Dateline Moscow and Kyiv: Soft ground and cyberespionage.
Ukraine at D+350: Summitry in advance of an anniversary offensive. (CyberWire) Ukraine's Zelenskyy receives a sympathetic reception and more assurances of support during a flying visit to European capitals. Ukraine's SSSCIP describes a Russian cyberespionage campaign against Poland and Ukraine.
Russia-Ukraine war: List of key events, day 351 (Al Jazeera) As the Russia-Ukraine war enters its 351st day, we take a look at the main developments.
Russia Throws Soldiers Into Ukraine Firing Line to Gain Inches (Wall Street Journal) Moscow has shown scant regard for the lives of its conscripts, but the battle for Bakhmut is also costly for Ukrainian defenders.
Ukraine Braces for Grisly Russian Offensive in the East (Foreign Policy) Russia is sending more bodies. Ukraine doesn’t have enough. And the tanks won’t arrive in time.
Ukraine war latest: Only Ukraine standing in way of Putin 'annihilating European way of life', warns Zelensky (The Telegraph) Ukraine is the only force standing in the way of Russia “annihilating the European way of life”, Volodymyr Zelensky told MEPs on Thursday in a speech to the European Parliament, writes Joe Barnes.
Zelenskiy’s skilful UK ‘state visit’ is key move in keeping Ukraine on west’s mind (the Guardian) Ukrainian leader drew upon his showmanship during UK trip to ask for ongoing support and place on agenda
Zelenskyy tells UK ‘freedom will win,’ pushes for warplanes (AP NEWS) Ukrainian President Volodymyr Zelenskyy pushed for fighter jets to ensure his country's victory over Russia in a dramatic speech before the U.K. Parliament, where he also thanked the British people for their support since “Day One” of Moscow's invasion .
Ukraine-Russia war latest: France will help Ukraine to victory against Russia, vows Macron (The Telegraph) Emmanuel Macron vowed France would help Ukraine to victory against Russia, after Volodymyr Zelensky praised the French president for changing his stance on Vladimir Putin.
Sunak says ‘nothing off the table’ after Zelenskiy’s plea for fighter jets – as it happened (the Guardian) Ukrainian president earlier urged parliament ‘give us wings’ to protect freedom
UK to offer to train Ukrainian fighter pilots, will 'look' at potential jet transfers (Breaking Defense) Fighter jet training offer comes as three other European nations announce they'll send more than 100 Leopard tanks to Kyiv.
Russia-Ukraine war live: UK will not send fighter jets to Ukraine ‘if there is a risk to British safety’ (the Guardian) Comments from Downing Street come as Zelenskiy follows up trip to UK with Brussels visit in the hope of receiving more military aid
Rishi Sunak may be keen to send Ukraine jets, but trouble is on the horizon (The Telegraph) From treaty permissions to long training times, the Prime Minister will have a tough job getting Zelensky's men in the air on British planes
NATO Leader Visits Austin in Advance of Brussels Meeting (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and NATO Secretary General Jens Stoltenberg discussed expansion of the alliance, helping Ukraine defend itself from Russia's invasion, and the need for swift
Secretary of Defense Lloyd J. Austin III Hosted NATO Secretary General Jens Stoltenberg Fe (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III thanked NATO Secretary General Jens Stoltenberg for his steadfast leadership of the NATO Alliance, especially throughout Russia’s ongoing invasion of Ukraine.
NATO chief says US aid is ‘making a difference every day’ on battlefields in Ukraine (Stars and Stripes) NATO Secretary-General Jens Stoltenberg met with Defense Secretary Lloyd Austin on Wednesday, and the two said they would evaluate the latest strategies in Ukraine and discuss how U.S. and NATO allies can best help the country.
Memo Details Effort to Boost Production of Weapons Sent to Ukraine (Defense One) The Pentagon's top buyer offers a “targeted list” of weapons to help solve a problem decades in the making.
Ukraine deserves our full support (The Telegraph) The UK has gone it alone in the extent of its support. The West has to decide whether it will follow its lead or conspire in a stalemate
Russia's Wagner mercenaries halt prisoner recruitment campaign - Prigozhin (Reuters) Russia's Wagner mercenary group has stopped recruiting prisoners to fight in Ukraine, Wagner's founder Yevgeny Prigozhin said on Thursday.
