Dateline Moscow and Kyiv: Presidential visits and Presidential addresses.
Ukraine at D+362: President Putin's view of his war. (CyberWire) After US President Biden's visit to Kyiv. Russian President Putin blames the West for the war, and predicts victory.
Ukraine at D+361: Diplomacy on the eve of the war's first anniversary. (CyberWire) Biden visits Zelenskyy in Kyiv as the war's first anniversary approaches.
Russia-Ukraine war: List of key events, day 363 (Al Jazeera) As the Russia-Ukraine war enters its 363rd day, we take a look at the main developments.
Russia-Ukraine war: world ‘more dangerous’ after Putin suspends key nuclear arms deal, Nato says; six killed in Kherson shelling – live (the Guardian) Vladimir Putin says he will suspend Russia’s participation in New Start treaty; civilian areas in Kherson shelled during Putin speech, Ukraine says
Live Updates: Putin Pulls Back From Nuclear Arms Treaty, Signaling Sharper Break With West (New York Times) Vladimir V. Putin said Russia would suspend its participation in New START, its last remaining nuclear arms control agreement with the United States, and gave no indication that he would end his invasion of Ukraine. President Biden is scheduled to speak a few hours from now in Poland.
Putin chides West, defends Ukraine invasion in major speech (AP NEWS) Russian President Vladimir Putin accused Western countries Tuesday of igniting and sustaining the war in Ukraine, dismissing any blame for Moscow almost a year after the Kremlin’s unprovoked invasion of its neighbor that has killed tens of thousands of people.
Putin’s state of the nation speech: What exactly did he say? (Al Jazeera) President Putin blames the West and Ukraine for the war he ordered a year ago.
Putin says Russia to suspend role in New START nuclear accord with U.S. (Washington Post) President Vladimir Putin announced in a state of the nation address Tuesday that Moscow is “suspending” its participation in the New START nuclear nonproliferation agreement, the last remaining nuclear arms control treaty between the United States and Russia.
One Year After Russia's Invasion of Ukraine: Experts React (RAND) We asked nearly 30 RAND experts to highlight takeaways from the first year of Russia's all-out war—and share what they're watching as the conflict in Ukraine grinds on. Here's what they said.
Russia-Ukraine war: Joe Biden’s surprise visit to Kyiv ‘unprecedented in modern times’, says US – live (the Guardian) First time a US president visited a ‘country at war where the US military does not control the critical infrastructure’, says national security adviser
Biden Administration Announces Additional Security Assistance for Ukraine (U.S. Department of Defense) The Department of Defense announces the authorization of a Presidential Drawdown of security assistance to meet Ukraine's critical security and defense needs.
On surprise trip to Kyiv, Biden vows enduring support for Ukraine (Washington Post) President Biden made a dramatic, unannounced visit to Kyiv on Monday, in a display of robust American support for Ukraine just four days before the anniversary of Russia’s full-scale invasion.
Pro-Putin pundits are furious Biden made a surprise trip to Kyiv, calling it a 'humiliation' for Russia (Business Insider) The White House says it gave Russia just "hours" notice before Joe Biden's unannounced trip to Ukraine's capital, Kyiv.
Russia should have 'whacked' Biden when he was in Kyiv, one of its leading propagandists suggested (Business Insider) One of Russia's most prominent propagandists was critical of the Kremlin's response to Biden's Kyiv trip, saying the US didn't seem afraid.
Five things Joe Biden’s visit to Kyiv shows ahead of war’s first anniversary (The Telegraph) The US president’s trip caught many by surprise, not least those who feared Washington’s support for the war effort may dry up
Putin’s Cronies: We Should Have Blown Up Biden in Kyiv (The Daily Beast) Russian pundits were furious over Biden’s surprise visit to Ukraine, questioning whether or not a “retaliatory strike” is in order.
Ukraine-Russia war latest: Russian morale is 'pitiful', says James Cleverly, as he urges new Ukrainian offensive - watch debate live (The Telegraph) Russian morale is "pitiful", the Foreign Secretary has said as he urged a new Ukrainian offensive.
Joe Biden overrides security concerns for surprise Kyiv visit and pledges $500m to Ukraine (The Telegraph) The US president was unable to travel via Air Force One and had to take a train from the Polish border
Biden visits Ukraine ahead of war anniversary: 'Kyiv stands' (AP NEWS) President Joe Biden paid an unannounced visit to Ukraine on Monday to meet with President Volodymyr Zelenskyy in a defiant display of Western solidarity with a country still fighting what he called “a brutal and unjust war” days before the one-year anniversary of Russia’s invasion .
Joe Biden made a daring, unannounced visit to Ukraine, a show of support the White House once considered too risky to attempt (Business Insider) Joe Biden arrived in Kyiv on Monday, after his team denied that he would make the trip when he was visiting neighboring Poland.
How Joe Biden swept into Kyiv on a train from Poland amid a cloak of secrecy (The Telegraph) Despite warning that his bodyguards could not guarantee his safety the US president was determined the trip to Ukraine 'needed to happen'
Everything We Know About Biden’s Historic Trip to Kyiv (Time) The historic trip comes days before the 1-year anniversary of Russia's invasion of Ukraine.
Russia-Ukraine war live: shelling kills three in southern city of Berislav (the Guardian) Russian shelling near southern Ukrainian city of Berislav killed three people on Sunday morning, according to local officials
Ukraine-Russia war latest: Rockets pound Bakmut as world leaders gather in Munich (The Telegraph) Olaf Scholz yesterday urged everyone who can send tanks to Ukraine to "really do so now".
Revealed: Leaked document shows how Russia plans to take over Belarus (Yahoo) The document, written for Putin’s Presidential Administration, envisages the total incorporation of Belarus into a “Union State” with Russia by 2030.
