Dateline Moscow and Kyiv: A surge in cyberespionage and local attacks. And civilian casualties.
Ukraine at D+349: Renewed cyberespionage and local attacks. (CyberWire) Two cyberespionage campaigns are in progress against Ukrainian targets as Russia seeks to make at least local gains before the next influx of Western arms into Ukraine's forces.
Russia-Ukraine war: List of key events, day 350 (Al Jazeera) As the Russia-Ukraine war enters its 350th day, we take a look at the main developments.
Russia Pushes on Several Fronts in Ukraine (Wall Street Journal) Russian forces launched several attacks in eastern Ukraine, pushing for a breakthrough on the battlefield ahead of the delivery of new Western weapons.
Russia Hits More Civilian Targets Amid Doubts Over Offensive (Military.com) Ukrainian officials say Russian shelling has hit more civilian targets ahead of what Kyiv authorities suspect is an impending new offensive by Moscow around the anniversary of its invasion.
After months of stalemate, Vladimir Putin’s army is on the move again (The Telegraph) As Kremlin prepares assault on Ukraine ahead of war’s first anniversary, Vladimir Putin’s forces are likely to weigh up a number of options
Russia running out of 'single-use' soldiers (The Telegraph) Ukrainian commander accuses the Kremlin of ‘cannon fodder’ tactics by flooding the battlefield with untrained troops
Bakhmut, Kyiv, and the other key Ukrainian cities and towns in Russia's sights (BBC News) There are signs Russia is preparing a new offensive - James Waterhouse in Kyiv looks at the targets.
Band of Barbers, Judges and Security Guards Uses Soviet-Era Guns to Repel Russian Drones (Wall Street Journal) Groups of volunteers play a key role in a battle taking place far from the war’s front lines: protecting Ukraine from Russian drones and missiles targeting the civilian infrastructure.
Opinion | Year Two of the Ukraine War Is Going to Get Scary (New York Times) In the war’s first year, America and its allies have had it relatively easy. Will the West bear any burden to uphold a liberal world order?
Ukrainians are united in rejection of any compromise with the Kremlin (Atlantic Council) As Russia's invasion of Ukraine approaches the one-year mark, an overwhelming majority of Ukrainians have faith in their country's victory and reject the idea of a compromise peace with the Kremlin, writes Mariia Zolkina.
The Belarusian opposition can help defeat Putin in Ukraine (Atlantic Council) Belarus has played a key supporting role in Russia's invasion of Ukraine but the democratic Belarusian opposition recognizes that defeating Putin can lead to the downfall of their own dictator Alyaksandr Lukashenka.
Hero Ukrainian medic: “Russia will not stop until it is stopped” (Atlantic Council) Ukrainian military medic Yulia Paievska has a simple message for anyone who still believes in the possibility of a compromise peace with Putin’s Russia. “They will not stop until they are stopped,” she says.
Ukrainian Nobel Peace Prize Winner: 'This Violence, This Cruelty Have Become Part Of Russian Culture' (RadioFreeEurope/RadioLiberty) Russia must be held accountable for the suffering and destruction resulting from its invasion of Ukraine, Oleksandra Matviychuk, head of the organization that jointly won the Nobel Peace Prize this year, says in a wide-ranging interview with RFE/RL's Georgian Service.
Vladimir Putin is about to make shock gains (The Telegraph) Russia has stopped the bleeding and learned from its mistakes. We must be prepared for a nasty blow
What Russia Got Wrong (Foreign Affairs) Can Moscow learn from its failures in Ukraine?
Putin will stick to his world war two narrative – it’s all he’s got left (The Spectator) ‘It’s unbelievable but true,’ Vladmir Putin said on the 80th anniversary of the conclusion of the battle of Stalingrad. ‘We are again being threatened by German Leopard tanks.’ The Russian president is once again turning to an old staple he has often used to rally support in the absence of a genuine, unifying ideology: the […]
Russia accuses U.S. embassy of 'fake news' over Ukraine, threatens expulsions (Reuters) Russia has demanded that the U.S. embassy in Moscow stop spreading what Moscow regards as fake news regarding its military operation in Ukraine and has threatened to expel U.S. diplomats, the TASS news agency reported on Tuesday.
A plan by Germany, Denmark and the Netherlands aims to get some Leopard 1 tanks to Ukraine ‘within months.’ (New York Times) The new initiative aims to boost Kyiv’s supply of tanks faster as more advanced tanks will take many months to arrive.
Support for Ukraine (U.S. Department of Defense) The United States is working with Allies and partners to support Ukraine in their fight for sovereignty and freedom. The U.S. has provided Ukraine with billions of dollars in security assistance since the beginning of Russia’s unprovoked assault on Feb. 24.
