Stay ahead of the game with CrowdSec, an open-source security suite that offers crowdsourced protection against malicious IPs. With its simple integration into your existing security infrastructure, you gain behavioral detection and automated remediation. Plus, you will benefit from highly actionable cyber threat intelligence with zero-false positives and a reduced volume of alerts built from a network of 170k+ machines spread over 180+ countries. Don’t fight alone, let the crowd support you. Get started with CrowdSec for free!
We’re very pleased to announce that the Retail & Hospitality ISAC Podcast has joined the CyberWire Podcast Network. Join host Luke Vander Linden for chats with members of the InfoSec community to discuss the latest challenges, opportunities, and best practices unique to cybersecurity in the retail and hospitality industry. Tune in and subscribe.
Password manager LastPass disclosed a second breach of their systems on Monday. A threat actor leveraged information from an August breach to target the home computer of a senior employee. In what the company has called a “coordinated second attack,” the company’s Amazon AWS cloud storage servers were accessed and data were stolen, Bleeping Computer wrote Monday. LastPass disclosed that the 2022 breach ended on August 12, when the threat actor “pivoted from the first incident,” the company shares, “but was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from August 12, 2022 to October 26, 2022.” Naked Security shares that the password manager notes that this second incident saw the threat actor take advantage of data made available in the first breach before the systems were reset, “to enumerate and ultimately exfiltrate data from the cloud storage resources.”
LastPass stressed in its disclosure that the data from the first attack required decryption keys that were not available to the hackers, which is why this threat actor leveraged the stolen data to target “one of the four DevOps engineers who had access to the decryption keys needed to access the cloud storage service.” The company says that the employee’s home computer was targeted via a vulnerable third-party software that allowed for remote execution and the implementation of a keylogger. The keylogger eventually gave way to the engineer’s master password, after MFA authenticated, for the corporate vault. “The threat actor then exported the native corporate vault entries and content of shared folders, which contained encrypted secure notes with access and decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups,” recounted LastPass.
The Verge reports that the company has disclosed all the classes of data accessed in both breaches and has offered a PDF with more information about last year’s incidents. It’s also issued security notes for users of Free, Premium, and Families accounts, as well as a note for business administrators. Interesting to note is LastPass’ decision to add <meta name="robots" content="noindex"> HTML tags to the support bulletins, Bleeping Computer notes, which prevents them from being indexed by search engines. For more on the LastPass breach, see CyberWire Pro.
Why are you struggling with interpreting threat intel by yourself? Engage Nisos to achieve better risk insights and outcomes. Rely on the experts with a managed service that gives you the people, process, and technology to control costs while improving your defenses. Nisos leverages automation efficiency and analyst expertise that eliminates noise, identifies risks, and prioritizes your company-specific threats. We help you respond to threats faster and more effectively through assessments, monitoring, and investigations.
Mitiga has published research looking at Google Cloud Platform (GCP), concluding that the service has a “significant forensic security deficiency in Google Cloud Storage that enables a threat actor to exfiltrate in a covert manner.” The researchers found that an attacker with access to a GCP storage bucket could steal data without leaving any obvious signs. The problem stems from the fact that GCP uses the same log description for a variety of different actions, including reading files, downloading files, copying files to an external server, or reading the metadata of a file. As a result, all of these actions will simply be logged as “storage.objects.get.”
Google commented on Mitiga's blog, and, while Google doesn't consider the scenario Mitiga describes to be a vulnerability, Google said it "appreciates Mitiga's feedback" and has worked with them to develop some recommendations for improvement. For more on Mitiga's comments on the Google Cloud Platform, see CyberWire Pro.
Other CISSP certification training providers don't have a way to determine exam readiness until a practitioner passes (or fails) their certification exam. CyberVista's online CISSP course includes predictive analytics to show who is ready, who needs more time, and where to focus training. Through diagnostic exams, custom quizzes, a mock Computer Adaptive Test (CAT) Exam, and more, employers and practitioners alike feel confident in passing their CISSP the first time with CyberVista.
GroupSense's Cyber Warfare Report, a look at the first eight months of Russia's war against Ukraine, offers a useful overview of the role hacktivist auxiliaries have played in that war. "Interestingly," the report notes, "more hacktivist groups are openly pro-Ukraine than pro-Russia. Russia tends not to report on external cyber activities, so it is not known how effective these groups have been. However, we do know that there are more pro-Ukrainian groups than pro-Russian ones." GroupSense counts forty-two hacktivist actors working in the Ukrainian interest as opposed to thirty-six acting on behalf of Russia. The most prominent Ukrainian groups have been the IT Army of Ukraine, AgainstTheWest/BlueHornet, Network Battalion ‘65, DoomSec, and GhostSec. Russian auxiliaries of note include Killnet, Zarya, NoName057(16), Beregini, and Nemezida. XakNet represents an ambiguity. The group claims to be an independent patriotic hacktivist organization, but most observers suspect that it's in fact a unit of one of Russia's intellgence services.
The auxiliaries' most typical activities have been distributed denial-of-service (DDoS) attacks, but they've also been seen engaged in doxing and various forms of influence operations. Some of them have assisted with intelligence collection, and, on the Russian side, some hacktivist auxiliaries have deployed wiper malware against Ukrainian targets. Some of the wipers appear to have been delivered by ransomware gangs, which suggest the source of some of the talent present in the Russian auxiliaries.
The CyberWire's continuing coverage of Russia's war against Ukraine may be found here.
