Dateline
Ukraine at D+372: Disinformation about war crimes. (CyberWire) The Wagner Group calls upon Ukraine to surrender Bakhmut, and Russia's UN ambassador offers the Kremlin's perspective on war crimes and crimes against peace (short version--Russia's responsible for neither).
Russia-Ukraine war: List of key events, day 373 (Al Jazeera) As the Russia-Ukraine war enters its 373rd day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 373 of the invasion (the Guardian) Prigozhin publishes video which appears to show Wagner fighters have nearly taken Bakhmut; Belarus sentences Nobel peace prize-winning dissident Ales Bialiatski to ten years in prison
Bakhmut burning: fires everywhere as Russians close in on city’s capture (the Guardian) Situation for Bakhmut’s defenders now almost untenable as seven-month assault may be nearing end
Occupied, liberated … occupied again? Ukrainian city fears another takeover (the Guardian) Russian forces were driven out of Kupiansk in September, but strikes have escalated in the past two weeks
Kremlin accuses Ukraine of violent attack in western Russia (Washington Post) The Kremlin on Thursday blamed Ukraine for an attack in two villages in the Bryansk region of western Russia, in which President Vladimir Putin said assailants had “opened fire on civilians” and the Bryansk governor said two people were killed and hostages were taken.
Pentagon again denies helping Ukraine attack targets inside Russia (Military Times) Moscow is accusing Ukraine of launching attacks inside Russia with U.S. help
US to announce new military aid package for Ukraine on Friday (Reuters) The United States will announce a new military aid package for Ukraine on Friday, worth roughly $400 million and comprised mainly of ammunition, two officials and a person familiar with the package said.
Germany’s Scholz Visits Washington Amid Worries Over Ukraine ‘End Game’ (New York Times) Chancellor Olaf Scholz arrives Friday for a quiet working visit with President Biden, sparking speculation that they will discuss tough questions on how to end the war.
In an Epic Battle of Tanks, Russia Was Routed, Repeating Earlier Mistakes (New York Times) A three-week fight in the town of Vuhledar in southern Ukraine produced what Ukrainian officials say was the biggest tank battle of the war so far, and a stinging setback for the Russians.
Over 100 Russian tanks destroyed in fighting in Vuhledar, says Kyiv (euronews) Ukraine war: Over 100 Russian tanks in fighting in Vuhledar, says Kyiv
Ukraine’s women are playing a key role in the fight against Russia (Atlantic Council) From frontline soldiers to unofficial ambassadors, Ukraine's women are playing a key role in their country's struggle to defeat the Russian army and end Vladimir Putin's criminal invasion, writes Adrienne Ross.
Secretary Blinken’s Call with Ukrainian Foreign Minister Kuleba - United States Department of State (United States Department of State) The following is attributable to Spokesperson Ned Price: Secretary of State Antony J. Blinken spoke today with Ukrainian Foreign Minister Dmytro Kuleba. The two discussed the Secretary’s recent brief conversation with Russian Foreign Minister Sergei Lavrov on the margins of the G20 Foreign Ministers’ Meeting in New Delhi, India. The Secretary underscored to Foreign Minister Kuleba the […]
G-20 fails to reach consensus on global agenda amid Ukraine disputes (Washington Post) India, which hosted the gathering of the world’s biggest economies, declared afterward that ‘multilateralism is in crisis’
Blinken has rare encounter with Russia’s Lavrov at G-20 meeting in India (Washington Post) U.S. Secretary of State Antony Blinken had a brief encounter Thursday with Russian Foreign Minister Sergei Lavrov on the sidelines of the Group of 20 largest industrialized nations meeting in the first face to face conversation between the two diplomats since Russia’s invasion of Ukraine.
What US strategy needs now: Muscular containment for the 21st century (Atlantic Council) The threats posed by Russia and China today call for a muscular version of 20th-century containment. Here's how it should look.
Ukraine war is blurring the lines between Nato and the EU on defence policy (The Conversation) Where do Nato’s responsibilities end and the EU’s begin – especially when it comes to defence?
