Dateline Moscow and Kyiv: Annexation is non-negotiable.
Ukraine at D+369: Russia goes constitutional. (CyberWire) Moscow outlines its preconditions for peace negotiations.
Russia-Ukraine war live: Russia will ‘never compromise’ on annexed Ukrainian regions, says Kremlin (the Guardian) Dmitry Peskov insists Moscow unwilling to compromise on what he described as new ‘territorial realities’
Ukraine's northeastern front could decide new battle lines (AP NEWS) A tank carrying Ukrainian infantry speeds toward a target position marked with a metal sheet. The soldiers climb down, hurl grenades and unleash a crackle of machine-gun fire.
‘If you don’t burrow in you die pretty quickly’: the relentless battle for Bakhmut (the Guardian) Ukrainian soldiers who have been holding off a Russian offensive around the city describe intense fighting
Putin's £274m spy plane blown up by Belarusian partisans (The Telegraph) Operation that involved drones dropping explosives hailed by opposition in country unhappy at its close collaboration with Russian president
Anti-war partisans in Belarus claim to have damaged Russian plane (the Guardian) Group says it used drones to hit early warning aircraft at Machulishchy airfield 12km from Minsk
Ukraine & Intelligence: One Year on – with Shane Harris (CyberWire) Shane Harris (Twitter, LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss the role of intelligence in the Ukraine conflict one year after it began. Shane reports on intelligence for the Washington Post and is the author of two books.
The Evolution of Pro-Russian Hacktivism in One Year of War Report (GroupSense) A look at the changing cybersecurity landscape throughout the Russian invasion of Ukraine.
No One Knows If Decades-Old Nukes Would Actually Work (WIRED) Atomic weapons are highly complex, surprisingly sensitive, and often pretty old. With testing banned, countries have to rely on good maintenance and simulations to trust their weapons work.
Russia Turns to China’s Yuan in Effort to Ditch the Dollar (Wall Street Journal) Moscow has jettisoned longstanding concerns about giving China too much leverage over its economy.
Attacks, Threats, and Vulnerabilities
Take Note: Armorblox Stops OneNote Malware Campaign (Armorblox) Over the course of the month, Armorblox has seen a re-emergent of the Qakbot malware campaign. These email attacks contain malicious software disguised as a OneNote file attachment. This blog dives into this malicious malware attack campaign that Armorblox accurately identified and stopped, protecting more than 15,000 end users.
Blind Eagle Deploys Fake UUE Files and Fsociety to Target Colombia's Judiciary, Financial, Public, and Law Enforcement Entities (BlackBerry) The threat group APT-C-36, also known as Blind Eagle, has been actively targeting organizations in Colombia and Ecuador, including health, financial, law enforcement, immigration, and an agency in charge of peace negotiation in the country.
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia (The Hacker News) Blind Eagle, a notorious hacker group, has launched a new campaign targeting key industries in Colombia, Ecuador, Chile, and Spain.
More trouble from an APT with Colombia and Ecuador on its mind (The Record from Recorded Future News) The advanced persistent threat (APT) group known as Blind Eagle or APT-C-36 continues to phish with official-looking PDFs, researchers say.
PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks (The Hacker News) PlugX remote access trojan has been caught disguising itself as a legitimate open source Windows debugger tool called x64dbg to gain control of target
Dish hit by multiday outage after reported cyberattack (TechCrunch) Dish customers say they have been unable to access television streams or pay their bills online after a widespread outage.
DISH says ‘system issue’ affecting internal servers, phone systems (The Record from Recorded Future News) DISH said a “systems issue” with its network was affecting several services but would not confirm if it was a cyberattack.
Beware rogue 2FA apps in App Store and Google Play – don’t get hacked! (Naked Security) Even in Apple’s and Google’s “walled gardens”, there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.)
U.S. Marshals Service suffers 'major' security breach that compromises sensitive information, senior law enforcement officials say (NBC News) The incident did not involve the database involving the Witness Security Program, commonly known as the witness protection program, a source told NBC News.
'Major' data breach reported by U.S. Marshals Service; sensitive information potentially compromised (USA Today) Sensitive law enforcement information put at potential risk
U.S. Marshals Service investigating ransomware attack, data theft (BleepingComputer) The U.S. Marshals Service (USMS) is investigating the theft of sensitive law enforcement information following a ransomware attack that has impacted what it describes as "a stand-alone USMS system."
US Marshals says prisoners’ personal information taken in data breach (TechCrunch) Current and former prisoners were notified of the breach on May 1.
Hackers exploit Namecheap email system in phishing campaign (IT World Canada - Information Technology news on products, services and issues for CIOs, IT managers and network admins) Hackers gained access to the Namecheap email system and used it to send MetaMask and DHL phishing emails aimed at customers’ personal and crypto wallet information.
