Dateline
Ukraine at D+407: A new world order as a precondition for negotiations. (CyberWire) Russia demands a multi-polar world, which is what it now says it's been fighting for all along.
Russia-Ukraine war live: Kremlin says its strategic aim in Ukraine is to create a ‘new world order’ (the Guardian) Foreign minister says Russia rejects a ‘unipolar world order led by one hegemon’
Russia-Ukraine war: List of key events, day 408 (Al Jazeera) As the Russia-Ukraine war enters its 408th day, we take a look at the main developments.
Blasts Hit Russia-Controlled City in Ukraine on Supply Route to Crimea (Wall Street Journal) The strikes on Melitopol make strategic sense, analysts say, because they could help to break through Russia’s land bridge and restore Ukraine’s access to the Azov Sea.
Ukraine is preparing to strike back against Russia. Timing will be key (CNN) Weather the storm, exhaust the enemy and then strike back. That has been the mantra of Ukraine's military for months. But can it be executed and if so where, when and with what?
On the front lines of the bloody battle for Bakhmut, where one mistake can take your life (The Telegraph) Defiant Ukrainian troops cling on in the war's bloodiest confrontation, despite Russia's relentless assault
How Russia’s Offensive Ran Aground (New York Times) Whatever happens in Bakhmut, a once-ambitious winter offensive never really went anywhere.
The cost of the Ukraine war for one Russian regiment (BBC News) The decline of the "elite" 331st regiment can be measured in loss to machinery and personnel.
Ukraine gives Russia two options: Leave Crimea peacefully or be ready for battle (POLITICO) Ukrainian officials clarify their stance on Crimea negotiations with Russia.
Ukraine-Russia war: Russia will not negotiate on Crimea, Kremlin insists (The Telegraph) Russia has said the future of Crimea is not up for negotiation after Kyiv said it would be prepared to enter talks on the illegally annexed territory.
Russian War Report: A new private military company emerges in Crimea (Atlantic Council) Plus, Russia and its political allies in Moldova are inflaming the information space around Transnistria.
Bring Putin to his senses, Emmanuel Macron tells Xi Jinping (The Telegraph) French president urges Chinese leader to use influence during day of high-stakes global diplomacy in Beijing
Opinion The illegal deportation of Ukrainian children has to be stopped (Washington Post) The U.N. Convention on the Prevention and Punishment of the Crime of Genocide is crystal clear: “Forcibly transferring children of [a]group to another group,” when committed with intent to destroy a nation in whole or in part, constitutes genocide.
NATO poses a threat to Russian imperialism not Russian security (Atlantic Council) Russia's passive acceptance of neighboring Finland's NATO membership raises serious questions over the Kremlin's efforts to portray the invasion of Ukraine as a response to NATO expansion, writes Peter Dickinson.
State actor still main suspect behind Nord Stream sabotage, says investigator (the Guardian) Swedish prosecutor casts doubt over theories that independent group was responsible for pipeline blasts
Greece pledges military assistance to Ukraine for 'as long as it takes' (Fox News) Greece has offered access to its hospitals for wounded Ukrainian military personnel. The country has pledged to provide more military assistance to war-torn Ukraine.
Will Finland’s political turn mean a course change on NATO too? (Atlantic Council) Finland is joining NATO just as its center-left government lost a general election. Here's what to expect with the center-right National Coalition Party in charge.
The Open Source VPN Out-Maneuvering Russian Censorship (WIRED) Amnezia, a free virtual private network, allows users to set up their own servers, making it harder for Moscow to block this portal to the outside world.
Anti-war Russians struggle to be heard (Atlantic Council) The Kremlin has worked hard to create the impression of overwhelming Russian public support for the invasion of Ukraine but anti-war sentiment may become more visible if Putin's army suffers further battlefield defeats, writes Christopher Isajiw.
DDoS attacks rise as pro-Russia groups attack Finland, Israel (TechRepublic) Israel and Finland have been hit with DDoS from two Russia-associated groups; sign of cyberattacks to come.
Vulkan Files: What does Russia's malware stash mean for us? (Register) Wrecking foreign infrastructure? But that's Team America's job!
Ukraine War Plans Leak Prompts Pentagon Investigation (New York Times) Classified documents detailing secret American and NATO plans have appeared on Twitter and Telegram.
How Russia killed its tech industry (MIT Technology Review) The invasion of Ukraine supercharged the decline of the country’s already struggling tech sector—and undercut its biggest success story, Yandex.
What Ukraine Must Do to Fight Corruption: Lessons from Around the World (Royal United Services Institute) Fighting corruption will be central to Ukraine’s reconstruction, but a focus on technical or top-down reform is unlikely to be effective. Instead, the Ukrainian government and donors need to be assertive, prosecute corrupt individuals, and encourage resilience across Ukrainian society.
