Dateline
Ukraine at D+376: Hacktivism, and pranking for disinfo. (CyberWire) Russia and Ukraine swap drone strikes and continue the struggle for Bakhmut. A Russian threat actor pranks for disinfo.
Russia-Ukraine war live: 4,000 civilians in Bakhmut, says Ukraine, as west says Russia has sustained up to 30,000 casualties there (the Guardian) Ukraine deputy PM says around 38 children remain in besieged city as western officials estimate Russia has sustained heavy losses there
Russia-Ukraine war: List of key events, day 377 (Al Jazeera) As the Russia-Ukraine war enters its 377th day, we take a look at the main developments.
Russia Makes Slow Gains in Bakhmut as Ukraine Fends Off Drone Attacks (Wall Street Journal) Ukrainian troops said they withdrew from the eastern side of the city. They are concentrating on holding the central and western parts of the city, which paramilitary group Wagner has been storming since July.
Ukraine claims rare drone strike on target in Russia (Axios) A Ukrainian special forces unit posted a video showing the attack.
Ukraine-Russia war: Ukraine bolsters defences in last-ditch attempt to hold Bakhmut (The Telegraph) Ukraine will continue to defend Bakhmut and will strengthen its positions as it battles to hold on to the besieged eastern town after months of Russian assaults.
Ukraine live briefing: Russian victory in Bakhmut would not change tide of war, U.S. says (Washington Post) As the months-long battle for Bakhmut rages on, U.S. Defense Secretary Lloyd Austin said a victory for Russia there would offer the Kremlin a symbolic victory but not turn the tide of the broader war. Ukrainian officials say Russian forces have not seized full control of the eastern Ukrainian city.
‘Warrior brutally killed’: Zelenskyy blasts Russian ‘murderers’ (Al Jazeera) Investigation urged after video on social media apparently shows Russian troops executing Ukraine soldier.
Russian soldiers execute Ukrainian PoW after he says "Glory to Ukraine" (Ukrainska Pravda) Russian invaders have shot an unarmed Ukrainian prisoner of war after he said "Glory to Ukraine".
Ukraine Demands Investigation After Video Appears To Show Russians Killing POW (RadioFreeEurope/RadioLiberty) Ukrainian authorities have called for a war crimes investigation after a video that surfaced on social media appeared to show Russian forces killing a Ukrainian prisoner of war.
He Heeded Russia’s Call to Enlist. Five Months Later, He Was Dead. (New York Times) Pvt. Ivan Ovlashenko was one of at least 16,000 Russians who have died in Ukraine, more than in the Soviets’ Afghan war. It’s getting hard for the Kremlin to cover that up.
Ukraine Has Lost 60 Aircraft, Taken Down 70 in Russian Invasion, Hecker Says (Air & Space Forces Magazine) Ukraine has lost roughly 60 aircraft to Russia since February 2022, said Gen. James B. Hecker, the top U.S. Air Force commander in Europe.
NATO Secretary General to parliamentarians: support Ukraine for as long as it takes (NATO) NATO Secretary General Jens Stoltenberg underlined the need to support Ukraine for as long as it takes in an address to Christian Democratic Union, Christian Social Union and European People’s Party Group parliamentarians on Monday (6 March 2023). Speaking at the European Commission in Brussels, the Secretary General underlined that NATO Allies must remain prepared to support Ukraine for the long haul.
China’s Ukraine Peace Plan Is Actually About Taiwan (Foreign Policy) Beijing’s phony proposal lays bare its conditions for winning an East Asian war.
Diplomat points to envoy’s difficulties in conveying Russia's position to Washington (TASS) "He was interrupted and it was made clear that Americans had more important things to attend to than listen to the opinion of Russia," Russian Embassy’s Press Secretary Igor Girenko noted
Cyber attacks on Ukraine will be used as a template by hackers on a global level, experts warn (CityAM) “Cutting edge” cyber attacks used against Ukraine are set to be used more widely by the hackers of tomorrow, experts have warned. Rogue threat actors will
Russian diplomat blames West for recruiting hackers for operations against Moscow (TASS) "Russia’s information facilities keep facing massive cyberattacks, which have increased tenfold since the launch of the special operation," Irina Tyazhlova went on to say
Kremlin Website Down Amid Reports of Cyber Attacks on Russia (The Daily Beast) The hacker collective Anonymous said it was “currently involved in operations against the Russian Federation”.
Don’t Answer That! Russia-Aligned TA499 Beleaguers Targets with Video Call Requests (Proofpoint) TA499, also known as Vovan and Lexus, is a Russia-aligned threat actor that has aggressively engaged in email campaigns since at least 2021.