The Verge reports that it's obtained an internal Dish email advising employees that it was “investigating a cybersecurity incident” and that Dish is “aware that certain data was extracted.” Official confirmation came from the company later yesterday, when a Form 8K filed with the US Securities and Exchange Commission (SEC) disclosed that the IT issues were indeed caused by a cyberattack. "On February 23, 2023, DISH Network Corporation (the “Corporation”) announced on its earnings call that the Corporation had experienced a network outage that affected internal servers and IT telephony," the 8K reads in part. "The Corporation immediately activated its incident response and business continuity plans designed to contain, assess and remediate the situation. The services of cyber-security experts and outside advisors were retained to assist in the evaluation of the situation. The Corporation has determined that the outage was due to a cyber-security incident and notified appropriate law enforcement authorities." The filing further identified the incident as a ransomware attack.
Dish continues to maintain the same advisory on its homepage it's displayed since the incident came to light: "We are experiencing a system issue that our teams are working hard to resolve."
MKS Instruments, a Massachusetts-based supplier of "instruments, systems, subsystems and process control solutions that measure, monitor, deliver, analyze, power and control critical parameters of advanced manufacturing processes," has filed a Form 8K with the US Securities and Exchange Commission (SEC) disclosing a ransomware attack and describing the attack's consequences. John T.C. Lee, President and Chief Executive Officer of MKS said, “We are well into the recovery phase of our manufacturing and service operations following the ransomware incident identified on February 3rd, and we expect these operations will be restored over the coming weeks. I am very thankful for our dedicated employees who have worked tirelessly to help bring interrupted systems back online. Our team is focused on making up for lost time, delivering on our commitments and meeting the needs of our customers, whose support during the past weeks we’ve greatly appreciated.”
Since the ransomware will have a material impact on the company's first quarter results, and it's still unclear what that impact will be, MKS is delaying its first quarter guidance. Nonetheless, "the Company currently estimates the impact from the incident on first quarter revenue to be at least $200 million" out of revenue expected to amount to about $1 billion.
Bravo, Bitdefender, for releasing a universal decryptor for MortalKombat ransomware. MortalKombat (the malware's only connection to the eponymous game is its threat to change victims' wallpaper to Mortal Kombat images) is a strain of ransomware related to Xorist. It was first observed in January of this year, active against victims in the US, the UK, Turkey, and the Philippines.
CISA, the US Cybersecurity and Infrastructure Security Agency, yesterday released three Industrial Control Systems (ICS) advisories. They cover:
CISA, by the way, is interested in feedback, which they invite any interested parties to submit through the agency's anonymous Product Feedback Survey.
Today's issue includes events affecting China, Denmark, Finland, France, Germany, NATO/OTAN, the Philippines, Poland, Russia, Turkey, Ukraine, the United Kingdom, and the United States.
Ukraine at D+370: Swapping drone strikes. (CyberWire) Russia and Ukraine exchange drone strikes and hacktivist action.
Russia-Ukraine war live: Ukraine says no decision yet to withdraw from Bakhmut as Wagner says it faces ‘furious resistance’ (the Guardian) Bloody battle over key eastern stronghold as Wagner says Ukraine is committing thousands of troops in face of ‘relentless’ Russian offensive
Russia-Ukraine war: List of key events, day 370 (Al Jazeera) As the Russia-Ukraine war enters its 370th day, we take a look at the main developments.
As Russian forces bear down on Bakhmut, Ukraine admits situation there is 'more and more difficult' (CNBC) Officials in Kyiv have conceded that the situation is rapidly deteriorating around Bakhmut, a besieged city in eastern Ukraine.
Drones fly deep inside Russia; Putin orders border tightened (AP NEWS) Drones that the Kremlin said were launched by Ukraine flew deep inside Russian territory, including one that got within 100 kilometers (60 miles) of Moscow, signaling breaches in Russian defenses as President Vladimir Putin ordered stepped-up protection at the border.
Russia on alert after flurry of drone sightings (Washington Post) A flurry of drone sightings in western Russia, including in the Moscow region about 60 miles southeast of the capital, put authorities in the country on high alert for an attack on Tuesday.
Russia says military drone attempted to strike gas facility near Moscow (the Guardian) Wreckage suggests UAV was Ukrainian-made, marking rare attempted strike hundreds of miles behind Russian lines
Ukraine’s drone whisperers: What the weapons are telling us (The Record from Recorded Future News) Russia has deployed the Iranian-built Shahed drone to wreak havoc on Ukraine’s infrastructure. We speak to a man who is a kind of drone whisperer. After years of taking these Shahed drones apart, he says if you listen, they have amazing stories to tell.
Belarus president and firm Russia ally Lukashenko to visit China (Al Jazeera) Belarusian President Alexander Lukashenko’s visit to Beijing comes as China’s relations with the US have plummeted.
Russia’s invasion one year on: Ukraine is stronger than ever (Atlantic Council) Vladimir Putin expected a short and victorious war that would extinguish Ukrainian independence and force the country back into the Russian orbit. One year on, Ukraine has never been stronger, writes Vitaly Sych.
Russia’s Weakness and Ukraine’s Strength Were Hiding in Plain Sight (World Politics Review) A focus on corruption led Western governments to underestimate Ukraine’s resilience ahead of Russia’s war.
NCOs Key to Ukrainian Military Successes Against Russia (U.S. Department of Defense) Since 2014, the United States has sent Ukraine more than $32.4 billion in security assistance, and while the transfer of equipment is important in Ukraine's defense, the training aspect of this aid
Tech innovation helps Ukraine even the odds against Russia’s military might (Atlantic Council) Over the past year, Ukrainians have demonstrated their ability to defeat Russia using a combination of raw courage and innovative military tech, writes Ukraine's Digital Transformation Minister Mykhailo Fedorov.
