Dateline Moscow and Kyiv
Ukraine at D+356: Tracking memes. (CyberWire) Armored trains and heavy artillery fire are throwbacks to the First World War, but data breaches and meme control belong firmly to the 21st Century.
Russia-Ukraine war: List of key events, day 357 (Al Jazeera) As the Russia-Ukraine war enters its 357th day, we take a look at the main developments.
Russian Forces Struggle to Make Headway in Eastern Ukraine (Military.com) Russian artillery, drones and missiles have been relentlessly pounding Ukrainian-held eastern areas for months.
Russia planning air assault to support major new offensive (The Telegraph) Intelligence shows a build-up of fixed-wing and rotary aircraft on Russia’s borders with Ukraine
Ukraine war: Migrants in Russia forced to fight in Putin's war (BBC News) Recruiters are targeting Central Asian migrants in prisons and at work centres to join the war.
Russia’s new offensive will test the morale of Putin’s mobilized masses (Atlantic Council) Vladimir Putin's desperation to regain the military initiative in Ukraine is leading to suicidal tactics that are undermining morale among hundreds of thousands of recently mobilized Russian troops, writes Peter Dickinson.
ECHR ruling confirms Russian invasion of Ukraine began in 2014 (Atlantic Council) A recent ECHR ruling recognizing Russian control over so-called separatist republics in eastern Ukraine since 2014 is an important step forward in the quest to hold Moscow accountable for aggression against Ukraine.
The path to peace in Ukraine runs directly through Putin’s red lines (Atlantic Council) As Russia’s invasion of Ukraine approaches the one-year mark, the Western response is still being undermined by exaggerated fears of escalation and misplaced concerns over the dangers of “provoking Putin," writes Oleksiy Goncharenko.
Ukraine and the Contingency of Global Order (Foreign Affairs) What if the war had gone differently—or takes a sudden turn?
Milley says ‘Russia has lost’ in Ukraine, but the war continues (Task & Purpose) Despite suffering heavy losses, Russia is in the early stages of launching a new offensive in Ukraine.
Countdown to counteroffensive: Give Ukraine ATACMS before it's too late (Breaking Defense) With renewed fighting expected, Kyiv needs the ability to attack deeper behind Russian lines in occupied lands, write a trio of FDD researchers.
Ukraine-Russia war latest: US tells citizens to leave Russia 'immediately' (The Telegraph) The United States has told its citizens to leave Russia "immediately" amid heightened fears of a Russian offensive in Ukraine.
Europe rushes to launch Covid-style plan to ramp up shell production for Ukraine (The Telegraph) European Central Bank could be used to raise funds to place orders large enough to convince defence firms to increase production
11 countries to give tanks to Ukraine, as Kyiv is 'contemplating' spring offensive: US (Breaking Defense) "Ukraine will integrate recent commitments of armored vehicles, infantry fighting vehicles and tanks with fires that achieve the effect of synchronized ground maneuver," Chair of the Joint Chiefs of Staff Mark Milley said.
Kyiv clamors for fighter jets as war nears ‘critical’ phase (AP NEWS) Ukraine on Tuesday renewed its appeal to Western countries for fighter jets to help frustrate Moscow’s almost year-long invasion, but won no assurances at a high-level defense meeting in Brussels that it would receive any combat aircraft.
European nations give ‘positive signals’ on fighter jets, says Volodymyr Zelensky (The Telegraph) Despite the Ukrainian president's optimism, some leaders have doubts over supplying aircraft, fearing it will risk escalation with Russia
NATO chief hints Finland, Sweden could join alliance separately (Al Jazeera) Jens Stoltenberg says Nordic nations becoming members together is not top priority as Turkey continues to block Sweden.
Ukraine-Russia war: No breakthrough on fighter jets at Nato meeting (The Telegraph) Ukraine's Nato allies did not reach a decision over fighter jets at a high-level defence meeting in Brussels.
U.S. warns Ukraine it faces a pivotal moment in war (Washington Post) As first anniversary nears, White House fears flow of arms may be harder to come by
Ukraine aid support softens in the US: AP-NORC Poll (AP NEWS) Support among the American public for providing Ukraine weaponry and direct economic assistance has softened as the Russian invasion nears a grim one-year milestone, according to a new poll from The Associated Press-NORC Center for Public Affairs Research.
