Dateline Moscow and Kyiv: Defining victory, controlling the narrative.
Ukraine at D+398: Is the special military operation now a forever war? (CyberWire) Stalled Russian offensives more than a year into the special military operation are accompanied by a shift in Moscow's narrative: the war is now a twilight struggle for national survival.
Russia-Ukraine war: List of key events, day 399 (Al Jazeera) As the Russia-Ukraine war enters its 399th day, we take a look at the main developments.
Russia-Ukraine war live: Russians urged not to adopt ‘stolen’ Ukrainian children; UN watchdog arrives at nuclear plant (the Guardian) Ukraine’s deputy PM raises concerns for children forcibly deported to Russia; UN in Zaporizhzhia amid safety concerns
Putin prepares Russia for ‘forever war’ with west as Ukraine invasion stalls (the Guardian) The Russian president has managed to rally people around the flag with talk of a fight for national survival
Agile Ukraine, Lumbering Russia (Foreign Affairs) The promise and limits of military adaptation.
How US trainers helped Ukraine reinvent its doctrine (Defense News) A little-known Army office working with embassy officials helped train Ukraine's trainers. Now the real work begins.
Preparations for 'de-occupation': Annexed Crimea not forgotten by Ukraine | CNN (CNN) While the fury of conflict echoes across the eastern Donbas region, a very different war is being waged in Crimea: one of night-time explosions, sabotage and disinformation.
Ukraine's Zelenskyy: Any Russian victory could be perilous (AP NEWS) Ukrainian President Volodymyr Zelenskyy warned Tuesday that unless his nation wins a drawn-out battle in a key eastern city, Russia could begin building international support for a deal that could require Ukraine to make unacceptable compromises.
The real definition of victory for Ukraine (Atlantic Council) Genuine Ukrainian independence will only come with the country as a member of the European Union and NATO, writes Victor Pinchuk.
Ukrainian troops return home after Challenger 2 tank training in UK (the Guardian) Crews spent several weeks learning how to operate tanks expected to be used in a Ukraine counteroffensive
Belarus says it will host Russian nuclear weapons to counter NATO (Reuters) Belarus on Tuesday confirmed it will host Russian tactical nuclear weapons, saying the decision was a response to years of Western pressure, including sanctions and what it said was a military-build up by NATO member states near its borders.
Nuclear weapons deployment complies with international law, as does NATO -- Belarus (Ukrainska Pravda) Belarus has stated that by agreeing to deploy Russian tactical nuclear weapons on its territory, it allegedly took "forced retaliatory actions" to strengthen its security and defence capabilities and was not violating the Nuclear Non-Proliferation Treaty (NPT).
US, Russia stop sharing nuke data under faltering New START (AP NEWS) The United States and Russia have stopped sharing biannual nuclear weapons data under the faltering New START treaty, the last arms control pact between the two countries, U.S. officials said Tuesday.
US Army eyes six-fold production boost of 155mm shells used in Ukraine (Defense News) The U.S. Army unveils a new goal for ramping up 155mm ammunition to replenish and grow its stockpiles as the rounds are sent to Ukraine en masse.
Why is the US sending 'downgraded' weaponry to Ukraine? (Deutsche Welle) Howitzers without GPS, rocket launchers restricted to short-range: The US is sending Ukraine weapons with critical limitations. Observers say US officials are trying to avoid a confrontation with Russia.
The ICC Is Just Getting Started on Going After Putin (World Politics Review) The ICC’s decision to charge Putin with the deportation of children in the Russia-Ukraine war was a strategic initial indictment.
Wanted: Vladimir Putin, for war crimes against Ukraine’s children — but what now? (The Hill) World leaders now face a crossroads.
Russia’s Ukraine invasion is eroding Kremlin influence in Kazakhstan (Atlantic Council) The invasion of Ukraine was meant to advance Vladimir Putin’s vision of a revived Russian Empire. Instead, it is forcing other neighboring countries like Kazakhstan to urgently reassess their own relationships with Moscow.