Germany asks Switzerland to sell mothballed Leopard 2 tanks (Reuters) Germany has asked Switzerland to sell it some of its mothballed Leopard 2 tanks, the Swiss and German governments said on Friday, in a deal that could allow Western countries to increase military aid to Ukraine.
Poland blames Russian hackers for cyberattack on tax service website (The Record from Recorded Future News) Poland's tax service website was hit by a cyberattack believed to have been carried out by Russian hackers, a top cybersecurity official said.
Ukraine uncovers new grave near Bucha, site of alleged Russian atrocities (Washington Post) Ukrainian authorities exhumed a communal grave near the city of Bucha on Thursday, suggesting further killings by Russian forces in an area where evidence of alleged atrocities against civilians spurred global outrage.
A year into Ukraine war, bodies dug up in once occupied town (AP NEWS) The freshly exhumed remains of three men lie in black body bags on the edge of the small cemetery in a town not far from Ukraine's capital, waiting to be taken to a morgue.
Russia envoy denies atrocities, blames West for Ukraine’s misery (Al Jazeera) Russian ambassador to UK Andrey Kelin said the killing of civilians in Ukraine’s Bucha was ‘staged’ by Ukrainian forces.
Russia’s Theft of Children in Ukraine Is Genocide (Foreign Policy) Moscow is out to destroy a people.
Why you may not see many accused Russian war criminals tried in U.S. courts (Lawfire) It is a truism that everyone wants perpetrators of war crimes held accountable, and no one debates that victims of these terrible offenses deserve justice. That said, to what extent are U.S. court…
Sakharov Center forced to close as wartime Russia purges human rights groups (Washington Post) The yellowing notebooks, manuscripts and letters of the great Soviet dissident Andrei Sakharov have been packed up into boxes and cases, stacked in a pile in his old apartment, their future uncertain.
Pregnant Russians are streaming into Argentina. Officials are suspicious. (Washington Post) The young couple was determined to leave Russia.
Justice Department Hiring Dozens of New Prosecutors to Enforce Russian Sanctions (Wall Street Journal) The Biden administration is expanding its cadre of federal agents probing violations of sanctions and export controls against Russia, top officials said Thursday, as the U.S. seeks to shut down holes in the West’s economic pressure campaign.
Americans arrested for allegedly sending aviation technology to Russia (Reuters) Two Americans were arrested in Kansas City on Thursday for an alleged scheme to send aviation-related technology to Russia in violation of U.S. export controls.
Attacks, Threats, and Vulnerabilities
FBI and CISA Release #StopRansomware: Royal Ransomware | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023.
Chinese state-backed hackers Iron Tiger target Linux devices with new malware (Tech Monitor) APT27, or Iron Tiger, has updated its trademark malware, and it could spell trouble for businesses running the popular operating system.
Chinese hackers use new custom backdoor to evade detection (BleepingComputer) The Chinese cyber espionage hacking group Mustang Panda was seen deploying a new custom backdoor named 'MQsTTang' in attacks starting this year.
BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems (SecurityWeek) ESET says the new BlackLotus UEFI bootkit can bypass secure boot on fully updated Windows 11 systems.
BEC 2.0 - Conversation Hijacking Exploits Accounting Teams into Payment Remittance (Avanan) A Business Email Compromise Scam is Trying to Trick Companies into Fraudulent Payments
Salt Security Uncovers API Security Flaws within Booking.com that Allowed Full Account Takeover - Issues have been Remediated (PR Newswire) Salt Security, the leading API security company, today released new threat research from Salt Labs highlighting several critical security flaws...
CocoaPods Subdomain Hijacked: This is How (Checkmarx.com) In a subdomain hijacking attack, the attacker can find forgotten settings on free hosting websites such as GitHub Pages, which are not mapped anymore. The weak validation grants attackers permission to use those subdomains.