Austin: Contact Group Continues Stand With Ukrainian People (U.S. Department of Defense) After almost a year, the free world still stands with Ukraine as it defends its liberty and sovereignty, Secretary of Defense Lloyd J. Austin III said at the conclusion of the Ukraine Defense Contact
Stoltenberg Explains Why Support to Ukraine Still Matters (U.S. Department of Defense) A year on, support to Ukraine from nations around the world matters more than ever, NATO Secretary General Jens Stoltenberg said.
Lesson From Moldova’s Crisis: We’re at War (CEPA) Moldova’s recent cabinet crisis should be instructive to all observers of European security and Russia’s aggression against Ukraine.
Elon Musk says SpaceX restricted internet in Ukraine to prevent escalation ‘that may lead to WW3’ (POLITICO) ‘We’re trying hard to do the right thing,’ says billionaire.
Vladimir Putin travelling in armoured train on secret rail network for personal security (The Telegraph) Russian president said to be convinced train travel is safer than planes as flights can be more easily tracked - and shot out of the sky
Huge data dump from Russia’s censorship agency posted online (Cybersecurity Connect) A Belarusian hacking group has uploaded a mound of data from the Russian Roskomnadzor censorship agency.
Russian system to scan internet for undesired content and dissent (Reuters) Russia has launched a system that will scan the internet for illegal content, making it easier for authorities to detect unsanctioned protests, anti-war dissent and "LGBT propaganda", officials said on Monday.
IPI data: Putin’s war against Ukraine is also a war against the media (International Press Institute) The International Press Institute (IPI) has documented more than 900 cases of physical attacks, censorship, harassment, arrests, and other press freedom violations in Russia and Ukraine since Putin’s full-scale war of aggression began one year ago. The vast majority of these attacks have been perpetrated by Russian forces or authorities, underscoring that Putin’s war against …
U.S. spies partnered with American tech companies to fight Russian cyberattackers in Ukraine (The Washington Times) The U.S. intelligence community relied on American technology companies to battle Russian cyberattackers targeting Ukraine to prevent a catastrophic cyberwar capable of spreading across the Atlantic, The Washington Times has learned.
The Resilience of the Ukrainian IT Industry (InformationWeek) War has tested Ukraine's cyber resilience in unimaginable ways. Yet, by rising to the challenge, the Ukrainian IT industry has emerged as a leader in the country’s new economy. Data shows growth in the tech sector and suggests further reasons for optimism in the coming year.
What China Has Learned From the Ukraine War (Foreign Affairs) Even great powers aren’t safe from economic warfare—if the U.S.-led order sticks together.
Thousands of Ukrainian children put through Russian ‘re-education’ camps, US report finds (the Guardian) New report details network of dozens of Russian camps aimed at giving children pro-Moscow views, with some children detained indefinitely
Kremlin TV Star Erupts After His Son Is Accused of Dodging War (The Daily Beast) Putin’s famous cheerleader descended into a live television tirade after his own son’s patriotism was called into question.
Inside the Gray Market Keeping Cisco Tech in Stock in Russia (Wall Street Journal) The tech giant stopped selling its gear in Russia, but Cisco’s routers and other equipment are easy to find in Moscow.
Attacks, Threats, and Vulnerabilities
The Israeli Hackers Who Tried to Steal Kenya's Election (Haaretz) The campaign by Kenya's opposition to cast doubt on William Ruto's 2022 victory was aided by Israeli hackers, who accessed the Telegram accounts of the president's senior officials
Cambridge Analytica's Israeli Black Ops Team – Exposed at Last (Haaretz) In-house emails published here for the first time identify the Israeli hackers running global disinformation campaigns whom Cambridge Analytica officials tried so hard to keep hidden
Revealed: the hacking and disinformation team meddling in elections (the Guardian) Unit led by Tal Hanan that boasts vast army of bots exposed by undercover reporters and leaked emails
Tonga is the latest Pacific Island nation hit with ransomware (The Record from Recorded Future News) Tonga's state-owned telecoms company said it was hit with ransomware on Monday.