Moldova, facing cyberattacks as part of alleged Russian coup plan, asks for Western support (The Record from Recorded Future News) Moldova's president said she needed a range of support from other European nations to defend the integrity of her state.
Russian troops killed deploying devastating rockets in Valentine's Day massacre (The Telegraph) Soldiers using 'barbaric' weaponry that can melt human organs were attacked by Ukrainians during a botched advance
Yevgeny Prigozhin attacks Kremlin elite ‘denying him ammunition’ in foul-mouthed rant (The Telegraph) Wagner Group leader exposes high-level political tensions with attack on officials dining off ‘golden plates’ and holidaying in Dubai
Wagner Group releases graphic video of corpses in desperate plea for more ammunition (The Telegraph) Yevgeny Prigozhin said he would risk arrest to get his Russian mercenary fighters more shells and bullets
Over 30,000 Wagner Group fighters killed or injured in Ukraine, U.S. says (Washington Post) More than 30,000 members of the Wagner Group, a Russian mercenary outfit, have been injured or killed in Ukraine, the White House estimates. Of those, about 9,000 were killed in action, National Security Council spokesman John Kirby said at a briefing Friday.
Russia no longer has the economic means to wage offensive warfare (The Telegraph) Putin’s war machine is massively out-powered by the West
The sanctions war against Russia: a year of playing cat and mouse (the Guardian) Early claims Moscow would buckle quickly proved hubristic, yet Putin has also made miscalculations
Putin's Ukraine gamble seen as biggest threat to his rule (AP NEWS) Vladimir Putin says he learned from his boyhood brawls in his native St. Petersburg: “If you want to win a fight, you have to carry it through to the end, as if it were the most decisive battle of your life.”
Putin, czar with no empire, needs military victory for his own survival (Washington Post) President Vladimir Putin likes to portray himself as a new czar like Peter the Great or Ivan III, the 15th-century grand prince known as the “gatherer of the Russian lands.” But Putin’s year-long war in Ukraine has failed so far to secure the lands he aims to seize, and, in Russia, there is fear that he is leading his nation into a dark period of strife and stagnation or worse.
Russia has committed crimes against humanity, says Kamala Harris (the Guardian) US vice-president tells security conference that perpetrators will be held to account over Ukraine war
Harris Emphasizes Moral, Strategic Importance of Support to Ukraine (U.S. Department of Defense) Vice President Kamala D. Harris spoke to the Munich Security Conference, reaffirming U.S. determination to support Ukraine in its struggle against Russian invaders.
Remarks by Vice President Harris at the Munich Security Conference - The White House (The White House) Thank you. Thank you, Christoph. Thank you, Christoph. Thank you. Well, it is my honor to be back at the Munich Security Conference. As many of us remember, last year, on this stage, I warned of the imminent invasion of Ukraine by Russia. And let us all recall:…
Russia reacts to Vice President Harris's comments at the Munich Security Conference (NPR) According to Vice President Kamala Harris, the U.S. has formally concluded Russia has committed "crimes against humanity" in its war against Ukraine. Russian reaction includes allegation of cynicism.
Readout of Deputy Attorney General Lisa Monaco’s Attendance at the 2023 Munich Security Conference (US Department of Justice) Deputy Attorney General (Deputy AG) Lisa Monaco was in Munich this week to participate in both the 2023 Munich Cyber Security Conference and the Munich Security Conference, which brings together leaders from around the world to tackle current and future challenges to our global security.
Russia's Eliminationist Rhetoric Against Ukraine: A Collection (Just Security) Updated: Key words, phrases, and themes appear to express intent to eliminate Ukraine or Ukrainians as a nation-state, people, or culture.
‘They Didn’t Understand Anything, but Just Spoiled People’s Lives’ (The Atlantic) How Russian invaders unleashed violence on small-town residents
The Ukrainian refugees invoking Britain’s Blitz spirit (The Telegraph) Thousands of Ukrainians are helping the war effort from afar, but many are continuing to battle old-fashioned British bureaucracy
The Persistence of Great-Power Politics (Foreign Affairs) What the war in Ukraine has revealed about geopolitical rivalry.
China may be on brink of supplying arms to Russia, says Blinken (the Guardian) US secretary of state meets with top Chinese diplomat, Wang Yi, and warns of ‘serious problem for us’ if Beijing supplies weaponry to Vladimir Putin
US Warns China Not to Send Weapons to Russia for Ukraine War (Military.com) Tensions between Washington and Beijing have been heightened in recent weeks.
China's top diplomat due in Moscow as Beijing scolds United States (Reuters) China told the United States on Monday to keep out of its relationship with Russia, just as Beijing's top diplomat prepared for a visit to Moscow, and possibly a meeting with Vladimir Putin, to discuss ideas for peace in Ukraine.
Spurred by Ukraine war, 18 Western countries plan to share remote sensing data (Breaking Defense) "Russia’s illegal invasion of Ukraine has highlighted the importance of a persistent space surveillance capability," said the United Kingdom, as European nations (and Canada) band together.
CIA seeing ‘a lot of effort’ from Russia to close down US intelligence visibility (The Record from Recorded Future News) The head of the CIA said Russia was putting a lot of work into disrupting the agency’s intelligence collection efforts.
Ukraine invasion reshaped global alliances, renewed fears (AP NEWS) Nearly a year after Russia invaded Ukraine, the battlefield has narrowed and stiff resistance has forced Moscow to scale back its military goals. But the diplomatic consequences of the war still reverberate worldwide.
The False Promise of Regime Change in Russia (The National Interest) Claims that Vladimir Putin’s removal would end the war in Ukraine represent a misunderstanding of the Russian power structure and ignore the key interests of the political factions that operate in his shadow.