A key post-quantum algorithm may be vulnerable to side-channel attacks (The Record from Recorded Future News) Researchers in Sweden say they found a vulnerability in a “quantum safe” algorithm deemed the gold standard for future cryptographic systems.
Tennessee State, Southeastern Louisiana universities hit with cyberattacks (The Record from Recorded Future News) Tennessee State and Southeastern Louisiana are struggling with cyberattacks that have crippled campus services.
Hackers steal gun owners' data from firearm auction website (TechCrunch) Data was taken from the website GunAuction.com, a site that since 1998 allows people to put guns for auction online.
Chick-fil-A confirms accounts hacked in months-long "automated" attack (BleepingComputer) American fast food chain Chick-fil-A has confirmed that customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information.
Hatch Bank says hackers used Fortra bug to steal 140,000 customer Social Security numbers (TechCrunch) The digital bank says hackers exploited a zero-day in Fortra's file transfer software, which allowed access to thousands of customers' data.
Hatch Bank discloses data breach after GoAnywhere MFT hack (BleepingComputer) Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform.
Information of European Hotel Chain's Customers Found on Unprotected Server (SecurityWeek) The personal information of many customers of European hotel chain Falkensteiner was discovered by a researcher on an unprotected server.
WH Smith staff data hit by cyber-attack (BBC News) The High Street retailer says customer accounts and databases are not affected by the incident.
British retail chain WH Smith says data stolen in cyberattack (BleepingComputer) British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees.
WH Smith targeted by cyber attack with hackers accessing data on current and former employees (Sky News) The high street retailer says its website, customer accounts and customer databases are on unaffected separate systems and an investigation has been launched into the incident.
Scam alert: Trezor warns users of new phishing attack (Cointelegraph) Hardware wallet provider Trezor has warned its users about a new phishing attack targeting crypto investments by trying to steal their private keys.
Cyberattaque de la mairie de Lille : "c'est une source de données incroyables pour les pirates informatiques" (France 3 Hauts-de-France) Entrée libre au zoo de Lille, aux musées et dans les piscines de la ville. A cause de l'attaque informatique qu'a subi la mairie, leurs billetteries ne sont plus opérationnelles, entrées gratuites donc! Le point sur ce que...
This Hacker Tool Can Pinpoint a DJI Drone Operator's Exact Location (WIRED) Every DJI quadcopter broadcasts its operator's position via radio—unencrypted. Now, a group of researchers has learned to decode those coordinates.
Security Patches, Mitigations, and Software Updates
Cisco Releases Security Advisory for Cisco IP Phones | CISA (Cybersecurity and Infrastructure Security Agency CISA) Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
CISA Releases Five Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Trends
Rapid7 finds cyber personnel can't patch vulnerabilities fast enough (CyberSecurity Connect) Cybercriminals are exploiting vulnerabilities faster than ever, according to new findings from Rapid7. The US-based cybersecurity organisation released its 2022 Vulnerability Intelligence Report, o
Mandiant Perspectives from the Munich Cyber Security Conference 2023 (Mandiant) Key takeaways from Munich Security Conference 2023 and our leading role in addressing cyber policy issues.
Privacy downgrade: CCTV is steadily gaining facial recognition capabilities (Computing) In public and private spaces CCTV is gaining new capabilities with barely any oversight or regulation.
Marketplace
Altamira Technologies Corporation Has Acquired VaST (Business Wire) Altamira Technologies Corporation announced it has completed the acquisition of Virginia Systems & Technology, Inc. (VaST), a Warrenton, Virginia-based signals intelligence mission company.
Securitas successfully concludes MEUR 300 Schuldschein funding (PR Newswire) By entering into the Schuldschein market for the first time Securitas establishes a new source of long-term funding for the Group. The issue...
Tech Layoffs: February Marks Third-Worst Month (Crunchbase News) Good news: February layoff numbers for the U.S. tech sector were lower than those in January. Bad news: That’s not actually saying much.