As MedusaLocker ransomware targets RDP, HHS urges brute force defense (SC Media) A new HHS alert warns the Russian-backed MedusaLocker ransomware group has ramped up its tactics, adding brute-force attacks to its phishing and spam email arsenal.
Victims lose $8.8k to phishing scams linked to reservations on Booking.com since start of 2023 (Stomp) Victims have lost at least $8,800 to hotel-related phishing scams since the start of 2023. Read more at stomp.straitstimes.com
LastPass: DevOps engineer hacked to steal password vault data in 2022 breach (BleepingComputer) LastPass revealed more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months.
LastPass hacked - attackers accessed data vault (Computing) A DevOps engineer at password management firm LastPass had their home computer compromised and infected with keylogging malware during last year's cyberattack, leading to the exfiltration of corporate data.
Cyberattack on Boston Union Results in $6.4M Loss (SecurityWeek) A cyberattack on the Boston-based Pipefitters Local 537 union’s health fund resulted in the loss of $6.4 million.
Encino Energy claims 'no impact' from ALPHV ransomware attack (SC Media) Major U.S. private natural gas and oil producer Encino Energy has disclosed that its operations were not impacted by a cyberattack, which it has already remediated, days after it was added by the ALPHV ransomware operation, also known as BlackCat, to its data leak site, reports The Record, a news site by cybersecurity firm Recorded Future.
Hacker leaks alleged Activision employee data on cybercrime forum (BleepingComputer) A threat actor has posted data the alleged data stolen from American game publisher Activision in December 2022 on a hacking forum, highlighting the data's value for phishing operations.
Minneapolis Public Schools still investigating what caused ‘encryption event’ (The Record from Recorded Future News) Thousands of students in Minneapolis returned to school on Monday after a ransomware attack crippled the school’s systems all of last week.
ChatGPT is down worldwide - OpenAI working on issues (BleepingComputer) ChatGPT is down, according to OpenAI and users reports. Users are currently experiencing issues worldwide, with many unable to access the AI.
CISA Adds One Known Exploited Vulnerability to Catalog (CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-36537 ZK Framework AuUploader Unspecified Vulnerability
Trends
NCC Group Monthly Threat Pulse – January 2023 (Mynewsdesk) January’s Threat Pulse sees a decrease in ransomware attacks – 38%, compared to December but still a high number recorded for January, the highest in 3 years.
Phone Attacks and MFA Bypass Drive Phishing to New Heights (Infosecurity Magazine) Proofpoint reveals surge in direct financial losses from attacks
New Survey Shows Increase in 2023 Security Budgets Following Spike in Breach Incidents - Pentera (Pentera) New industry survey conducted by Pentera finds that 88% of organizations report a breach incident in the past 2 years Boston and Tel Aviv, February 28,
The state of pentesting 2023 - Survey Report (Pentera) Pentera, the leaders in Automated Security Validation, undertook this research to understand the current state of security validation in organizations of different sizes across Europe and the USA.
2023 CrowdStrike Global Threat Report Reveals Sophisticated Adversaries Re-exploiting and Re-weaponizing Patched Vulnerabilities and Moving Beyond Ransomware (CrowdStrike) CrowdStrike today announced the release of 2023 CrowdStrike Global Threat Report – the ninth annual edition of the cybersecurity leader’s seminal report on the evolving behaviors, trends and tactics
Marketplace
Cisco to acquire startup Valtix to beef up its multicloud network security (TechCrunch) Cisco announced its intent to acquire multicloud security startup Valtix over the weekend, adding another element to its security unit.
Securonix Appoints Sanjay Singh as Chief Growth Officer (Securonix) Cloud-Native Security Analytics Leader Taps Proven Enterprise Software and Security Executive to Lead Global Go-to-Market Organization
Ballistic Ventures Appoints Expert Cybersecurity GTM Advisors (PR Newswire) Ballistic Ventures, the venture capital firm dedicated exclusively to funding and incubating entrepreneurs and innovations in cybersecurity,...
Products, Services, and Solutions
NRECA’s New Commercial Cybersecurity Solution Protects OT and IT Systems in Real Time - America's Electric Cooperatives (America's Electric Cooperatives) The National Rural Electric Cooperative Association (NRECA) today announced the commercial launch of Essence, a next generation Operations Technology (OT) and cybersecurity monitoring solution. Purpose-built to protect America’s critical infrastructure, Essence continuously monitors the operation of electric grids and other operational networks to give real-time situational awareness to owners and operators of […]
'Take It Down:' a tool for teens to remove explicit images (AP NEWS) “Once you send that photo, you can't take it back,” goes the warning to teenagers, often ignoring the reality that many teens send explicit images of themselves under duress, or without understanding the consequences.
