Dateline Moscow and Kyiv: To the salt mines.
Ukraine at D+320: Cyber war crimes? (CyberWire) There's nothing new on the Eastern front. Ukraine continues to equip itself with NATO systems, and Russia continues hitting civilians.
Russia-Ukraine war: List of key events, day 321 (Al Jazeera) As the Russia-Ukraine war enters its 321st day, we take a look at the main developments.
Ukraine Russia war: Russian artillery fire down nearly 75pc, say US officials (The Telegraph) Russian artillery fire is down by nearly 75 per cent, US officials have said.
Without Hesitation, Ukraine Goes Toe to Toe With Russia in Bakhmut (New York Times) Earlier in the war, Ukraine’s leadership was more equivocal about pitched battles with high casualties. There’s no second-guessing this time. Some analysts say it makes sense strategically.
Russia’s Wagner group fighting ‘heavy, bloody battles’ for control of Soledar (the Guardian) UK says most of Ukrainian saltmine town near Bakhmut is in Russian hands after intensive fighting
Fighting Remains Tough in Ukraine (U.S. Department of Defense) While the battle lines between the Russian invaders and Ukrainian defenders have not shifted much, fighting in the Donbas region has been savage, a senior military official said.
Kyiv withstands bombs and blackouts as Russia fails to cripple capital (Washington Post) Two days after a Russian missile killed her close friend on New Year’s Eve, Daria Khizhchuk was back at her job waiting tables at an upscale Italian restaurant in the Ukrainian capital.
Russia is holding back on using its most advanced fighter jets over Ukraine because it's scared they'll get shot down, UK intel says (Business Insider) Russia's holding back because of worries about "reputational damage" if the combat jets are shot down over Ukraine, the British defense ministry said.
Russia-Ukraine war: Britain considers sending Challenger 2 battle tanks to Ukraine (The Telegraph) Britain is considering supplying Ukraine with tanks for the first time to help the country fight Russian forces, The Telegraph understands.
Pentagon weighs sending Stryker combat vehicles to Ukraine (POLITICO) If approved, the shipment would add to the number of armored infantry vehicles being sent to the front lines by multiple countries.
US-led group of countries aiding Ukraine will convene again at Ramstein (Stars and Stripes) Headed by U.S. Defense Secretary Lloyd Austin, the group of leaders from dozens of nations has convened eight times at various locations and virtually since late February, when Russia launched its full-scale invasion of Ukraine.
How AI Could Predict The Damage to Ukraine from Russian Missiles (Defense One) By training a machine-learning model on battle-damage imagery, one company aims to help understand where attacks are happening and assess damage more quickly and accurately.
Ukraine claims Russia is conscripting more fighters for an offensive, breaking its own ceasefire (Task & Purpose) The alleged conscription would target urban centers for as many as 500,000 fighters.
It’s High Time to Prepare for Russia’s Collapse (Foreign Policy) Not planning for the possibility of disintegration betrays a dangerous lack of imagination.
Ukraine’s Cyber Units Aim to Retain Staff, Keep Services Stable as War Enters Year Two (Wall Street Journal) As Ukrainian President Volodymyr Zelensky visits Washington, the country’s cyber defense staff continue to fend off persistent Russian cyberattacks.
Kyiv argues Russian cyberattacks could be war crimes (POLITICO) Ukrainian cyber officials are gathering digital evidence for The Hague to prosecute, their top chief says.
Ukraine official says Russian cyberattacks on its energy network could equate to war crimes (Yahoo) Victor Zhora, a top Ukrainian cyber official, told Politico that Ukraine is gathering evidence of Russian coordination of cyber and kinetic attacks.
Ukraine will need $1.79bn to restore its telecom sector, UN says (Engineering & Technology) Russia has been accused of "destroying completely or seizing" telecoms networks in parts of Ukraine by a recent UN agency report.
UK minister: Iran made ‘big mistake’ in giving drones to Russia for Ukraine war (Breaking Defense) With their deadly use, Iranian drones also reveal their weaknesses and Tehran may not get much in return, senior UK official says.
Ukraine war and geopolitics fuelling cybersecurity attacks - EU agency (EU Reporter) Geopolitics like Russia's invasion in Ukraine have led to more severe and widespread cybersecurity attacks over the past year, EU cybersecurity agency ENISA stated in its annual report. ENISA's study focuses on concerns about state actors and the increasing range of threats to companies, governments, and vital sectors like energy, transport, and banking. According to […]
The Russia-Ukraine war is causing some to rethink the role of offensive cyber operations in armed conflict (SC Media) Russia's experience of limited success in Ukraine has some U.S. observers advising that we collectively pump the breaks on the idea that cyberspace is now a fully-fledged domain of war.