A Leader, Once More (Sophos) Sophos Named a Leader in 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
Frost & Sullivan Recognizes Nuspire as Leader in Growth and Innovation for Managed and Professional Services (PR Newswire) Nuspire, a leading managed security services provider (MSSP), today announced it has been recognized as a leader in both growth and innovation...
SentinelOne Recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (Business Wire) Cybersecurity Company SentinelOne Positioned as Leader for Second Consecutive Report
Tego Cyber Inc. Announces Changes and Additions to Management Team (Yahoo) Tego Cyber Inc. (OTCQB:TGCB), a cybersecurity software-as-a-service (SaaS) company focused on innovation in threat correlation and threat hunting powered by curated, highly contextual threat intelligence, today announced the appointment of Melissa Knight as Chief Information Security Officer (CISO) and Stephen Semeniw as Vice President of Sales. Former CISO Chris White will remain on the Board of Directors. All appointments are effective immediately.
Products, Services, and Solutions
Infosec products of the month: February 2023 (Help Net Security) The featured infosec products this month are from: Arkose Labs, Cequence Security, CyberGRX, CyberSaint, Deepwatch, DigiCert, and more.
IBM and Cohesity Announce New Data Security and Resiliency Collaboration Advancing Enterprises' Ability to Fight the Impacts of Breaches and Cyberattacks (PR Newswire) IBM (NYSE: IBM) and Cohesity today announced a new collaboration to address the critical need organizations have for increased data security...
PremierVPN Launches Fully Dedicated VPN Service for Business and Individual Users, Providing Greater Control and Security (PR Fire) PremierVPN, a leading provider of VPN services, has launched a fully dedicated VPN service aimed at both individual and business users. Unlike conventional VPN services that operate on shared infrastructure, PremierVPN’s dedicated server network gives each user full control over their VPN server.
Viasat Launches Cybersecurity Service Using Classified Threat Intelligence to Help Protect U.S. Businesses and Critical Infrastructure (PR Newswire) Viasat Inc. (NASDAQ: VSAT), a global communications company, today announced the launch of its Trusted Cybersecurity Services (TCS) solution, a...
Technologies, Techniques, and Standards
Internet Access, Privacy 'Essential for Freedom': Proton Chief (SecurityWeek) Internet privacy company Proton can spot attacks on democracy in a country before they hit headlines, by watching demand for its services rise
US Cyber Command developing own intelligence hub (C4ISRNet) The center was previously teased by CYBERCOM’s director of intelligence, Brig. Gen. Matteo Martemucci.
Cyber Command plans an intelligence center to call its own (Federal News Network) Cyber Command moves to the next stage in developing a joint cyber intelligence center that assesses offensive capabilities.
IBM's Mark Johnson on the need to integrate security and operations (CyberScoop) IBM's Mark Johnson joins CyberScoop at the Zero Trust Summit 2023.
Design and Innovation
Cisco Chief Says Tech Products Must Be Made More Secure (Wall Street Journal) Pressure from the U.S. and EU will prompt changes in the tech industry but won’t eliminate cyber risk, CEO Chuck Robbins said.
Academia
KnowBe4 Partners with the Pinellas Education Foundation to Raise Cybersecurity Awareness Amongst Students (Yahoo) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced its partnership with the Pinellas Education Foundation for their Enterprise Village initiative.
Legislation, Policy, and Regulation
The Biden administration has a new cybersecurity strategy. Now comes the hard part. (Washington Post) Writing a cyber strategy was only the beginning for the Biden administration
Biden team unveils new anti-cyberattack strategy (POLITICO) The new national cyber strategy will also take steps to defend forward against adversaries, and updates plans for responding to major attacks.
US government puts cybersecurity at forefront with newly announced National Strategy (Help Net Security) The National Cybersecurity Strategy ensures that all Americans can reap the benefits of a secure and reliable digital environment.
White House Releases National Cybersecurity Strategy (SecurityWeek) The U.S. government released its National Cybersecurity Strategy on Tuesday, March 2nd, which pushes regulations on critical infrastructure.