Russia’s Latest Information War Tactic: Spoofing Foreign Media (Bloomberg) The Russian government is supporting operations that impersonate international media outlets as part of its disinformation campaigns, which have become more sophisticated and active since its invasion of Ukraine, according to a European Union study.
Why Russia Markets Itself as an Anti-Colonial Power to Africans (Foreign Policy) Colonial exceptionalism and a victim mentality are integral to Russia’s self-image.
Out of Alignment (Foreign Affairs) What the war in Ukraine has revealed about non-Western powers.
SpaceX didn't intend that Starlink be 'weaponized' by Ukraine: Shotwell (Breaking Defense) Moscow has charged that Starlink is directly enhancing the ability of Ukrainian forces to target weapons on Russian forces.
UAC-0114 Campaign Targeting Ukrainian and Polish Gov Entitities (The State Cyber Protection Centre of the State Service of Special Communication and Information Protection of Ukraine) UAC-0114 (aka WinterVivern) is a group of undefined individuals (where Russian-speaking members are present, highly likely) whose activity targets the European GOV entities. Their recent campaign targeted Ukrainian and Polish government organizations, taking advantage of fake web pages impersonating the legitimate web resources of the Ministry of Foreign Affairs of Ukraine and the Central Cybercrime Bureau of Poland.
Hackers used fake websites to target state agencies in Ukraine and Poland (The Record from Recorded Future News) Hackers attempted last week to infect Ukrainian government computer systems with malware hosted on websites impersonating state services.
Cyber Dimensions of the Armed Conflict in Ukraine (Cyber Peace Institute) This report focuses on the incidents documented by the CyberPeace Institute in the fourth quarter of 2022.
ESET Threat Report T3 2022: When war meets cyberspace – the impact of Russia's invasion on digital threats (ESET) News about ESET's malware research, directly from the maker of legendary NOD32 technology.
SNP MP Stewart McDonald's emails hacked by Russian group (BBC News) Stewart McDonald tells the BBC his emails have been stolen by a group linked to Russian intelligence.
Sanctions on Russia Are a Long Game, Not a Quick Fix (World Politics Review) The sanctions levelled against Russia by the US and Europe since the war in Ukraine began could bring about a global economic reshuffling.
'Strong indications' Putin approved supply of missile that downed MH17 flight (The Telegraph) Russian president's approval was needed before request for weapon from rebels was granted, international investigators say
Dutch probe implicates Putin in 2014 downing of Malaysian passenger jet (Washington Post) Dutch prosecutors said Wednesday that it was likely that Russian President Vladimir Putin signed off on a decision to supply long-range antiaircraft missiles systems to pro-Russian separatists in eastern Ukraine before they shot down Malaysia Airlines Flight 17 in July 2014, killing all 298 passengers and crew members.
Attacks, Threats, and Vulnerabilities
NewsPenguin, a Previously Unknown Threat Actor, Targets Pakistan with Advanced Espionage Tool (BlackBerry) A previously unknown threat actor is targeting organizations in Pakistan using a complex payload delivery mechanism. The attacker abuses the upcoming Pakistan International Maritime Expo & Conference (PIMEC-2023) as a lure to trick victims into opening phishing emails.
Screentime: Sometimes It Feels Like Somebody's Watching Me (Proofpoint) Key Findings
Proofpoint began tracking a new threat actor, TA866.
Proofpoint researchers first observed campaigns in October 2022 and activity has continued into 2023.
The activity appears to be financially motivated, largely targeting organizations in the United States and Germany.
With its custom toolset including WasabiSeed and Screenshotter, TA866 analyzes victim activity via screenshots before installing a bot and stealer.
Overview
Since October 2022 and contin
Treasury Says Cloud Computing Poses Risks to Financial Sector (Wall Street Journal) The department says reliance on Amazon, Microsoft or Google would have consequences in case of technical breakdowns.
Hackers are selling a service that bypasses ChatGPT restrictions on malware (Ars Technica) ChatGPT restrictions on the creation of illicit content are easy to circumvent.
Medusa botnet returns as a Mirai-based variant with ransomware sting (BleepingComputer) A new version of the Medusa DDoS (distributed denial of service) botnet, based on Mirai code, has appeared in the wild, featuring a ransomware module and a Telnet brute-forcer.
Chinese Balloon Had Tools to Collect Communications Signals, U.S. Says (New York Times) China’s surveillance balloons have flown over more than 40 countries and are directed by the Chinese military, the State Department said.
