Dateline Moscow and Kyiv: Disaffected insiders in Russia's cyber war room.
Ukraine at D+400: the Vulkan papers. (CyberWire) The Vulkan papers offer a rare opportunity for an inside look at Russian cyber warfare.
Russia-Ukraine war: List of key events, day 401 (Al Jazeera) As the Russia-Ukraine war enters its 401st day, we take a look at the main developments.
Ukrainians in a Hidden Command Post See Bakhmut Going Their Way (New York Times) Ukrainian commanders said that Russia exhausted all its reserves on the eastern city, though soldiers said the cost in lives had been steep.
Ukraine's Tank Force Shouldn't Stand a Chance Against Russia's, But Dumb Mistakes Keep Tipping the Scales (Military.com) With several models of tanks to choose from, a large supply of armored vehicles, and an undeniable numbers advantage, Russia's fleet of tanks should be decimating Ukraine's on the battlefield.
Russian jets of newer generation increase 'dominance' in combat zone, Ukrainian official says (ABC News) Newer generation fighter jets are giving Russia "increasing dominance" in the skies over the conflict zone in eastern Ukraine, according to a senior Ukrainian official.
Russia set to take chair of UN security council amid Ukraine war (The Hill) Russia is set to take the chair position of a United Nations Security Council meeting as it continues to wage its yearlong war on neighboring Ukraine, drawing criticism from Ukrainian leaders. Ukra…
‘Absurdity to a new level’ as Russia takes charge of UN security council (the Guardian) Monthly rotation of presidency of 15-member council has been unaffected by Ukraine war
Russia to offer food for North Korean weapons - US (BBC News) Washington says any arms deal would violate UN Security Council resolutions.
US has trained more than 7,000 Ukrainian troops, dozens at Fort Sill, Pentagon says (Stars and Stripes) Dozens of Ukrainian soldiers at Fort Sill, Okla., have finished learning how to use the Patriot missile system, part of the more than 7,000 troops the U.S. has trained to fight off Russian forces invading their country.
Putin’s nuclear saber-rattling is a sign of dangerous Russian desperation (Atlantic Council) Vladimir Putin's latest bout of nuclear saber-rattling is a clear indication of Russia's growing desperation as the invasion of Ukraine continues to unravel amid mounting military losses, writes Peter Dickinson.
The Only Realistic Answer to Putin (The Atlantic) Russia’s unprovoked invasion is impossible to justify. Now is not the time to relent in helping Ukraine.
Putin’s plan for a new Russian Empire includes both Ukraine and Belarus (Atlantic Council) A leaked document detailing Russia's plans to absorb Belarus highlights the scale of Vladimir Putin's imperial ambitions and provides insights into the true objectives behind the invasion of Ukraine, writes Taras Kuzio.
A Look Inside Putin's Secret Plans for Cyber-Warfare (Spiegel) Elite hackers from Russia have their sights set on airports and power plants around the world, along with the internet. Confidential data from Moscow, obtained by DER SPIEGEL and its partners, now provide a look inside their arsenal of cyber-weapons and reveal their strategy.
Secret trove offers rare look into Russian cyberwar ambitions (Washington Post) More than 5,000 pages of documents from a Moscow-based contractor offer unusual glimpses into planning and training for security services, including the notorious hacking group Sandworm
7 takeaways from the Vulkan Files investigation (Washington Post) Thousands of pages of leaked documents offer rare glimpses of Russian military cyberwar strategy, the notorious Sandworm hacking group and a cheeky office party invitation hidden in a piece of malware
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics (the Guardian) Vulkan engineers have worked for Russian military and intelligence agencies to support hacking operations, prepare for attacks on infrastructure and spread disinformation
Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan (Mandiant) Documents detail Russian investments and considerations to scale cyber operations and capability development.
Pro-Russian hackers target elected US officials supporting Ukraine (Ars Technica) Group tracked since 2021 exploits unpatched Zimbra servers to hack email accounts.