Molted skin: APT SideWinder 2021 campaign that targeted over 60 companies in the Asia-Pacific (Group-IB) Group-IB, a global cybersecurity leader headquartered in Singapore, has documented previously unreported phishing operations carried out by the nation-state cyber threat actor SideWinder between June and November 2021.
The Toll That Twitter’s Glitches Are Taking on Chinese Activists (New York Times) As the Elon Musk-owned social media service encounters interruptions and bugs, Chinese dissidents and activists said they feared they were being muzzled.
‘Aims’: the software for hire that can control 30,000 fake online profiles (the Guardian) Exclusive: Team Jorge disinformation unit controls vast army of avatars with fake profiles on Twitter, Facebook, Gmail, Instagram, Amazon and Airbnb
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign (Cisco Talos Blog) Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims.
New ‘MortalKombat’ ransomware targets systems in the U.S. (BleepingComputer) Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with the Laplas clipper in cyberattacks.
MortalKombat ransomware found punching targets in US, UK, Turkey, Philippines (The Record from Recorded Future News) Organizations in the U.S. and elsewhere have been hit with the new MortalKombat ransomware, according to researchers at Cisco Talos.
Airline SAS network hit by hackers, says app was compromised (Reuters) Scandinavian airline SAS said it was hit by a cyber attack Tuesday evening and urged customers to refrain from using its app but later said it had fixed the problem.
Healthcare giant CHS reports first data breach in GoAnywhere hacks (BleepingComputer) Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra's GoAnywhere MFT secure file transfer platform.
Glasgow Arnold Clark customers warned after hackers steal personal data (Glasgow Times) Arnold Clark customers may have had personal data stolen following a major cyber attack.
LockBit demanded £66mn from Royal Mail (Computing) A log of conversations between the LockBit ransomware group and a Royal Mail negotiator show the group demanded £65.7 million to safely return the organisation's stolen data - and now LockBit is threatening to leak it.
OT Network Security Myths Busted in a Pair of Hacks (Dark Reading) How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.
Could Electric Vehicles Be Hacked? (Wall Street Journal) Cybersecurity experts warn that EVs will be ripe targets for hackers unless more attention is paid to the risks.
Credit Suisse staffer took salary data (Reuters) Credit Suisse this week notified its workforce that a staff member, who has since left the Swiss bank, took some of their personal data, it said on Tuesday.
Binance, Huobi freeze some cryptocurrency stolen in $100 million Harmony hack (The Record from Recorded Future News) Cryptocurrency exchanges Binance and Huobi froze $1.4 million in assets stolen from blockchain company Harmony by North Korea last year.
Xavier University of Louisiana Announces Data Breach Affecting 44,312 Individuals (JD Supra) On February 13, 2023, Xavier University of Louisiana (“XULA”) filed a notice of data breach with the Maine Attorney General after learning that the...
Louisiana HBCU says personal data from 44,000 students accessed in November cyberattack (The Record from Recorded Future News) Xavier University of Louisiana reported a data breach that involved the social security numbers and more from 44,000 students and vendors.
Ransomware Attack On City of Oakland Leaves City Hall Closed, Many Systems Still Paralyzed (SFist) A ransomware attack on the City of Oakland is now dragging into its sixth day, and the city’s IT department “has taken affected systems offline” to try to minimize the damage.
City of Oakland declares state of emergency after ransomware attack (BleepingComputer) Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th.
Risk managers voice concern over sensitive data stored by cyber insurers (Strategic Risk Europe) Airmic members say the "gold mine" of sensitive data they share with underwriters could present a security risk
5 Romance Fraud Schemes Made Possible by Account Generation Bots (Kasada) Kasada's Threat Intelligence shows how account generation bots are bypassing dating platform login checks in order to commit romance fraud.
3 Overlooked Cybersecurity Breaches (The Hacker News) Stay ahead of the game with the latest predictions for 2022's most concerning cybersecurity breaches, attacker tactics, and techniques.
CISA Adds Four Known Exploited Vulnerabilities to Catalog (CISA) CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.
February 14 CISA KEV Breakdown | Microsoft, Apple (Nucleus Security) In this Breakdown, Nucleus experts explore the four vulnerabilities added to the KEV on February 14, 2023
Vulnerability Summary for the Week of February 6, 2023 (CISA) he CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA.