Russian forces resort to welding war relics onto ‘tankenstein’ vehicles (The Telegraph) Military expert says ‘a supposed first-world army’ cobbling together old parts reveals the ‘perilous state of the Russian army’
Attacks, Threats, and Vulnerabilities
Black Lotus Labs uncovers another new malware that targets compromised routers (Lumen Newsroom) HiatusRAT has been targeting business-grade routers to covertly spy on victims since July 2022
New malware infects business routers for data theft, surveillance (BleepingComputer) An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and build a covert proxy network.
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims (The Hacker News) A new complex malware campaign, Hiatus, is targeting business-grade routers to spy on victims in Latin America, Europe, and North America.
Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials (WeLiveSecurity) ESET researchers analyze a campaign that has been distributing CapraRAT backdoors through trojanized and supposedly secure Android messaging apps.
New ATM Malware 'FiXS' Emerges (SecurityWeek) Metabase Q documents FiXS, a new malware family targeting ATMs in Latin America.
Sandbox blockchain game breached to send emails linking to malware (BleepingComputer) The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating the game, trying to infect them with malware.
PoC exploit for 'critical' Word vulnerability released (Computing) Viewing a specially crafted RTF file can allow remote code execution by an attacker
Cyberattack hits major hospital in Spanish city of Barcelona (AP NEWS) MADRID (AP) — A ransomware cyberattack on one of Barcelona’ s main hospitals has crippled the center’s computer system and forced the cancellation of 150 nonurgent operations and up to 3,000 patient checkups, officials said Monday.
Cyberattack Hits Major Hospital in Spanish City of Barcelona (SecurityWeek) A ransomware attack on Hospital Clinic de Barcelona crippled computer system and forced cancellation of some operations and patient checkups
Barcelona's Hospital Clinic hit by ransomware cyberattack 'from outside Spain' (Euro Weekly News) Barcelona's Hospital Clinic was hit by a massive ransomware cyberattack 'from outside Spain' on Sunday, March 5
A web forum user has published the records of over 7 million alleged Verizon customers (SafetyDetectives) One of the United States’ top carriers, Verizon, appears to be the victim of a data breach allegedly impacting millions of customers.
The SafetyDetectives cyber
Suspected Cyber Attack Closes Northern Essex CC (GovTech) Northern Essex Community College in Massachusetts shut down its Haverhill and Lawrence campuses Monday while it worked with law enforcement and conducted a full systems audit to assess the damage.
How a single engineer brought down Twitter on Monday (Platformer) The high cost of cutting expenses
Trends
IronNet Publishes Annual Cyber Threat Intel Report (Business Wire) Threat Detections, Analysis, and Insights Highlight Emerging Cyber Trends and Threat Actor Evasion Techniques
Phishers’ Favorites 2022 Year-in-Review (Vade) Get the eBook to see the most impersonated brands in phishing attacks and trends that dominated 2022.
Identity verification & fraud scams to avoid | Veriff.com (Veriff) A blog about 12 common identity verification & fraud scams to avoid, including the most common types of scams and how to prevent the risk fraudsters pose.
Security 360: Annual Trends Report (JAMF) Jamf Threat Labs’ annual report looks at five key trends shaping the current security landscape and how to develop or adjust your security strategy.
Why are ransomware profits falling? (DIGIT) Ransomware profits: If your organisation comes under attack, the most important step to remember is to not pay the ransom demand.
Marketplace
HPE acquires Axis Security in war against WFH cyber threats (ERP Today) HPE has announced its plans to acquire Axis Security to enhance its SASE solution for HPE GreenLake edge-to-cloud
Inigo Raises $4.5 Million to Help API and Platform Teams Fully Manage and Secure GraphQL APIs (GlobeNewswire News Room) The seed funding will enable Inigo to scale product development and sales as it provides organizations with end-to-end GraphQL API management, governance,...
Zscaler Lays Off Workers to Focus on Profitability (ChannelE2E) Cloud security vendor Zscaler announced layoffs of 3% of its workforce after what it called a rough fiscal second quarter.
Atlassian to Eliminate 500 Jobs in Latest Software Cutbacks (Bloomberg) Atlassian Corp. will cut about 5% of its workforce, or 500 full-time employees, becoming the latest software company to eliminate jobs.