Yes, CISOs should be concerned about the types of data spy balloons can intercept (CSO Online) The Chinese airship that floated over the US and Canada was likely a multipurpose intelligence platform, gathering a variety of information types. It could gather data from corporate, government, or agricultural sources on the ground.
Spies, Hackers, Informants: How China Snoops on the US (SecurityWeek) A look into the tactics that China has used to spy on the United States in recent years to gain intelligence.
Florida state court system, US, EU universities hit by ransomware outbreak (Reuters) A global ransomware outbreak has scrambled servers belonging to Florida's Supreme Court and several universities in the United States and Central Europe, according to a Reuters analysis of ransom notes posted online to stricken servers.
No evidence global ransomware hack was by state entity, Italy says (Reuters) Global ransomware activity that targeted thousands of computer servers in Italy and other countries was probably the handiwork of criminal hackers and not a state or state-like entity, the Italian government said on Monday.
Ransomware campaign stirs worry despite uncertain impact (Washington Post) A fresh worldwide ransomware attack has novel, worrisome elements
VMware Security Response Center (vSRC) Response to 'ESXiArgs' Ransomware Attacks (VMware Security Blog) Greetings from the VMware Security Response Center! We wanted to address the recently reported ‘ESXiArgs’ ransomware attacks as well as provide some guidance on actions concerned customers should take to protect themselves. VMware has not found evidence that suggests an unknown vulnerability (0-day) is being used to propagate the ransomware used in these recent attacks. … Continued
CISA and FBI Release ESXiArgs Ransomware Recovery Guidance (CISA) Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access to ESXi servers and deploy ESXiArgs ransomware.
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs (Trend Micro) We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures.
Malicious ‘aptX’ Python Package Drops Meterpreter Shell, Deletes ‘netstat’ (Sonatype) Sonatype identified malicious Python packages on the PyPI software registry that carried out a bunch of nefarious activities including deleting dropping malware, deleting the “netstat” utility, and tampering with the SSH “authorized_keys” file on systems.
'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher (The Record from Recorded Future News) Toyota said it remediated the vulnerability discovered by researcher Eaton Zveare. The company referred others to its bug disclosure platform.
A Deep Dive Into the Growing GootLoader Threat (SecurityWeek) GootLoader is a ‘severe’ threat, as the malware uses a combination of evasion and living off the land techniques, making it hard to detect
Industrial Wireless IoT - The direct path to your Level 0 (Otorio) Over the past months, OTORIO’s research team together with researchers from a global leader of cyber security solutions and services, conducted comprehensive research on industrial wireless IoT devices such as industrial cellular gateways/routers and industrial Wi-Fi access points, which resulted in the discovery of broad issues in their implementation.
Surge of swatting attacks targets corporate executives and board members (CSO Online) Swatters use data brokers and stolen information on the dark web to target C-suite and board members. Removing personal information from the web is the best way to minimize this risk.
Details of 14,000 salaries shared by mistake (Health Service Journal) A spreadsheet containing the personal information of nearly 14,000 staff, including their salaries, has been mistakenly emailed to hundreds of people at a major trust, HSJ has learned.
Twitter goes down worldwide just minutes after launching expanded tweet counts [U: Fixed] (9to5Mac) Shortly after Twitter launched its huge increase in max character count to 4,000 today, many users aren’t able to tweet this afternoon. It’s unclear for now if the two are related but the timing comes right after a notable spike in long tweets. Update 3:11 pm PT: The outage appears to be almost fixed with […]
Musk Tells Twitter Staff to Pause Development Amid Outage (The Information) Elon Musk told employees on Wednesday afternoon to pause feature development as Twitter staff worked to solve an outage that left users unable to tweet or send and read direct messages for more than an hour. “Please pause for now on new feature development in favor of maximizing system stability ...
Security Patches, Mitigations, and Software Updates
OpenSSL fixes High Severity data-stealing bug – patch now! (Naked Security) 7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English…
OpenSSL Releases Security Advisory (CISA) OpenSSL has released a security advisory to address multiple vulnerabilities affecting OpenSSL versions 3.0.0, 2.2.2, and 1.0.2. An attacker could exploit some of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the OpenSSL advisory and make the necessary updates.