NATO vows more ammo and ‘additional capabilities’ to boost Ukraine spring offensive (Breaking Defense) NATO member also agreed on a new ammunition warehousing initiative aimed at supporting the pre-positioning of ammunition, while defense ministers started discussions on increasing defense spending above the decade-old two percent GDP target.
NATO must collaborate, be 'smarter' about rebuilding munition stockpiles: Official (Breaking Defense) Patria Group’s CEO, Esa Rautalinko suggested the UAF were using more than 5,000 artillery rounds every day during the conflict — a figure which is more than the annual procurement of some European nations, he claimed.
F-16s, longer-range missiles could help Ukraine beat Russia, U.S. general privately tells lawmakers (POLITICO) Gen. Christopher Cavoli’s comments go further than other administration officials.
Train Ukrainian pilots on F-16 fighters now, Biden urged (The Telegraph) Republican senator Lindsay Graham says he believes President Joe Biden’s decision on the issue is 'imminent'
Boris Johnson and Liz Truss heap pressure on Rishi Sunak to send fighter jets to Ukraine (The Telegraph) Former prime ministers unite in call for lethal weapons to be sent to Kyiv sooner
Rishi Sunak urged to put Britain on war footing as Russia rebuilds forces (The Telegraph) 'Deep concern' among military that PM has failed to see the urgency to increase defence spending and replace weaponry sent to Ukraine
EXCLUSIVE: Ukraine’s M1 Abrams tanks could come from US stockpiles, official says (Breaking Defense) The Biden administration may change course and use presidential drawdown authority to provide tanks to Ukraine, suggested Stanley Brown, the principal deputy assistant secretary for the bureau of political-military affairs.
First German Leopard 2 tank deploying to Ukraine 'very soon,' but who will be next? (Breaking Defense) The breakthrough on heavy weaponry marked a pivotal moment in strategic thinking by Western decisionmakers, previously concerned that more modern main battle tanks than the Soviet-era T-72, operated by Ukraine, could lead to an escalation of the war.
Army Taps GD OTS, American Ordnance For $993.8 Million Deal To Boost 155mm Ammo Production - Defense Daily (Defense Daily) The Army has selected General Dynamics Ordnance & Tactical Systems and American Ordnance to compete for orders to produce 155mm artillery rounds under
Weapons of Ukraine - Your essential guide (The Telegraph) Since the outbreak of war in February 2022, The Telegraph has been tracking donations and deliveries of weapons to Ukraine. Our defence correspondents have reported on their use on the battlefield and our experts have analysed their effectiveness. Many of the resources we have produced so far can now be found here, along with details of other key weapons.
German airport websites downed by DDoS attacks (Register) In other words, script kiddies up to shenanigans again
German airports hit by DDoS attack, ‘Anonymous Russia’ claims responsibility (The Record from Recorded Future News) A day after a major IT failure at Lufthansa left passengers stranded, the websites of seven airports were hit by a suspected cyberattack.
Russian phishing attacks flooded Ukraine, tripled against NATO nations in 2022: Report (Breaking Defense) Cyber attacks on Ukraine surged in early 2022, but Russian hackers haven’t sustained that intensity, says a new report from Google's Mandiant researchers.
Hacking for the Kremlin: Russia, ransomware and the West's response (Insights S-RM Inform) We take stock of the links between Russia-based cybercriminal groups and the Kremlin and assesses the impact of the conflict on the cyber threat landscape.
How the war in Ukraine is shaping cyberspace (The Hill) Welcome to The Hill’s Technology newsletter{beacon} Technology Technology The Big Story How the war in Ukraine is shaping cyberspaceThe Russia-Ukraine war h…
Ukraine Cyber War Drags On With Stealers, Trojans and More (Security Intelligence) Russia continues to wage a cyber war against Ukraine using stealers, trojans and physical attacks. What is the state of cyber war now?
How Telegram became the battlefront of the Russia-Ukraine cyberwar (Cybersixgill News) Telegram is a vital communication lifeline for the Ukrainian resistance, Russian hackers, and profiteering cybercriminals who seem resilient to war.
Civilian hackers could become military targets, Red Cross warns (The Record from Recorded Future News) Civilians taking to cyberspace to participate in hostilities between Russia and Ukraine could be exposed to military actions in response.
I helped create a 'cyber army' to help Ukraine defeat Russia. We can't fight with guns, but we can fight with our laptops. (Business Insider) Cyber Unit Tech CEO Yegor Aushev gathered a team of about 1,000 volunteers to help protect Ukrainian companies in cyberspace.
Under Secretary Silvers Speech at the 2023 Munich Cyber Security Conference: Transformational Cyber Defense at the International Level (US Department of Homeland Security) Good morning and thank you very much. We need transformational change in how we build cyber defense at the international level. It is no longer enough to have meetings and declare partnership.
How Uncle Sam enlisted Big Tech to thwart Russia from launching catastrophic cyberwar (The Washington Times) The U.S. intelligence community relied on American technology companies to battle Russian cyberattackers targeting Ukraine to prevent a catastrophic cyberwar capable of spreading across the Atlantic, The Washington Times has learned.
Big Tech Descends on Munich Conference in Support of Ukraine (Bloomberg) Google, Microsoft among companies supporting Ukraine’s defense. Defense, aerospace companies defying dip in VC funding.