Security Patches, Mitigations, and Software Updates
Patch Tuesday: Three zero-days and nine 'Critical' RCE flaws fixed (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.
Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws (BleepingComputer) Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of 77 flaws.
Microsoft Edge update starts disabling Internet Explorer 11 today (BleepingComputer) Microsoft says the Internet Explorer 11 desktop web browser will be disabled on some Windows 10 systems starting today via a Microsoft Edge update.
Patch Tuesday: Microsoft Warns of Exploited Windows Zero-Days (SecurityWeek) Microsoft’s Patch Tuesday machine is humming loudly with software updates to fix at least 76 vulnerabilities in Windows and OS components.
Apple Releases Security Updates for Multiple Products (CISA) Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible: • Safari 16.3.1 • iOS 16.3.1 and iPadOS 16.3.1 • macOS 13.2.1
Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529) (Help Net Security) Apple has released security updates that fix a WebKit zero-day vulnerability (CVE-2023-23529) that "may have been actively exploited."
Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw (The Hacker News) Apple has released urgent security updates to address a new zero-day vulnerability discovered in WebKit, which attackers are exploiting in the wild.
Apple Patches Actively Exploited WebKit Zero-Day Vulnerability (SecurityWeek) Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day tracked as CVE-2023-23529.
SAP Security Patch Day for February 2023 (Onapsis) SAP Patch Day for February 2023 addresses twenty-six new & updated security patches which include one HotNews Note & five High Priority Notes.
Mozilla Releases Security Updates for Firefox 110 and Firefox ESR (CISA) Mozilla has released security updates to address vulnerabilities in Firefox 110 and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 110 and Firefox ESR 102.8 for more information and apply the necessary updates.
Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops (CISA) Citrix has released security updates to address high-severity vulnerabilities (CVE-2023-24486, CVE-2023-24484, CVE-2023-24485, and CVE-2023-24483) in Citrix Workspace Apps, Virtual Apps and Desktops. A local user could exploit these vulnerabilities to take control of an affected system.
Adobe Releases Security Updates for Multiple Products (CISA) Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.
Adobe Plugs Critical Security Holes in Illustrator, After Effects Software (SecurityWeek) Adobe releases security fixes for at least a half dozen vulnerabilities that expose Windows and macOS users to malicious hacker attacks.
CISA Releases One Industrial Control Systems Advisory (CISA) CISA released one Industrial Control Systems (ICS) advisory on February 14, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-23-045-01 Weintek EasyBuilder Pro cMT Series
SynSaber Report Brings More Context to ICS Security (Security Boulevard) An analysis of three years of vulnerabilities found in industrial control systems (ICS) published by SynSaber, a provider of an ICS monitoring platform,
Industry-first quantitative cyber risk impact report gives business leaders real data and actionable insights based on actual customer incidents and financial exposure (GlobeNewswire News Room) 2023 RiskLens Annual Cybersecurity Risk Report finds web application attacks, insider errors are top risks; public administration, healthcare are most...
Critical Insight Healthcare Data Breach Report Trends H1 2022 (Critical Insight) Critical Insight Healthcare Breach Report H1 2022 Healthcare Trends in 2022
State of XIoT Security: 2H 2022 (Claroty) The latest State of XIoT Security Report provides an analysis of published vulnerabilities affecting cyber-physical systems for the 2H 2022 across OT, IoT, and IoMT.
Attacks on industrial infrastructure on the rise, defenses struggle to keep up (CSO Online) A Dragos report shows threat actors new and old have the potential to cause major disruptions of critical infrastructure.
Healthcare Organizations Most Common Victims in 3rd Party Data Breaches (HIPAA Journal) Cyberattacks on business associates of healthcare organizations have increased to the point where attacks on business associates now outnumber attacks on Study confirms an increase in third party data breaches and a doubling of the impact and destruction they cause, with healthcare organizations the most common victims of 3rd party breaches.
