Dateline Moscow and Kyiv: Fighting around Bakhmut; hacktivism reaches one of Russia's few supporters.
Ukraine at D+321: "Difficult in places." (CyberWire) Hacktivism reaches Iran as evidence collection for cyber war crimes prosecutions continues.
Russia-Ukraine war: List of key events, day 322 (Al Jazeera) As the Russia-Ukraine war enters its 322nd day, we take a look at the main developments.
Russia on brink of first battlefield breakthrough in months with capture of Soledar (The Telegraph) Ukrainian troops are battling 'waves' of attacks for control of key town and the Wagner mercenary group is claiming credit
Russia-Ukraine war live: Putin says situation in illegally annexed regions ‘difficult’ as Ukraine claims Russia yet to capture Soledar (the Guardian) Comments come amid conflicting claims about situation in embattled city of Soledar
Putin secretly pardoned convicts recruited by Wagner to fight in Ukraine (Washington Post) Russian President Vladimir Putin secretly pardoned dozens of convicts even before they were sent to fight in the war in Ukraine, a member of Russia’s Human Rights Council said — indicating that there were legal flaws in recruitment strategy that promised jailed criminals that their sentences would be set aside only after they had completed military service.
Ukrainian Troops Headed to U.S. for Patriot Missile Training (U.S. Department of Defense) Training for Ukrainian forces on the Patriot air defense system will begin as soon as next week at Fort Sill, Okla., the Pentagon press secretary said.
Pentagon to train Ukraine on Patriot missile system in Oklahoma (Washington Post) The Pentagon is planning to bring Ukrainian troops to the United States for training on the Patriot missile defense system, a U.S. official with direct knowledge of the development said Tuesday.
Turkey Is Sending Cold War-Era Cluster Bombs to Ukraine (Foreign Policy) The artillery-fired cluster munitions could be lethal to Russian troops–and Ukrainian civilians.
Poland in talks with allies over Leopard 2 transfers to Ukraine (Defense News) Warsaw is drumming up allied support in favor of battle tank deliveries that could help Ukraine fend off Russia.
Russians Fear They’ll Soon Be Starving ‘Like North Koreans’ (The Daily Beast) The brutal economic reality of a long war is beginning to dawn on even the most ardent pro-Putin propagandists, as Russia prepares for misery at home.
Like Ivan the Terrible, Putin could hobble on after defeat (The Telegraph) Russia is at a turning point in its history. Putin’s future now lies on the battlefields in Ukraine
Putin’s faltering Ukraine invasion exposes limits of Russian propaganda (Atlantic Council) Putin’s invasion of Ukraine was supposed to be a short and victorious war. Instead, it has transformed him into a pariah and shattered Russia’s reputation as a military superpower. How could he have got it so wrong?
Putin's war against Ukraine will ruin Russia (Fox News) Vladimir Putin is pondering the impacts of his war against Ukraine. But there is no chance for redemption.
Russia and Ukraine Are Not Ready for Talks (Foreign Affairs) But they might get there if Ukraine keeps winning.
Ukraine’s nation-building progress spells doom for Putin’s Russian Empire (Atlantic Council) Many observers seek to blame Putin's Ukraine invasion on his imperial ambitions or Kremlin fears over NATO expansion, but in reality the war is a desperate Russian response to Ukraine's historic nation-building progress.
Ukraine’s Consequences Are Finally Spreading to Syria (War on the Rocks) Russia’s invasion of Ukraine is reverberating more than 1,000 miles away in Syria. Squeezed by its strategic blunder, Moscow’s shrinking strategic
What We’ve Learned From the War in Ukraine (Foreign Policy) David Petraeus and Anne-Marie Slaughter reflect on what’s surprised them—and how to prevent future wars.
Get used to wielding ‘hard power,’ US Army general at head of NATO command tells allies (Stars and Stripes) Drastic changes are coming for NATO, and the U.S.-led alliance’s top American officer in Europe says members must face this fact: “Hard power is a reality.”