Blinken: Zelensky Is Right to Demand That the U.S. ‘Do Even More and Do It Even Faster’ (The Atlantic) The Atlantic’s editor in chief, Jeffrey Goldberg, in conversation with Secretary of State Antony Blinken
Biden says he is ruling out giving Ukraine F-16s ‘for now’ (The Virginian-Pilot) President Joe Biden said he is ruling out Ukraine’s request for F-16 fighter jets at this time, despite increased pressure from Ukrainian President Volodymyr Zelenskyy.
F-16s Not Timely or Affordable for Ukraine, DOD Policy Chief Says (Air & Space Forces Magazine) U.S. believes F-16s are too costly a system to provide, especially considering how long it would take before Ukraine could use the aircraft.
Give Ukraine What It Wants (Foreign Affairs) Russia shouldn’t get to veto Western military aid.
Defense Officials: U.S. Ensures Accountability of Systems Supplied to Ukraine (U.S. Department of Defense) Even as the U.S. focuses on getting Ukraine what it needs, it has always prioritized accountability and Ukraine has too, the undersecretary of defense for policy told a House panel.
No evidence of Ukraine aid falling into wrong hands, Pentagon officials say (Stars and Stripes) The Pentagon has found no evidence that U.S. military aid earmarked for Ukraine has been diverted for unauthorized uses, defense officials told House lawmakers Tuesday to allay congressional fears that weapons could be falling into the wrong hands.
They’re lobbying for Ukraine pro bono – and making millions from arms firms (the Guardian) Some of Washington’s most powerful lobbyists are providing their services to Ukraine for free, but they also have financial incentives for aiding the country
Scrounging for Tanks for Ukraine, Europe’s Armies Come Up Short (New York Times) The struggle to deliver on promises to provide Leopard 2 tanks for use against Russian forces has exposed just how unprepared European militaries are.
Russia turning to N. Korea, Iran for more weapons ahead of spring offensive, NATO head warns (Breaking Defense) Iran has consistently supplied Russia with Shahed-136 loitering munitions for strike missions but a recent UK intelligence update indicated that there have not been any reports of “one way attack” UAV’s being used in Ukraine since February 15.
U.S. Officials Urge China Not to Ship Arms to Russia (U.S. Department of Defense) U.S. government officials are doing all they can to discourage China from supplying Russia with arms that could be used to subjugate Ukraine, Pentagon Press Secretary Air Force Brig. Gen. Pat Ryder
For Xi and China, Putin’s War Is a Geopolitical Minefield (World Politics Review) A year since the start of Russia’s war in Ukraine, Xi Jinping is realizing China may no longer be able to sit on the sidelines.
Finland starts building fence on Russian border as MPs prepare to vote on Nato bid (the Guardian) Construction begins on fence along part of 1,340km boundary amid fears Moscow could weaponise mass migration against Helsinki
Denmark scraps public holiday to boost defence budget (BBC News) The extra day of work will provide an additional $400m to the economy.
Calls mount for Russia to face tribunal for aggression against Ukraine (Atlantic Council) As Putin's full-scale invasion of Ukraine enters its second year, calls are mounting for the establishment of a special tribunal to try the Russian leadership for the crime of aggression against Ukraine, writes Irina Paliashvili.
Putin secretly living in golden palace he shares with gymnast lover (The Telegraph) Details of the opulent, heavily-guarded estate on Lake Valdai exposed by unnamed whistleblower who says the Russian leader ‘must be stopped’
The West Can Help Ukraine Keep the Moral High Ground on Human Rights (World Politics Review) Ukraine’s allies can help ensure Kyiv avoids committing human rights abuses in resisting Russia’s illegal war.
China spends billions on pro-Russia disinformation, US special envoy says (the Guardian) Beijing propaganda includes messaging aligned with Moscow on Ukraine war, says James Rubin
The Cyber Warfare Report (GroupSense) A look at the first eight months of cyber warfare waged against Ukraine.
Cyber attacks against Ukraine shift to NATO countries (Technology Decisions) New data from Check Point Research shows that cyber warfare has escalated in line with the Russia–Ukraine war.
The Ukrainian Army Is Leveraging Online Influencers. Can the U.S. Military? (War on the Rocks) On May 11, 2022, the Ukrainian Ministry of Defense Twitter account highlighted the results of a deadly artillery assault on a failed Russian pontoon
A parallel terrain: Public-private defense of the Ukrainian information environment (Atlantic Council) The report analyzes Russia’s continuous assaults against the Ukrainian information environment, and examines how Russian offensives and Ukrainian defense both move through this largely privately owned and operated environment. The report highlights key questions that must emerge around the growing role that private companies play in conflict.
Poland Blames Russia for Cyberattack on Central Tax Website (Bloomberg) Poland’s top cybersecurity official blamed Russia for an attack that disrupted the work of a government tax website.
Startups in Ukraine Face Slumping Markets, Recession Fears and Missiles (Wall Street Journal) A year of war has taken a heavy toll on Ukraine’s once-thriving emerging technology sector, with some startup founders and their teams fleeing to safety abroad. Others stayed put and worked without electricity or reliable internet connections—at times holding Zoom calls with investors by candlelight as air raid sirens blared in the background.
Blackfly: Espionage Group Targets Materials Technology (Symantec) Group targets multiple subsidiaries of single Asian conglomerate.
China Is Relentlessly Hacking Its Neighbors (WIRED) New details reveal that Beijing-backed hackers targeted the Association of Southeast Asian Nations, adding to a string of attacks in the region.