Zelenskyy tells UK ‘freedom will win,’ pushes for warplanes (AP NEWS) Ukrainian President Volodymyr Zelenskyy pushed for fighter jets to ensure his country's victory over Russia in a dramatic speech before the U.K. Parliament, where he also thanked the British people for their support since “Day One” of Moscow's invasion .
Zelenskiy, in London, wins pledge to train pilots on NATO jets (Reuters) Ukraine's President Volodymyr Zelenskiy visited Britain on Wednesday to drum up aid, winning a pledge to train Ukrainian pilots on advanced NATO fighter jets, a big symbolic step up in Western military support.
Кібератака UAC-0050 у відношенні державних органів України із застосуванням програми для віддаленого контролю та спостереження Remcos (CERT-UA#5926) (CERT-UA) Урядова команда реагування на комп’ютерні надзвичайні події України, яка функціонує в складі Державної служби спеціального зв’язку та захисту інформації України.
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks (The Hacker News) CERT-UA has issued a warning of cyber attacks targeting state authorities using a legitimate remote access software.
Remcos software deployed in spying attempt on Ukraine’s government, CERT says (The Record from Recorded Future News) Hacking group UAC-0050 tried to deploy the remote management software Remcos in an effort to spy on government agencies, Ukraine said.
Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine (Symantec) Russia-linked Nodaria group has deployed a new threat designed to steal a wide range of information from infected computers.
Russian 'WhisperGate' hackers are using new data-stealing malware to target Ukraine (TechCrunch) The Russian hackers behind the data-destroying malware WhisperGate is now targeting Ukrainian organizations with information-stealing malware.
Moldova targeted by Russian 'hybrid war': Prime Minister (Euronews) The EU Commission proposed €145 million in new funding last week to support the country's economy and energy security. #EuropeNews
Estonian intelligence: Russia underestimated Ukraine's cyber resilience (The Record from Recorded Future News) Estonia's Välisluureamet says Ukraine probably surprised Russia with its adaptability when faced with war-related cyberattacks.
SBU exposes scheming in urban development business (Ukrinform) The Security Service of Ukraine pressed charges against the head of the National Union of Architects of Ukraine, his deputy, and an IT expert, who manipulated data in the state-run electronic database in the area of urban construction. — Ukrinform.
Attacks, Threats, and Vulnerabilities
CISA Releases ESXiArgs Ransomware Recovery Script (CISA) CISA has released a recovery script for organizations that have fallen victim to ESXiArgs ransomware. The ESXiArgs ransomware encrypts configuration files on vulnerable ESXi servers, potentially rendering virtual machines (VMs) unusable. CISA recommends organizations impacted by ESXiArgs evaluate the script and guidance provided in the accompanying README file to determine if it is fit for attempting to recover access to files in their environment.
ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability (SecurityScorecard) On February 3, European hosting providers and computeremergencyresponse teams (CERTs) began warning of a widespread ransomware campaign exploiting CVE-2021-21974, a VMWare ESXi vulnerability for which a patch has been available since February 2021.
Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available (SentinelOne) An in-the-wild ELF variant of Cl0p ransomware shows the gang is looking beyond traditional Windows targets.
Linux Variant of Cl0p Ransomware Emerges (SecurityWeek) Cl0p ransomware targeting Linux systems emerges, but a flaw in the encryption has already allowed for the creation of a free decryptor.
JSON-based SQL attacks bypassed WAFs but not Contrast Protect RASP technology (Contrast Security) The Contrast Protect RASP technology protects against an ever-evolving landscape of exploits like JSON-based SQL attacks that bypass WAFs.
Cybercriminals exploit human misery in earthquake-hit Turkey and Syria with new online disaster scam (Hot for Security) Less than 24 hours after two massive earthquakes claimed the lives of thousands
of people in Turkey and Syria, cybercrooks are already piggybacking on the
humanitarian crisis.
LockBit group threatens to publish stolen Royal Mail data tomorrow (Computing) RaaS group admits responsibility for January attack and doubles down on threat
ChatGPT is a data privacy nightmare. If you’ve ever posted online, you ought to be concerned (The Conversation) ChatGPT is fuelled by our intimate online histories. It’s trained on 300 billion words, yet users have no way of knowing which of their data it contains.
Hacking into Toyota’s global supplier management network (Eaton Works) Inside an exploit that allowed logging in to Toyota’s GSPIMS application as any user, including system admins.
Researcher breaches Toyota supplier portal with info on 14,000 partners (BleepingComputer) Toyota's Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company.
