Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained just under 1 million records, which included
Security Patches, Mitigations, and Software Updates
CISA Releases Seventeen Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) SA released seventeen Industrial Control Systems (ICS) advisories on December 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
FortiGuard Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency | CISA) FortiGuard has released security updates to address vulnerabilities in multiple FortiGuard products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products (SecurityWeek) Dell is informing PowerProtect DD product customers about 8 vulnerabilities, including many rated ‘high severity’, and urging them to install patches.
Trends
2024 Cyber-threat Predictions: Scanning the Horizon (ReliaQuest) The ReliaQuest Threat Research Team reveals predictions about prominent cyber threats in 2024, to help cybersecurity professionals prioritize and assign resources.
Dragon's Byte: Securing the AI Realm in 2024 (Harmonic) Curious to understand how security teams will adapt to the changing AI landscape in 2024? Me too. In this blog, I outline my top five predictions for the next 12 months.
Global Mobile App Survey: Consumers Want Better Fraud Protections and App Maker Accountability to Ensure Safe Experiences (PR Newswire) Appdome, the mobile app economy's one-stop shop for mobile app defense, today announced the results of its new 2023 Global Consumer...
Appdome Mobile Consumer Security Survey (Appdome) Read the opinion of 25,000 consumers globally on mobile app security.
THE CHANGING CYBER THREAT LANDSCAPE: ASIA-PACIFIC (APAC) REGION - CYFIRMA (CYFIRMA) EXECUTIVE SUMMARY This Asia Pacific (APAC) Threat Landscape Report provides a comprehensive overview of the evolving cybersecurity landscape in the...
Marketplace
Politics and the Future (Andreessen Horowitz) Technology startups need a voice. We are non-partisan, one issue voters: If a candidate supports an optimistic technology-enabled future, we are for them. If they want to choke off important technologies, we are against them.
Coro Named to Inaugural Fortune Cyber 60 List of the Fastest Growing Companies in Cybersecurity (Business Wire) Coro, the leading provider of cybersecurity for the midmarket, today announced that it was named to the inaugural Fortune Cyber 60 list of the fastest growing companies in cybersecurity.
The People OpenAI Should Consider for Its New Board (The Information) Sam Altman’s sudden ouster and revolving-door return as CEO of OpenAI was the result of a boardroom power struggle between Altman and board members like Helen Toner who raised concerns about the unbridled power of artificial intelligence. The debacle shows that when a board is not aligned with ...
ColorTokens' Momentous 2023 Milestones Pave the Way for Continued Success in 2024 (PR Newswire) ColorTokens Inc., a leading Unified Zero Trust Platform provider, today announced its strong finish to 2023 with key strategic partnerships,...
Jack Berkowitz joins Securiti as its Chief Data Officer (Business Wire) Previously the CDO of ADP, Berkowitz brings deep expertise in enabling Safe use of Data & AI in large-scale environments
Noname Security Expands Leadership Team to Drive Company's Next Phase of Growth (GlobeNewswire News Room) Appointment of Chief Financial Officer, Chief of Staff, and Vice President of R&D sets the stage for momentous growth and increased innovation in 2024...
Products, Services, and Solutions
New infosec products of the week: December 15, 2023 (Help Net Security) The featured infosec products this week are from: Censys, Confirm, Drata, Safe Security, and SpecterOps.
CybeReady Introduces the 2023 Holiday CISO Toolkit to Bolster Cybersecurity During the Season (EIN Presswire) Ensure Employee Safety with CybeReady's Holiday Guidance
Symmetry Systems' Feature-Packed Year: A Milestone in Modern Data Security (PR Newswire) Symmetry Systems, a modern AI-powered data security company, is proud to celebrate a successful 2023 filled with great customer outcomes,...
World’s first cybersecurity marketplace powered by hackers, developed for commercial use (Daily Host News) Zerocopter’s cybersecurity marketplace is backed by the combined intelligence of hackers expert in vulnerability detection.
Splunk Enterprise Security 7.3 Delivers a Refined Analyst Experience and Enhanced Risk Context for Seamless Incident Triage (Splunk-Blogs) Announcing Splunk Enterprise Security 7.3, delivering a refined analyst experience and enhanced risk context for seamless incident triage.
Technologies, Techniques, and Standards
OASIS Launches Initiative to Standardize Machine-Readable End-of-Life Information Exchange for Software and Hardware (EIN News) Cisco, Dell, Huawei, Microsoft, Qualys, Red Hat, Sophos, and Others Collaborate on a Unified Framework for Automated Product Lifecycle Management
Survey: AI Adoption Among Federal Agencies Is Up But Trust Continues to Be An Obstacle to Future Adoption and Use | Splunk (Splunk) Findings Reveal 80% of Public and Private sector Organizations are using AI and that Clear Acceptable Use, Privacy and Security Policies Need to be Set Early For AI Success GovSummit23 – New research from Splunk Inc . (NASDAQ: SPLK), the cybersecurity and observability leader, suggests that while
DOD Chief Digital and Artificial Intelligence Office Hosts Last Global Information Dominan (U.S. Department of Defense) The Chief Digital and Artificial Intelligence Office launched the Global Information Dominance Experiment to provide a Minimum Viable Capability of Combined Joint All Domain Command and Control to the
Design and Innovation
Intel CEO attacks Nvidia on AI: 'The entire industry is motivated to eliminate the CUDA market' (Tom's Hardware) Reframing the AI framework, away from CUDA and toward more open standards.