Beware of False Positive CVEs | JFrog Xray Contextual Analysis (JFrog) JFrog Xray’s Contextual Analysis feature discovers that only 16% of flagged critical CVEs in WebGoat training app pose a risk. Learn why >
Dish CEO says data was stolen in cyberattack that’s kept systems down for days (The Verge) “Certain data was extracted.”
Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service (NPR) The federal agency has revealed that it was the victim of a ransomware attack last week in which hackers stole sensitive data.
Incident 2 – Additional details of the attack (LastPass Support) Despite high confidence in the outcomes of our investigation and actions taken in response to the first incident, the threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack.
LastPass Says DevOps Engineer Home Computer Hacked (SecurityWeek) LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack.
LastPass: Keylogger on home PC led to cracked corporate password vault (Naked Security) Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn’t say which one!) on a developer’s home computer.
LastPass data was stolen by hacking an employee’s home computer (The Verge) Attackers accessed customer vault data via the company’s cloud storage.
LastPass says employee’s home computer was hacked and corporate vault taken (Ars Technica) Already smarting from a breach that stole customer vaults, LastPass has more bad news.
LastPass is in Big Trouble (Gizmodo) The embattled password manager has revealed additional security troubles that resulted from a data breach last summer.
LastPass: DevOps engineer hacked to steal password vault data in 2022 breach (BleepingComputer) LastPass revealed more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months.
The LastPass security breach is still going from bad to worse (Cybersecurity Connect) Password security company LastPass is having a very bad, no-good time when it comes to its ongoing security issues. We reported last month how a breach in August 2022 led to threat actors gaining access to internal data vaults and exfiltrating a large amount of user data, but things continue to get worse for the company.
Mitiga Security Advisory: Insufficient Forensic Visibility in GCP Storage (Mitiga) As part of Mitiga’s continuous research into cloud attacks and forensics, we have been examining potential data exfiltration techniques in GCP (Google Cloud Platform) and how to identify and investigate them. During this research, we discovered a significant forensic security deficiency in Google Cloud Storage that enables a threat actor to exfiltrate in a covert manner.
Google Cloud Platform Exfiltration: A Threat Hunting Guide (Mitiga) If you’re wondering if the cloud era is here, you need only look at the latest stats. 67% of enterprise infrastructure is now cloud-based and 94% of enterprises use cloud services.1 It’s no wonder that public clouds like Google Cloud Platform (GCP) have become a new playground for threat actors. There is a lot to exploit.
Fake ROBLOX and Nintendo game cracks drop ChromeLoader malware (HackRead) What’s worse, in the new campaign, ChromeLoader malware evades detection by security software.
cracked versions of these cult games steal your data (Gearrice) As we know, “cracked” software and video games are often full of viruses and other malware. Researchers from the Ahnlab Security Emergency Response Center
Twitter is down with users seeing "Welcome to Twitter" screen (BleepingComputer) When attempting to access Twitter's website, users see "Welcome to Twitter!" on the timeline. The alert, typically used for new signups, says, "Twitter is the best place to see what's happening in your world", with a Let's go button that lets you follow some people and topics.
Dish Network confirms ransomware attack behind multi-day outage (BleepingComputer) Satellite broadcast provider and TV giant Dish Network has finally confirmed that a ransomware attack was the cause of a multi-day network and service outage that started on Friday.
DISH tells SEC that ransomware attack caused outages; personal info may have been stolen (The Record from Recorded Future News) Satellite broadcast giant DISH told the SEC that a ransomware attack is what caused the “system issues” that occurred over the weekend.
Gamers are fixing a video game ‘taken over’ by hackers (TechCrunch) Hackers are targeting Activision's first person shooter Black Ops III exploiting significant vulnerabilities. These two gamers are fighting back.
Safety Net: Anatomy of a cyberattack — How a 'Russian Mafia group' took Saint John hostage (Financial Post) In 2020, Russian hackers took the City of Saint John, New Brunswick hostage, demanding a $17-billion bitcoin ransom. Read what happened.
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022 (KrebsOnSecurity) Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access…
Snatch ransom gang claims Ingenico scalp, says analyst (Cybernews) A Russian-linked ransomware gang claims it has stolen privileged data from the major payment processing company, whose services are widely used in Germany and France.
Dormant accounts are a low-hanging fruit for attackers (Help Net Security) Dormant accounts are the lowest hanging fruit for attackers, and yet represent 24.15% of all accounts for an average enterprise.
Cyber crime: That customer care number may be a phishing link (The Times of India) Most of us have turned to Google while searching for the customer care number of a company and dialled the first number we spot. If you do this, STOP.
Romance as part of ruse, delivery service users as target: What happens in some scams, signs to look out for (CNA) Victims in crypto romance scams tend to be male and many of them are highly educated, said one cybersecurity expert.
February 27 CISA KEV Breakdown | ZK Framework (Nucleus Security) In this Breakdown, Nucleus experts explore the one vulnerability added to the KEV on February 27, 2023
CISA Releases Three Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released three Industrial Control Systems (ICS) advisories on February 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Apple Users Need to Update iOS Now to Patch Serious Flaws (WIRED) Plus: Microsoft fixes several zero-day bugs, Google patches Chrome and Android, Mozilla rids Firefox of a full-screen vulnerability, and more.
Google rolls out client-side encryption for Gmail and Calendar (Computing) Meanwhile, Tutanota vows it will not weaken its email encryption for the UK
Introducing the Inaugural Hacker’s Yearbook (SafeBreach) Get an overview of the most impactful security trends and cyberattacks of 2022, with key insights to help you prepare for the security challenges of 2023.