Android 14 to block malware from abusing sensitive permissions (BleepingComputer) Google has announced the release of the first developer preview for Android 14, the next major version of the world's most popular mobile operating system, which comes with security and privacy enhancements, among other things.
VMWare user? Worried about “ESXi ransomware”? Check your patches now! (Naked Security) To borrow from HHGttG, please DON’T PANIC. But if you are two years out of date with patches, please do ACT NOW!
Trends
Key takeaways from the state of identity security 2023: a spotlight on healthcare (SailPoint) This week, SailPoint released a new report titled The State of Identity Security 2023: A Spotlight on Healthcare. The report examines what identity
More Than 75% of Organizations Have Experienced At least One Attack Related to Poor Endpoint Device Management (Business Wire) New report from Enterprise Strategy Group and Syxsense shows unmanaged device risk on the rise, and endpoint management and security convergence underway
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead (Deloitte United States) Nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organizations’ accounting and financial data to increase in the year ahead according to a new Deloitte Center for Controllership poll. Yet just 20.3% of those polled say their organizations’ accounting and finance teams work closely and consistently with their peers in cybersecurity.
Q4 2022 Phishing and Malware Report: Phishing Volumes Increase 36% QoQ (Vade Secure) Vade’s Q4 2022 Phishing and Malware Report reveals the latest phishing and malware threats and trends.
Chapter One: The State of Vulnerability Management eBook (Nucleus Security) In this first chapter, we look into the contributing factors that led to vulnerability exploitation becoming the #1 initial attack vector.
ESET Threat Report T3 2022 | WeLiveSecurity (WeLiveSecurity) A view of the T3 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
REPORT. 2023 Cloud-Native Security & Usage Report (Sysdig) For the past six years, we have shared an analysis of our real-world customer data to provide the community with insight into changing container usage and security trends.
Check Point Software Releases its 2023 Security Report Highlighting Rise in Cyberattacks and Disruptive Malware (GlobeNewswire News Room) Geo-political conflict triggers increase in cyberattacks and the rise of ‘disruption and destruction’ malware...
Marketplace
Skybox Security Raises $50M, Hires New CEO (SecurityWeek) Late-stage California startup Skybox Security turns the reins over to former Digital Guardian chief executive Mordecai Rosen.
Cemtrex Regains Compliance with Nasdaq Listing Requirements (GlobeNewswire News Room) Cemtrex Inc. (NASDAQ: CETX, CETXP), an advanced security technology and industrial services company,...
Report: Cybersecurity giant Wiz to pull cash out of Israel due to judicial shakeup (Times of Israel) High-tech company said pressured by investors over risks presented by government's plans; HSBC bank issues warning that shake-up could harm Israeli economy
Comcast Wants a Slice of the Enterprise Cybersecurity Business (SecurityWeek) Comcast creates a new enterprise cybersecurity business to market its internal security inventions and find profits in a growing market.
Socure Joins FIDO Alliance to Drive IDV Industry Standards (Socure) Socure’s mission is to verify 100% of good identities in real-time and completely eliminate identity fraud for every applicant on the internet. Read more.
BreachLock Recognized for Cyber Security Leadership in Reuters' "50 Leaders of Change" (PR Newswire) BreachLock was recognized by Reuters for "Making Cyberspace a Safer Place" with its human-led, AI-enabled penetration testing services among...
Identity Defined Security Alliance Appoints Jeff Reich to Executive Director, Announces Newly Elected Executive Advisory Board (Identity Defined Security Alliance) Industry veteran brings 40 years of cybersecurity education and awareness experience to fast growing nonprofit DENVER, February 8, 2023 — The Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral resources to help organizations reduce the risk of a breach by combining identity and security strategies, today announced Jeff Reich as the organization’s new Executive...
CRN Names Xcitium’s VP Michael Costantino 2023 Channel Chief for Cyber Security (GlobeNewswire News Room) Today, Xcitium, the cybersecurity industry's leading provider of state-of-the-art endpoint protection...
CrowdStrike Promotes Michael Sentonas to President (CrowdStrike) CrowdStrike today announced the promotion of Michael Sentonas to president. Sentonas, who has served as CrowdStrike’s chief technology officer (CTO) since 2020, will be responsible for leading the company’s product and go-to-market functions, including its sales, marketing, product and engineering, threat intelligence, corporate development and CTO teams.