5th State of CCPA, CPRA, and GDPR Compliance Report Shows More Than 90% of Companies Are Not Compliant (CYTRIO) As CPRA went into effect on January 1, latest CYTRIO research says 91% of companies still uncompliant with GDPR; 92% not compliant with CCPA and CPRA
Brivo | Brivo Reveals Top Security Trends for 2023: Convenience is King in Securing the Hybrid Workplaces of the Future (RealWire) Factoring user experience and convenience into how employees and tenants access buildings is top concern for security professionals says benchmark industry survey
BETHESDA, Md., February 15, 2023
Radware Full Year 2022 Report: Malicious DDoS Attacks Rise 150% (GlobeNewswire News Room) Digitalization, shift to remote work, and rise in state sponsored cyberattacks and espionage continue to drive DDoS surgeFinance and technology among...
Q4 2022 Threat Landscape: Tech and Manufacturing Targeted (Kroll) In Q4 2022, ransomware hit a peak for 2022, primarily due to the rise in attacks impacting the manufacturing, health care, technology and telecommunications industries. Find out more in Kroll’s Threat Landscape report.
Businesses at Work (Okta) Using anonymized data from over 17,000 global customers, Okta has identified key insights to help you stay ahead of global app and business trends.
Cyber Insurers Unlikely to Offer Higher Coverage Limits Despite Better Conditions (Wall Street Journal) Insurers are leery of how long-term risks will play out, including yearslong data-breach lawsuits
Castellum, Inc. Announces $500,000 Equity Financing to Support Acquisition (GlobeNewswire News Room) Castellum, Inc. (NYSE-American: CTM) announces that it has raised $500,000 of equity financing, reduced...
Deepwatch Announces $180 Million in Investments (Deepwatch) Deepwatch, the leader in advanced MDR security, announces new investments to accelerate innovation & growth in the cybersecurity market.
Oligo Security Exits Stealth with $28M to Catalyze Runtime Application Security and Observability (Business Wire) Backed by leading VC firms, prominent cyber entrepreneurs and security investment syndicates to secure open source libraries with precision and accuracy
Descope Launches Developer-First Authentication and User Management Platform (Descope) Startup Secures $53M in Seed Funding to Trailblaze a Passwordless Future for All
Post-quantum cryptography startup Sandbox AQ raises $500M (SiliconANGLE) Quantum computing software startup Sandbox AQ, which spun off from Alphabet Inc. last year, said today it has closed on a $500 million round of funding.
Zscaler acquires Canonic Security to accelerate how enterprises address SaaS-native threats (Help Net Security) Zscaler acquires Canonic Security to protect data being accessed through third-party applications and integrations.
LinQuest Completes Acquisition of Capability Analysis & Measurement Organization, LLC (Business Wire) LinQuest Corporation, a leader in systems engineering and cutting-edge technology solutions for national security customers, announced the acquisition of Capability Analysis & Measurement Organization, LLC (CAMO).
Concentric AI Achieved 200-percent Growth in 2022 as Demand for its Leading Data Security Posture Management Solution Accelerated Worldwide (Business Wire) Company’s Semantic Intelligence Became First DSPM Solution to Support Structured and Unstructured Data as well as Email and Messaging Applications
Onapsis Closes 2022 with Significant Momentum Driven by Accelerated Demand for Business Application Security (Business Wire) Onapsis announces continued growth, key industry accolades, and record product innovation as demand to secure cloud, hybrid, and on-premise business applications accelerates
28% of staff to be cut at quantum startup Rigetti (Computing) Focusing on 'nearer-term-priorities'
Avaya files for Chapter 11 bankruptcy - again (Computing) UC giant Avaya is filing for bankruptcy for the second time in six years, pointing in its filing to unsecured claims valued in millions from the likes of Verint Americas, Microsoft and solution provider giant SHI International.
fifty-five’s Record Setting Growth in 2022 Sparks an Expansion of Services and Brand Refresh (GlobeNewswire News Room) The MarTech consultancy reports over 30% growth in revenue in 2022 and strengthens its commitment to privacy-centric advanced data solutions with brand...
Eric Barnhart of Zerto Honored as a 2023 CRN Channel Chief (PRWeb) Zerto, a Hewlett Packard Enterprise company, today announced that CRN®, a brand of The Channel Company, has recognized Eric Barnhart, VP of global cloud and chann
Former Mandiant COO and President John Watters Joins Mitiga as Independent Board Member (Mitiga) Cybersecurity veteran brings 30+ years of cybersecurity experience, building companies and M&A, most recently selling to Google for $5.4B.