Rapid7's 2022 Vulnerability Intelligence Report released (Rapid7) New Rapid7 analysis of security vulnerability trends shows an 87% increase in first-week exploitation since 2020
Tenable 2022 Threat Landscape Report (Tenable®) In this year’s edition of the Threat Landscape Report, Tenable analyzes the major vulnerabilities and security incidents that marked 2022.
2023 SonicWall Cyber Threat Report (SonicWall) The 2023 SonicWall Cyber Threat Report explores attack data, trends and events across the cyber threat landscape. Download the free report.
Covert cyberattacks on the rise as attackers shift tactics for maximum impact (Help Net Security) While organizations face an increasing number of real-world obstacles with economic pressures, threat actors are shifting attack strategies.
2023 State of the Phish (Proofpoint) Every year, threat actors look for new tactics to outwit victims and bypass defenses. And 2022 was no different. As businesses rolled out new security controls, cyber criminals found new, sophisticated ways to attack people.
DoControl's 2023 SaaS Security Threat Landscape Report Finds 50% of Enterprises and 75% of Mid-Market Organizations Have Exposed Public SaaS Assets (PR Newswire) DoControl, the automated Software-as-a-Service (SaaS) security company, today released its 2023 SaaS Security Threat Landscape Report, which...
trackd Secures $3.35MM Seed Funding to Bring Its Novel Approach to Vulnerability Remediation to the Enterprise Security Market (GlobeNewswire News Room) Patent-Pending Platform Is First Ever to Leverage Collective Patching Experience to Automate Vulnerability Fixes...
Money Moves: Sublime raises $9.8M to build out email security platform (Technical.ly) Plus, $2.6 million for Tunnl, CACI International tries to regain $250 million of common stock and more.
HUB Cyber Security Ltd, a Developer of Confidential Computing Cybersecurity Solutions and Services, Successfully Closes Its Business Combination with Mount Rainier Acquisition Corp. (GlobeNewswire News Room) HUB shares to commence trading on the Nasdaq Global Market under the ticker “HUBC” on March 1, 2023...
Cherokee Federal Expands Cybersecurity and Information Technology Services, Acquires Criterion Systems (Business Wire) Cherokee Federal Expands CybersCherokee Federal is proud to build upon years of record-breaking growth across its government contracting businesses by acquiring Criterion Systems, a leading cybersecurity and IT services company headquartered outside Washington, D.C.
Cyren enters insolvency after laying off entire workforce (CTech) The company’s accumulated deficit as of September 2022 reached approximately $296 million. Until recently, the Israeli parent company employed 49 people, but at the beginning of the month most of the employees were laid off
Syniti Continues to Deliver for Global Clients with Strong 2022 Results (PR Newswire) Syniti, a global leader in enterprise data management, announced today its financial and company highlights for the fourth quarter and fiscal...
High Wire Networks Renews $9 Million Credit Facility Under More Favorable Terms (GlobeNewswire News Room) High Wire Networks, Inc. (OTCQB: HWNI), a leading global provider of managed cybersecurity and IT enablement services, has renewed and expanded its existing $5 million credit facility to $9 million and secured more favorable terms.
Delinea Completes Milestone-Filled Year Highlighted by New Brand Debut and Continued Growth (PR Newswire) Delinea, a leading provider of privileged access management (PAM) solutions for seamless security, today announced the close of its fiscal...
Aravo Achieves Strong Customer Growth and Continued Leadership in Third-Party Risk Management (GlobeNewswire News Room) Company Momentum Includes New ESG Apps, TPRM Platform Innovations and Expanded Partnerships...
Beyond Identity Achieves Record Growth and Momentum in 2022, Tripling Revenue, Achieving FIDO2 Certification and Attaining New Strategic Partnerships (Beyond Identity) The pioneer of passwordless, phishing-resistant MFA expands industry, remains poised for strong 2023
Kasten by Veeam Reports Near Triple Digit Growth as Kubernetes Momentum Continues (Business Wire) The #1 Kubernetes backup leader continues rapid growth as industry demand accelerates, strong Q4 drives momentum into 2023 to support increased Kubernetes deployments
Mezmo Ranks #53 on Inc. Magazine’s List of Fastest-Growing Companies in the Pacific Region (GlobeNewswire News Room) Company attributes 360% revenue growth to demand for solutions that make telemetry data consumable and actionable...
OTORIO and Compugen Sign Global Partnership to Enhance Security for OT Operations (PR Newswire) OTORIO, the leading provider of operational technology (OT) cyber and digital risk management solutions, and Compugen, one of Canada's largest...
Castellum, Inc. Announces Record Annual Results (GlobeNewswire News Room) Castellum, Inc. (NYSE-American: CTM), a cybersecurity, electronic warfare, data analytics, software,...
Exabeam Announces Winners of Third Annual ‘Partner of the Year’ Awards (Exabeam) Winners span the Americas, Asia Pacific, Europe, Middle East, Africa, and Latin America FOSTER CITY, Calif, Feb. 28, 2023 – Exabeam, a global cybersecurity leader and creator of New-Scale SIEM™ for advancing security operations, today revealed the winners of its third annual Partner of the Year Awards during the Exabeam Virtual Partner Awards Ceremony held on... Read more »
Israel’s Tech Industry Rebels Against Netanyahu’s Judicial Overhaul (Wall Street Journal) Companies fear the planned changes will lead to a rollback of civil rights and scare away investment and talent, while the prime minister says concerns are overblown.