Fake letter from Michael Gove part of wider Russian disinformation campaign on Ukranian refugees (Centre for Informati) Fake letter from Michael Gove part of wider Russian disinformation campaign on refugees Over the weekend of February 11th, a photograph of a letter, purportedly written by the British Secretary of State for Levelling Up, Michael Gove, began circulating on social media. The letter was addressed to registered UK sponsors of Ukrainian refugees, asking them to provide personal details on any Ukrainian adult men staying with them in their households. This information was apparently demanded by the Uk
How British embassy spy David Smith fooled neighbours and 'hid in plain sight' (The Telegraph) People who knew the former security officer before his arrest said he appeared to be 'just another neighbour'
BND-Skandal: Mutmaßlicher Spion sollte Moskau Positionen von US-Waffensystem Himars in Ukraine verraten (Spiegel) Ein Mitarbeiter des BND steht unter Verdacht, Geheimnisse an Russland weitergegeben zu haben. Nach SPIEGEL-Informationen wurde er wohl fürstlich entlohnt – bei ihm wurde offenbar eine sechsstellige Bargeldsumme gefunden.
‘We All Have One Big Dream’: How Ukraine’s Tech Companies Evolved to Survive a Year of War (The Information) For an average startup founder, dealing with the unexpected and unknown is an everyday reality. But in February 2022, the Ukrainian tech community encountered a disruption of unfathomable proportions. Nearly overnight, reality flipped the table on investors’ meetings, funding rounds and ...
Sale of logistics sites brings Maersk presence in Russia to an end (The Loadstar) Maersk has sold its last Russian operations after a year-long two divest its two remaining Russian logistics sites
Russian Ship 'Mapped' Dutch Windparks: Dutch Intel (Barron's) A top Dutch intelligence official on Monday accused a Russian ship of trying to map Dutch wind parks in the North Sea with a view to disrupting the Netherlands' electricity infrastructure.
Attacks, Threats, and Vulnerabilities
Statement on recent website redirect issues (GoDaddy) In early December 2022, we started receiving a small number of customer complaints about their websites being intermittently redirected. Upon receiving these complaints, we investigated and found that the intermittent redirects were happening on seemingly random websites hosted on our cPanel shared hosting servers and were not easily reproducible by GoDaddy, even on the same website. As our investigation continued, we discovered that an unauthorized third party had gained access to servers in ou
GoDaddy: Hackers stole source code, installed malware in multi-year breach (BleepingComputer) Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack.
GoDaddy admits: Crooks hit us with malware, poisoned customer websites (Naked Security) New report admits that attackers were detected in the network about three months ago, and may have been attacking for about three years.
GoDaddy Says Recent Hack Part of Multi-Year Campaign (SecurityWeek) GoDaddy recently discovered a hacker attack where a sophisticated threat group infected websites and servers with malware.
GoDaddy just realised it had a three-year security breach (Computing) Domain registrar and web-hosting firm GoDaddy has disclosed a multi-year security breach that enabled cybercriminals to access the company's systems, install malware and steal source code.
GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft (The Hacker News) GoDaddy, the web hosting services provider, reveals a multi-year security breach that allowed unknown actors to install malware and siphon source code
Atlassian Investigating Security Breach After Hackers Leak Data (SecurityWeek) Hackers have leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.
Frebniis Malware Exploits Microsoft IIS Feature (Infosecurity Magazine) The malware was used by a previously unknown threat actor against targets in Taiwan
Newly Disclosed Vulnerability Exposes EOL Arris Routers to Attacks (SecurityWeek) Remote code execution vulnerability impacting Arris G2482A, TG2492, and SBG10 routers, which have reached end-of-life (EOL).
Researchers warn of 'Havoc' command and control tool (Register) ThreatLabz finds free alternative to Cobalt Strike and other tools used in the wild
Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks (The Hacker News) North Korean group hacked a pro-North Korean organization's website and distributed their latest backdoor, WhiskerSpy, to unsuspecting visitors.
Researching North Korea online? You could be victim of a malware attack (TechRadar) A backdoor is being installed on pro-North Korean websites
Exclusive: Hacker group with members from Europe, North America found to have launched cyberattacks against China (Global Times) Chinese cybersecurity experts have exposed a hacker group, with its core members coming from Europe and North America, which has been launching sustained cyberattacks against China as its primary target, posing a serious threat to the country’s cybersecurity and data security, the Global Times learned from a Beijing-based cybersecurity lab on Sunday.
Chinese security researchers claim to have identified ‘Against The West’ hackers (The Record from Recorded Future News) China's Pangu Lab purportedly singled out six people for hacking on behalf of Against the West, which is actually a pro-Western group.
Threat Intelligence on Vice Society's Dark Web Footprint (Searchlight Cyber) Today we have launched our first Ransomware Spotlight containing threat intelligence on the notorious ransomware group Vice Society.
DeFi platform Platypus says nearly $9 million in crypto stolen in flash loan attack (The Record from Recorded Future News) DeFi platform Platypus said on Thursday night that about $8.5 million was stolen by a hacker they are now in communication with.
Applied Materials will take a $250M hit to sales this quarter, thanks to a cyberattack at one of its suppliers (Silicon Valley Business Journal) Applied officials warned about the revenue shortfall while reporting its fiscal first-quarter results.
MKS Reschedules Fourth Quarter and Full Year 2022 Earnings Call to February 28, 2023 (Nasdaq) MKS Instruments, Inc. (NASDAQ: MKSI), a global provider of enabling technologies that transform our world, today reported that due to the ransomware event that was identified on February 3, 2023, the Company now plans to release fourth quarter and full year 2022 financial results after market close on Monday, February 27, 2023 and host a conference call with management on Tuesday, February 28, 2023 at 8:30 a.m. (Eastern Time).
Social Engineering - A Coinbase Case Study (Coinbase) Coinbase recently experienced a cybersecurity attack that targeted one of its employees. Fortunately, Coinbase's cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information.
Coinbase Attack Linked to Group Behind Last Year's Twilio, Cloudflare Hacks (SecurityWeek) Coinbase was recently targeted in a sophisticated phishing attack and the cryptocurrency exchange linked the hack to the 0ktapus group.
Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs (Horizon3.ai) Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs. This vulnerability allows remote code execution as the root user.
LVHN reports cyberattack from suspected Russian ransomware group (The Morning Call) The Lehigh Valley Health Network has been the target of a cyberattack from a suspected Russian ransomware group called BlackCat. The health system says operations have not been affected.
Major hack at Virgin Media Television in Ireland ‘contained and terminated’ (The Independent) Minister of State Ossian Smyth said the matter is being investigated by the National Cyber Security Centre.
Royal Mail Hung Tough in LockBit Ransom Negotiations (Security Boulevard) Negotiators for the Royal Mail apparently played hardball with LockBit over a ransom demand that the mail service said was too high, prompting the
Aker Solutions Provides Update on Cyber Attack (Rigzone) Aker Solutions said it has 'progressed' with the handling of the cyber-attack.
Data Leak Hits Thousands of NHS Workers (Infosecurity Magazine) Email snafu at Liverpool University Hospital Foundation Trust
Scots cancer patient hits out after major data breach of records at NHS Lothian (Daily Record) Martin Laing, 57, received a letter from the health board last week telling him that Police Scotland were investigating after a member of staff had 'inappropriately' accessed his files.
Oxclose man hits out at 'data breach' which led to bill for gas he didn't use (ChronicleLive) A Washington couple are angry that a meter was fitted to their property without their permission after their details were passed on to the power company
In Chennai, phishers back with power bill fraud, leave consumers in shock (The Times of India) Tangedco has denounced it, cyber crime police have warned about it, but people still get jitters when they get an SMS that the power supply will be s
St. Paul, Minnesota: KFI Engineers pays $300k ransom, Black Basta ransomware group thanks... (SuspectFile) KFI Engineers is a privately held process and plant infrastructure design and performance company with 7 other branches in 6 states (Arizona, Kentucky, Iowa, Ohio, North Dakota, Wisconsin), including customers numerous educational institutions, hospitals, government, food and fuel companies
Indigo launches temporary website – for browsing only – after cybersecurity incident (Global News) Indigo offered no timeline for when its website might return but says it's team is working hard to restore its online experiences.
Guardian staff forced to work out of former brewery after ransomware attack (The Telegraph) King's Cross headquarters remains shuttered following cyber attack in December
Boulder County able to recover $237K lost in phishing scam (Yahoo) Boulder County was able to recover the almost $238,000 it mistakenly sent to a fraudulent account after a phishing scam in September. In September, hackers acting as a vendor for the county sent a spear phishing email to the county, which resulted in a check for $237,241.18 being "sent incorrectly." According to a release from the Boulder County Sheriff's Office, a detective with the ...
Data Breach Reported At Mount Pleasant Central School District (Mount Pleasant Daily Voice) A data breach may have exposed information related to some students at a school district in Northern Westchester. The breach was announced by Mount Pleasant Central School District Superintendent Peter Giarrizzo on Friday, Feb. 1…
Suffolk County starting to restore online services amid months-long cyberattack (CBS News) The county has been suffering through a massive cyberattack for months, but progress is being made to restore security.
Des Moines schools returning to normal after cyber attack (who13.com) After a long month of recovery and investigation from a cyber attack back in early January, Des Moines Public Schools are nearly back to normal, district leaders say. ̶…
Criminals are flooding the internet with fake advice scams and adware, so watch out (TechRadar) These are the scams you should be aware of, Avast says
Top Six Mobile Network Threats - What can MNOs do to Prevent Them? (AdaptiveMobile) Discover our top mobile network threats, and how Enea AdaptiveMobile Security can help mobile network operators address them.
Security Patches, Mitigations, and Software Updates
Fortinet Patches Critical Code Execution Vulnerabilities in FortiNAC, FortiWeb (SecurityWeek) Fortinet releases patches for critical remote code execution vulnerabilities in FortiNAC and FortiWeb products.
Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952) (Help Net Security) Fortinet has dropped fixes for 40 flaws, including two critical bugs (CVE-2022-39952, CVE-2021-42756) in FortiNAC and FortiWeb solutions.
iOS 16.3.1—U.S. Security Agency Issues ‘3 Weeks To Update’ Order, Windows Users Also Put On Notice (Forbes) With Microsoft and Apple releasing security patches for zero-day vulnerabilities this week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has now stepped in.
Microsoft Is Forcibly Removing Internet Explorer From Your PC (WIRED) Also: Instagram launches a new messaging system for creators, and Minecraft gets some new branded casual footwear.
Trends
Living Secure: discover the digital moments that matter in 2023 (F-Secure) The Living Secure survey collects insight from 7,000 people, in selected regions around the world, enabling us to create a comprehensive overview of digital moments in 2023.
Cyber Security Study (The pCloud Blog) We asked 15,000 people 10 cybersecurity questions.
Almost one in five Irish firms hit by cyber attack or data breach in 2022 (The Irish Times) Research finds most senior business leaders plan to increase investment in cyber security and resilience in the coming years
Marketplace
Cybersecurity M&A Roundup for February 1-15, 2023 (SecurityWeek) Seventeen cybersecurity merger and acquisition (M&A) deals were announced in the first half of February 2023.
Darktrace hires EY for independent review of finances (Reuters) British cyber security company Darktrace said on Monday it had commissioned a third-party review of its finances by EY, weeks after a short-seller questioned its results.
Virginia cybersecurity firm expands to Tampa, plans to add 30 jobs (Tampa Bay Times) The company has leased an office in Tampa’s Westshore District.
WSJ News Exclusive | Facebook Parent Meta Gives Thousands of Workers Subpar Reviews (Wall Street Journal) The performance ratings may signal that more job cuts are on the way at Facebook parent Meta, people familiar with the matter said.