Brinqa Expands Leadership Team to Support Accelerating Growth (Business Wire) Cyber risk management innovator welcomes Mayuresh Ektare and Dimitri Vlachos
SpyCloud Expands C-Suite to Build on Growth in Cybercrime Analytics Market (Business Wire) Ronak Patel and Heather Smith are promoted to SpyCloud’s executive team as CTO and CMO
Former Veeva Executive Joins Red Sift as Chief Revenue Officer (Business Wire) Dynamic leader brings 30 years of C-level software industry leadership experience to drive hypergrowth; Appointment follows acquisition of Hardenize and $54M Series B funding
Gigamon Names Dee Dee Acquista Vice President of Worldwide Channel and Alliances (Business Wire) Seasoned executive to lead channel-first strategy to heighten partner success across the globe
Products, Services, and Solutions
UPDATE – Zscaler Announces Industry-First, Integrated SaaS Supply Chain Security Capabilities with the Acquisition of Canonic Security (GlobeNewswire News Room) New Capabilities Further Expand the Zscaler Zero Trust Exchange™Data Protection Set of Services Enabling Enterprises to Protect Data Being Accessed Through...
Presidio Achieves Two Industry Leading Trusted Security Frameworks: ISO 27001 and SOC 2 (Business Wire) Presidio, a leading global digital services and solution provider, announced that it has achieved compliance with the requirements of two most trusted information security frameworks, ISO 27001 and SOC 2, the leading comprehensive compliance standards for enterprise-wide information security.
Skyhigh Secure Web Gateway Achieves FedRAMP Authorization (Business Wire) Multiple Integrated Technologies Work in Concert to Prevent Exfiltration of Vital Government Da
Object First Introduces Ootbi: Ransomware-proof Storage Appliance Designed for Veeam Customers (Business Wire) Ootbi stands for “out-of-the-box immutability” and delivers simple, powerful, and affordable on-premises backup storage
Paperclip Mojo Patented Technology Enables The Brokerage Inc. to Better Handle Medicare Enrollment Period (GlobeNewswire News Room) Paperclip, Inc. (OTCMKTS:PCPJ) and its Mojo® services helped The Brokerage Inc., a national field...
Styra Announces Styra Load, Advancing Policy as Code with Enterprise-Grade Decision-Engine for Data-Heavy Workloads (Business Wire) Styra Load reduces infrastructure costs by using 10x less memory and 40% less CPU while increasing authorization performance by advancing Open Policy Agent (OPA) capabilities.
Cleerly partners with ClearDATA to keep patient health data secure (VatorNews) Cleerly uses AI to identify the features of plaques that may cause heart attacks
VertexGraph Introduces Zero Trust Network Access 2.0 (ZTNA 2.0) Private File Sharing (GlobeNewswire News Room) VertexGraph introduces its ZTNA 2.0 private file sharing capabilities for secure and efficient file sharing without syncing. To help businesses gain...
Aware Highlights Industry-Leading Mobile Biometric Solutions at Mobile World Congress 2023 (GlobeNewswire News Room) Offerings Built Specifically for Mobile Apps, Easy to Integrate and Available for iOS and Android...
Alarum: NetNut Enters the End-to-End Retail AI Data Market (GlobeNewswire News Room) Alarum Technologies Ltd. (www.alarum.io) (Nasdaq, TASE: ALAR) (“Alarum” or the “Company”), a global...
ExpressVPN Surpasses 4 Million Active Subscribers (Yahoo Finance) Leading consumer privacy and security company ExpressVPN today announced that it now has more than 4 million paying subscribers for its VPN service in over 180 countries.