Microsoft to Pay $3 Million Over Russia Sanctions, Export Controls Violations (Wall Street Journal) The majority of the apparent violations involved blacklisted Russian companies or persons in the Crimea region of Ukraine, Treasury officials said.
Attacks, Threats, and Vulnerabilities
Thieves Use CAN Injection Hack to Steal Cars (SecurityWeek) An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.
How thieves steal cars using vehicle CAN bus (Register) It starts with a headlamp and fake smart speaker, and ends in an injection attack and a vanished motor
Own a Nexx “smart” alarm or garage door opener? Get rid of it, or regret it (Graham Cluley) Hacker can remotely open or close garage doors, seize control of alarms, and switch on (or switch off) customers' "smart" plugs due to vulnerabilities in Nexx products.
Hack and enter! The “secure” garage doors that anyone can open from anywhere – what you need to know (Naked Security) Grab a message/Play it back/You’ve just performed/A big phat hack…
Special Report: Tesla workers shared sensitive images recorded by customer cars (Reuters) Between 2019 and 2022, groups of Tesla employees privately shared via an internal messaging system sometimes highly invasive videos and images recorded by customers’ car cameras.
UK criminal records portal offline amid 'security incident' (Register) ACRO says payment data safe, other info may have been snaffled
Legal powerhouse Proskauer exposed clients' confidential M&A data (TechCrunch) A security lapse exposed the law firm's confidential documents and client data to the open internet for more than six months.
If ransomware was not enough, now scams based on fake cyberattacks are here. They threaten to publish data they do not have (Gearrice) In recent years, ransomware —more than viruses, worms, Trojan horses, and other kinds of malware— it has become the great digital threat for many large
Clop ransomware booms in March as Fortra zero-day pays off for gang (ComputerWeekly.com) Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers.
UK criminal records office confirms cyber incident behind portal issues (BleepingComputer) The UK's Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal issues experienced since January 17 resulted from what it described as a "cyber security incident."
Medusa ransomware claims attack on Open University of Cyprus (BleepingComputer) The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of the organization's operations.
Money Message ransomware gang claims MSI breach, demands $4 million (BleepingComputer) Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as "Money Message," which claims to have stolen source code from the company's network.
Chippewa County, Wis., Officials Report Data Breach (GovTech) County officials have acknowledged that 25-35MB of documents containing HIPAA information were stolen by someone who took control of an employee's computer remotely.<br/>
A Chippewa County government office is notifying residents of a data breach (WEAU) Officials with the Chippewa County Human Resources Division said staff are notifying hundreds of people impacted by a data breach within the department.
Ransomware Attack at NJ County Police Department Locks Up Criminal Investigative Files (NBC New York) The Camden County Police Department experienced a ransomware attack that has been locking many criminal investigative files and day-to-day internal administration abilities, several law enforcement officials said.
Oakland acknowledges ransomware attack has worsened with massive new release of personal info (CBS News) A ransomware attack plaguing City of Oakland computer systems has worsened with a new trove of personal data of employees and residents released onto the so-called dark web, city officials acknowledged.
UH Maui College warns of data breach (KHON2) Data breaches have become fairly common in our modern online life.
Prescott College attackers steal driver’s license numbers (Cybernews) Prescott College, a US-based private school, warned thousands of victims of a data breach that exposed their personal information.
Parent company of Crestwood Medical Center experiences data breach (WAFF) According to a statement from Community Health Systems, the security breach lasted three days.
Tasmanian data breach: schoolchildren’s information among 16,000 documents leaked on dark web (the Guardian) Minister confirms education department documents breached after third-party file transfer service was hacked
'A terrible thing': Minister confirms 16k documents released online in Tasmanian data breach (ABC) The Tasmanian government sets up a helpline as hackers release 16,000 documents online as part of a cyber attack on a third-party transfer software used by the state's education department.
Uber drivers’ info nabbed in cyberattack (Security Magazine) A New Jersey law firm that represents Uber has released that an unknown number of drivers have had sensitive data stolen from cyber attackers in a recent incident.
Telegram now the go-to place for selling phishing tools and services (BleepingComputer) Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to a larger audience or to recruit unpaid helpers.
How ChatGPT can be poked into emitting malicious code (Register) But nothing a keen beginner couldn't do, anyway
Security Patches, Mitigations, and Software Updates
Cisco Patches Code and Command Execution Vulnerabilities in Several Products (SecurityWeek) Cisco has released patches for high-severity vulnerabilities impacting Secure Network Analytics and Identity Services Engine (ISE) products.