Biden's national cybersecurity strategy advocates tech regulation, software liability reform (CyberScoop) The national cybersecurity strategy represents a shift in Washington, veering toward a more strictly regulated approach.
National Cyber Strategy seeks to 'rebalance' cyber responsibility towards industry (Breaking Defense) "The biggest, most capable and best positioned actors in our digital ecosystem can and should shoulder a greater share of the burden for managing cyber risk and keeping us all safe," Acting National Cyber Director Kemba Walden said.
White House releases an ambitious National Cybersecurity Strategy (CSO Online) The Biden administration's National Cybersecurity Strategy calls for more regulation on critical infrastructure providers and holds software providers accountable for their insecure products.
In mixed response to White House cyber strategy, House Republicans focus on regulations (The Record from Recorded Future News) House Republicans questioned the Biden Administration's desire for more cyber regulations in the National Cybersecurity Strategy.
Biden's Cybersecurity Strategy targets crime and bad code (Register) Just-revealed US cybersecurity strategy 'has fangs' for catching crafty criminals and crummy coders
Software liability reform is liable to push us off a cliff (CSO Online) Regulatory mandates for software security like those in the Biden Administration's National Cybersecurity Strategy could cause more problems than they solve.
Biden's cybersecurity strategy puts the onus on tech companies (The Compass) WASHINGTON — The Biden administration plans to unveil a cybersecurity strategy Thursday that calls for software makers and U.S. industry to take more
'This War Exists in Cyberspace': How the Russia-Ukraine War Led to the National Cyber Strategy (Government CIO) The strategy calls on software developers to assume more responsibility for cyberattacks due to poorly developed code, common to the open-source community.
Biden vows to wield ‘all instruments’ in fighting cyberthreats (Defense News) The strategy calls out China, Russia, Iran, North Korea and others for “reckless disregard for the rule of law and human rights in cyberspace."
Statement of Senate Intel Chairman Mark R. Warner on the Release of the President's National Cyber Strategy (Mark R. Warner) U.S. Sen. Mark R. Warner (D-VA), Chairman of the Senate Intelligence Committee, released the following statement on the President's National Cyber Strategy
The resistance to a TikTok ban is growing in Washington (Washington Post) A growing number of civil liberties and digital rights groups are speaking out against calls to ban TikTok from the United States, mounting fresh resistance to those surging efforts by public officials.
NCS Preview: Cyber Command Sees Expanded Partnerships (Meritalk) The Office of the National Cyber Director’s (ONCD) long-awaited national cybersecurity strategy (NCS) – widely expected to be released publicly by the White House on March 2 – has one U.S. Cyber Command official looking forward to working toward an era of expanded international partnerships in the global cybersecurity fight.
Litigation, Investigation, and Law Enforcement
Canada parliament panel seeks probe of alleged foreign meddling in elections (Reuters) A Canadian parliamentary committee passed a motion on Thursday calling on the federal government to set up a public inquiry into allegations of foreign election interference, after listening to testimony from top intelligence officials.
Polish mayor targeted by Pegasus spyware-media (Reuters) An opposition-linked Polish mayor had his phone hacked using Pegasus spyware, Gazeta Wyborcza daily reported on Friday, amid allegations that the country's special services have used the technology against government opponents.
Secret Service, ICE carried out illegal stingray surveillance, government watchdog says (The Record from Recorded Future News) U.S. federal agencies failed to secure required court orders to conduct phone tracking surveillance, a government watchdog found.
Ruling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight (Compliance Week) Experian won a legal battle against the U.K. Information Commissioner's Office after the data regulator ordered the credit reference agency to make "fundamental changes" over the way it handled personal data for direct marketing purposes or stop altogether.
Man convicted for Experian breach and trying to sell data for R4 million skips sentencing (My Broadband) A man found guilty of fraudulently obtaining the personal data of millions of South Africans from credit bureau Experian skipped his sentencing hearing on Wednesday. A warrant for his arrest has been issued.