After Ukraine invasion, NATO aligning strategy with 'regional plans': Former SACEUR - Breaking Defense (Breaking Defense) NATO likely will maintain a "semi-permanent" presence in Eastern Europe for many years to come, said retired Gen. Tod Wolters, former Supreme Allied Commander Europe.
Iranian websites impacted by pro-Ukraine DDoS attacks (SC Media) Numerous Iranian websites including those of the National Iranian Oil Company and Iran's supreme leader Ali Khamenei have been subjected to distributed denial-of-service attacks by pro-Ukraine hacktivist groups after Russia attacked Ukraine with many Iran-supplied drones on New Year's Eve, reports The Record, a news site by cybersecurity firm Recorded Future.
The war in Ukraine tests how cyberattacks fit into rules for war crimes (Washington Post) Ukraine petitions International Criminal Court to investigate cyberattacks as war crimes
Attacks, Threats, and Vulnerabilities
Dark Pink (Group-IB) New APT hitting Asia-Pacific, Europe that goes deeper and darker
New Dark Pink APT group targets govt and military with custom malware (BleepingComputer) Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information.
A Widespread Logic Controller Flaw Raises the Specter of Stuxnet (WIRED) More than 120 models of Siemens' S7-1500 PLCs contain a serious vulnerability—and no fix is on the way.
Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL (The Hacker News) Beware! Kinsing cryptojacking attacks are targeting Kubernetes clusters through misconfigured PostgreSQL.
StrongPity espionage campaign targeting Android users (WeLiveSecurity) ESET researchers uncover an active StrongPity campaign that spreads a trojanized version of the Android Telegram app posing as the Shagle video chat app.
Vulnerability in Popular JsonWebToken Open Source Project Leads to Code Execution (SecurityWeek) A high-severity vulnerability in the JsonWebToken open source project could be exploited to achieve remote code execution.
Malicious code deletes directories if you do not have a license (Mend) Mend researchers identify a new type of malicious code that deletes directories.
US air travel resumes but thousands of flights delayed after planes grounded - live updates (The Telegraph) An IT meltdown grounded every flight from the US this afternoon in a blow to thousands of travellers.
Pokémon NFT Card Game Is, Unsurprisingly, Just A Front For Malware (Kotaku Australia) A website offering users a Pokémon TCG experience with NFTs has been exposed as a way for anonymous hackers to gain remote access to PCs.
AT&T Says It's Investigating Claims About a Data Breach (Restore Privacy) AT&T has confirmed that it is investigating claims about a data breach impacting its customers, but played down the importance of leaked data.
Google Chrome "SymStealer" Vulnerability: How to Protect Your Files from Being Stolen (Imperva) The Imperva Red Team recently disclosed a vulnerability, dubbed CVE-2022-3656, affecting over 2.5 billion users of Google Chrome and Chromium-based browsers. This vulnerability allowed for the theft of sensitive files, such as crypto wallets and cloud provider credentials. Introduction Chrome is the most widely used browser, with a 65.52% market share. Two other top 6 […]
How to track equipped cars via exploitable e-ink platemaker (Register) Miscreants could have tracked, modified, deleted digital plates
Cyber-attack on DNV impacts 6,000+ vessels using ShipManager software (The Loadstar) DNV has been tight-lipped about the cyberattack that hit its ShipManager software on Saturday, risking over 6,000 vessels and 300 owners.
Data leak exposes information of 10,000 French social security beneficiaries (CSO Online) More than 10,000 recipients of the French social security agency CAF saw their data exposed for nearly a year and a half, after a file containing personal information was sent to a service provider responsible for training the organization's statisticians.
Ransomware attack exposes California transit giant’s sensitive data (Cybersecurity Dive) Vice Society, a prolific ransomware group, leaked data it claims to have stolen from San Francisco’s Bay Area Rapid Transit.