Former Wells Fargo executive opens up about leadership failures during account scandal (WBUR) In 2016, news broke that Wells Fargo bank employees opened up bogus accounts in customers' names to meet unattainable sales goals.
Fear Made John McAfee Rich. It Also Ruined Him (Bloomberg) The cybersecurity pioneer’s long, strange saga started in Silicon Valley and ended in a Spanish prison. An exclusive story and podcast.
Huawei Hunting (The Wire China) Huawei faces a new existential threat from U.S. sanctions. But Washington is still finding international support for its campaign against Huawei hard to come by.
Hackers Earn $180,000 for ICS Exploits at Pwn2Own Miami 2023 (SecurityWeek) White hat hackers received $180,000 at Pwn2Own Miami 2023 for exploits targeting widely used ICS products.
Palo Alto Networks Goes "All-In" With New Cloud Infrastructure Investment in Switzerland (Longview News-Journal) Delivers its best-in-class cloud-based cyber security platforms in the country to support customers with their data location needs
Deloitte Romania strengthens its cybersecurity team by appointing Andrea Multari as partner and leader (Business Review) Who’s News - Deloitte Romania strengthens its cybersecurity team by appointing Andrea Multari, an experienced professional in cyber across multiple domains and
Venable LLP taps new partner-in-charge for Baltimore office (Baltimore Business Journal) Venable LLP is one of a number of large law firms in Baltimore that have named new local leaders so far this year.
Intel Loses Top Network Exec Amid Group Leadership Change (CRN) Hong Hou departed Intel as COO of the company's Network and Edge Group amid a leadership change in the division.
Former Allianz Veteran Hartmut Mai Joins Cyber Insurance Technology Leader Cyberwrite (Longview News-Journal) Global insurance leader joins Cyberwrite as group president
Kelly Johnson exits Eset as Aussie leadership shifts to Singapore (ARN) Eset Australia country manager Kelly Johnson is to leave the vendor as its local leadership transfers to Singapore.
Okta Names Neville Vincent as Vice President for Asia - Fintech Singapore (Fintech Singapore) Okta announced that it has appointed information technology industry veteran Neville Vincent as Vice President for Asia.
Former NSA Director Joins Duality Advisory Board (PR Newswire) Duality Technologies, the leader in privacy preserving data collaboration is proud to announce that Adm. Michael Rogers (ret.), former...
Former Intacct CMO Dr. Ian Howells Joins Red Sift as Chief Business Officer (Business Wire) With more than 20 years of C-level experience, Howells is focused on fueling global growth and adoption of the Red Sift Digital Resilience Platform
Telos Corporation Expands Team to Amplify Federal and Commercial Portfolios (GlobeNewswire News Room) Two new additions bring more than 60 combined years of experience driving growth for technology solutions...
John Paul Cunningham joins Silverfort as CISO (Silverfort) Silverfort has announced the appointment of John Paul Cunningham as Chief Information Security Officer.
Products, Services, and Solutions
New infosec products of the week: February 17, 2023 (Help Net Security) The featured infosec products this week are from: CyberSaint, DigiCert, Finite State, FireMon, and Veeam Software.
Egnyte Helps Teams Improve Productivity with Enhanced Functionality Across Product Lines | Egnyte (Egnyte) Egnyte, the secure platform for content collaboration and governance, announced several product enhancements across security and governance, mobile, and the Egnyte for Life Sciences’ Controlled Document Management application. These updates improve the functionality of the Egnyte platform so that users can work faster and smarter.
An update on two-factor authentication using SMS on Twitter (Twitter) An update on two-factor authentication using SMS on Twitter
Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only (The Hacker News) Twitter is changing its 2FA policy, limiting the use of SMS-based authentication to its Blue subscribers only.
SMS-Based 2FA Will Be Limited to Twitter Blue Users (HackRead) Twitter will now charge for 2FA, limiting the must-have security feature to only Twitter Blue subscribers.
Twitter will limit uses of SMS 2-factor authentication. What does this mean for users? (NPR) Users who don't pay a fee for Twitter Blue within the next 30 days will lose SMS two-factor authentication. But there are ways to work around this without signing up for a Twitter subscription.
Twitter's Two-Factor Authentication Change 'Doesn't Make Sense' (WIRED) The company will soon require users to pay for a Twitter Blue subscription to get sign-in codes via SMS. Security experts are baffled.
Twitter Shuts Off Text-Based 2FA for Non-Subscribers (SecurityWeek) Twitter creates a security ruckus with the sudden decision to turn off the text message/SMS method of 2FA for non-subscribers.
Official: Twitter will now charge for SMS two-factor authentication (The Verge) Better change your 2FA, or Twitter will turn it off
Paid security features at Twitter and Meta spark cybersecurity concerns (Washington Post) Cyber pros have questions about paid security features at Twitter and Meta
Facebook Parent Launching ‘Meta Verified’ Subscription Service (Wall Street Journal) Meta Platforms plans to test “Meta Verified,” starting at $11.99 a month, in Australia and New Zealand.
KnowBe4 Integrates with BlackBerry to Help Businesses Reduce Risky Sec (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced its new SecurityCoach product n
SentinelOne DataSet Achieves AWS Container Competency Status (Business Wire) SentinelOne Strengthen Use Case for Cloud, Containers, and Kubernetes
Fortinet Helps Launch The Cybercrime Atlas Initiative, Enabling Businesses, Law Enforcement Agencies, and Threat Intelligence Researchers to Disrupt Cybercrime at a Global Scale (CXOToday.com) The Cybercrime Atlas initiative brings together global leaders to fight cyberthreats and map the cybercrime landscape, covering criminal operations, structures
ESET launches ESET Cyber Security for macOS v7.3 (TahawulTech.com) The new underlying ESET Cyber Security for macOS architecture is based on micro-services, meaning components run in a secure and optimal manner.