Tanla Platforms unveils phishing protection platform Wisely ATP™ at Mobile World Congress, Barcelona 2023 (CXOToday.com) Dr. P. D. Vaghela, Chairman, TRAI, launches Wisely ATP at Mobile World Congress 2023 Wisely ATP is an end-to-end solution aimed to combat the global challeng
Palo Alto Networks Makes AI-Powered OT Security Easy to Adopt for Its 61,000+ Network Security Customers IT Voice | Online IT Media | IT Magazine (IT Voice | Online IT Media | IT Magazine) The usage and connectivity of operational technology (OT) is rapidly growing as are the number of cyberattacks on OT environments. These attacks can disrupt operations, causing damage that can reac…
Technologies, Techniques, and Standards
U.S. cyber official praises Apple security and suggests Microsoft, Twitter need to step it up (CNBC) CISA Director Jen Easterly held up Apple as a positive example of accountability and transparency for its security practices during a speech on Monday.
U.S. cyber chief warns tech companies to curb unsafe practices (CBS News) CISA Director Jen Easterly says companies like Microsoft and Twitter should face liability if they fail to protect customers from Chinese hacking.
Tech manufacturers are leaving the door open for Chinese hacking, Easterly warns (The Record from Recorded Future News) CISA Director Jen Easterly warned Monday of potentially dire consequences if technology manufacturers don't bolster security.
CISA Director Calls Out Industry Using Consumers as Cyber 'Crash Test Dummies' (Nextgov.com) The head of the Cybersecurity and Infrastructure Security Agency said technology companies need to be more proactive when it comes to promoting safety and security.
The Designed-in Dangers of Technology and What We Can Do About It (Cybersecurity and Infrastructure Security Agency) REMARKS AS PREPARED FOR DELIVERY: CISA Director Jen Easterly's Address at Carnegie Mellon University. Good morning. Thank you to President Jahanian for that warm introduction and to everyone for joining me today on this Monday morning. It’s wonderful to start the week off with this incredible community.
Threat intelligence: Why Attributing Cyber-Attacks Matters (Infosecurity Magazine) While cyber attribution has become much more challenging with the emergence of cybercrime-as-a-service, threat intelligence analysts argue it is still valuable to anticipate future attacks
Mind these five mistakes when responding to infosec threats (SC Media) Here are five common mistakes security teams make that prevent them from having the right tools and talent on staff.
Business email compromise: What you can do to prevent fraud and recover funds (Lexology) Business Email Compromise is one of the greatest cyber threats to businesses of all sizes and industries, particularly those involved in regular wire…
Design and Innovation
How ChatGPT Can Help Cyber Security Pros Beat Attacks (Security Intelligence) ChatGPT has already been proven to enable threat actors to accelerate attacks. But can it also help prevent cyber attacks?
Fighting ‘Woke AI,’ Musk Recruits Team to Develop OpenAI Rival (The Information) Elon Musk has approached artificial intelligence researchers in recent weeks about forming a new research lab to develop an alternative to ChatGPT, the high-profile chatbot made by the startup OpenAI, according to two people with direct knowledge of the effort and a third person briefed on the ...
Voice Cloning: A Blessing or a Curse for the Voice Banking Industry? (Finextra Research) Imagine being able to talk to your bank account and conduct transactions without the need for a phon...
Research and Development
How to avoid falling victim to an online scam: Research says slow down (Techexplore) Keeping up with the latest digital cons is exhausting. Fraudsters always seem to be one step ahead. But our study found there is one simple thing you can do to drastically reduce your chances of losing money to web scams: slow down.
Legislation, Policy, and Regulation
'Unacceptable level of risk': Canada bans TikTok from federal government devices (National Post) Directive comes as federal government is embroiled in questions about foreign interference by China in the 2019 and 2021 federal elections.
White House gives agencies 30 days to impose federal device TikTok ban (CNBC) The White House on Monday gave government agencies 30 days to ensure they do not have Chinese-owned app TikTok on federal devices and systems.
President Biden Signs Presidential Waiver of Statutory Requirements for Supply Chain Resil (U.S. Department of Defense) President Joe Biden signed a presidential waiver of some statutory requirements authorizing the use of the Defense Production Act to allow the Department of Defense to more aggressively build the
US National Cyber Strategy Pushes Regulation, Aggressive Hack-Back Operations (SecurityWeek) The U.S. government is set to green-light a more aggressive ‘hack-back’ approach to dealing with foreign adversaries.
Litigation, Investigation, and Law Enforcement
Los Angeles fugitive in sprawling COVID relief scam is extradited from Montenegro (Los Angeles Times) Tamara Dadyan, who fled to a resort in Montenegro to dodge more than 10 years in prison for a pandemic relief swindle, is extradited to the U.S.
"Ethical hacker" amongst those arrested in Dutch ransomware investigation (Hot for Security) Three men have been arrested by Dutch police
[https://www.
Biometric-Privacy Rulings in Illinois Expand Potential Liability for Companies (Wall Street Journal) Decisions from the state’s highest court could boost claims by workers and consumers.