San Fran's BART Investigates Vice Society Data Breach Claims (Dark Reading) Vice Society is boasting that it compromised the San Francisco transportation system, while BART maintains operations and mounts an investigation.
Hackers leak sensitive files after attack on San Francisco transit police (Yahoo) Criminal hackers have posted an enormous trove of sensitive files to the internet from a San Francisco Bay Area transit system’s police department, including
Hackers hit websites of Danish central bank, other banks (Reuters) Hackers have disrupted access to the websites of Denmark's central bank and seven private banks in the country this week, according to the central bank and an IT firm that serves the industry.
Identity thieves crack major Experian security flaw, access customer credit reports (TechRadar) Getting access to Experian reports was as easy as tweaking the URL address
244,300 patients potentially affected in colonoscopy prep retail site data breach (Becker's GI & Endoscopy) Captify Health, a colonoscopy prep-focused management services company, notified about 244,300 patients that their personal information may have been compromised during a data breach of the company's colonoscopy prep retail site, Bank Info Security report
UK's Morgan Advanced Materials reports cyber security incident on its network (teiss) British industrial firm Morgan Advanced Materials Plc said on Tuesday it was assessing a cyber security incident after detecting unauthorised activity on its network.
Des Moines Public Schools classes to resume Thursday after ransomware attack (desmoinesregister) Des Moines Public Schools officials canceled class for a second straight day following the attack but say they have made \
Iowa school district cancels classes another day due to cyberattack (The Record from Recorded Future News) One of the biggest school districts in Iowa plans to shutter its doors again on Wednesday after canceling classes due to a cyberattack.
CISA Adds Two Known Exploited Vulnerabilities to Catalog (CISA) CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.
Security Patches, Mitigations, and Software Updates
CISA orders agencies to patch Exchange bug abused by ransomware gang (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) has added two more security vulnerabilities to its catalog of exploited bugs today.
Microsoft ends Windows 7 security updates (TechCrunch) The decade-old operating system will continue to run, but will remain vulnerable to ongoing security threats and vulnerabilities.
Microsoft Releases January 2023 Security Updates (CISA) Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January 2023 Security Update Guide and Deployment Information and apply the necessary updates.
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches (Naked Security) Get ’em while they’re hot. And get ’em for the very last time, if you still have Windows 7 or 8.1…
98 Patches: Microsoft Greets New Year With Zero-Day Security Fixes (Dark Reading) Microsoft's January 2023 Patch Tuesday security update contains fixes for bugs in multiple products. Here's what you need to patch now.
Microsoft plugs actively exploited zero-day hole (CVE-2023-21674) (Help Net Security) Microsoft patches 98 flaws, including one exploited in the wild (CVE-2023-21674) and one (CVE-2023-21549) publicly disclosed.
Microsoft Patch Tuesday: 97 Windows Vulns, 1 Exploited Zero-Day (SecurityWeek) Microsoft fixes at least 97 documented software vulnerabilities, including a zero-day that’s already been exploited to escape the browser sandbox.
January Patch Tuesday Updates | 2022 (Syxsense Inc) Microsoft releases 98 fixes this month including 11 Critical, one Public Aware and one Weaponised Threat
Adobe Releases Security Updates for Multiple Products (CISA) Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.
Adobe Plugs Security Holes in Acrobat, Reader Software (SecurityWeek) Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a range of enterprise-facing products.
2023 ICS Patch Tuesday Debuts With 12 Security Advisories From Siemens, Schneider (SecurityWeek) The first round of ICS Patch Tuesday security advisories from Siemens and Schneider Electric address a total of 27 vulnerabilities.
Black Box KVM (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity/public exploits are available Vendor: Black Box Equipment: KVM Switches and Extenders Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read sensitive data on the built-in web servers of the affected devices.
Delta Electronics InfraSuite Device Master (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Deserialization of Untrusted Data, Path Traversal, Missing Authentication for Critical Function 2.