Alcatraz AI Announces Web-Based Mobile Enrollment and Biometric Privacy Consent Management to Streamline Onboarding and Increase Transparency (GlobeNewswire News Room) AI and machine learning are transforming the way people enter buildings and secure areas by making access frictionless and more secure, while protecting...
Orca Security Offers Best-in-Class Approach to Secure Cloud-Native Applications, Expanding with ThreatOptix’s Agent-Based Runtime Protection (Business Wire) Strategic partnership with ThreatOptix, started by SentinelOne co-founder, provides runtime protection and enforcement for mission critical workloads
Xcitium expands international partner network to tackle growing global security threat (GlobeNewswire News Room) Xcitium, the malware prevention specialist and full-stack security provider, today announced an...
Lacework Releases High-Fidelity, Composite Alerts for Polygraph® Data Platform (PR Newswire) Lacework®, the data-driven cloud security company, today announced the release of high-fidelity composite alerts on the Lacework Polygraph®...
Technologies, Techniques, and Standards
Jen Easterly on NIST's Plans to Update Cybersecurity Framework (Executive Gov) Looking for the latest Government Contracting News? Read about Jen Easterly on NIST's Plans to Update Cybersecurity Framework.
Bitcoin Miners Are Playing a High-Stakes Game of Chicken (WIRED) In the bitter crypto winter, companies are making deep cuts to survive a new challenge.
Why Should Contractors Comply With DFARS Now (PreVeil) The status of pending CMMC 2.0 rules in no respect, affects, defers, or otherwise justifies avoidance of current DFARS contract requirements.
Thunderdome hits its targets, DISA moves to next phase of zero trust (Federal News Network) With Thunderdome, DISA moves to expand zero trust to more users and add a follow-on contract for applications.
Design and Innovation
From CEOs to Coders, Employees Experiment With New AI Programs (Wall Street Journal) Business people across industries are testing out tech’s new frontier to save time and avoid being left behind.
AI Becomes Silicon Valley’s Next Buzzy Bandwagon as Crypto Boom Fizzles (Wall Street Journal) Trend-hoppers have moved from Web3 and blockchain to artificial intelligence. ‘The Venn diagram is a circle.’
How should AI systems behave, and who should decide? (OpenAI) We’re clarifying how ChatGPT's behavior is shaped and our plans for improving that behavior, allowing more user customization, and getting more public input into our decision-making in these areas.
OpenAI’s mission is to ensure that artificial general intelligence (AGI)[1] benefits all of humanity. We therefore think a
The ChatGPT-fueled battle for search is bigger than Microsoft or Google (MIT Technology Review) A frenzy of activity from tech giants and startups alike is reshaping what people want from search—for better or worse.
Exclusive: Microsoft's Bing plans AI ads in early pitch to advertisers (Reuters) Microsoft has started discussing with ad agencies how it plans to make money from its revamped Bing search engine powered by generative artificial intelligence as the tech company seeks to battle Google's dominance.
Why Bing Is Being Creepy (Intelligencer) It’s doing what it was trained to do by reading our stories and absorbing our anxieties. (Not that Microsoft is happy about it.)
Microsoft's new chatbot is a liar. And it says it's ready to call the cops. (Mother Jones) What use is an AI search engine that can't be trusted?
After AI chatbot goes a bit loopy, Microsoft tightens its leash (Washington Post) No more long exchanges about the Bing AI’s “feelings,” the tech giant says. The chatbot, after five responses, now tells people it would “prefer not to continue this conversation.
My Week of Being Gaslit and Lied to by the New Bing (The Information) Like any tech reporter who spends too much time online, I’ve treated Microsoft’s Bing search engine with little more than disdain since its 2009 release. Initially mocked for its stale, staid, retro graphics (its early design included a logo in front of hot air balloons), Bing also gave ...
Yes, ChatGPT Will Turbocharge Hacking—And Help Fight It, Too (Tanium) While amateurs can now use ChatGPT to create malware and phishing emails, security pros can also enlist the bot to fight cyberattacks.
Before Rebirth, Microsoft’s Bing Faced Near-Death Experiences (The Information) “Where is our hit?” Steve Ballmer repeatedly directed the question at his lieutenants in the year before he stepped down as CEO of Microsoft in 2014, according to two people who heard him ask it. His biggest frustrations were Microsoft’s flops in the consumer market, including Bing, a search ...
OpenAI Is Faulted by Media for Using Articles to Train ChatGPT (Bloomberg) Wall Street Journal, CNN raise concerns about use of stories. Journalist says 20 news sources are supplying material.
AI in the Workplace Is Already Here. The First Battleground? Call Centers (Wall Street Journal) Call centers have deployed bots that automate basic tasks and instruct the remaining humans how to do their jobs.
My class required AI. Here's what I've learned so far. (One Useful Thing) (Spoiler alert: it has been very successful, but there are some lessons to be learned)
Academia
Centre invites entries for national-level hackathon on cybersecurity (The Statesman) The aim of hackathon is to address cyber security challenges by identifying innovative technological solutions given by participants.
TikTok loves Gen Z’s true confessions. Colleges and employers, not so much. (Washington Post) Generation Z grew up online. Their ‘digital footprints’ may haunt them.
Legislation, Policy, and Regulation
Review of the Computer Misuse Act 1990: consultation and response to call for information (accessible) (GOV.UK) Cyber crime threatens our citizens, businesses and government. State actors and criminals, at all levels of complexity and with varying intent are targeting homes and businesses across the UK. As Security Minister, it is my responsibility to ensure that we have the right legislative framework, powers and law enforcement capability to tackle this threat.