GreenPages Establishes New Corporate Headquarters in Portsmouth, NH to Support Expanding Employee Base and Increased Demand for Its Cloud and Cybersecurity Services (GlobeNewswire News Room) Company Returns to Portsmouth After 25 Years in Kittery, Maine; Will Continue to Offer Employees a Hybrid Work Environment in new Facility Located at Pease...
Women in CyberSecurity Announces 2023 Offering of Mentor/Mentee Program (PR Newswire) Women in CyberSecurity (WiCyS), the nonprofit organization dedicated to the recruitment, retention and advancement of women in cybersecurity,...
Checkmarx Appoints Sandeep Johri as CEO; Co-founder and CEO Emmanuel Benzaquen Continues to Serve on the Board of Directors (PR Newswire) Checkmarx, the global leader in application security solutions, announced today that technology executive Sandeep Johri will succeed co-founder...
Axiad Names Jon Skoglund Chief Financial Officer (Axiad) Company Strengthens Management Team as it Scales for Continued Strategic Growth Santa Clara, CA —...
Syxsense Names Mary Yang as Chief Marketing Officer (Syxsense Inc) Mary has been at the forefront of marketing communications across the cybersecurity space for nearly a decade.
Marcus Hutchins Joins Cybrary to Advance Cybersecurity Upskilling and Expand the Global Talent Pool (Business Wire) Leader in Cybersecurity Training and Upskilling Names Hutchins as Inaugural Cybrary Fellow.
INSA Selects CACI’s Todd Probert to Board of Directors (Hstoday) The Intelligence and National Security Alliance (INSA) has named Todd Probert, CACI International Inc President of National Security and Innovative Solutions, to its Board of Directors. The Intelligence and National Security Alliance (INSA) has named Todd Probert, CACI International Inc President of National Security and Innovative Solutions, to its Board of Directors.
Darren Spruell Appointed Chief Intelligence Officer at File Detection and Response Industry Leader, InQuest (Business Wire) InQuest, a leading provider of File Detection and Response solutions focused on protecting the end-user, recently announced the appointment of Darren Spruell as its Chief Intelligence Officer. A seasoned information security professional, Darren brings an array of technical skills bolstered by intense curiosity and a passion for continual mastery.
David Holtzman, former IBM Chief Scientist and global DNS System Designer joins Naoris Protocol, as Chief Strategy Officer, in the run up to launch. (Disruption Banking) Naoris Protocol, the world's first decentralised cybersecurity firm, is proud to announce the appointment of David Holtzman as Chief of Strategy, in the run-up to launching products in Web 2 and Web 2 in 2023.
Sekura Mobile Intelligence Announces New Regional CEO For Africa (PR Fire) Sekura Mobile Intelligence is excited to announce the appointment of Lawrence Twigg as our new Regional CEO, Sub-Saharan South Africa.
Guardsquare Names Technology Veteran Kimberly Wood as Chief Information Officer (Guardsquare) Guardsquare Names Technology Veteran Kimberly Wood as Chief Information Officer. Former Catapult Executive to Lead Company’s IT and Security Teams in Support of its Accelerated Growth and Momentum.
Deepwatch Adds New Board Member Tracey Newell (Business Wire) Cybersecurity Industry Executive to Complement Strong Growth
Paperclip Inc. Names New Head of Marketing (GlobeNewswire News Room) Paperclip taps cybersecurity marketing veteran Megan Brandow to support new searchable encryption solution: SAFE®...
NEW Veeam Backup for Microsoft 365 v7 Delivers the Most Advanced Protection Against Cyber Attacks and Outages (Business Wire) Veeam® Software, the leader in Modern Data Protection, today released NEW Veeam Backup for Microsoft 365 v7, the #1 backup and recovery solution for Microsoft 365 including Microsoft Exchange Online, SharePoint Online, OneDrive for Business and Microsoft Teams.
Immutability out-of-the-box solved for Mirazon and their customers (Object First) “We were eager to have a first-hand look at Object First—the first solution specifically launching in support of Veeam’s promise of immutability. It was exciting for Mirazon to incorporate a product that would provide customers with a well-rounded solution – all in one.”
CyberMaxx and CipherTechs Join Forces to Better Help Customers Stay Ahead of Today’s Evolving Threat Landscape (CyberMaxx) Stay ahead of evolving cyber threats with CyberMaxx and CipherTechs. Learn how this partnership provides advanced cybersecurity solutions for customers.
Sift Accelerates into 2023 with Global Data Network Processing More Than One Trillion (1T) Events per Year (GlobeNewswire News Room) Digital Trust & Safety Leader’s Growing Data Consortium, Product Innovations Provide Online Businesses with Complete Platform to Protect Against Fraud...
SecurityScorecard Added to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Products List (CDM APL) (Business Wire) SecurityScorecard’s Attack Surface Intelligence Solution Now Available to Federal Agencies Looking to Enhance Threat Monitoring and Detection
Cyolo Introduces Enhanced Partner Program “Cyolo Connected,” Delivering True Zero-Trust Access (Cyolo) Cyolo announced today the expansion of its custom partner program, providing extensive support to accelerate adoption of zero-trust access.
Kroll Launches Cyber Partner Program Delivering Lifetime Returns (Kroll) Kroll, today announced the Kroll Cyber Partner Program which will offer lifetime returns to partners on its extensive suite of cybersecurity solutions. Read more.
Appdome Announces the Industry's First Mobile XDR for Consumer Brands Globally (PR Newswire) Appdome, the mobile app economy's one and only Cyber Defense Automation platform, today released its next generation ThreatScope™ product,...