Trends
State of Software Security (Veracode) Veracode presents volume 13 of the State of Software Security (SOSS) report, our comprehensive review of application testing data."
Three-Quarters of Teenagers Have Seen Online Pornography by Age 17 (New York Times) Sexually explicit content has become so prevalent online that teenagers are deluged, according to a new report by a nonprofit child advocacy group.
Marketplace
McLean's IronNet secures loan funding in face of insolvency threat (Washington Business Journal) The company also received notice from the New York Stock Exchange it is not in compliance with listing requirements.
Darktrace warns on revenue as customers turn cautious (Reuters) British cyber-security company Darktrace cut its full-year revenue forecast on Wednesday after prospective customers turned more reluctant to run product trials due to the worsening economic environment.
Forter Appoints Ozge Tuncel Ozcan as Chief Customer Officer (Business Wire) Forter, the Trust Platform for digital commerce, today announced the appointment of Ozge Tuncel Ozcan, a proven customer success leader, as chief cust
D3 Security Hires Cybersecurity Sales and Channel Leader Michael Lyons as CRO (Business Wire) Leading independent SOAR vendor D3 Security hires cybersecurity and IT security sales leader Michael Lyons as Chief Revenue Officer.
Devo Appoints Brian Froehling as New Chief Revenue Officer (GlobeNewswire News Room) Strategic leadership appointment advances the company’s next stage of growth and execution following an impressive 2022...
Gluware Appoints Matthew Westover as Chief Revenue Officer to Drive Growth Strategy (PR Newswire) Gluware, Inc., the leader in intelligent network automation, today announced the appointment of Matthew Westover as Chief Revenue Officer (CRO)....
Okta Chief Revenue Officer Departs Amid Sales Shakeup (The Information) Okta’s chief revenue officer, Steve Rowland, is leaving the identity and access management software provider at the end of the month, according to a current Okta employee. Rowland’s departure, less than two years after the enterprise software veteran joined Okta, comes as Okta is grappling with ...
Secure Access Vendor Appgate Promotes CISO Leo Taddeo to CEO (Gov Info Security) Appgate has promoted CISO and Federal President Leo Taddeo to CEO and tasked him with capturing zero trust deployment opportunities with the U.S. Defense
Tufin Names Raymond Brancato CEO (Business Wire) Tufin appointed Raymond Brancato as Chief Executive Officer (CEO)
Channel Stalwart Frank Rauch Jumps To Cato Networks To Drive SASE Sales Through Partners: Exclusive (CRN) SASE Specialist Cato Networks has nabbed security provider Check Point’s Channel Chief of four years, Frank Rauch, to lead Cato’s partner ecosystem as the company aggressively builds out its own channel team to capture more global security and SD-WAN business.
Aware Welcomes Kevin Bobowski as Chief Marketing Officer (PR Newswire) Aware, the leading collaboration intelligence platform, welcomes Kevin Bobowski as Chief Marketing Officer, effective immediately. Bobowski...
Cyberpion Names New CEO and Expands Management Team to Lead Next Phase of Growth (PR Newswire) Cyberpion, a cybersecurity leader in external attack surface management (EASM), today announced that Marc Gaffan has been named Chief Executive...
Searchlight Cyber Appoints Evan Blair to Drive US Growth (Business Wire) Searchlight Cyber hires former ZeroFox co-founder Evan Blair as General Manager, North America to spearhead momentum in the US
Products, Services, and Solutions
Jamf Ends 2022 Helping Approximately 71,000 Customers Succeed with Apple (GlobeNewswire News Room) Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced that as of December...