From Ukraine to the whole of Europe:cyber conflict reaches a turning point (Thales Group) A new attack geography has taken shape over the last 12 months. At the very beginning of the conflict, the majority of incidents only affected Ukraine (50.4% in the first quarter of 2022 versus 28.6% in the third quarter), but EU countries have seen a sharp increase in conflict-related incidents in the last six months (9.8% versus 46.5% of global attacks).
Russia Ramps Up Cyberattacks On Ukraine Allies: Analysts (Barron's) Russia's cyberwar on Ukraine largely failed and Moscow is increasingly targeting Kyiv's European allies, according to US and French analysts.
Pro-Russian hackers shift focus from Ukraine to EU countries (Radio Sweden) Russia's cyberwarfare has shifted focus from Ukraine to other countries in Europe, according to a report from the cybersecurity company Thales.Sweden, ...
Russian hackers attack Slovak governmental websites after country supplies Mig-29s to Ukraine (Ukrainska Pravda) A Russian cyber attack disabled several websites of Slovak state institutions and departments.
WSJ News Exclusive | Russia Supplies Iran With Cyber Weapons as Military Cooperation Grows (Wall Street Journal) Tehran is receiving advanced surveillance software after providing drones for Ukraine battlefield, people familiar with the matter said, adding another layer to a burgeoning alliance that the U.S. sees as a threat.
Iran seeks cyber assistance from Russia amid growing military cooperation (Al Arabiya English) Russia is reportedly helping Iran acquire advanced digital surveillance capabilities as Tehran seeks to deepen its cooperation on cyberwarfare with Moscow,
Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April (SecurityWeek) Microsoft says a Russian APT group exploited a nasty Outlook for Windows zero-day (CVE-2023-23397) as far back as April 2022.
Ukraine's Defense Ministry says Russia is encouraging online piracy (The Jerusalem Post) Experts said the volume of piracy could double and reach $60 million, according to Russian state news agency TASS.
How facial recognition is helping Putin curb dissent (Reuters) A Reuters review of more than 2,000 court cases shows how Russia uses facial recognition to identify and sweep up the Kremlin's opponents.
Russia convicts father of teen who drew antiwar picture (AP NEWS) A Russian court on Tuesday convicted a single father over social media posts critical of the war in Ukraine and sentenced him to two years in prison — a case brought against him after his daughter’s drawing at school opposed the invasion, according to his lawyer and activists.
Attacks, Threats, and Vulnerabilities
Inside North Korean hackers’ unusual money laundering technique (Washington Post) Stealing cryptocurrency, cryptomining and money laundering fill the toolbox of a North Korean hacking group
Traffers and the growing threat against credentials (Outpost24 blog) The Rising Threat of Traffers report, compiled by Outpost24’s Threat Intelligence team, KrakenLabs, provides a deep dive into the credential theft ecosystem, and encourages organizations to evaluate their security measures against these evolving threats.
WiFi protocol flaw allows attackers to hijack network traffic (BleepingComputer) Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 WiFi protocol standard, allowing attackers to trick access points into leaking network frames in plaintext form.
ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation (SecurityWeek) OpenAI has confirmed a ChatGPT data breach as a security firm reported seeing the use of a component affected by an exploited vulnerability.
Latitude Financial data breach now impacts 14 million customers (BleepingComputer) Australian loan giant Latitude Financial Services (Latitude) is warning customers that its data breach is much more significant than initially stated, taking the number of affected individuals from 328,000 to 14 million.
Oklahoma City University Notifies Students and Employees of Recent Data Breach (JD Supra) On March 20, 2023, Oklahoma City University (“OCU”) filed a notice of data breach with the Attorney General of Montana after learning that a...