Finland launches cyber citizen project to teach essential cybersecurity skills to EU citizens (Helsinki Times) In today's increasingly digital world, cybersecurity is becoming an essential skill for citizens. With the rise of cyber threats, it is crucial for citizens to be equipped with the knowledge and skills necessary to protect themselves and their personal information. To address this need, Finland has launched the Cyber Citizen Project, in collaboration with Aalto University and the Ministry of Transport and Communications, to create a common model for teaching cybersecurity skills to citizens in the EU M...
EU parliamentary committee says 'no' to EU-US data privacy framework (Computerworld) Progress on ratifying the Trans-Atlantic Data Policy Framework hit a snag, as a parliamentary committee rejected a draft decision to adopt the pact, saying it did not comply with the EU's GDPR privacy regulations.
U.S. Ban on Huawei Seen Widening China Chip War (EE Times Asia) The U.S. government's latest ban marks a new wave of restrictions on Chinese technology companies.
US launches artificial intelligence military use initiative (AP NEWS) The United States launched an initiative Thursday promoting international cooperation on the responsible use of artificial intelligence and autonomous weapons by militaries, seeking to impose order on an emerging technology that has the potential to change the way war is waged .
FTC launches technology office to keep up with Silicon Valley giants (Washington Post) The Federal Trade Commission on Friday is launching an Office of Technology to aid efforts to rein in the fast-moving tech sector, which has emerged as a major focus under Democratic Chair Lina Khan, in an announcement shared exclusively with The Technology 202.
OpenAI Proposes Government Restrict AI Chips to Prevent Propaganda Explosion (Vice) As generative language models become more accessible, easier to scale, and write more persuasive text, they could be used to spread disinformation.
New Pentagon Cyber Workforce Manual Echoes Top Navy Worries (Bloomberg Government) Several Navy officials at a military technology conference this week emphasized to private sector and Pentagon partners that they are prioritizing information warfare training, just in time for the release of a new framework for cybersecurity.
Reducing Government Overclassification of National Security Information (Lawfare) To rectify the widespread overclassification of government documents, policymakers might consider charging agencies for each decision to classify information.
State Dept gets serious about cybersecurity (Federal News Network) In today's Federal Newscast: The Justice and Commerce Departments join forces to target cyber crime. The backlog of retirement claims at OPM ballooned last month. The State Department gets serious…
U.S. Department of Veterans Affairs Overhauls Cybersecurity Rules for Government Contractors (JD Supra) On January 25, the Department of Veterans Affairs (VA) published a new final rule amending contractual provisions in the VA Acquisition Regulation...
US must fully fund ‘rip and replace’ of Huawei, ZTE telecom equipment (The Hill) During the last week, Americans’ eyes have been on the sky as the Chinese Communist Party’s spy balloon traveled from coast to coast surveilling us from above. While I am incredibly concerned about…
Litigation, Investigation, and Law Enforcement
Authorities break up gang responsible for €38 million CEO fraud (Help Net Security) A joint investigation supported by Europol has led to the dismantling of a Franco-Israeli gang involved in large-scale CEO fraud.
Europol dismantles 'CEO swindle' gang behind €38m fraud (Computing) Europol has busted a criminal network engaged in France's largest-ever "CEO swindle."
Norwegian police recover $5.8M crypto from massive Axie Infinity hack (BleepingComputer) Norwegian police (Økokrim) have seized 60 million kroner ($5,800,000) worth of cryptocurrency stolen by the North Korean Lazarus hacking group last year from Axie Infinity's Ronin Bridge.
Terrorists killed their daughter. Now they’re fighting Google in the Supreme Court (Washington Post) Are tech companies liable when their algorithms recommend terrorist content? The Court’s answer could upend the way the internet works
How Two Supreme Court Cases Could Completely Change the Internet (Time) The cases will decide whether online platforms can be held liable for the targeted advertisements or algorithmic content spread on their platforms
The Supreme Court is about to hear 2 major cases that could transform the internet (Yahoo) Next week the U.S. Supreme Court is set to hear two major cases involving big technology companies, with key aspects of the internet on the line with its rulings later this year.
Wikimedia wants the Supreme Court to hear case over NSA surveillance. Here's what's at stake. (CyberScoop) The case over the National Security Agency's digital monitoring activities could have major implications for the future of government spying.
FAA chief grilled by lawmakers over computer outage, aviation safety (Military & Aerospace Electronics) "We are experiencing the safest period in aviation history, but we do not take that for granted," FAA head Billy Nolen said during testimony before the committee. "Recent events remind us that we cannot become complacent," CBS News reports.
Spain to extradite British suspect to US over Twitter hack (BBC News) Joseph O'Connor faces several charges in connection with the hack of more than 130 Twitter accounts.
Spain Orders Extradition of British Alleged Hacker to U.S. (SecurityWeek) Spanish Court agrees to extradite a British hacker who allegedly took part in attacks, including July 2020 hacks of Twitter accounts of public figures
FBI says cyber incident at New York field office ‘contained’ (CyberScoop) The bureau is working to gain additional information about the reported cyberattack.
FBI investigating suspected cyber attack (CyberSecurity Connect) An investigation is currently underway by the US Federal Bureau of Investigation (FBI) after it detected suspicious cyber activity on its network. According to CNN citing people aware of the incident
$400k settlement reached in data breach infraction (The Daily News) Acting Attorney General Michelle A. Henry tthis week announced a settlement with DNA Diagnostics Center – one of the world’s largest private DNA-testing companies offering diagnostic and genetic testing to
Yes, the Equifax breach settlement emails are real (Mashable) A staggering jackpot of $5.21 for most recipients.