Phishing Campaign Tied to Russia-Aligned Cyberespionage (Bank Info Security) A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple
Vladimir Putin’s dismal fate is increasingly plain for all to see (The Telegraph) A leaked call among Russian elites spells out his end in plain terms: defeat, disgrace, and deposal
Russia’s Ghost Fleet of Oil Tankers Is a Floating Time Bomb (Bloomberg) Moscow has turned to a flotilla of outdated, untrackable ships to duck sanctions, and they are a menace to the oceans.
Russia faces long economic decline as isolated Putin turns to China (Atlantic Council) With most avenues for Western partnership indefinitely closed and Russian economic dependency on China growing rapidly, Putin’s talk of “economic sovereignty” is starting to sound very hollow, writes Diane Francis.
Russia’s Economy Is Starting to Come Undone (Wall Street Journal) Investment is down, labor is scarce, budget is squeezed. Oligarch: ‘There will be no money next year’
U.S.-Romanian Defense Leaders Discuss Strategic Partnership (U.S. Department of Defense) The U.S.-Romania strategic partnership has never been stronger or more relevant, Secretary of Defense Lloyd J. Austin III said as he met with Romanian Defense Minister Angel Tilvar at the Pentagon.
Welcome to NATO: Finland clears Turkish hurdle, will join military alliance in coming weeks (Breaking Defense) Sweden, meanwhile, remains on the outside looking in, as Turkey and Hungary have not moved to approve its membership.
Hungary has approved Finland joining NATO. But its delays raise deeper concerns. (Atlantic Council) The problem of an unreliable Hungary will long outlast this foot-dragging over Sweden and Finland, and allies should be prepared to deal with an outlier that’s weakening the system from within.
Wall Street Journal reporter arrested in Russia by security service (Washington Post) Russia’s Federal Security Service, the FSB, arrested a Wall Street Journal reporter, Evan Gershkovich, a U.S. citizen assigned to the newspaper’s Moscow bureau, and accused him of being a spy for the United States.
White House Condemns Russia’s Detention of Wall Street Journal Reporter (Wall Street Journal) Russia’s main security agency said it had detained a Wall Street Journal reporter for what it described as espionage. The Journal denied allegations against him.
US condemns Russia's arrest of American journalist on spy charges (The Telegraph) Vladimir Putin believes Evan Gershkovich from the Wall Street Journal was 'caught red-handed', but seizure has been widely condemned by West
US condemns arrest of WSJ journalist as Russia accused of ‘hostage taking’ (the Guardian) US secretary of state Antony Blinken issues strongly worded statement after arrest of Evan Gershkovich
The arrest of an American journalist in Russia is awful. For me, it’s also painfully personal | Margaret Sullivan (the Guardian) ‘Evan,’ I said out loud in my hotel room. In that moment, this news story moved out of the realm of professional dismay and into the intensely personal
Four bankers guilty of aiding “Putin’s purse” Roldugin convicted in Zurich (The Insider) Four executives from Gazprombank Switzerland, a subsidiary of Russia's Gazprombank which has since ceased operations, have been found guilty by a Zurich court for enabling cellist Sergei Roldugin to transfer millions of francs through Swiss accounts
Attacks, Threats, and Vulnerabilities
Chinese Cyberspies Use 'Melofee' Linux Malware for Stealthy Attacks (SecurityWeek) The recently identified Melofee Linux implant allowed Chinese cyberespionage group Winnti to conduct stealthy, targeted attacks.
3CX DesktopApp Security Alert - Mandiant Appointed to Investigate (3CX) Early this morning we informed our partners and customers that our electron windows app shipped in Update 7, version numbers 18.12.407 & 18.12.416, included a severe security issue. We since learned that Electron Mac App version numbers 18.11.1213, 18.12.402, 18.12.407 & 18.12.416 have also been affected. Fortunately, anti-virus vendors flagged the executable 3CXDesktopApp.exe and
Information on Attacks Involving 3CX Desktop App (Trend Micro) In late March 2023, security researchers revealed that threat actors were actively abusing a popular business communication software from 3CX.