Dutch railway NS warns 780,000 customers about data breach (NL Times) The Dutch national railway, NS, has warned about 780,000 customers that their personal data may be involved in a data breach.The train operator works closely with market research firm Blauw. External parties gained access to personal data at via a software supplier for that company. For example, e-mail addresses, telephone numbers or names of train passengers who participated in a satisfaction survey may have been leaked.
University of New Orleans Cyber Threat Has Been 'Negated' (GovTech) UNO confirmed Monday that several services had been restored, and others will be brought back online incrementally while state authorities investigate the intrusion and whether anyone's personal data was compromised.
Repeat ransomware attacks: What’s putting victims at risk? (Barracuda) Despite growing awareness of the risk and impact of ransomware, more effective security measures, and international collaborations to bring down attack groups and disrupt their criminal operations, ransomware remains an enduring and evolving cyberthreat. Every organization is a potential target.
2023 ransomware insights (Barracuda) The prevalence and impact of ransomware attacks around the world.
Former NCSC chief Ciaran Martin pinpoints critical national infrastructure (CNI) as the next big ransomware target (IT PRO) Despite a devastating few years for cyber security, the former NCSC CEO Ciaran Martin is confident that businesses have learned critical lessons
Fortinet shares tips to mitigate effects of ransomware attacks (Back End News) Cybersecurity solutions and services company Fortinet emphasized the need for organizations to have tighter data protection than before. Citing the increasing ransomware attacks, Fortinet said it i…
Children's data feared stolen in Fortra ransomware attack (TechCrunch) The ransomware gang mass-hacked 130 organizations has now claimed pediatric mental health startup Brightline as its latest victim.
Cyberattack on debt-buying giant exposes sensitive info on nearly 500,000 people (Record) Nearly half a million people had their sensitive financial information leaked during a cyberattack on NCB Management Services – a company that purchases debt.
Ransomware group takes credit for February attack on city of Modesto (Record) The Snatch cybercrime group claimed it had data taken during the ransomware attack that Modesto, California, publicly reported in early February.
Hey, Siri: Hackers Can Control Smart Devices Using Inaudible Sounds (Dark Reading) A technique, dubbed the "Near-Ultrasound Inaudible Trojan" (NUIT), allows an attacker to exploit smartphones and smart speakers over the Internet, using sounds undetectable by humans.
Security Patches, Mitigations, and Software Updates
Apple Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.
iOS Security Update Patches Exploited Vulnerability in Older iPhones (SecurityWeek) Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.
Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529) (Help Net Security) Apple has has fixed the WebKit vulnerability (CVE-2023-23529) exploited in the wild for users of older iPhones and iPads.
Apple patches all the iThings, including flaw under attack (Register) Issue identified in February but owners of older kit weren't warned
Security researchers confirm Microsoft patch fixes ‘aCropalypse’ bug (Record) The researchers who recently discovered a novel Windows vulnerability that could allow cropped screenshots to be restored say the bug has been fixed.
Trends
Cybersecurity Maturity Report 2023 (CYE) Over the last several years, there has been a noticeable increase in corporate security budgets as a result of the sophistication of attacks and the number of cybersecurity solutions introduced into the market.
Cyber Conversations Report 2023 (Cyderes) In last year’s Cybersecurity Conversations Report, we emphasized the need to embrace constant change across the threat landscape – this is the only thing that has not changed. We are well into 2023 and already are seeing shifts within cybersecurity and the economic landscape affect security leaders.
Cymulate Releases Findings from Over One Million Security Assessments (Cymulate) Cymulate’s 2022 Cybersecurity Effectiveness Report says organizations are leaving attack paths exposed in their quest to combat threats.
Report: Escalating Security Gaps and Costly User Experience Issues Exposed, With Three out of Four Attack Vectors Connected to Authentication (PR Newswire) HYPR, the Passwordless Company® and Vanson Bourne today released the 2023 State of Passwordless Security Report. This third annual edition...