Vulnerability Provided Access to Toyota Supplier Management Network (SecurityWeek) Security researcher finds severe vulnerability providing system admin access to Toyota’s global supplier management network.
Sharp notifies nearly 63,000 patients of data breach (San Diego Union-Tribune) Hackers, provider says, did not obtain bank or credit card data or Social Security numbers
Vulnerability Summary for the Week of January 30, 2023 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Patch Released for Actively Exploited GoAnywhere MFT Zero-Day (SecurityWeek) A patch has been released for the GoAnywhere MFT zero-day vulnerability that has been exploited in attacks.
CISA Releases One Industrial Control Systems Advisory (CISA) CISA released one Industrial Control Systems (ICS) advisory on February 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-23-037-01 EnOcean SmartServer
Trends
2023 email security trends (Barracuda) The prevalence, impact, and cost of email-based cyberattacks on organizations around the world.
The real cost of a major email-borne attack (Barracuda) A new international study highlights the significant financial cost and disruption caused by an email-based security attack.
Ransomware attacks take slight dip in 2022 as threat actors evolve and explore new tactics – NCC Group Annual Threat Monitor Report (Mynewsdesk) Compiled by NCC Group’s Global Threat Intelligence team, the report details the events of 2022 and their impact on the cyber threat landscape, providing an...
Valtix Survey: 95% of Organizations Say Multi-cloud is a 'Strategic Priority' but Only 58% Have the Security Architecture to Support It (PR Newswire) Valtix, the industry's first multi-cloud network security platform as a service, today announced findings from its 2023 Multi-cloud Security...
authID 2nd Annual Fintech Cybersecurity Survey Report (authID) Our latest market survey uncovered that almost 2/3 of fintech organizations still rely on vulnerable, often-phished passwords and legacy MFA.
Cyber Bank Heists Report (Contrast Security) Read this report to learn about cybersecurity threats to the financial sector.
Data Shows 28% of BEC Attacks Opened by Employees (Abnormal Security) Abnormal’s latest report on business email compromise trends and statistics found that the median open rate for text-based BEC attacks was nearly 28%.
Marketplace
Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform (Business Wire) Repeat and new investors back Opscura’s safe and simple approach to cloak and secure ICS networks
Elite Roster of Cybersecurity Investors Backs Lineaje to Deliver Industry-first Supply Chain Security Solution (Business Wire) The company also unveils seed investors, SBOM360, and distribution partnerships, validating approach to detecting software supply chain attacks
Progress Completes Acquisition of MarkLogic (GlobeNewswire News Room) Acquisition expands Progress’ industry-leading product portfolio and continues to deliver on Total Growth Strategy BURLINGTON, Mass., Feb. 07, 2023 ...
GreenPages Technology Solutions Acquires Arcas Risk Management (GlobeNewswire News Room) Cybersecurity, Cloud, and Managed Services Leader Strengthens Security Services Portfolio to Drive Growth...
iWeb Technologies Completes Transition to Become Leaseweb Canada (Leaseweb) Cloud and Server Hosting Services Provider Announces New Name and Product Launches for Canadian Customers
NSA Bills Itself as a 'Soft Landing Place' for Laid off Tech Workers (Nextgov.com) The intelligence agency has been quietly moving over the past few months to recruit talented workers affected by the wave of layoffs at tech companies and startups.
CTM360 Recognized as a Global Leader in Digital Risk Protection (DRP) Enabling Technology by Frost & Sullivan (Business Wire) Historic First Arab World Cybersecurity Technology Company to Capture 2022 Frost & Sullivan Leadership Award
Cyara Expands Leadership Team by Appointing New Chief Sales Officer & Chief Customer Officer (Business Wire) Executive additions will further expand company's position as leader in customer experience assurance and drive customer satisfaction
Dashlane Names John Bennett as New Chief Executive Officer (Dashlane Blog) JD Sherman and Dashlane welcome John Bennett as the new Chief Executive Officer. Bennett brings over 30 years of experience leading high-growth B2B SaaS and communication companies.
Sigma7 Expands Advisory Board with Four New Appointments (Business Wire) Esteemed government and business leaders add geographic and industry-centered reach
George Bonser Joins Drata as VP of Sales in EMEA (PR Newswire) Drata, a continuous security and compliance automation platform, today announced the appointment of George Bonser as VP of Sales for the EMEA...
Products, Services, and Solutions
Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code (Business Wire) Sonar’s improved speed, security and scalability empowers organizations to boost the quality of their code systematically and predictably
KnowBe4 Joins Microsoft Intelligent Security Association and Integrates With Microsoft Security Products (KnowBe4) KnowBe4 Joins Microsoft Intelligent Security Association and Integrates With Microsoft Security Products
SlashNext Expands Collaboration with Microsoft as It Joins the Microsoft Intelligent Security Association (MISA) (PR Newswire) SlashNext, a leader in SaaS-based Integrated Cloud Messaging Security across email, mobile or web messaging apps, today announced they are now...