CISA Releases Seven Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released seven Industrial Control Systems (ICS) advisories on April 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Google Wants Android Users to Have More Control Over Their Data (SecurityWeek) Developers of Android applications will be required by Google to allow users to delete their account and data from within the app and online.
Google to prohibit personal loan apps from accessing user photos, contacts (TechCrunch) Google plans to restrict apps that offer loan to individuals from accessing sensitive user data such as photos, videos and contacts.
April 2023 Patch Tuesday forecast: The vulnerability discovery race (Help Net Security) Todd Schell from Ivanti offers his April 2023 Patch Tuesday forecast. Diligence to this ongoing patch process, are you prepared?
Trends
The hidden picture of malware attack trends (Help Net Security) A continuing trend shows that encryption, or the lack of decryption, is hiding the full picture of malware attack trends in Q4 2022.
Marketplace
CrowdStrike Takes Big Swing at Microsoft (Wall Street Journal) The cybersecurity star addresses a competitive threat from the software giant, but financial targets still imply caution.
Barracuda honored by Comparably for Best HR Team (PR Newswire) Barracuda Networks, Inc., a trusted partner and leading provider for cloud-first security solutions today announced it has been again honored...
Cybersecurity Veteran and Women in STEM Advocate Sylvia Acevedo Joins (PRWeb) Titaniam, Inc., the industry’s leading data security and ransomware defense platform, today announced that Sylvia Acevedo, Qualcomm and Credo Technology board
True I/O Welcomes Crypto.com's Karl Turner to Advisory Board (PR Newswire) True I/O, a tokenization company and distributor of unique digital tokens across Financial Services and the Internet of Things, welcomes Crypto....
Products, Services, and Solutions
New infosec products of the week: April 7, 2023 (Help Net Security) The featured infosec products this week are from: Guardz, Malwarebytes, Obsidian Security, and Stamus Networks.
Sumo Logic Achieves Monitoring and Observability Distinctions with AWS Cloud Operations Competency (GlobeNewswire News Room) Sumo Logic (NASDAQ: SUMO), the SaaS analytics platform to enable reliable and secure...
StackHawk Extends API Security Testing Capabilities to Address Large-Scale Enterprise Customer Needs (PR Newswire) StackHawk, the company making web application and API security testing part of software delivery, today announced its new enterprise...
Mitigating USB Data Exfiltration With Falcon Device Control (CrowdStrike) CrowdStrike announces extended file metadata for context and visibility. These new capabilities focus on enhanced identification and investigation data for data loss and exfiltration activities.
KoolSpan Announces Release of TrustCall-X 10.5, the Latest Version of (PRWeb) KoolSpan, a leading provider of secure mobile communication solutions, today announced the release of TrustCall-X 10.5, the latest version of its trusted mo
ZeroFox Enhances Executive Protection Offering with PII Removal (GlobeNewswire News Room) Updated solution includes multiple tiers of protection, hardens customers’ attack surface and reduces breach risk by removing online personal information...
Leonardo, Siemens sign deal to create cybersecurity platform (Reuters) Leonardo and Siemens on Thursday said they signed a memorandum of understanding to offer cybersecurity solutions for infrastructure in the energy, oil and gas and industrial sectors.
Thuraya enters agreement to offer the Archon GoSilent Cube encryption solution (ACE Times) The GoSilent Cube client is the smallest, lightest, and most cost-effective hardware encryptor for secure communications
Technologies, Techniques, and Standards
Perspectives on Security for the Board (Google Cloud) As a Board Member and a CISO, we frequently engage with company leadership across sectors on cybersecurity and technology risk. In these engagements, it is clear that cyber is top of mind for every organization.
How to Defend Against Extortion Groups Like Lapsus$ (Security Intelligence) Using chaotic methods, Lapsus$ has successfully attacked some of the world's largest companies. Here's how organizations can stay safe.
OPM putting final touches on cyber workforce dashboard (Federal News Network) The Office of Personnel Management will soon launch a pair of cyber workforce dashboards to try to help agencies better understand gaps in their cyber workforce, while also trying to attract more job…
Design and Innovation
WSJ News Exclusive | Google CEO Sundar Pichai Says Search to Include Chat AI (Wall Street Journal) The company plans to add conversational artificial-intelligence features to its flagship search engine, CEO Sundar Pichai said.
The ‘Manhattan Project’ Theory of Generative AI (WIRED) Both advocates and critics of generative AI have compared it to the atom bomb. Here’s where that comparison breaks down.
Are chat bots changing the face of religion? Three faith leaders on grappling with AI (the Guardian) Mainstream adoption of generative AI and conversational bots has left few spaces untouched, even religious communities
Legislation, Policy, and Regulation
Australia Is Scouring the Earth for Cybercriminals — the US Should Too (Dark Reading) It's time to get ahead of attacks before they even happen.