Titania Report Reveals Less Than 40% of Senior Cybersecurity Decision Makers Effectively Prioritize Risks to Payment Card Industry Data Security Standard (PCI DSS) 4.0 Compliance (RealWire) New Research Suggests Current Approach to Misconfiguration Detection in Commercial Critical National Infrastructure (CNI) Networks Results in Unquantifiable Levels of Compliance Risk
Study: Americans’ privacy may be at risk as people overshare about politics, kids, and bodily functions (Secure Data Recovery Blog) We surveyed Americans to understand what they post about and what they’re tired of seeing on social media. Politics top the list of overshared topics.
NCC Group Monthly Threat Pulse – February 2023 (Mynewsdesk) Analysis from NCC Group’s Global Threat Intelligence team has revealed there were 240 ransomware attacks in February, a 45% increase from January.
Consumers Threaten to Abandon Businesses That Pollute by Hoarding Unnecessary Data (Veritas) Nearly half of consumers said they would stop buying from companies willfully causing environmental damage by failing to control how much unneeded data they are storing.
2023 Annual State of Email Security (Cofense) Cofense's Annual State of Phishing report & webinars provide an in-depth look at the phishing trends through 2022 with predictions for security leaders in 2023.
2023 Threat Report (OpenText Cybersecurity) Cyber threats are changing the way we do everything. Learn more in the 2023 OpenText Cybersecurity Threat Report
Marketplace
Cull of cybersecurity startups likely due to faltering economy (Computing) There are just way too many of them
Spera Raises $10M to Transform the Identity Security Landscape (Business Wire) Backed by YL Ventures, Spera equips cybersecurity teams with the visibility and risk contextualization necessary for effective identity security remediation and protection
CrowdStrike Invests in Abnormal and Launches New Partnership (Abnormal) Abnormal + CrowdStrike partnership designed to stop breaches by combining the ower of behavioral AI with industry-leading XDR capabilities.
Parsons nabs $94M contract from U.S. Cyber Command (Seeking Alpha) Parsons (PSN) was selected to provide command, control, communications, computers, and capabilities development support services (C4CD-2.0) to U.S
Cloudflare’s commitment to the 2023 Summit for Democracy (The Cloudflare Blog) Cloudflare is proud to participate in and contribute commitments to the 2023 Summit Summit for Democracy because we believe that everyone should have access to an Internet that is faster, more reliable, more private, and more secure
Silicon Valley Bank collapsed in two days. These investors bet against it months or even years earlier. (Silicon Valley Business Journal) Short sellers including Nate Koppikar and Porter Collins didn't predict Silicon Valley Bank's demise, but they did foresee its downfall.
Industry Update: Rising Star HUB Cyber Security Positioned for Sectorial Leadership as demand for Confidential Computing Grows - Hub Cyber Security (NASDAQ:HUBC) (Benzinga) Confidential Computing is an emerging technology that employs hardware-based security features to protect data during while being processes. This involves creating secure enclaves, or isolated hardware areas,
Now That AI Company Palantir Has Achieved Profitability, Is it Time to Buy? (The Motley Fool) This artificial intelligence and machine learning company recently turned profitable far quicker than many expected.
IONIX Named Leader in GigaOm Radar Report for Attack Surface Management (PR Newswire) IONIX, formerly Cyberpion, announced today that it has been named a leader and is projected to be among the top five Attack Surface Management...
Aryaka has been recognized as a Sample Vendor by Gartner® in the Emerging Tech report: Leverage Cloud Connect Infrastructure to Improve Connectivity Experience of Cloud Workloads for SASE Solutions (PR Newswire) Aryaka®, the leader in SD-WAN and SASE solutions, was named by Gartner in the latest Emerging Technologies report. The research, titled...
Menlo Security expands operations to Bengaluru (CIO News) Menlo Security, a cloud security company headquartered in the US, has revealed its expansion plans for India and its new investment in the region.