Radiant Logic Announces Industry-First Identity Data Intelligence Innovation to Improve Decision-Making (Business Wire) New Capabilities Include: Identity Observability, Management and Visibility, SaaS Deployment, Enhanced APIs and Low-Code/No-Code Identity Data Integration
Versa Networks Awarded TMCnet Zero Trust Security Excellence Award for its Industry-Leading SASE Solution (Business Wire) Versa SASE Honored as the Only Complete Unified SASE Offering Tightly Integrating Zero Trust Network Access with Secure SD-WAN, Secure Web Gateway, Cloud Access Security Broker, and Network Firewalling
Earthling Security Enables Finvi to Achieve FedRAMP P-ATO (GlobeNewswire News Room) Earthling Security, LLC is proud to announce that, by partnering with the Finvi (Formerly Ontario Systems)...
Everlaw Achieves StateRAMP Authorization to Standardize Cloud Security for State and Local Government Agencies (PR Newswire) Everlaw, the cloud-native investigation and litigation platform, has achieved StateRAMP authorization. With this authorization, state and local...
Orca Security Launches Full Cloud Data Security Posture Management (DSPM) on Industry’s Most Comprehensive Cloud Security Platform (Orca Security) Expanded data discovery and management capabilities now allow organizations to further protect sensitive data across multi-cloud estates and comply with data privacy regulations without requiring additional tools PORTLAND, Ore. – February 28, 2023 – Orca Security, the pioneer of agentless cloud security, today announced the launch of new comprehensive Data Security Posture Management (DSPM) capabilities […]
Xcitium Announces Partnership with TD SYNNEX to Deliver Patented ZeroDwell Containment Endpoint Technology to 150,000+ North American Customers (GlobeNewswire News Room) Xcitium, formerly known as Comodo Security Solutions, today announced a partnership with TD SYNNEX...
ThreatHunter.ai Launches "More Eyes" Program to Help Large Organizations Mitigate Cyber Threats (PR Newswire) ThreatHunter.ai, a leading provider of AI-driven threat hunting solutions, has announced the launch of its new program, "More Eyes," which is...
Forescout Addresses Modern SecOps Challenges with Launch of Forescout XDR (Business Wire) New eXtended Detection and Response Solution is 450X more efficient than typical SOCs at converting telemetry and logs into actionable alerts
Mirazon Chooses Object First To Protect Customers Against Ransomware Attacks With Out-of-the-Box Immutable Backup Storage (Business Wire) Object First eliminates the risk of malicious encryption, offering flexibility and scalability of the cloud without bandwidth limitations and unpredictable costs
Fastly Launches Managed Security Service to Protect Enterprises from Rising Web Application Attacks (Business Wire) Fastly, Inc. (NYSE: FSLY), the world’s fastest global edge cloud platform, today launched Fastly Managed Security Service, a premier 24/7 threat detection and response service dedicated to helping organizations significantly reduce the risk of web application attacks and associated business costs due to lost transactions.
Bitdefender Releases Decryptor for MortalKombat Ransomware (Bitdefender Labs) A new decryptor for the MortalKombat ransomware is now available for download.
Victims of MortalKombat ransomware can now decrypt their locked files for free (The Record from Recorded Future News) Bitdefender released a universal decryptor for the MortalKombat ransomware – a strain first observed by threat researchers in January 2023.
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.
CISA red-teamed a 'large critical infrastructure organization' and didn't get caught (The Record from Recorded Future News) CISA is reporting what it learned when its hackers were invited to break into a critical infrastructure organization's network.
Defense Cyber Leaders Want More Bandwidth, Less Latency (Government CIO) On the anniversary of Russia invading Ukraine, military tech leaders are focused on improving communication between the sister services and allied partners without sacrificing cybersecurity.
CISA: Hold software makers liable for selling insecure tech (Register) Who apart from Microsoft is happy with the ship now, oh just fix it later approach?
Elliptic Curve Cryptography Considerations for Securing Automation and SCADA Systems (MDPI) Securing critical infrastructures and manufacturing plants in the Industrial-Internet-Of-Things and Industry 4.0 is a challenge today due to the increased number of attacks against automation and SCADA systems.
Rethinking EDR: Why It Isn’t A Comprehensive Cybersecurity Solution (Best Endpoint Protection Security (EPP) Tools, Software, Solutions & Vendors) Tom Bienkowski of NETSCOUT breaks down why EDR isn't the "end-all-be-all" solution, and why you should consider pairing it with an NDR.
Budweiser Maker Simplifies How It Assesses Privacy and Cyber Risks (Wall Street Journal) AB InBev’s new dashboard helps tech and legal teams tackle threats and relay the information to executives and board members in an easy-to-understand format
Hackers could try to take over a military aircraft; can a cyber shuffle stop them? Sandia, Purdue team up to test cyberdefense against an algorithm trained to break it (ScienceDaily) A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military jet, commercial airliner or spacecraft, according to new research.
Why Do A.I. Chatbots Tell Lies and Act Weird? Look in the Mirror. (New York Times) One of the pioneers of artificial intelligence argues that chatbots are often prodded into producing strange results by the people who are using them.
Prevention, recovery and resilience: The blueprint for school cyber security | FE News (FE News) Today, it is not a question of “if” but “when” we fall victim to cyber criminals, and the same is true for schools as over three-quarters reported an incident in 2022. The extent to which schools become victims lies in prevention, response and resilience strategies to accommodate the unique risk profile they face.
Resurging internet shutdowns in 2022: weapons of control, shields of impunity (Access Now) Access Now's new report, "Weapons of control, shields of impunity: Internet shutdowns in 2022," unpacks the global resurgence of internet shutdowns.