War in Europe Draws Investors to Drone, Battlefield AI Makers (Bloomberg) Venture capital investment in defense hit a record last year. Ukraine invasion has spurred investment on the continent.
Russia borrows record $56bn in a month as sanctions batter Putin - live updates (The Telegraph) Russia's federal budget deficit widened to a record in December as revenues plunged amid restrictions on oil exports and spending on the invasion of Ukraine grew.
Attacks, Threats, and Vulnerabilities
North Korean Crypto Hacks to ‘Surge,’ Say Experts (Cryptonews) A “surge” in North Korean crypto hacks is on its way in 2023 as markets recover, a security provider has claimed. Discover more!
Microsoft Flags Ransomware Problems on Apple's macOS Platform (SecurityWeek) Microsoft’s threat intelligence team continues to call public attention to security problems on Apple’s macOS operating system.
Sketchy ChatGPT App Soars Up App Store Charts, Charges $7.99 Weekly Subscription (MacRumors) A sketchy app claiming to be the bot ChatGPT has soared up App Store charts, charging users a $7.99 weekly subscription to use a service that is...
Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL (BleepingComputer) The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers.
Banking malware Dridex attacking Mac, MacBook computers with sneaky infection method (Fox News) Kurt "CyberGuy" Knutsson discusses recent crimes attributed to the cybercriminal group Evil Corp; it's known to attack Mac computers using malware known as Dridex.
German regulator warns of new banking and crypto malware ‘Godfather’ (Cointelegraph) Germany’s Federal Financial Supervisory Authority released an official warning regarding “Godfather,” a malware collecting user data in banking and crypto apps.
Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529) (Unit 42) We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.
Industry-first research from Axis Security finds 65% percent of organizations plan to adopt a Security Service Edge platform within next two years (PR Newswire) Axis, in partnership with Cybersecurity Insiders, released industry-first data with its 2023 Security Service Edge (SSE) Adoption Report. This...
Cyber Intelligence Briefing Special: Lorenz Opens Old Backdoors (SRM) S-RM’s Incident Response team has observed Lorenz using a 5-month-old web shell as a way into a victim’s network and foothold for a ransomware attack.
Remote code execution bug discovered in the popular JsonWebToken library (Security Affairs) The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken (JWT) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote code execution. The package is maintained by Auth0, it had over 9 million weekly downloads […]
BaFin Alerts on Trojan Virus Affecting Crypto Apps (Financial and Business News | Finance Magnates) Germany’s BaFin has urged consumers to beware of ‘Godfather’, a trojan virus that attacks Android-based banking and crypto apps.
Darknet drug markets move to custom Android apps for increased privacy (BleepingComputer) Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement.
Rackspace ransomware attack was executed by using previously unknown security exploit (Help Net Security) The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached Rackspace.
Threat Actors Spread RAT Via Pokemon NFT Card Site (Infosecurity Magazine) Phishing page lures unsuspecting users into installing remote access malware
Hackers access Windows devices through fake Pokémon game (Cybersecurity Connect) Hackers have launched a fake Pokémon game and are using it as a vessel to distribute a remote access tool (RAT) and gain control of windows devices. Aiming to draw users in on both the popularity of
Gotta catch ‘em all: cybercriminals target victims with fake Pokémon game (CyberNews) Threat actors capitalize on the popularity of a Pokémon franchise and a buoyant NFT card trading market to spread malware.
Oregon Insurer Data Breach May Have Exposed Personal Info (GovTech) The insurer posted additional information about the breach online and offered free ID theft and monitoring service for at least 12 months. SAIF said it has been unable to determine how many people the breach affected.
UK Environment Agency website used to send people to fake porn sites (Computing) Threat actors exploited an open redirect available on the site
Air France, KLM Customers Warned of Loyalty Program Account Hacking (SecurityWeek) Air France-KLM has started informing Flying Blue customers of account compromise leading to data breach.
Hackers demand £15m ransom from Hull and Yorkshire schools after cyber attack (HullLive) Hackers have hit the 15 schools in Hope Sentamu Learning Trust and an independent Hull school
Oxford University dating website 'Oxshag' shut down over 'data breach' (Mail Online) Students and staff quickly complained the 'OxShag' website breached their privacy by publicly listing their entire university directory - including academics, porters, administrators and more.
No good deed goes unpunished: How phishing exploits gov workers (GCN) Phishing attacks target employees’ natural curiosity and their commitment to public service, experts say.
Iowa's largest city cancels classes due to cyber attack (Manistee News Advocate) Iowa's largest school district cancelled classes for Tuesday...
Des Moines Public Schools cancels classes due to cyber attack (KCRG) The District said that classes would be canceled for its 33,000 students after being “alerted to a cyber security incident on its technology network.”