Former Raytheon VP Teresa Shea Named SandboxAQ Global Public Sector Adviser (GovCon Wire) Looking for the latest GovCon News? Check out our story: Former Raytheon VP Teresa Shea Named SandboxAQ Global Public Sector Adviser. Click to read more!
Mezmo Names Natalia Harris as Vice President of People and Inclusion (GlobeNewswire News Room) Seasoned HR Leader Will Oversee People Strategies and Diversity, Equity, and Inclusion Efforts...
Versa Networks Strengthens Marketing Team as Demand Accelerates for its Industry-Leading SASE Solution (Business Wire) Versa Adds Three New Marketing Executives – Dan Maier as Chief Marketing Officer, Gopal Bhagia as VP of Demand Generation, and Kevin Sheu as VP of Product Marketing
Aware Appoints Kevin Colón as Chief Revenue Officer (PR Newswire) Aware, the leader in contextual intelligence, has appointed Kevin Colón as Chief Revenue Officer. As Aware enters its next stage of...
Products, Services, and Solutions
Noname Security Expands API Security Platform To Help Organizations Increase Cyber Resilience (Noname Security) Noname Security announces major enhancements to its market-leading API security platform to help organizations protect their API ecosystem, secure their applications, and increase cyber resilience.
Netwrix Keeps Enhancing Data Security Across All Five NIST Functions (Netwrix) Netwrix has upgraded a third of its product portfolio and launched a new, SaaS-based solution for managed service providers (MSPs) within the past six months.
Bitwarden Announces Secrets Management With a Unique Combination of Open Source, End-to-End Encryption, and Ease of Use (Business Wire) Now in open beta, Bitwarden Secrets Manager serves developer, DevOps, and IT teams seeking a simple and convenient way to centrally secure, control, and manage infrastructure secrets.
Datadobi Spotlighted the 2023 CRN® Partner Program Guide (Datadobi) Datadobi has been recognized by CRN®, a brand of The Channel Company, in its 2023 Partner Program Guide. Read all about it here.
QuSecure and Accenture Team in First Successful Multi-Orbit Communications Link Showcasing Post-Quantum Crypto Modernization (Accenture Newsroom) Companies Usher in a New Era in Quantum-Resiliency Advancing from Internet to Interstellar Utilizing the Latest in Space Technologies
Sonatype Announces Enhanced Maven Central Experience (GlobeNewswire News Room) Supercharged Search and Streamlined User Interface Drive Developer Innovation...
SecurityScorecard Delivers Market-First Security Ratings Score Guarantee (Business Wire) Security Ratings Leader Offers Its Customers Peace of Mind with Professional Services-Backed Guarantee
Anomali and Canon IT Solutions Partner to Deliver a Threat Intelligence Platform to Counter Sophisticated Cyber Security Attacks (Business Wire) New Service Leverages Threat Intelligence to Help Organizations Quickly Respond to Threats
StrongDM Announces the First Dynamic Access Management Platform (StrongDM) The new platform goes beyond privileged access management (PAM) to provide secure access to all technical users and modern tools, easing the transition to zero standing privileges for every organization.
Hexnode Announces New Features for macOS and Windows (PR.com) Henxode's announces new features for macOS and Windows transforming the hybrid work culture and enhancing endpoint management.
CyberArrow and Mobily Announce Partnership to Strengthen Cyber Security Compliance in Saudi Arabia (GlobeNewswire News Room) CyberArrow, a leading cyber security compliance automation provider, and Mobily, one of the...
Zone Adopts ThetaRay AI Solution to Monitor and Screen Payments in Nigeria (Business Wire) Blockchain-powered Nigerian fintech to integrate ThetaRay’s SONAR AI-powered technology to increase growth opportunities with a trusted service
Meeting the TSA Cybersecurity Requirements for Airports and Aircraft with SentinelOne Singularity XDR (SentinelOne) Learn about the new TSA cybersecurity requirements and how SentinelOne Singularity XDR can help enterprises and federal agencies meet these requirements.