3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component (SecurityWeek) 3CX confirms investigating a security breach as the cybersecurity community is sharing more information on the supply chain attack.
There’s a new supply chain attack targeting customers of a phone system with 12 million users (TechCrunch) North Korean hackers are using a trojanized version of 3CX’s VoIP client to install info stealer malware on corporate networks
Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) (Orca Security) In this blog post, we'll explore the details of the Azure vulnerability, "Super FabriXss," the risks it poses, as well as recommendations on how to mitigate it.
Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data (SecurityWeek) An Azure Active Directory (AAD) misconfiguration leading to Bing.com compromise earned Wiz researchers a $40,000 bug bounty reward.
chatGPT was always prone to open source code related vulnerabilities (ET CIO) It was just a matter of time before OpenAI’s chatGPT got breached, say industry observers, on the recent data breach.
Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks (SecurityWeek) Water pumping systems made by ProPump are affected by several vulnerabilities that could allow hackers to cause significant problems.
Former Employees' Orphaned Data Could Destroy Your Business (Datadobi) Employees are leaving their jobs at record rate, and leaving orphaned data behind. Having a plan to manage that data is vital to protecting your business.
Threat Report: Spoofed Gaming Website (SafeGuard Cyber) SafeGuard Cyber detected a phishing website that was sent to a Telegram channel that we were monitoring. Find out more in this blog.
2023 Tax Scam Emails Exposed: Unmasking Deceptive Trends (Trustwave) Tax season is a busy time of year for taxpayers and threat actors. Consumers and businesses focus on filing their taxes and getting excited over possible refunds, while cybercriminals roll out both their tried-and-true tax scams along with implementing new efforts.
Consulting company for Vines Hospital suffered a data breach (WCJB) Patients of Vines Hospital are being notified about a data breach at their consulting company.
DarkBit puts data from Israel’s Technion university on sale (CSO Online) DarkBit had previously demanded 80 bitcoins as ransom, and said it would sell the data within five days if the ransom went unpaid.
Dozens of universities affected by campus ticketing software cyberattack (Record) Students at dozens of the biggest universities and colleges in the U.S. and Canada have been affected by a cyberattack targeting an online ticketing platform.
CISA Adds Ten Known Exploited Vulnerabilities to Catalog | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CISA orders agencies to patch bugs exploited to drop spyware (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch a set of security vulnerabilities exploited as zero-days in recent attacks to install commercial spyware on mobile devices.
Security Patches, Mitigations, and Software Updates
CISA Releases One Industrial Control Systems Advisory (Cybersecurity and Infrastructure Security Agency CISA) CISA released one Industrial Control Systems (ICS) advisory on March 30, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Trends
On-Demand Video: Unveiling Red Canary's 2021 Threat Detection Report (Red Canary) Relive the moment we introduced our 2021 cyber threat report. Explore top threats and hear detection insights from the report's authors.
Red Canary 2021 Threat Detection Report - MITRE ATT&CK® Techniques (Red Canary) Our Threat Detection Report takes a close look at the most prevalent techniques & threats to help security teams focus on what matters most.
SlashNext’s 2023 Mobile BYOD Security Report Reveals 71% of Employees Have Sensitive Work Information on their Personal Devices; 43% Were the Target of Phishing Attacks (SlashNext) With 50% of phishing happening outside of email, security leaders express concerns about attacks via private messaging apps PLEASANTON, Calif. – March 30, 2023 – SlashNext, the leader in SaaS-based Integrated Cloud Messaging Security across email, web, and mobile, today released its 2023 Mobile BYOD Security Report. In partnership with a third-party research firm, SlashNext […]
Marketplace
DataDome raises $42M to leverage machine learning for confronting bot attacks (VentureBeat) DataDome announces it has raised $42 million for a solution that uses machine learning to address online bot attacks.