Security Patches, Mitigations, and Software Updates
Auth0 fixes RCE flaw in JsonWebToken library used by 22,000 projects (BleepingComputer) Auth0 fixed a remote code execution vulnerability in the immensely popular 'JsonWebToken' open-source library used by over 22,000 projects and downloaded over 36 million times per month on NPM.
Trends
Global Cyber-Attack Volume Surges 38% in 2022 (Infosecurity Magazine) Last year was also worst on record for UK businesses
Netskope Threat Research: Malware-Delivering Cloud Apps Nearly Tripled in 2022 (PR Newswire) Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research showing that over 400 distinct cloud applications...
Cloud and Threat Report: 2022 Year In Review (Netskope) This edition of the Cloud and Threat Report takes a look back at 2022 and highlights the most significant trends relating to cloud adoption and threats on the web and in the cloud.
The dark web's criminal minds see Internet of Things as next big hacking prize (CNBC) Cars and medical devices are critical, and vulnerable, entry points for criminal hackers betting the Internet of Things is their next big payday.
What is the Relationship Between Ransomware and Phishing? (Digital Defense) Find out how cyber attackers combine ransomware and phishing to efficiently deploy malicious payloads and how you can use pen-testing to better protect your environment.
Delinea 2022 State of Ransomware Report Reveals That Attacks are Down 61% from the Previous Year, and Ransom Payments are Also on the Decline (PR Newswire) Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today published its 2022 State of Ransomware...
2022 Global Ransomware Survey Report | Research Results (Delinea) See what 300 IT security leaders said about ransomware. Benchmark your strategies against your peers, improve your readiness and incident response
Marketplace
Venture To Cybersecurity Drops By A Third (Crunchbase News) The fourth quarter saw only $2.4 billion go to cyber startups, the lowest amount of venture investment in the sector since the third quarter of 2020.
NetSPI Acquires nVisium, Bringing Top Penetration Testing Talent Together (PR Newswire) NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the acquisition of nVisium to further scale...
Inside Diligent Academy's goal to educate future tech industry workers — and keep them in Baltimore (Technical.ly) Diligent and SV Academy leaders celebrate their first local training academy cohort with an event held in the middle of the program for sales and support professionals, following the former's expansion to the Inner Harbor.
Cerberus Sentinel to acquire RAN Security (CISO Global) Cerberus announced that it has signed a definitive agreement for the acquisition of RAN Security, a cybersecurity company ...
Twitter has had to tell staff its email about their severance agreement 'is not a phishing attempt' after many went straight to spam (Business Insider) Laid-off Twitter staff were sent an email from an unfamiliar address, directing them to a website where they could view their separation agreement.
Parsons Subsidiary Secures DARPA Cybersecurity Assessment Contract (The Defense Post) DARPA has awarded Parsons subsidiary BlackHorse Solutions a contract to support the agency’s cybersecurity assessments.
50 CISOs to watch (Lacework) The role of CISO is one of the most important in any organization, and one that holds some of the most significant responsibilities:
Products, Services, and Solutions
authID Deploys Verified™ Human Factor Authentication™ Service with Tax Status (GlobeNewswire News Room) Verified™ stops account takeover with unphishable authentication for Tax Status’ enterprise partners DENVER, Jan. 09, 2023 (GLOBE NEWSWIRE) --...
GlobalSign Now Certified on Four ISO standards (GlobalSign) Only leading CA worldwide to achieve this certification
Silobreaker integration with DomainTools enriches threat intelligence context and visibility (Silobreaker) New integration provides domain risk scores and allows users to pivot seamlessly to the DomainTools Iris Investigate platform directly from Silobreaker Silobreaker, a leading security and threat intelligence firm, today announced a new integration with DomainTools, the leader in Internet intelligence. DomainTools’ trusted domain, website, and DNS data is now available directly with Silobreaker, and...
NordVPN verifies no-logs statement for the third time (NordVPN) NordVPN has completed an independent assurance engagement to confirm its no-logs claim. Once again, this confirmed that we do not monitor user activity under any circumstances.
Bluescape Achieves FedRAMP Authorization on Amazon Web Services (PRWeb) Bluescape® announced today that it has achieved Federal Risk and Authorization Management Program (FedRAMP®) Authorization on Amazon Web Services (AW
DoControl Recognized as a Sample Vendor in Two Gartner® Reports: Emerging Tech Impact Radar: Cloud-Native and; Emerging Tech Impact Radar: Security (PR Newswire) DoControl, the automated Software-as-a-Service (SaaS) security company, announced today it has been recognized by Gartner® (Gartner delivers...
