Dateline Moscow and Kyiv: Developments in Russia's war.
Ukraine at D+414: Discord Papers arrest, cyberespionage, and hacktivist DDoS. (CyberWire) The FBI makes an arrest in the Discord Papers case, and the US Department of Defense reviews its handling of classified material. CERT-Polska warns of an SVR cyberespionage campaign. Russian hacktivist auxiliaries continue DDoS attacks against Canadian targets.
Russia-Ukraine war: List of key events, day 415 (Al Jazeera) As the Russia-Ukraine war enters its 415th day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 415 of the invasion (the Guardian) MoD says Russian and Wagner troops are making gains in Donetsk frontline town; US arrests 21-year-old air national guardsman over Pentagon leaks
Ukraine war latest: Russian troops block last road into Bakhmut, says Moscow (The Telegraph) Russia on Thursday claimed it had cut off the last road into Bakhmut, preventing any Ukrainian troops in the besieged city from escaping or being reinforced, reports Nataliya Vasilyeva.
Ukraine’s Best Chance (Foreign Affairs) A successful offensive could end the war with Russia.
Ukraine stands firm on Crimea, wants Russia out of all areas (AP NEWS) Ukraine’s foreign minister says his country won’t budge from its demand that Russia withdraw its forces from Crimea, as well as from other parts of Ukraine that Moscow illegally annexed more recently. Calling the war in Ukraine “a bleeding wound in the middle of Europe,” Foreign Minister Dmytro Kuleba said Thursday all his country’s territory must be treated equally in dealing with the Kremlin after its full-scale invasion more than 13 months ago. Also Thursday, Russia voiced its latest grievances about a grain deal under which the warring countries export food around the world. The deal comes up for renewal next month.
Russia races to pass tough new military draft rules, banning conscripts from leaving (NPR) The law could have big implications for the Kremlin's war plans in Ukraine, especially as it tries to recruit thousands more troops in anticipation of a Ukrainian counteroffensive.
Putin cancels Victory Day parades as Ukraine invasion continues to unravel (Atlantic Council) The cancellation of Victory Day parades in multiple Russian regional capitals is a blow to Putin's personal prestige that exposes the grim reality behind Moscow's upbeat propaganda portrayals of the faltering Ukraine invasion, writes Peter Dickinson.
The elite Russian regiment that became a symbol of Putin’s failures (The Telegraph) The 331st Guards Parachute Regiment were touted as ‘the best of the best’, but the mishandled invasion of Ukraine has taken its toll
When Russia calls others 'Nazis', it should be looking at itself (euronews) The Kremlin's need to justify the war grew to embrace the most radical voices, including those peddling Nazi creed, as its ideologues became hell-bent on normalising the aggression, Aleksandar Đokić writes.
Poland PM questions commitment of France and Germany on Ukraine (Axios) "There are politicians in Western Europe who want a ceasefire in Ukraine at any price, as quickly as possible."
Poland and Ukraine: The emerging alliance that could reshape Europe (Atlantic Council) Poland's leading role in the European response to Russia's Ukraine invasion is fueling talk of a eastward shift in Europe's geopolitical center of gravity with the Polish-Ukrainian alliance set to become increasingly influential.
Poland bid to re-export MiG-29s to Ukraine wins quick German approval (Defense News) Approval was granted by Berlin on the same day that Warsaw asked for permission.
Ukraine accuses Hungary of funding Russian war crimes with energy deals (POLITICO) Moscow’s energy exports might be cheap, but they cost Ukrainian lives, a senior Zelenskyy adviser says.
Memo to NATO leaders (Atlantic Council) NATO’s upcoming Vilnius summit has to produce more than a rhetorical expression of support for Ukraine. Allied leaders must leverage the opportunity to drive forward a NATO defense and deterrence posture that underscores NATO’s resolve to support Ukraine and begins the process of fully integrating Ukraine within the transatlantic community, including as a NATO member.
The West Needs a New Strategy in Ukraine (Foreign Affairs) A plan for getting from the battlefield to the negotiating table.
Why is the West self-deterring in Ukraine? (Atlantic Council) Thus far, the West has communicated that the best that it can muster when it comes to vertical escalation is to second-guess and self-deter.
NATO should offer Ukraine a membership plan now (Atlantic Council) Considering today’s geopolitics and NATO’s values, offering a membership action plan is the most effective and appropriate response to the challenge Russia presents.