Council Post: Nation-State Cyberattacks Have No Norms, And We Should Be Concerned (Forbes) It's about causing a set of risk-gain calculations for adversaries that might prevent them from accidentally escalating a conflict.
We must treat cyber wars the same as we treat conventional military encounters (The Hill) Pictures and videos emanating from Ukraine show the widespread destruction wrought by Russian troops during a year-long war that continuously generates news coverage. But there is another side to
China clamps down on companies shifting personal data beyond its borders (Cybersecurity Connect) The Cyberspace Administration of China has announced new regulations governing the movement of personal data across its international borders.
The Biden-Harris Administration’s National Cybersecurity Strategy (CSIS Events) Join the CSIS Strategic Technologies Program for an event on the Biden-Harris Administration's National Cybersecurity Strategy.
CYBERCOM: Ongoing war in Ukraine informed Biden's new cyber strategy (Inside Defense) A top U.S. Cyber Command official today said the Biden administration's forthcoming national cybersecurity strategy will increase cooperation with new allies as CYBERCOM monitors malign activity from Russia and China.
Biden's cyber promises, two years later (Washington Post) Biden gets mostly positive marks on living up to his campaign cyber pledges
Top Biden officials warn about pending lapse of spy law (Washington Post) Politicians from the left and right are taking aim at Section 702 — a law whose expiration the administration contends would dramatically harm intelligence collection on China, Russia, North Korea and Iran
Senior DOJ official warns lapse of surveillance law would harm cyber investigations (The Record from Recorded Future News) Assistant Attorney General Matthew Olsen joined the White House in urging Congress to renew a controversial internet surveillance program.
TikTok Ban Debated by House Lawmakers (Wall Street Journal) A House panel is considering a bill to ban the Chinese-owned app but postponed taking a vote on the measure.
Danish parliament urges to remove TikTok over cybersecurity (AP NEWS) The Danish parliament on Tuesday urged lawmakers and employees with the 179-member assembly against having TikTok on work phones as a cybersecurity measure, saying “there is a risk of espionage.”
Australia has not received advice to ban TikTok from govt devices -Treasurer (Reuters) Australia has not received advice from its security agencies to follow the example of the United States, the European Parliament and Canada to ban Chinese video-sharing app TikTok from government devices, Treasurer Jim Chalmers said on Wednesday.
Lawmakers Seek More Information on Biden, Trump Classified Documents Following Briefing (Wall Street Journal) A briefing was given to the Democratic and Republican leaders of the Senate and House, and of those two chambers’ Intelligence Committees.
YouTube breached child protection laws, suit claims (Compting) A British man has made the first ever complaint against a Big Tech firm under the Children's Code, a 2021 law that requires companies to take the best interests of child users into account.
LR district seeks cyberattack guidance (Arkansas Online) The Little Rock School District is continuing to seek an attorney general’s opinion on the legality of holding private school board meetings when reacting to a cyber- or ransomware attack on a district’s electronic information systems.
Close Ally of FTX Founder Sam Bankman-Fried Pleads Guilty to Fraud (Wall Street Journal) FTX’s co-founder and former director of engineering agreed to cooperate against his former boss, Sam Bankman-Fried, making him the third person in the FTX founder’s orbit to do so.
CJEU Clarifies Whether Data Protection Officers Can Perform Other Roles or Be Dismissed (cyber/data/privacy insights) On February 9, 2023, the Court of Justice of the European Union ruled in two decisions (C-453/21 and C-560/21) that a data protection officer (DPO) may have other duties within their role if there is not a conflict of interest. The CJEU also found that national provisions that allow for the dismissa
For a complete running list of events, please visit the Event Tracker.
Loyola Blakefield Cyber Challenge 2023 (Towson, Maryland, USA, Mar 25, 2023) The sixth annual Loyola Blakefield Cyber Challenge is an exciting event for all participants, new and experienced. It will take place on March 25, 2023, between 9 am and 3 pm, with awards given out at the end. The competition is created by students at Loyola Blakefield High School for students across the nation. Participants will be tasked with solving challenges on a wide variety of topics, all pertinent to real-life cyber threats prevalent in today’s society. Whether this is your first introduction into the world of cyber security, or you’ve mastered many skills in the field, this competition is open to you.
SecureWorld Charlotte (Charlotte, North Carolina, USA, Mar 2, 2023) Join your regional cybersecurity community for high-quality, affordable training and collaboration. Earn 6-12 CPE credits through 15+ educational elements learning from local and nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with peers in InfoSec.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Mar 13 - 17, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
Security & Policing (Farnborough, England, UK, Mar 14 - 16, 2023) Security & Policing, the official Government global security event, returns to the Farnborough International Exhibition and Conference Centre between 14-16 March 2023. Hosted by the Home Office’s Joint Security & Resilience Centre (JSaRC), Security & Policing offers a world‐class opportunity to meet and discuss the latest advances in delivering national security and resilience with leading UK suppliers, UK and overseas Government officials and senior decision makers across the law enforcement and security sectors. There is no general admittance to Security & Policing and all visitors and exhibitors are subject to Home Office approval.
GISEC Global (Dubai, UAE, Mar 14 - 16, 2023) With the ever-changing global landscape, it is increasingly essential to strengthen cybersecurity across industries. GISEC Global offers a platform for key industry leaders and names to come together in order to stay ahead of potential threats, discover innovative strategies and remain secure from major disruptions.
SINET– Silicon Valley 2023 (Mountain View, California, USA, Mar 16, 2023) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.