Huawei's Meng Wanzhou to take over as rotating chairperson -report (Reuters) Meng Wanzhou will begin her term as the rotating chairperson of Huawei Technologies (HWT.UL) on April 1, Shanghai Security News reported on Wednesday.
Products, Services, and Solutions
Integreon Launches Breakthrough Cyber Incident Response Offering with Development of AI-Based Review and Integration of RadarFirst (Integreon) Cyber Incident Response Innovations Deliver Significant Efficiency and Time Savings February 8, 2023 – (FARGO AND LONDON) Integreon, a trusted worldwide provider of tech-enabled legal and business outsourced services, announced...
Intelletive Consulting Makes Kubernetes Security Platform M9sweeper Open Sourced (GlobeNewswire News Room) After seeing the dire need for Kubernetes security tooling, Intelletive Consulting makes Kubernetes security accessible for all organizations...
SafeGuard Cyber Launches Illuminate Partner Program for MSSPs (Business Wire) New Channel Program Equips MSSPs with NLU-Powered, Patented Social Engineering Detection Technology Platform to Secure Cloud Communications
Code Intelligence and Google Secure Open-Source JavaScript Landscape (Code Intelligence) Collaboration will allow open-source developers to continuously test their JavaScript components for bugs and vulnerabilities, and assist them in writing more secure and reliable code.
Adaptive Shield Partners with Datadog for Seamless SaaS Security Management (Business Wire) Partnership provides joint customers the ability to stream and visualize SaaS security alerts
New Cohesity Data Cloud Release 7.0 Expands Data Security and Management Capabilities to Combat Ransomware Attacks and Data Breaches (Business Wire) Cohesity 7.0 Improves Cyber Resilience With Enhanced Authentication, Files and Objects Recovery, and by Supporting More Data Types
Configit's Ace Becomes a Unity Verified Solution, Delivering an Immersive 3D Product Configuration Experience for Customers (PR Newswire) Configit, the global leader in Configuration Lifecycle Management (CLM), today announced that its Configit Ace® is now a Unity Verified...
Expanded Cybersecurity Partnership with CrowdStrike Further Protects the Public Against Potential Attacks (CIS) Center for Internet Security to offer ESS Spotlight, enabling SLTT, Public Schools, and Hospitals to leverage the combined benefits of the CrowdStrike Falcon Platform
Bluescape and Native American Industrial Solutions Join Forces to Brin (PRWeb) Bluescape®, a visual collaboration and workspace platform, announced today that it has partnered with Native American Industrial Solutions (NAIS) to
Fortinet Helps Launch The Cybercrime Atlas Initiative, Enabling Businesses, Law Enforcement Agencies, and Threat Intelligence Researchers to Disrupt Cybercrime at a Global Scale (GlobeNewswire News Room) The Cybercrime Atlas initiative brings together global leaders to fight cyberthreats and map the cybercrime landscape, covering criminal operations,...
Corelight Expands Partnership with CrowdStrike to Provide Network Detection and Response Technology for CrowdStrike Services (Corelight) CrowdStrike’s industry-leading incident response and professional services teams to leverage Corelight’s open NDR solutions to disrupt advanced attacks
Robeson County, NC Selects PortalGuard® Identity and Access Management Cloud Platform for Enhanced Desktop Security and Insurance and Compliance Requirements (EIN News) BIO-key International, Inc. BKYI, an innovative provider of workforce and customer identity and access management (IAM) solutions featuring Identity-Bound
SentryBay Introduces Armored Client for AVD & W365 to Protect Endpoint Vulnerabilities (SentryBay) SentryBay Introduces Armored Client for AVD & W365 to Protect Endpoint Vulnerabilities
OneSpan Announces Disruptive Enterprise Pricing for Secure Digital Agreements in the Cloud (Business Wire) Industry’s first innovative cloud transaction platform model enabling simplified, flexible, and cost-effective pricing for basic, advanced and qualified e-signatures
ShadowDragon’s Partner Ecosystem Enhancements Increase Access to OSINT for Modern Investigations (Business Wire) Global ecosystem includes the largest set of open source intelligence partnerships in the industry
Intrusion Announces Partnership with Carahsoft to Provide Cyber-Attack Prevention Solutions to Public Sector Agencies (ACCESSWIRE News Room) Intrusion, Inc, (NASDAQ:INTZ) a leader in cyber-attack prevention solutions, including zero-days, today announced a partnership with Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®. Under the agreement, Carahsoft will serve as Intrusion's Master Government Aggregator®, making the Company's innovative Shield products available to the Public Sector through Carahsoft's
Cerberus Sentinel Achieves Gold Standard for Security and Data Confidentiality with SOC 2® Certification (GlobeNewswire News Room) Independent Audit Confirms Cerberus Security Controls and Data Privacy Practices...