API3 Integrates QuintessenceLabs to Provide QRNG Service (PR Newswire) QuintessenceLabs, an industry leader in quantum cybersecurity, announced today that API3, a provider of first-party data feed services such as...
PwC and ReversingLabs Form Strategic Alliance to Bring Software Supply Chain Security to Third Party Risk Management Programs (GlobeNewswire News Room) PwC and ReversingLabs Partner to Operationalize Detection and Mitigation of Software Threats as Key Component of Third Party Risk Assessment Service...
NanoLock Security and ISTARI Announce Strategic Collaboration to Deliver Device Level OT Cyber Protection Following Regulatory Changes (Business Wire) The collaboration will provide ISTARI’s clients with NanoLock’s Device-Level Zero-Trust OT protection against cyber threats caused by internal and external adversaries and to meet emerging federal guidelines for U.S., EU and Singapore’s critical infrastructure
Netskope and Zoom Team Up to Deliver Quality Collaboration Experiences with Optimized Performance, Security, and Compliance (Netskope) Integrated solutions optimize connectivity and security of Zoom voice and video communications using Netskope Borderless SD-WAN and Netskope SSPM SANTA
Heimdal® to Launch Revolutionary New Platform in Unexplored Market Category (Heimdal Security Blog) Heimdal® is preparing to launch a revolutionary new industry-agnostic platform called The Heimdal® Threat-hunting & Action Center.
Skyhawk Security Becomes First Cloud Security Company to Embed ChatGPT Functionality into the Threat Detection Process (GlobeNewswire News Room) In 78% of cases, Skyhawk produced alerts earlier when adding new ‘Security Advisor’ and ‘Threat Detector’ ChatGPT scoring functionality...
Graylog and BitLyft Partner to Deliver Cutting-Edge Managed Detection and Response Solution (Business Wire) Join Forces to Provide Small-to-Midsize Companies with Real-Time Threat Detection and Response Services
Insurance Provider Aldagi Deploys Calico Enterprise to Achieve EU GDPR Compliance (PR Newswire) Tigera, provider of the industry's only active security platform for containers and Kubernetes, today announced that Aldagi, Georgia's largest...
Bell partners with Palo Alto Networks to help Canadian businesses identify threats and protect their cloud-based data (PR Newswire) As organizations use more cloud services, they face countless configuration, management and compliance challenges and security risks, and they require...
Bacula and Backblaze Form Strategic Agreement for Advanced Backup Ransomware Protection and Single Tier Storage (Yahoo Finance) Combination of two solutions enables users to protect diverse IT estates, reduce complexity and significantly drive costs down
HP Expands the Boundaries for Remote PC Management through HP Wolf Connect (HP) Today at its Amplify™ Partner Conference, HP Inc. (NYSE: HPQ) announced HP Wolf Connect, an IT management connectivity solution that provides a highly resilient and secure connection to remote PCs, enabling IT to manage devices even when powered down or offline.
Vaultree Achieves Google Cloud Ready - AlloyDB Designation (Business Wire) Pairing Vaultree with Google Cloud’s AlloyDB for PostgreSQL brings Fully Homomorphic and Searchable Encryption (FHSE) technology to the cloud
Technologies, Techniques, and Standards
In Walmart’s Cyber Risk Formula, Every Bug Has a Backstory (Wall Street Journal) The retailer turned to actuaries, insurance experts, accountants and lawyers to help gauge security threats.
Incident attribution: beware of jumping to conclusions (SC Media) Discovering who is behind a cyberattack isn’t always quick or straightforward but accuracy is important.
How Continuous Threat Hunting Addresses Potential Okta Password Exposure Via Failed Login Attempts (Torq) By Leonid Belkind CTO and Co-founder, Torq Last week, the incident response firm Mitiga published research outlining the potential exposure of Okta passwords of organizational users. The method involves a mistaken entry of one’s password in the username field in an Okta login interface – something that, according to the research, is not an infrequent […]
Do You Know KEV? You Should. (Rezilion) It is critical to understand the significance of the CISA KEV catalog and the role of similar exploitation-oriented threat intelligence sources in securing our systems.