Academia
Cheating Fears Over Chatbots Were Overblown, New Research Suggests (New York Times) A.I. tools like ChatGPT did not boost the frequency of cheating in high schools, Stanford researchers say.
Legislation, Policy, and Regulation
Sunak Considers UK Crackdown on Young Teens’ Social Media Use (Bloomberg) Prime Minister Rishi Sunak’s UK government is studying a crackdown on social media access for children under the age of 16, including potential bans, according to people familiar with the discussions.
Pope, once a victim of AI-generated imagery, calls for treaty to regulate artificial intelligence (AP News) Pope Francis, once a victim of AI-generated imagery, is calling for an international treaty to ensure it is developed and used ethically.
We’re still in a fight for survival when it comes to AI safety (Vox) President Biden’s executive order on artificial intelligence was criticized by many for overreaching, but the danger from uncontrolled AI progress is real.
Cybersecurity Disclosure (U.S. Securities and Exchange Commission) As is customary, I am expressing my views today in my official capacity as Director of the SEC’s Division of Corporation Finance, and my views do not necessarily reflect the views of the Commission, any of the Commissioners, or any other Commission staff.
Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (U.S. Securities and Exchange Commission) The Securities and Exchange Commission (“Commission”) is adopting new rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incidents by public companies that are subject to the reporting requirements of the Securities Exchange Act of 1934.
House passes NDAA, ducking culture wars, sending bill to White House (Breaking Defense) The $886 billion policy bill will go to President Joe Biden's desk for final signature, but final passage of the annual spending bills remains unclear.
Senate passes defense bill despite culture-war pushback from GOP hardliners (Axios) The Senate on Wednesday passed a $886 billion defense bill, advancing funding and setting policy for the Pentagon.
Litigation, Investigation, and Law Enforcement
Four Individuals Charged for Laundering Millions from Cryptocurrency Investment Scams (U.S. Department of Justice) A seven-count indictment was unsealed yesterday in Los Angeles charging four individuals for their alleged roles in a scheme to launder the proceeds of cryptocurrency investment scams and other fraudulent schemes involving millions of dollars in victim funds.
US detains suspects behind $80 million 'pig butchering' scheme (BleepingComputer) The U.S. Department of Justice charged four suspects (two of them already detained) for their alleged involvement in a pig butchering fraud scheme that resulted in more than $80 million in victim losses.
Four men indicted in $80 million ‘pig butchering’ scheme (CNBC) LA federal prosecutors said four indictments and two arrests had been made in an international "pig butchering" scheme that caused $80 million in damages.
Ofcom investigating TikTok's parental controls (Computing) The UK media regulator, Ofcom, has launched an investigation into social video platform TikTok over concerns that the app provided "inaccurate" information about its parental controls.
Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts (SecurityWeek) Microsoft disrupts Storm-1152, a cybercrime-as-a-service business facilitating phishing, identity theft, and DDoS attacks.
Microsoft cracks down on group operating ‘cybercrime-as-a-service’ (CSO Online) Microsoft has aggressively pursued legal measures to dismantle Storm-1152’s network, seizing its US-based infrastructure, shutting down key websites, and rigorously investigating to identify the individuals responsible for the group’s activities.
Microsoft’s Digital Crime Unit Goes Deep on How It Disrupts Cybercrime (WIRED) Ten years in, Microsoft’s DCU has honed its strategy of using both unique legal tactics and the company’s technical reach to disrupt global cybercrime and state-backed actors.
Is This the End of Geofence Warrants? (Electronic Frontier Foundation) Google announced this week that it will be making several important changes to the way it handles users’ “Location History” data. These changes would appear to make it much more difficult—if not impossible—for Google to provide mass location data in response to a geofence warrant, a change we’ve been asking Google to implement for years.
Prince Harry was victim of phone hacking by Mirror newspapers, judge rules (The Telegraph) Duke of Sussex awarded £140,600 in damages as court rules some articles about him were result of unlawful information gathering
Prince Harry phone hacking: Duke 'on mission to destroy monarchy', says Piers Morgan (The Telegraph) Piers Morgan has claimed Prince Harry and his wife Meghan are on a mission to “destroy the monarchy” as he issued a response to a High Court ruling that found the Duke was a victim of phone hacking.
Suffolk Exec Calls For IT Chief's Termination In Relation To Cyberattack: Document (Sachem, NY Patch) In a letter Wednesday to the Legislature, he says there were "serious instances of misconduct and incompetence."
East Point city manager fired amid phishing scam controversy (Fox5 Atlant) East Point has fired its city manager months after the city lost hundreds of thousands of dollars in an email phishing scam.
Ten Years Later, New Clues in the Target Breach (KrebsOnSecurity) On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included…