Proofpoint Unveils New Simplified Partner Program to Accelerate Channel Growth | Proofpoint US (Proofpoint) Proofpoint Element Partner Program strengthens resellers’ position and market opportunity with enhanced sales and marketing development resources, benefits, incentives, and training support
Arculix by SecureAuth Awarded 2022 TMCnet Zero Trust Security Excellence Award (SecureAuth) Arculix, a Next-Generation Authentication Platform, Honored as an Exceptional Passwordless Continuous Authentication Solution IRVINE, Calif. February 15, 2023 — SecureAuth, a leader in access management and authentication, today announced that TMCnet, a global, integrated media company, has named Arculix™ by SecureAuth as a 2022 TMCnet Zero Trust Security Excellence winner. The TMCnet Zero Trust Security […]
NowSecure Announces Support for OWASP MASVS v2 to Empower Standards-Based Testing | News Direct (News Direct) NowSecure automated continuous testing, expert pen testing and training updated to enable organizations to take full advantage of latest OWASP MASVS for mobile app compliance
New Managed Cybersecurity Solutions from GreenPages Deliver Business Resilience for Mid-Sized and Large Enterprises (GlobeNewswire News Room) Leading Cloud and Cybersecurity Services Provider Integrates Award-Winning Solutions from World Class Technology Partners with Its Professional Services to...
Announcing PlainID’s SaaS enabled Authorization Platform (PlainID) PlainID's pre-built, third-party "authorizers" provide access control for vital authorization enforcement patterns, including authorization for API Gateways, Microservices, and Data Lakes
Quest Software Announces Enhancements to KACE Cloud, Introducing Complete Application Patching to Endpoint Management in the Cloud (GlobeNewswire News Room) New capability enables automated patching within the cloud, including third-party applications, from a single platform...
APIwiz 2.0 Launches with Automated Governance and Compliance to Low-Code API Lifecycle Management Solution (PR Newswire) APIwiz, an innovative low-code API (application programming interface) lifecycle management platform, today announced the release of APIwiz...
Oort Unveils Identity Technology Ecosystem, Bringing Identity Data out of Orbit and Into View (Business Wire) The announcement reveals new partnerships to ingest data
Tigera Introduces Calico Runtime Threat Defense: The Most Comprehensive, Plug-and-Play defense against Container and Network-Based threats (PR Newswire) Tigera, provider of the industry's only active security platform for containers and Kubernetes, today announced Calico Runtime Threat Defense....
LogRhythm Partners with Trend Micro to Help Organizations Around the Globe Automate Threat Detection and Response (Business Wire) New integration streamlines threat detection and response with LogRhythm’s centralized data collection and automation
Technologies, Techniques, and Standards
Meta Oversight Board to begin reviewing cases more quickly (Reuters) Meta Platforms' Oversight Board announced Tuesday it will review more types of content moderation cases and expedite some decisions, as it aims to expand its work.
States sketch out roadmaps for zero trust ‘journey’ (GCN) As states experiment with zero trust, they are working out technologies, governance and procedures for securing IT infrastructure.
Q&A: What healthcare providers should do after a data breach (Health Exec) Health Exec caught up with Rob Kim, chief technology officer at digital solutions provider Presidio, to understand what healthcare organizations should do after a data breach.
Design and Innovation
Google Launches Way for Android Apps to Track You Without Tracking You (Gizmodo) Privacy Sandbox, the set of changes that will kill third-party cookies forever, is now coming to Android. Paradoxically, Google says the goal is to track everything you do online in a way that’s better for your privacy.
Twitter is just showing everyone all of Elon Musk’s tweets now (The Verge) Your For You feed might look a little different.
It's time to prepare for quantum computing’s impact on DNS security (Security Magazine) When quantum computing makes its entrance, it could eviscerate online communications. Cybersecurity efforts to prevent quantum attacks can’t wait.
Research and Development
IoC detection experiments with ChatGPT (Securelist) We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains.
Call for Speakers Now Open for the RH-ISAC Cyber Intelligence Summit (EIN News) Retail & Hospitality ISAC invites industry leaders, experts, and innovators to submit proposals for presentations and panel discussions.
Program guides students with autism to cybersecurity careers (MSU Denver RED) As the U.S. is facing a growing threat from online attacks, the neurodiverse community is training for cybersecurity jobs. Metro state of denver is working in partnership with Teaching the Autism Community Trades (TACT) to prepare autistic students for careers in tackling hackers.
National Security Agency Investing $90 Million In This South Dako (ESPN Sioux Falls) DSU will expand its cybersecurity education and research programming.