Leaders Say TikTok Is Potential Cybersecurity Risk to U.S. (U.S. Department of Defense) The Chinese social media company TikTok is a potential threat to the United States, John F. Plumb, assistant secretary of defense for space policy and principal cyber advisor to the secretary of
Decentralized Cryptocurrency Markets Threaten U.S. Security, Treasury Says (Wall Street Journal) In a new report, the department lays the foundation for regulation, enforcement of ‘DeFi’ markets.
CISA director: AI cyber threats the ‘biggest issue we're going to deal with this century' (Register) A top U.S. cyber official expressed grave concerns about the security implications of generative artificial intelligence at a forum on Thursday, warning that legislative action is needed to regulate its use.
CISA director details plan to address security risks in open source software (FCW) From hiring an open source security lead to establishing new public-private sector initiatives, the Cybersecurity and Infrastructure Security Agency is taking open source software security risks head on, according to Jen Easterly.
CISA Director & Other Administration Officials Discuss Cybersecurity Strategy (C-SPAN.org) Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly, Acting National Cyber Director Kemba Walden, and U.S. Ambassador-at-Large for Cyberspace and Digital Policy Nathaniel Fick were among the speakers in a conversation about the Biden administration's recently released National Cybersecurity Strategy hosted by the Atlantic Council. Several topics were discussed, including digital literacy, building a resilient and redundant digital framework, the importance of public-private partnerships, mitigating threats posed by adversaries, such as China, and the security of cloud computing systems. They also stressed the importance of shifting the cybersecurity burden from small businesses and communities to larger entities, such as the federal government.
U.S. National Cybersecurity Strategy and Its Impact on Domain Security (CircleID) Last month, the U.S. National Cybersecurity Strategy was launched, providing a new roadmap for stronger collaboration between those operating within the digital ecosystem. The strategy calls on software makers and American industry to take far greater responsibility to assure that their systems cannot be hacked while accelerating efforts by the Federal Bureau of Investigation and the Defense Department to disrupt the activities of hackers and ransomware groups around the world.
Trade group floats cyber national guard plan (FCW) A new report from the Intelligence and National Security Alliance recommends public-private partnerships and new cybersecurity teams on the frontlines of the digital battlefield.
New rule could impose CMMC-like cyber requirements for civilian agency contractors (FedScoop) The DOD is working with civilian agencies on a new FAR rule that would apply new requirements for vendors that handle controlled unclassified information.
The Case for Banning Children from Social Media (The New Yorker) Most people seem to agree that something should be done to protect kids from what sure looks like an addictive product. But almost no one knows what that something is.
US defense tech veterans call for a separate Cyber Force (Register) A seventh branch of the military is needed to address rising threats
NTISB Shared 75 Cyber Security Advisories With Federal and Provincial Governments (ProPakistani) The National Telecommunication and Information Technology Security Board (NTISB) completed IT security audits of 12 Ministries and Divisions in the FY2021-22.
TikTok’s Next Big Ban Showdown Is in Montana (Wall Street Journal) The Chinese-owned app is lobbying against a bill to ban TikTok for all Montanans, in an effort to try to avoid a domino effect.
Litigation, Investigation, and Law Enforcement
Australian arm of Operation Cookie Monster cybercrime raid results in 10 arrests (the Guardian) Local police join multinational takedown of online marketplace used by criminals to buy and sell personal data
Success of Genesis Market Takedown Attempt Called Into Question (SecurityWeek) Law enforcement announced the takedown of Genesis Market, but the impact on the cybercrime marketplace’s infrastructure may be limited.
Spanish cops arrest teenage 'Robin Hood hacker' (Register) Luxury cars and designer duds don't seem very prince of thieves
Stopping cybercriminals from abusing security tools (Microsoft On the Issues) Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra™ and Health Information Sharing and Analysis Center (Health-ISAC) are taking technical and legal action to disrupt cracked, legacy copies of Cobalt Strike and abused Microsoft software, which have been used by cybercriminals to distribute malware, including ransomware. This is a change in the way DCU has...
Microsoft, Fortra get legal permission to counter Cobalt Strike abuse (Record) The two companies, along with the Health-ISAC, have been granted the power to go after "malicious infrastructure" associated with abusive uses of the popular penetration testing software.
Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands (CyberScoop) The action against cracked versions of legitimate Cobalt Strike applications represents the culmination of a year-long investigation.
Covid Contact-Tracing Contractor Settles Data Breach Lawsuit (Bloomberg Law) Insight Global LLC will pay up to $5,000 each to victims of an April 2021 data breach involving Covid-19 contact-tracing data to compensate them for extraordinary out-of-pocket losses, in a settlement given final approval by a federal judge.