SecureAuth Identity Platform 22.12 Release Speeds Passwordless Deployment and Streamlines Migration (SecureAuth) SecureAuth Identity Platform 22.12 Release Speeds Passwordless Deployment and Streamlines Migration
CybeReady Releases Data Privacy CISO Training Toolkit (AP NEWS) Press release content from Newswire. The AP news staff was not involved in its creation. CybeReady, provider of the world’s fastest security awareness solution, today published the company’s Data Privacy CISO Toolkit as Data Privacy Week is set to arrive in January. Access to the Data Privacy CISO Toolkit i s free of charge and offered to support data privacy training this month.
CircleCI Cybersecurity Incident Hunting Guide (Mitiga) In response to the recent CircleCI security incident, the Mitiga Research Team shares this technical guide to assist organizational threat hunting efforts.
Contrast Security’s Developer Portal Named a DevPortal Awards 2022 Finalist for Best Onboarding (Contrast Security) CodeSec delivers quick scan times, market-leading accuracy, actionable results and seamless integration.
Intel Adds TDX to Confidential Computing Portfolio With Launch of 4th Gen Xeon Processors (SecurityWeek) Intel has added TDX to its confidential computing portfolio with the launch of its 4th Gen Xeon enterprise processors.
Synopsys Software Security | Software Integrity Group (Synopsys) Build high-quality, secure software faster with our application security testing tools and services. We are a Gartner Magic Quadrant leader in appsec.
Palantir Announces Strategic Partnership with Cloudflare Focused on Cloud Cost Optimization (PR Newswire) Palantir Technologies Inc. (NYSE: PLTR) today announced a strategic partnership with Cloudflare, Inc. (NYSE: NET), the security, performance,...
42Crunch integrates with Microsoft to provide enterprises with end-to-end API protection (Help Net Security) 42Crunch has integrated with Microsoft Sentinel to provide enterprises with end-to-end API protection and visibility.
KnowBe4 Integrates With CrowdStrike to Help Organizations Reduce Human Risk (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that its new...
Technologies, Techniques, and Standards
Retail & Hospitality ISAC and National Retail Federation Partner to Enhance Cybersecurity in the Retail Industry (NRF) NRF and RH-ISAC partnership to strengthen their collective efforts to improve cybersecurity within the retail industry.
Traceable AI Addresses Newest FFIEC Compliance Guidelines Highlighting API Security for Financial Institutions (PR Newswire) Traceable, the industry's leading API security and observability company, today announced it is providing the necessary API security measures...
NARA to Publish First Update to Cybersecurity Records Rules Since 2014 (Nextgov.com) The agency is issuing an update to the General Records Schedule, including new rules for packet capture and cybersecurity incident logs.
DOE’s cybersecurity accelerator to focus on industrial control systems with 2nd cohort (Utility Dive) The program will "help bring cutting-edge solutions to market more rapidly,” said Secretary of Energy Jennifer Granholm.
Pentagon plans to formally propose changes to CMMC program ahead of official launch (InsideDefense) Full implementation of the Pentagon's Cybersecurity Maturity Model Certification program for defense contractors will likely shift to 2024 based on revised estimates from the Defense Department in the fall 2022 unified agenda, which indicates two proposed rules are expected for release in the coming months.
Maryland ISAC to Align State, Local Partners With Cyber Intel (GovTech) The newly announced MD-ISAC aims to provide actionable cyber intelligence to counties, cities, towns and public schools to help them identify and head off potential cybersecurity threats.
Healthcare Industry CISOs Collaborate to Solve the Third Party Cyber Risk Problem (Business Wire) Amid heightened threats to the nation’s healthcare systems, more than 20 leading healthcare organizations have come together to identify effective, ef
Everything you’ve been told about passwords is a lie (Washington Post) Taking just one of these steps can improve your online security. But the real goal is killing passwords.
Design and Innovation
DOE Opens Application Period for 2nd Cohort of NREL’s Clean Energy Cybersecurity Program (Executive Gov) Looking for the latest Government Contracting News? Read about DOE Opens Application Period for 2nd Cohort of NREL’s Clean Energy Cybersecurity Program.