Acalvio Launches Identity Threat Detection and Response (ITDR) Solution Built on Active Defense (Business Wire) Comprehensive solution combats identity threats and strengthens zero trust
Goodbye, passwords (1Password Blog) We’re all-in on passkeys, and we’re starting with 1Password.
NordPass introduces Password History functionality and further localizes its tool (GlobeNewswire News Room) Today, NordPass announced it complemented its password management solution with new features. The company’s...
Bitdefender Enhances Premium VPN Service with App Traffic Optimizer Feature (Bitdefender) New Feature Allows Users to Prioritize Bandwidth for Any Application on the Fly Ensuring Blazing Fast Speeds with Strong Security of Encrypted VPN
ioXt Alliance Expands IoT Certification Program to Include Building Network Controllers (Business Wire) New profile created by smart-building industry experts who understand which vulnerabilities are biggest threats and which test cases should be included to mitigate them
H-ISAC and Google Cloud partner to build more resilient healthcare (Google Cloud Blog) Google Cloud is open-sourcing a first-in-the-market integration that can help more than 750 healthcare customers to speed up their use of Health-ISAC’s threat intelligence with Chronicle.
Technologies, Techniques, and Standards
GAO's Critical Infrastructure Cyber Recommendations Go Largely Unaddressed (Nextgov.com) A new watchdog review found that federal agencies overseeing critical infrastructure have only implemented 43% of recommendations made since 2010.
‘Zero-Copy Integration’ Innovation Framework Published as National Standard of Canada (Business Wire) Pioneering standard eliminates data integration and data silos from digital innovation projects to radically improve data ownership, data collaboration, and IT efficiency
US Expands Artificial Intelligence Guidance with NIST AI Risk Management Framework (cyber/data/privacy insights) The National Institute of Standards and Technology published the Artificial Intelligence Risk Management Framework on January 26, 2023
NAESAD | Fortress Information Security (Fortress) Join the North American Energy Software Assurance Database (NAESAD) to access an industry wide collaborative SBOM library for vendors and suppliers.
The economic importance of monitoring process sensors (Control Global) Hacking IT and OT networks can be expected to continue regardless of the cyber security technologies employed.
Don’t Let Application File Uploads Become Malware Downloads (Deep Instinct) Applications are the backbone of modern business, with thousands (if not millions) of files uploaded and downloaded every day. If those files contain malware they pose a significant risk as they traverse through an organization’s IT infrastructure and end up stored in local or cloud repositories.
Multi-Tenant Data Security for Databases with Record-Level Encryption (Baffle) Multi-tenant databases are commonly used by SaaS vendors for the sake of cost-efficiency. Having a separate database instance for each of their customers, while ensuring each customer’s data is isolated, is prohibitively expensive. So, having a database instance with multiple customers’ information in it is the way to go from a cost perspective. But, what…
To prepare for digital warfare, the military must run more digital exercises (Breaking Defense) "When it comes to digital warfare, practice makes perfect, and we cannot begin practicing soon enough," writes Schuyler Moore, Chief Technology Officer of US Central Command.
DHS Teams Up with State and Local Officials to Secure Super Bowl LVII (U.S. Department of Homeland Security) The Department of Homeland Security, in close coordination with state and local officials, is leading federal efforts to ensure the safety and security of employees, players, and fans during Super Bowl LVII.
Design and Innovation
OpenAI’s Hidden Weapon: Ex-Google Engineers (The Information) As OpenAI’s web chatbot became a global sensation in recent months, artificial intelligence practitioners and investors have wondered how a seven-year-old startup beat Google to the punch. Google runs two of the world’s foremost AI research groups, yet a startup quickly developed a product, ...
ChatGPT is everywhere. Here’s where it came from (MIT Technology Review) OpenAI’s breakout hit was an overnight sensation—but it is built on decades of research.
The new ChatGPT clones from Google and Microsoft are going to destroy online search (Business Insider) Sure, AI chatbots will save you time finding things on the web. But they're also going to lie to you.