Nightmare on Wall Street: Hub Security’s value plummets after SPAC merger (CTech) The cyber company's promises to issue on the Nasdaq at a value of $1.3 billion seem like a distant memory after its share price collapsed by more than 37% within three trading days, to a market cap of $157 million
Crowdstrike stock rises on Dell partnership (Yahoo News) Yahoo Finance Live’s Rachelle Akuffo breaks down the rise in stock for Crowdstrike.
New cybersecurity offering brings hope to Darktrace shares (Opto) The UK cybersecurity start-up is pinning hopes on its Newsroom system after a difficult year and an investigation over its operations.
OpenSSF Membership Growth Signals Technical Communities’ Continued Commitment to Investing in Security - Open Source Security Foundation (Open Source Security Foundation) The Open Source Security Foundation (OpenSSF) welcomes eight new members from leading technology firms. The total number of OpenSSF members is currently over 100 and organization membership saw an 88% growth in 2022 from a variety of different sectors. New OpenSSF general member commitments include those from Amesto Fortytwo, Code Intelligence, Kusari, Privado, Scotiabank, Technology Innovation Institute (TII). New associate members include the Open Source Business Alliance - Bundesverband für digitale Souveränität e.V. and Python Software Foundation. We are happy to see that technical communities continue to demonstrate a strong commitment to investing in security now and for the future.
Frost & Sullivan Recognizes ZeroFox with 2022 Global Competitive Strategy Leadership Award in Digital Risk Protection (GlobeNewswire News Room) Company solidifies its positioning as the leader in Digital Risk Protection for a decade...
Auvik Strengthens Leadership Amidst Accelerated Growth as Demand for Enterprise Network Management and Monitoring Surges (Auvik Networks Inc.) Auvik, an award-winning provider of cloud-based network management software, today announced four new appointments to the executive leadership team amidst an accelerated growth phase for the company.
Bugcrowd Hires Four Security Industry Leaders to Drive Go-to-Market Efforts (PR Newswire) Bugcrowd, the leader in crowdsourced cybersecurity, today announced the appointment of three veteran security industry executives to drive...
Zerto Appoints Matt Boris as Vice President of Global Go-to-Market (Business Wire) Experienced Leader to Drive Strategic Growth and Expansion of Zerto within HPE
Sentra Expands Executive Team With Appointment of Joseph Hoban as Vice President of Sales (PR Newswire) Sentra, a cloud data security company, has appointed Joseph Hoban to vice president of sales. In his new role, Hoban will draw from more than...
Baffle Appoints Sushant Rao as Senior Vice President of Marketing (GlobeNewswire News Room) Experienced leader in B2B software and cloud services to expand global presence...
Armis Appoints Efraim Harari as Chief Legal Officer (Armis) Proven leader joins high-growth asset visibility and security company
Products, Services, and Solutions
Imperva and EDB Partner to Enhance PostgreSQL Database Security (Imperva) Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, joins the EnterpriseDB GlobalConnect Technology Program as a verified Data Activity Monitoring (DAM) solution for EnterpriseDB (“EDB”) customers. Imperva Data Security Fabric is certified to support agent-based monitoring for EDB […]
Cassie Expands in U.S. Market to Meet Demand for Marketing Compliance (PR Newswire) Today Cassie, the consent and preference management platform serving Fortune 500 companies globally, announced it anticipates record growth in...
CrowdStrike and Dell strategic alliance assists organizations with cyberthreats (SiliconANGLE) CrowdStrike and Dell strategic alliance assists organizations with cyberthreats - SiliconANGLE
Brivo Partners With Sanico USA to Bring Improved Security to Commercial and Industrial Facilities Nationwide (RealWire) Collaboration Delivers Industry's Most Advanced Access Control Solutions for Construction Site Safety
BETHESDA, Md., March 7, 2023 – Brivo, a leading provider of cloud-based access control and
Data-First Security Company Bearer Open Sources Its Static Application Security Testing (SAST) Solution (GlobeNewswire News Room) Quickly identify, assess, prioritize and remediate security risks and vulnerabilities with a fully customizable solution supported by a global open source...
Rubrik Launches Transform Partner Program, Furthers Its Mission to Secure the World’s Data New program enables partners to help customers defend against cyberattacks (Globe Newswire) New program enables partners to help customers defend against cyberattacks
Code42 and SentinelOne Partner to Uncover Risk to Data and Accelerate Response to Insider Threats (Business Wire) Leading cybersecurity providers announce their newly available integration that surfaces threats for investigation and contains data exposure
Fortinet Enhances Its Single-Vendor SASE Solution with New Capabilities to Support Work-from-Anywhere (Fortinet) New updates to FortiSASE expand the industry’s most integrated single-vendor SASE solution to further converge networking and security across a unified operating system and agent
Akamai Technologies Releases New Service and Tools to Stop Advanced Threats and Drive Zero Trust Adoption (Akamai) Akamai Hunt and Akamai Agentless Segmentation help customers reduce attack surface and time to remediation.