Research and Development
A 30-Year-Old Cryptographic Challenge Is About To Be Solved (Discover Magazine) An unexpected breakthrough could suddenly make quantum computers powerful enough to threaten cryptographic codes.
Academia
Putting an end to ransomware attacks targeting K-12 school districts (Menlo Security) Learn why attackers are taking advantage of school districts with ransomware attacks and how school districts can protect themselves.
Legislation, Policy, and Regulation
EU leaders fire warning shots at TikTok over privacy (POLITICO) Brussels expects the platform to go the ‘extra mile in respecting EU law’ and regaining trust, says Commissioner Jourová.
U.K.-Japan defense cooperation to intensify following landmark agreement (The Japan Times) The deal is Tokyo’s first such pact with a European nation and the country’s third overall as it expands its number of global security partners.
UN committee assembles to discuss establishment of cyber crime treaty (CyberSecurity Connect) A United Nations’ (UN) committee has convened to discuss the creation of a cybercrime convention which aims to shape legal frameworks and eliminate “legal blind spots” in cybercrime. This is t
New House Homeland Chair Pledges to Fight Cyber Battle (Meritalk) Rep. Mark Green, R.-Tenn., who was selected yesterday to chair the House Homeland Security Committee, pledged to “secure our cyber border” as one of his top priorities for the committee for the 118th Congress.
The Pentagon's Cyber Personnel Issues Need More Attention (The Cipher Brief) Cipher Brief Senior National Security Columnist Walter Pincus focuses on why the Pentagon's Cyber Personnel issues need more attention
Which US states best protect privacy online? (Comparitech) Laws governing online privacy in the US vary widely from state to state. We evaluated each and every state based on 14 key criteria.
Litigation, Investigation, and Law Enforcement
Israeli Spy Tech Sold to Bangladesh, World’s Third-largest Muslim Country, Despite Dismal Human Rights Record (Haaretz) Advanced cyber tools to intercept mobile and internet traffic were sold to the Interior Ministry, internal security agency and armed forces, via Cyprus. Israel and Bangladesh do not have diplomatic relations
US Supreme Court Allows WhatsApp to Sue NSO Group (Infosecurity Magazine) WhatsApp can now sue for damages ensued by the installation of the Pegasus spyware
Instagram and Facebook introduce more limits on targeting teens with ads (TechCrunch) Facebook and Instagram advertisers will be more limited in the ways they can target personalized ads to users under 18.
How 2022 Crypto Sanctions Affected Crypto Crime (Chainalysis) We look at how OFAC’s cryptocurrency sanctions strategy has evolved over time, examine the types of entities sanctioned so far, and analyze the impact.
Manx Care won't have to pay £170,000 data breach fine (Manx Radio) Information Commissioner pleased with board's progress
Russian meddling in 2016 US election was weak report finds (Register) Boffins find Twitter foreign influence campaign didn't have much pull
FBI reveals it uses CIA and NSA to spy on Americans (The Washington Times) Details about how the FBI uses the CIA and National Security Agency to probe the private lives of Americans without a warrant are revealed in the FBI’s updated rule book, which is the first version made public since the Obama administration.
Intel head Turner requests national security 'damage assessment' after classified docs found at Biden office (Fox News) The incoming chairman of the House Intelligence Committee is demanding a prompt national security "damage assessment" after classified docs were found at the Penn Biden Center.
Senate Intel chair calls for a briefing on classified docs found in Biden office (NBC News) Warner has voiced frustration that a briefing for congressional leaders about the classified documents found in Trump’s possession at Mar-a-Lago never materialized.
Biden says he was "surprised" classified documents were found at Penn Biden Center office (CBS News) President Biden responded for the first time to news that documents marked classified were discovered at office in the Penn Biden Center.
There are clear distinctions between Trump and Biden's two cases (CNN) Republicans seized on revelations that several classified documents from Joe Biden's time as vice president were found in his former private office to create cover for former President Donald Trump's hoarding of secret records.