Vladimir Putin may at last be glimpsing victory (The Telegraph) If the conflict turns into a bloody stalemate, the West could go wobbly on their erstwhile Ukrainian allies
China agreed to secretly arm Russia, leaked Pentagon documents reveal (the Guardian) Intercept of Russian intelligence shows Beijing wanted to disguise lethal aid as civilian items, says report
Russia-Ukraine war live: China ‘will not supply weapons to parties involved in Ukraine conflict’ (the Guardian) Chinese foreign minister responds to concerns from the US and others that Beijing was considering providing military assistance to Russia
British plane fired on by Russian jet after misheard order, US officials say (The Telegraph) Missile was launched but did not work, claim sources, confirming leaked Pentagon documents describing the incident as 'near-shootdown'
Russia jams US GPS-guided weapons given to Ukraine, leaked info shows (Task & Purpose) The Russians have been working on how to disrupt the US military’s GPS-guided weapons since the last century.
US, Ukraine say many war secrets safe from intel leaks (Military Times) Ukraine’s leaders say they don’t see a major U.S. intelligence leak as gravely damaging future offensives.
Guardsman arrested in leak of classified military documents (AP NEWS) A Massachusetts Air National Guard member has been arrested in connection with the disclosure of highly classified military documents about the Ukraine war and other top national security issues, a breach that has raised questions about America’s ability to safeguard its most sensitive secrets.
The Pentagon’s Purported Classified-Document Leak: The Biggest Takeaways and Questions So Far (Wall Street Journal) The U.S. is seeking to assess the damage from an intelligence breach after officials discovered images of purportedly classified U.S. documents circulating online.
FBI arrests Air National Guard suspected over Pentagon leaks (The Telegraph) Jack Teixeira is accused of routinely posting classified documents to a group of 24 young men who bonded in the pandemic
F.B.I. Arrests National Guardsman in Leak of Classified Documents (New York Times) Authorities say Jack Teixeira, a 21-year-old member of the Massachusetts Air National Guard, posted sensitive materials in an online chat group.
FBI arrests Air National Guardsman in probe of Pentagon intel leak (Military Times) Airman 1st Class Jack Teixeira is suspected of uploading classified documents to a social media group.
Jack Teixeira to appear in court accused of Pentagon leaks (the Guardian) Former IT specialist, 21, arrested on Thursday is accused of intelligence leak believed to have started on Discord
Pentagon Looking Into How Accused Leaker Accessed Top Secret Documents (Wall Street Journal) Officials arrested Jack Teixeira, a 21-year-old Massachusetts Air National Guardsman, in connection with the documents leak.
‘The biggest news here in years’: Pentagon leak suspect’s home town voices shock (the Guardian) Residents of town of Dighton, Massachusetts, stunned by news of arrest of 21-year-old air national guardsman Jack Teixeira
DOD Calls Document Leak 'a Criminal Act' (U.S. Department of Defense) The U.S. government is working with interagency partners and the intelligence community to better understand the scope, scale and impact of unauthorized disclosure of sensitive information, the
Secretary of Defense Commends Actions Taken by the Department of Justice and Federal Burea (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III commends actions taken by the Department of Justice and Federal Bureau of Investigation for their swift arrest in connection with this investigation.
Pentagon Press Secretary Air Force Brig. Gen. Pat Ryder Holds a Press Briefing (U.S. Department of Defense) Pentagon Press Secretary Air Force Brig. Gen. Pat Ryder held a press briefing.
Discord says it is cooperating in probe of classified material breach (Reuters) Instant messaging platform Discord said on Wednesday it was cooperating with U.S. law enforcement's investigation into a leak of secret U.S. documents that has grabbed attention around the world.
Biden says leak investigation is ‘getting close,’ downplays consequences (Washington Post) President Biden said Thursday that an investigation into the leak of a massive trove of classified U.S. military documents is “getting close” to a resolution and downplayed the fallout from secrets that have exposed U.S. spying on allies and revealed the grim prospects for Ukraine’s war with Russia, among other things.
What we’ve learned from the leaked Pentagon documents (Washington Post) The leak of a trove of classified U.S. military documents, some of which began to spread on chat platforms in recent weeks and more of which have emerged since, has spooked officials around the world — particularly in Washington, as the defense and intelligence establishment scrambles to assess the damage and the Justice Department looks for answers.
Espionage campaign linked to Russian intelligence services - Baza wiedzy - Portal Gov.pl (Baza wiedzy) The Military Counterintelligence Service and the CERT Polska team (CERT.PL) observed a widespread espionage campaign linked to Russian intelligence services
Russian cyberspies hit NATO and EU organizations with new malware toolset (CSO Online) The APT29 espionage campaign is ongoing and the Polish military is urging potential targets to mitigate the risk.
Russian threat actors actively targeting diplomats in NATO and EU countries (Cyber Security Connect) Two Polish agencies have revealed an ongoing phishing campaign targeting diplomatic posts throughout Europe.