SentinelOne and Wiz Announce Exclusive Partnership to Deliver End to End Cloud Security (SentinelOne) Leading Cybersecurity Companies Join Forces to enhance Customers Cloud Security
ReliaQuest Completes Transition to Partner-First Channel Model (ReliaQuest) ReliaQuest completes strategic transition to Partner-First Channel Model to empower customers and partner network. ReliaQuest GreyMatter, a security operations platform built on an open XDR architecture, can integrate with existing customer investments, accommodating everyone from large to mid-enterprises.
Technologies, Techniques, and Standards
Threat Intelligence: Do We Need A 'Rosetta Stone' of Cyber Attribution? (Infosecurity Magazine) Threat groups are tracked under many different names, and there are good reasons for that
New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems (SecurityWeek) Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.
Varonis' Justin Wilkins on why zero trust is a "data-centric" architecture (CyberScoop) CyberScoop speaks with Varonis at the Zero Trust Summit 2023.
Design and Innovation
Microsoft integrates AI behind ChatGPT to more developer tools (Reuters) Microsoft Corp on Monday bundled the technology behind ChatGPT with its Power Platform that allows users to develop applications with little or no coding, the latest integration of artificial intelligence into its products.
Peter Cochrane: When will ChatGPT learn to overhype? (Computing) ChatGTP has learned fast from the foibles of its creators,
Why Are Security Fears About ChatGPT So Overblown? (Gov Info Security) Technologists were quick to point out that popular AI-based chatbot ChatGPT could lower the bar for attackers in phishing campaigns and even write malware code, but
Academia
LSU Computer Science Faculty Furthering Research Into Smartphone Security (GlobeNewswire News Room) Every day, smartphone users utilize biometric data like their fingerprint, facial ID, PIN number,...
Computer science researchers lead the defense against the dark side of tech (Virginia Tech) Assistant Professor Bimal Viswanath and his colleagues have amassed one of the largest datasets of AI-manipulated media in existence to explore methods of detecting and disarming weaponized media and toxic misinformation campaigns.
Legislation, Policy, and Regulation
Australia To Be the Most Cyber Secure Nation? (The National Law Review) Not content with merely implementing broad-scale privacy reform, the Government has announced a new position, the Coordinator for Cyber Security to be added to the Department of Home Affairs
Germany planning to ban Huawei, ZTE from parts of 5G networks -paper (Reuters) Germany's government is planning on forbidding telecoms operators from using certain components from Chinese companies Huawei and ZTE in their 5G networks, German paper Zeit Online reported on Monday.
Government announces 10-point plan to make UK a science and tech 'superpower' (Computing) But funding falls short of what was available under the EU Horizon programme
The Biden Administration’s National Cybersecurity Strategy Calls for a Shift Toward More Cybersecurity Regulation (Morrison Foerster) President Biden’s recently released National Cybersecurity Strategy details the Biden administration’s efforts to bolster the nation’s cybersecurity amid an evolving threat landscape, including vast cyber-criminal enterprises and adversaries such as China, Russia, Iran, and North Korea.
Biden Administration Releases Comprehensive National Cybersecurity Strategy (Data Law Insights) On March 2, 2023, the Biden Administration released the 35-page National Cybersecurity Strategy (the “Strategy”) with a goal “to secure the full benefits
Where the New National Cybersecurity Strategy Differs From Past Practice (Lawfare) Although the strategy builds on cybersecurity efforts from the previous three administrations, it departs from past perspectives and practices and, if fully implemented, has the potential to change the U.S. cybersecurity posture significantly for the better.
Biden's new national cyberspace strategy accuses China of 'digital authoritarianism' (ThePrint) The policy names Quad & Indo-Pacific Economic Framework (IPEF) — India is a part of both — as mechanisms through which it’s working with allies to counter cyber threats.
State Should Evaluate Global Anti-Cybercrime Efforts, GAO Says (Nextgov.com) A watchdog report said the State Department should take the lead in determining the effectiveness of federal agencies’ partnerships with international allies to combat digital crimes.
Meet the House’s cybersecurity freshman class (POLITICO Pro) Following the departure of several cybersecurity leaders from Congress, a number of House freshmen are keen to make tackling cyber threats a priority.