Academia
Army officers mentor cadets during Cyber Leadership Conference (DVIDS) Around five years ago, cadets toured through a cyber operations center where Chief Warrant Officer 3, Justin Helphenstine, had worked. After completing the tour, he asked the cadets if they were interested in joining the cyber branch.
Legislation, Policy, and Regulation
Turkey's government restricts access to Twitter amid earthquake response (The Record from Recorded Future News) Internet traffic data showed that Twitter was totally inaccessible from with Turkey. The government has warned about disinformation.
UK Proposes Making the Sale and Possession of Encrypted Phones Illegal (Vice) The Home Office says it wants to target “bespoke” devices used for crime, but critics say it is unclear what a bespoke device is.
Azerbaijan studies Israel’s experience in cybersecurity (International News) A delegation of the Association of Azerbaijani Cybersecurity Organizations (AKTA) paid a working trip to Israel from January 30 to February 30, AKTA’s press service told News.Az.
Australian Defense Department to remove Chinese-made cameras (AP NEWS) Australia’s Defense Department will remove surveillance cameras made by Chinese Communist Party-linked companies from its buildings, the government said Thursday after the U.S.
Is China’s Huawei a Threat to U.S. National Security? (Council on Foreign Relations) The Chinese telecommunications company faces accusations that Beijing could use its 5G infrastructure for espionage. The outcome of the struggle could shape the world’s tech landscape for years to co…
Germany gives ZTE's 5G kit the all-clear (Telecoms.com) Germany appears to be staying true to its word when it comes to judging Chinese telecoms equipment on a case-by-case basis.
Top White House cyber official set to retire next week (CNN) One of President Joe Biden's top cybersecurity advisers will retire next week as the Biden administration continues to face a myriad of foreign hacking threats and US officials urge -- and sometimes compel -- US companies to tighten their defenses.
Litigation, Investigation, and Law Enforcement
United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang (U.S. Department of the Treasury) The United States and United Kingdom issue historic joint cyber sanctions
Ransomware criminals sanctioned in joint UK/US crackdown on international cyber crime (National Crime Agency) Seven Russian cyber criminals who are linked to the group behind some of the most damaging ransomware attacks on the UK in recent years have been exposed and sanctioned by the UK and the US.
Hive takedown puts ‘small dent’ in ransomware problem (Cybersecurity Dive) Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.
UK High Court allows Bahraini activists to sue government over spyware (The Record from Recorded Future News) Activists who highlighted human rights abuses in Bahrain can sue the country's government for using the FinSpy, or FinFisher, spyware on them.
How Telegram groups can be used by police to find protesters (MIT Technology Review) Lessons learned from China’s White Paper Protests.
UN Experts: North Korean Hackers Stole Record Virtual Assets (SecurityWeek) North Korean hackers used sophisticated techniques to access networks to steal data that could help its nuclear and ballistic missile programs.
How the US Can Stop Data Brokers' Worst Practices—Right Now (WIRED) Legal experts say a key law should already prevent brokers from collecting and selling data that's weaponized against vulnerable people.
Exclusive: The FBI's McGonigal labyrinth (Business Insider) A bag of cash, mystery friends, an encrypted app, and manila envelopes: The FBI is rushing to figure out how deep McGonigal's alleged deceit might go.
Insurers Say Cyberattack That Hit Merck Was Warlike Act, Not Covered (Wall Street Journal) The company lost $1.4 billion in 2017’s NotPetya attack, which has been linked to Russia, but insurers are fighting in court to avoid paying.
InterContinental Hotels Seeks to Dismiss Franchisee Lawsuit Over Cyberattack (Wall Street Journal) Hotel owners are accusing the global company of poor security measures.
Ex-Coinbase Staffer Pleads Guilty in First Crypto Insider-Trading Case (Wall Street Journal) Ishan Wahi admits he conspired to misappropriate confidential data used in trades on digital tokens.
Russian crypto exchange exec pleads guilty to laundering Ryuk ransomware funds (The Record from Recorded Future News) Denis Dubnikov pleaded guilty on Monday in an Oregon court on charges related to laundering funds for the Ryuk ransomware group.
After Hive takedown, could the LockBit ransomware crew be the next to fall? (CyberScoop) As international law enforcement agencies turn up the heat on ransomware gangs, LockBit's high-profile cyberattacks make it a prime target.