Spera raises $10M for its identity security posture management platform (TechCrunch) With Spera, businesses get a single end-to-end tool that allows them to manage all aspects of identity security.
Where have all the laid-off tech workers gone? (The Economist) Employment in the technology industry has reached an inflection point
Kyndryl lays off staff in search of efficiency (Network World) The layoffs are part of a restructuring initiative aimed at improving efficiency and customer service, Kyndryl says.
Senhasegura Sweeps Key Categories as Gold Winner in 2023 Cybersecurity Excellence Awards (Business Wire) Brazilian-based PAM supplier recognized for “Gold” as Best Privileged Access Management PAM Platform, Best Cloud Privileged Access Management, and Best Certificate Lifecycle Management; Senhasegura also take Bronze for Best PAM Solution for 2023 Globee Award
'Dr. Zero Trust' Chase Cunningham Joins Traceable as an Advisor (PR Newswire) Traceable AI, the industry's leading API security company, today announced that "Dr. Zero Trust" Chase Cunningham will join the company as an...
Products, Services, and Solutions
Now Open on Github: The OSC&R Software Supply Chain Attack Matrix (PR Newswire) The founding members of OSC&R (Open Software Supply Chain Attack Reference), the first and only open framework for understanding and evaluating...
WSJ News Exclusive | Meta to Let Users Opt Out of Some Targeted Ads, but Only in Europe (Wall Street Journal) The Facebook, Instagram parent will allow EU users to choose a version of its services that would only target them with advertising based on broad categories, such as age range and general location.
Forter Named Best Fraud Prevention Platform in the 2023 FinTech Breakthrough Awards (Business Wire) Forter, the Trust Platform for digital commerce, today announced it has been named the Best Fraud Prevention Platform in the 2023 FinTech Breakthrough Awards.
SentinelOne expands singularity marketplace with new integrations (TahawulTech) Joint Solutions with Revelstoke, Fletch, Code42, and KnowBe4 Address Diverse XDR Use Cases.
Intruder Launches API Scanning for Enhanced Exposure Management (Intruder) Intruder's latest release enables organisations of all sizes to automatically scan APIs and secure more of their attack surface.
Technologies, Techniques, and Standards
New 'Watch Center' to ring alarms on space-related cyber threats (Breaking Defense) "Space is a warfighting domain and cyber is a critical area to focus on to ensure space security. I think we all know cyber attacks are becoming more frequent. They're more severe, they're even more sophisticated," Sreenidhi Tummala, a senior software engineer at Lockheed Martin, told reporters at today's Space-ISAC press conference.
Space ISAC Stands Up Operational Watch Center to Respond to Threats in Real Time (Via Satellite) Space ISAC is opening a physical Operational Watch Center to monitor, analyze, and respond to cyber threats to space systems in real time. Analysts will
DoD Chief Digital and Artificial Intelligence Office Launches Hack the Pentagon Website (U.S. Department of Defense) The Chief Digital and Artificial Intelligence Office Directorate for Digital Services launches a website to accompany their long-running program: Hack the Pentagon. Vetted, independent security
Cybersecurity, consumer privacy, and accessibility can make or break your business. (InvestisDigital) Companies that manage these crucial elements of corporate governance effectively build trust with all their stakeholders. Businesses that fail to do pay dearly.
Design and Innovation
BuzzFeed Is Quietly Publishing Whole AI-Generated Articles, Not Just Quizzes (Futurism) After announcing earlier this year a pivot to quizzes co-written by AI, BuzzFeed seems to have widened its purview to include articles.
The problem with artificial intelligence? It’s neither artificial nor intelligent (the Guardian) Let’s retire this hackneyed term: while ChatGPT is good at pattern-matching, the human mind does so much more writes Evgeny Morozov
Research and Development
How fear of future quantum hacks could expose sensitive data now (Bulletin of the Atomic Scientists) The rush to create encryption schemes that would be resistant to cyberattacks from quantum computers may be opening a new, more devastating vulnerability.