Survey: 92% of Global Organizations Indicate Identity Security as Critical for a Robust Zero Trust Implementation (Business Wire) CyberArk Introduces Peer-Based Framework for Evaluating and Maturing Identity Security Strategies
The Holistic Identity Security Maturity Model (CyberArk) Assess the maturity of your organization’s Identity Security strategy and follow the recommendations to level up. Download the Identity Security Maturity Model report for peer insights.
The Navy Still Suffers from Cybersecurity Complacency (U.S. Naval Institute) The Navy should prioritize cybersecurity to the same level as other warfare areas because cyber capabilities will be key to winning future conflicts.
Design and Innovation
Microsoft introduces AI-powered cybersecurity assistant (Reuters) Microsoft Corp on Tuesday launched a tool to help cybersecurity professionals identify breaches, threat signals and better analyze data, using OpenAI's latest GPT-4 generative artificial intelligence model.
With Security Copilot, Microsoft brings the power of AI to cyberdefense (Microsoft) Trained across security and networking disciplines and armed with trillions of data signals, Security Copilot dramatically increases the reach, speed and effectiveness of any security team REDMOND, Wash. — March 28, 2023 — Microsoft Corp. on Tuesday announced it is bringing the next generation of AI to cybersecurity with the launch of Microsoft Security Copilot, […]
Microsoft’s ‘Security Copilot’ Unleashes ChatGPT on Breaches (WIRED) The new tool aims to deliver the network insights and coordination that “AI” security systems have long promised.
Microsoft Puts ChatGPT to Work on Automating Cybersecurity (SecurityWeek) Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.
Microsoft introduces an A.I. chatbot for cybersecurity experts (CNBC) Chatbots using generative AI models aren't always accurate. But Microsoft is hoping to make its Security Copilot more accurate with user input.
Microsoft announces generative AI Security Copilot (CSO Online) Microsoft’s new generative AI security system grafts GPT-4 into its security offerings for integrated analysis and responses.
Now That ChatGPT Is Plugged In, Things Could Get Weird (WIRED) Letting the chatbot interact with the live internet will make it more useful—and more problematic, too.
Elon Musk says Twitter’s For You page will only recommend verified accounts (The Verge) You’ll have to pay up to show up.
The secret list of Twitter VIPs getting boosted over everyone else (Platformer) Congratulations to Ben Shapiro, AOC, and ... LeBron?
Research and Development
Turning hackers’ behavior against them (GCN) By identifying psychological biases of hackers, a new program aims to develop proactive network defenses that go beyond tech-based solutions and rely on analysis of attackers’ behavior to thwart them.
Academia
Educating the education sector on cybersecurity (Technology Decisions) The education sector is built on the foundation of creating opportunities and building knowledge for students of all ages.
Hewlett Foundation Announces Major Effort Funding Cyber Policy Studies at Institutions Serving Diverse Student Populations (Hewlett Foundation) Over $20 Million in Grants to Florida A&M University, Florida International University, Turtle Mountain Community College, and Spelman College to support the growth of cyber policy programs. (Menlo Park, Calif. – March 29, 2023) – Today, the William and Flora Hewlett Foundation announced large-scale grants totaling more than $20 million to four academic institutions that ...
Legislation, Policy, and Regulation
TechScape: How the world is turning against social media (the Guardian) France has banned not only TikTok from government phones, but Facebook and Twitter, too. Could this be a tipping point for big tech? Plus, AI-generated pictures of the pope signal a new type of viral image
Azerbaijan establishes Cyber Security Center (News.az) In response to the increasing calls for cyber security in the country, the Ministry of Digital Development and Transport of the Republic of Azerbaijan with the support of PASHA Holding Limited Liability Company (LLC), established the Azerbaijan Cyber Security Center together with Israel's most prestigious higher education institution in technology - Technion Institute, News.az reports citing the Ministry of Digital Development and Transport of Azerbaijan.