Litigation, Investigation, and Law Enforcement
Trudeau orders probe of alleged Chinese interference in Canadian election (Washington Post) Prime Minister Justin Trudeau said Monday that he would appoint an independent special rapporteur and order a committee of lawmakers with top-secret security clearance to probe foreign interference in Canada’s elections, amid criticism that his government is failing to take the issue seriously.
The Daring Ruse That Exposed China’s Campaign to Steal American Secrets (New York Times) How the downfall of one intelligence agent revealed the astonishing depth of Chinese industrial espionage.
Germany and Ukraine hit two high-value ransomware targets | Europol (Europol) This ransomware appeared in 2019, when cybercriminals started using it to launch attacks against organisations and critical infrastructure and industries. Based on the BitPaymer ransomware and part of the Dridex malware family, DoppelPaymer used a unique tool capable of compromising defence mechanisms by terminating the security-related process of the attacked systems. The DoppelPaymer attacks were enabled by the prolific EMOTET...
European Police, FBI Bust International Cybercrime Gang (VOA) Ransomware is the world's most disruptive cybercrime
German police lift lid on worldwide cyber blackmail gang (Deutsche Welle) The international investigation involving the FBI and Europol has revealed details of an international cybercrime gang accused of blackmailing major firms and institutions.
Europol Hits Alleged Members of DoppelPaymer Ransomware Group (Decipher) Europol, along with law enforcement from Germany and Ukraine, arrested two alleged members of the DoppelPaymer ransomware group.
An international sting brings another win against ransomware gangs (Washington Post) DoppelPaymer sting nets results, but it isn’t clear whether the trend against ransomware criminals is a lasting one
European police move in on DoppelPaymer (Computing) Police in Germany and Ukraine have arrested alleged members of the DoppelMaymer gang, which was implicated in a cyberattack on a hospital that left a patient dead.
Police Looking for Russian Suspects Following DoppelPaymer Ransomware Crackdown (SecurityWeek) Several locations in Germany and Ukraine were raided recently as part of an international law enforcement operation targeting the DoppelPaymer ransomware.
European police, FBI bust international cybercrime gang (ABC News) German police say they have disrupted a ransomware-sowing international cybercrime gang which has been blackmailing large companies and institutions for years
Russian-affiliated cybercrime gang disrupted by European police with help from FBI, Ukrainian authorities (Fox Business) European authorities, with help from the FBI, have identified members of a Russian-affiliated cybercrime gang responsible for targeting major companies and institutions with ransomware.
DoppelPaymer ransomware supsects arrested in Germany and Ukraine (Naked Security) Devices seized, suspects interrogated and arrested, allegedly connected to devastating cyberattack on University Hospital in Düsseldorf.
European raid targeted notorious ransomware gang DoppelPaymer (CyberScoop) The DoppelPaymer ransomware gang is considered one of the world's most dangerous after it was linked to the death at a hospital in Germany.
Suspected ransomware crew arrested in multi-country swoop (Register) Millions extorted from victims, one attack left hospital patient dead
Core DoppelPaymer ransomware gang members targeted in Europol operation (BleepingComputer) Europol has announced that law enforcement in Germany and Ukraine targeted two individuals believed to be core members of the DoppelPaymer ransomware group.
DHS has a program gathering domestic intelligence — and virtually no one knows about it (POLITICO) Collecting information from Americans raises ongoing civil liberties concerns.
‘Shady’ DHS officials running secret domestic-intelligence program: report (New York Post) An unnamed employee quoted in internal DHS documents called the Office of Intelligence and Analysis’ leadership team “shady” and run “like a corrupt government.”
"Immoral" spy program: DHS collecting domestic intelligence in "shady" operation (Salon) Report obtained by Politico reveals a nearly unknown, potentially illegal domestic intelligence operation
Authorities Investigate Data Released in Oakland Cyber Attack (GovTech) The FBI and third-party specialists are working to determine the contents of the released city data. Officials said the Feb. 8 ransomware attack was perpetrated by the threat actor group Play.
Privacy Litigation in 2023—Surge in Web Tracking Class Actions (New York Law Journal) Web tracking lawsuits stem from companies collecting their website visitors’ data. These cases do not involve “hacking” or other forms of data breach or data incident, writes contributors John Cleary, Cate Green and Elizabeth Marden.
Inside the Suspicion Machine (WIRED) Obscure government algorithms are making life-changing decisions about millions of people around the world. Here, for the first time, we reveal how one of these systems works.
This Algorithm Could Ruin Your Life (WIRED) A system used by the Dutch city of Rotterdam ranked people based on their risk of fraud. The results were troubling.