Academia
Celebrating two years of the Consortium of Cybersecurity Clinics (Consortium of Cybersecurity Clinics) Cybersecurity clinics in higher education are the latest in an effort by academic institutions to bolster a national cyber workforce and serve their communities.
Legislation, Policy, and Regulation
China Reviewing US Chipmaker Micron’s Products for Cyber Risks (Bloomberg) China is opening a cybersecurity review of products exported by Micron Technology Inc., the largest US maker of memory chips, to the country.
US, UK, eight others unite on cyber protections for dissidents, journalists, advocacy groups (Record) Cyberthreats against “civil society organizations, human rights defenders, dissidents, advocacy groups, journalists, and cultural institutions” have pushed 10 nations to create a forum for sharing ways to protect those groups and others.
Beijing Reinforces Its Case to Be Global Cyber Leader (OODA Loop) Beijing recently released a white paper, China's Law-Based Cyberspace Governance in the New Era, in which it presents its views on the future of the Internet, emphasizing the importance of a rules-based approach and quickly linking China’s
A US senator is slowing down the process to ban TikTok, citing free speech concerns (Quartz) Rand Paul said TikTok's data collection policies are indistinguishable from that of US tech giants
How the main civilian cybersecurity agency is building up its own chops (Federal News Network) The great Solar Winds breach back in 2020 prompted many agencies to improve their cybersecurity. Even the Cybersecurity and Infrastructure Security Agency (CISA) found it had to improve its own…
Defense experts tell House panel China remains biggest cyberthreat (UPI) The commander of the U.S. Cyber Command told a House subcommittee Thursday that China remains the biggest strategic threat to the United States.
Hackers probing contractors for path to Pentagon, DISA chief says (C4ISRNet) Foreign hackers are targeting contractors to the U.S. government not only for their intellectual property and non-public information, but also to find furtive avenues into Pentagon networks, according to the director of the Defense Information Systems Agency.
Senior Military Officials Testify on Cyber Warfare (C-SPAN.org) Gen. Paul Nakasone, who heads U.S. Cyber Command and the NSA, testified on cyber defense before a House Armed Services subcommittee. He was joined by fellow witness John Plumb, a cyber adviser to the Defense secretary. The two officials were asked about cyber threats from China and Russia, including the Chinese-based app TikTok, and if U.S. cyber defense is superior to those of its adversaries. According to Mr. Plumb, President Biden's fiscal year 2024 budget request includes $13.5 billion for cyberspace activities and $7.4 billion for cyberspace operations.
U.S. warrant requirement for surveillance program could hamper cyber cases, FBI official warns (Washington Post) Debate heats up over requiring some warrants under surveillance program
'Deliberate' or 'disappointing,' DoD doesn't expect cyber policy nominee before the fall (Breaking Defense) “I’m confident that the Senate is ready to rapidly confirm a nominee,” Rep. Mike Gallagher, R-Wisc., said. “I’ve had many conversations to that effect.”
British government mocked for advertising head of cyber role with £57K salary (Record) A job advertisement for the new head of cybersecurity at His Majesty’s Treasury (HM Treasury) in Britain has provoked derision because of its stated pay of £57,000 (about $70,000) per year.
Litigation, Investigation, and Law Enforcement
CareFirst decision cites 'actual harm' requirement in data breach lawsuits (SC Media) In a March 28 filing, a D.C. Circuit Court judge refused to join three data breach lawsuits against CareFirst into a class action.
3rd Circ. Mulls Fairness Of Fee Award In Wawa Breach Case (Law360) Counsel for a Wawa shopper part of a settlement stemming from the data breach litigation against the convenience store chain told a Third Circuit panel that the $3 million in attorney fees for class counsel in the case were greater than the compensation the plaintiffs received.
U.S., South Korea Vie Over Extradition of Crypto Fugitive Do Kwon (Wall Street Journal) The U.S. and South Korea have put in competing bids to extradite the creator of the failed TerraUSD stablecoin from Montenegro.