China urges Apple to improve security and privacy (Register) It's a juicy market that welcomes foreign investment, National development boss reminds Tim Cook
UK aims for 'agile' AI regulation (Computing) The UK government has set out a new whitepaper on AI regulation, with the aim of driving "responsible" innovation and maintaining public trust in the technology.
Call for Submissions to UK's New Computer Misuse Act (Infosecurity Magazine) Bugcrowd is concerned about a lack of protection for ethical hackers
Operators push back on FCC’s stricter data breach reporting proposal (Fierce Telecom) Telecom industry groups from USTelecom and ACA Connects to WISPA and NCTA sounded off on proposed changes to the Federal Communications Commission’s (FCC) data breach reporting rules and their message is clear: reporting requirements should be tied to the prospective harm done to consumers.
CISA director says cutting agency's budget would return it to 'pre-SolarWinds world' (CyberScoop) Director Jen Easterly said that if the agency's proposed budget for FY 2024 dropped to pre-2022 totals, it would put the nation at risk.
New Cyber Reports Will Show the Value of CISA Budget Investments, Director Says (Nextgov.com) Cyber incident reports will be shared with the agency under the soon-to-be implemented requirements of the Cyber Incident Reporting for Critical Infrastructure Act.
U.S. Space Force ramps up cybersecurity spending (SpaceNews) U.S. Space Force ramps up cybersecurity spending
US Indo-Pacific Command seeks extra $274 million for cyber (Defense News) INDOPACOM's $3.5 billion unfunded priorities list includes requests for “offensive cyber access and effects" and "cybersecurity and network defenses.”
Full Steam Ahead: Enhancing Maritime Cybersecurity (CSC 2.0) Since its inception, the United States has been a maritime nation dependent on its maritime transportation system (MTS) as vessels evolved from manpower-intensive wooden sailing ships to highly automated container ships.
Cyber experts call for CISA to establish maritime equipment test bed (FedScoop) The proposals follow several cyberattacks on vulnerable European maritime infrastructure targets last year.
Electronic warfare is ‘new frontier’ for US Missile Defense Agency (C4ISRNet) EW is a fight for control of the electromagnetic spectrum, relied upon for communications, situational awareness, weapons guidance and more.
Too Much U.S. Government Information Is Classified, Report Finds (WSJ) U.S. officials classify information that should either be public or more widely shared within the government, hobbling national defense objectives and jeopardizing congressional oversight of the executive branch, a new report says.
Litigation, Investigation, and Law Enforcement
A Q&A with the hacktivists rocking Latin America: Guacamaya (Record) Recorded Future News spoke to hacktivist collective Guacamaya to better understand what it hopes to accomplish and the role they see for themselves going forward.
Clearview AI used nearly 1m times by US police, it tells the BBC (BBC News) Clearview AI has been used by the police nearly a million times in the US, it tells the BBC.
U.S. charges FTX's Bankman-Fried with paying $40 mln Chinese bribe (Reuters) He's accused of paying the bribe to Chinese officials so they would unfreeze his hedge fund's accounts.
FTX Founder Sam Bankman-Fried Charged With Bribing Chinese Officials (Wall Street Journal) The fresh indictment alleges Sam Bankman-Fried authorized bribing one or more Chinese government officials with at least $40 million in cryptocurrency.
Google again accused of destroying evidence in Android case (Register) Starting to see a pattern here? Judge seems to think so
He came to D.C. as a Brazilian student. The U.S. says he was a Russian spy. (Washington Post) Johns Hopkins graduate Victor Ferreira was unmasked as GRU operative Sergey Cherkasov, according to a federal indictment and Western security officials