Infosec Launches New Office Comedy Themed Security Awareness Training Series (Infosec) Ten clients were recognized in the 2022 Infosec Excellence Awards Program.
Appdome Integrates with CircleCI to Automate Delivery of Secure Mobile Apps (Appdome) Appdome today released the first Appdome Orb for CircleCI as part of the Appdome Dev2Cyber Agility Partner Initiative to accelerate delivery of secure mobile apps globally.
Intel 471 Announces Powerful and Scalable Attack Surface Protection Solution Suite (PR Newswire) Intel 471, the premier provider of cyber threat intelligence solutions across the globe, today announced the release of its suite of Attack...
Devolutions Premieres Enhanced Suite of Remote Connection and Password Protection Solutions at MSP Expo (GlobeNewswire News Room) Seamless Integrations Poised to Drive MSP Revenue with Increased Levels of Productivity, Efficiency, Security and Compliance...
Steampunk Awarded Multi-Year FedRAMP Contract (PR Newswire) Steampunk is excited to announce they have been awarded the FedRAMP Technical Review and Analysis Support Services contract. Steampunk provides...
6clicks Adds GPT-3 to Accelerate Risk Management, Automate Compliance Mapping and Advance Accuracy (PR Newswire) 6clicks, the GRC innovators, today announced "Ask Hailey," the next step in Governance, Risk Management and Compliance (GRC) through the...
Technologies, Techniques, and Standards
NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices (NIST) The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics.
Streamlining verification in emerging markets (Sumsub) Sumsub Reports & Ebooks about Compliance, Anti-fraud and Identity verification. Streamlining verification in emerging markets.
CybeReady Highlights Five Ways to Navigate the Web Safely as Safer Internet Day Returns (Newswire) Company Releases New CISO Toolkit in Support of Annual Event to Raise Awareness for Employees' Responsible Use of the Internet
Design and Innovation
Microsoft bakes ChatGPT-like tech into search engine Bing (AP NEWS) Microsoft is fusing ChatGPT-like technology into its search engine Bing, transforming an internet service that now trails far behind Google into a new way of communicating with artificial intelligence.
Google will soon blur explicit content in search results (The Verge) The new SafeSearch setting can be disabled by anyone over 18.
Research and Development
NITRD Requests Industry Input on Updated Federal Cybersecurity R&D Strategic Plan (Executive Gov) Looking for the latest Government Contracting News? Read about NITRD Requests Industry Input on Updated Federal Cybersecurity R&D Strategic Plan.
CYBERCOM Still Lacks Dedicated OT&E for Its Weapons Platform (Real Clear Defense) The Pentagon's chief weapons tester found Cybercom's Joint Cyber Warfighting Architecture lacks dedicated operational test and evaluation.
Academia
At This School, Computer Science Class Now Includes Critiquing Chatbots (New York Times) Move over, coding. Some schools are asking student programmers to think critically about rapid advances in artificial intelligence.
Legislation, Policy, and Regulation
The State of the Union was light on cybersecurity (Washington Post) Biden’s address didn’t directly discuss cybersecurity, but it mentioned related topics
Biden calls for action on privacy rights in State of the Union (CyberScoop) This is the second year in a row the president has called on Congress to take action to protect children online.
White House Digital Theft EO expected to follow State of the Union address (FedScoop) The EO is expected to compel federal agencies to use Login.gov where possible, according to two people familiar with the directive.
Germany Picks First Female President of BSI Cybersecurity Agency (Bloomberg) Germany has chosen European Central Bank Director General of Information Systems Claudia Plattner as the new head of its cybersecurity agency, the first female appointed to the role.
Was Claudia Plattner für das BSI bedeutet (Tagespiegel) Bereits seit Wochen wurde über Claudia Plattner als neue BSI-Chefin spekuliert, am Dienstag unterschrieb sie ihren Vertrag. Plattner ist die erste Frau an der Spitze der Cybersicherheitsbehörde. Anders als ihr Vorgänger Arne Schönbohm hat sie einen Hintergrund in Mathematik und Erfahrungen in einer Behörde.
Litigation, Investigation, and Law Enforcement
Navy captain accused of putting erotic images of woman on phony social media pages (Stars and Stripes) A San Diego-based Navy officer with more than 30 years’ service was arraigned on a charge of cyberstalking, according to the U.S. Attorney for the Southern District of California.