Legislation, Policy, and Regulation
The Quad May Be Just the Thing to Apply to China’s Cyber Activities (OODA Loop) While there is nothing that will stop Chinese cyber operations, increased threat and intelligence information-sharing, remediation, attribution, and more importantly, disrupting its cyber networks might just be a successful combination to stem the flow. And that just may be the very catalyst needed to rally other regional victims of Chinese cyber spying onboard to pushback against this brazen activity. And hindering China from operating unabashedly in its own backyard would be a good place to start to dull the sharpness of Beijing’s global aspirations.
Digital Services Act: Online Platforms, Do Your Homework Before it’s too Late (cyber/data/privacy insights) The Digital Services Act (DSA) entered into force on November 16, 2022. This new European regulation builds on the Electronic Commerce Directive to strengthen the moderation obligations of online platforms regarding illegal content, such as racism, child pornography, counterfeiting and disinformatio
Why the US needs the Bureau of Cyber Statistics right now (CyberScoop) The agency could serve as a vital data repository for cyber incidents that would inform public and private sector decision-making.
DoD's new cyber workforce strategy creates new AI, data-focused work roles (Breaking Defense) “This strategy utilizes four human capital pillars - Identification, Recruitment, Development and Retention - to identify and group cyber workforce challenges,” according to slides.
Navy releasing new cyber strategy 'in a month or so' to outline cyber superiority vision (Breaking Defense) Chris Cleary, the Navy’s principal cyber advisor, said he "caught a break" when he realized Pentagon-wide strategies generally matched the Navy's envisioned "secure, survive, strike" principles.
Chris Inglis to Retire as National Cyber Director (Executive Gov) Looking for the latest Government Contracting News? Read about Chris Inglis to Retire as National Cyber Director.
The first national cyber director's last day is today (Washington Post) Inglis leaves national cyber director post after a year and a half
Litigation, Investigation, and Law Enforcement
IG discovers it is way too easy hack Interior Department computers (Federal News Network) Easy passwords like "Password 1 2 3 4." Multiple people with the same password. Inactive user accounts not closed. One-factor authentication. No password expiration.
Spanish, US Authorities Dismantle Cybercrime Ring That Defrauded Victims of $5.3 Million (SecurityWeek) Spanish and US authorities have dismantled a cybercrime ring that defrauded victims of more than $5.3 million.
Aerojet Rocketdyne agrees to pay $9M to resolve cybersecurity allegations in second civil-cyber fraud case (FedScoop) The federal contractor is the second company to be prosecuted as part of the DOJ’s civil-cyber fraud initative.
Dark Web Revenue Down Dramatically After Hydra's Demise (Dark Reading) Competitor markets working to replace Hydra's money-laundering services for cybercriminals.
Regal Medical Group Hit With Lawsuit Over December Data Breach (Bloomberg Law) Regal Medical Group Inc. negligently failed to protect the personal health information of 3.3 million people that was exposed in a December 2022 data breach, a new proposed federal class action said.
UMass Memorial Health Center Resolves Healthcare Data Breach Lawsuit With $1.2M Settlement (Health IT Security) The proposed settlement will resolve allegations relating to a 2020 healthcare data breach at UMass Memorial Health Center that impacted patient PHI.
Russian businessman convicted of U.S. hack-and-trade charges (Reuters) A U.S. jury convicted a wealthy Russian businessman with ties to the Kremlin of charges that he and others made tens of millions of dollars by hacking U.S. computer networks to obtain secret, inside information about multiple companies which they used to make trades.
Russian cybersecurity expert convicted of charges in $90M hack-to-trade case (CyberScoop) Vladislav Klyushin had sensitive connections to the Russian government and Russian military hackers, prosecutors said.
Russian with alleged ties to Putin convicted in hack-and-trade scheme (The Record from Recorded Future News) Vladislav Klyushin, a Russian with possible Kremlin ties, was convicted of a hack-and-trade scheme that allegedly netted him millions.
GitHub and EFF Back YouTube Ripper in Legal Battle With the RIAA (TorrentFreak) GitHub and digital rights group EFF have filed briefs in support of Yout.com's legal battle against the RIAA.