Technologies, Techniques, and Standards
NCSC Cyber Essentials to be offered free to some small organisations (Computing) Funded Cyber Essentials Programme will be free for some small charities and legal groups that handle sensitive data
US ramps up space cyber defenses eyeing private businesses (CyberNews) The National Institute of Standards and Technology (NIST) adopted the Cybersecurity Framework for the space sector. Experts want to see more scrutiny on space-based software and firmware.
How To Satisfy the Cyber Insurance Requirement for Multi-factor Authentication for Critical Self-Hosted Applications (CPO Magazine) No one likes paying for health insurance, but we know it takes only one health issue to wipe out a family’s financial resources. Welcome to the new business requirement for cyber insurance.
Stress is hurting cybersecurity: how can we fix it? (IT-Online) The average tenure of a chief information security officer lasts between one and two years, far less than the six years a chief financial officer or eight years a CEO typically spends at a company. This drastic difference is even more staggering when we add new data from the Ponemon Institute, which claims that around […]
Design and Innovation
DHS, CISA plan AI-based cybersecurity analytics sandbox (Register) High-spec system is crucial to defending against the latest threats
Roomba testers feel misled after intimate images ended up on Facebook (MIT Technology Review) An MIT Technology Review investigation recently revealed how images of a minor and a tester on the toilet ended up on social media. iRobot said it had consent to collect this kind of data from inside homes—but participants say otherwise.
Research and Development
Northrop Grumman Advances Scaled Electronic Attack Capability (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) has successfully demonstrated key components of the company's future Ultra-Lite Electronic Attack (EA) Prototype System. The demonstrations were conducted in collaboration with the U.S....
Academia
Ground-breaking Tech Finally Turns Cybersecurity's Weakest Link to Its Greatest Strength, Says Deakin University (Access Wire) Tide's new approach to digital identity allows users to authorize a system, instead of the system authorizing the users. MELBOURNE, AUSTRALIA / ACCESSWIRE / January 9, 2023 / The Tide Foundation, in a joint research partnership with Deakin University have validated a new security paradigm. Tide untangles the paradox of "who's guarding the guardian?" undermining today's security dogma. That dogma suggests that to secure something, you should
Legislation, Policy, and Regulation
Five Eyes alliance meets to discuss zero-trust cyber security (Cybersecurity Connect) The Pentagon has hosted a meeting of the Five Eyes security alliance to discuss zero trust cybersecurity. The US invited representatives from Australia, Canada, New Zealand, and the UK to Fort Meade i
Japan, U.S. to agree on security standards for government software (Nikkei Asia) Nishimura and Mayorkas to sign memorandum on cooperation for cybersecurity
FedRAMP just got better – and is here to stay (Coalfire.com) With the inclusion of the FedRAMP Authorization Act in the FY23 National Defense Authorization Act, Congress and President Biden have taken a giant step forward in securing America’s cloud-first mission. From FISMA in 2002 to the OMB’s original Federal Risk and Authorization Management Program in 2011, FRAA 2022 accelerates secure cloud momentum for government agencies.
Exclusive: CISA’s Jen Easterly wants to protect US hospitals following spate of ransomware attacks (Fox News) In the past three years, cyberattacks on hospitals have surged, threatening patients’ information and access to care and even resulting in some deaths.
New Jersey, Ohio join other states in banning TikTok from state devices (Reuters) New Jersey and Ohio said on Monday they were joining other states in banning use of the popular video app TikTok on government-owned and managed devices.
There are TikTok bans in nearly two dozen states (Washington Post) Inside the state bans on TikTok
Litigation, Investigation, and Law Enforcement
Meta’s EU Privacy Fine Fight Muddles Outlook for Targeted Ads (Bloomberg Law) Meta Platforms Inc.'s planned challenge to an enforcement action from European privacy regulators amplifies ongoing legal uncertainty over what the bloc’s data protection regime means for personalized advertising online and the tech company’s business model.
Justices Turn Away Israeli Spyware Maker in WhatsApp Suit (SecurityWeek) The Supreme Court rejected Israeli spyware maker NSO Group's bid to derail a high-profile lawsuit filed by the WhatsApp messaging service.
NSA Asks High Court To Reject Mass Surveillance Challenge (Law360) The federal government has urged the U.S. Supreme Court to reject the Wikimedia Foundation's bid to revive a case challenging a National Security Agency mass surveillance program, saying the foundation had misread an underlying decision regarding the state secrets privilege.
US justice department investigating papers stored at Biden’s former institute (the Guardian) Classified documents found by president’s personal lawyers while closing out office at UPenn’s Biden Center for Diplomacy
What to Know About Biden’s Classified Documents Controversy (Time) The discovery raises questions of potential unlawfulness and will have political implications amid a similar Trump probe