Russian APT Hackers Actively Targeting European NATO Allies (Bank Info Security) A Russian hacking campaign is targeting European embassies and diplomats as part of an ongoing cyberespionage campaign aimed at stealing Western government
Pro-Russia hackers say they were behind Hydro-Quebec cyberattack (Montreal CTV News) A pro-Russia hacker group has claimed responsibility for a cyber-attack on the Hydro-Quebec website Thursday morning. Parts of the Quebec power utility's site were still down as of around 11:00 a.m. Hydro-Quebec says no personal data was compromised.
Cyberattack knocks out website and mobile app for Quebec’s hydro utility (Toronto Star) Quebec’s power utility said Thursday it was working to get its website and mobile application running again after they were knocked off-lin...
Russia-linked cyberattacks on Canada are growing. Here’s what we know (Global News) Pro-Russian groups have claimed responsibility for recent cyberattacks, including on Justin Trudeau's website and those for critical infrastructure providers.
Russia's Federal Customs Service, Considered Critical Infrastructure, Has Been Hacked By Ukraine (Inside Cyber Warfare) Customs officers had to switch to paper forms for at least three days
Norway to Expel 15 Russian Diplomats Accused of Espionage (Wall Street Journal) The expulsions point to the growing espionage threat in Europe in the wake of the war in Ukraine.
Alexei Navalny in ‘critical’ situation after possible poisoning, says ally (the Guardian) Russian opposition leader said to have had severe stomach pains, with ambulance being called to penal colony
Attacks, Threats, and Vulnerabilities
Phishing Campaign Targets Chinese Nuclear Energy Industry (Intezer) A phishing campaign with malicious payloads targeted the Chinese nuclear energy industry, using tactics that align with Bitter APT.
Irrigation Systems in Israel Disrupted by Hacker Attacks on ICS (SecurityWeek) Irrigation systems were disrupted recently in Israel in an attack that once again shows how easy it is to hack ICS.
The (Not so) Secret War on Discord (CyberArk) CyberArk Malware Research Team Abstract CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware...
Read The Manual Locker: A Private RaaS Provider (Trellix) Another day, another ransomware-as-a-service (RaaS) provider, or so it seems. We’ve observed the “Read The Manual” (RTM) Locker gang, previously known for their e-crime activities, targeting corporate environments with their ransomware, and forcing their affiliates to follow a strict ruleset. Is this yet another ransomware gang, or is there more to this gang and their locker than meets the eye? This blog investigates the actor, along with a technical deep dive into their Windows ransomware executable.
A Computer Generated Swatting Service Is Causing Havoc Across America (Vice) As the U.S. deals with a nationwide swatting wave, Motherboard has traced much of the activity to a particular swatting-as-a-service account on Telegram. Torswats uses synthesized voices to pressure law enforcement to specific locations.
Hackers claim vast access to Western Digital systems (TechCrunch) One of the hackers who breached Western Digital provided some details about the hack, the data stolen, and what the hackers are demanding.
Tax firms targeted by precision malware attacks (Sophos News) CPAs and accountants received solicitations for tax filing business that were just a social engineering ploy
Risk Intelligence Index: Cyber Threat Landscape By the Numbers (Flashpoint) Flashpoint's monthly look at the cyber risk ecosystem affecting organizations around the world, including intelligence, news, data, and analysis about ransomware, vulnerabilities, insider threats, and high-profile cybercriminals
LockBit 3.0 Posts Dubious Claims of Breaching Darktrace Cybersecurity Firm (HackRead) Is it a highly dubious claim by the infamous LockBit 3.0 ransomware gang? It looks like it!
Latitude Financial only has 3 million customers, so why did it have 14 million personal records on file? (ABC) As Latitude Financial investigates last month's cyber breach, more customers are being emailed about their personal data being compromised — even if they never signed up for a Latitude product.
Kodi discloses data breach after forum database for sale online (BleepingComputer) The Kodi Foundation has disclosed a data breach after hackers stole the organization's MyBB forum database containing user data and private messages and attempted to sell it online.
400,000 Users Hit by Data Breach at Media Player Maker Kodi (SecurityWeek) Media player maker Kodi confirms hackers stole databases containing user posts, messages, and login credentials.
CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Security Patches, Mitigations, and Software Updates
Juniper Networks Releases Security Updates | CISA (Cybersecurity and Infrastructure Security Agency CISA) Juniper Networks has released security updates to address vulnerabilities affecting Junos OS, Paragon Active Assurance (PAA), and Juniper Secure Analytics (JSA) Series. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA Releases Sixteen Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Trends
Key Takeaways on the Impact of Continuous Security Validation Discovery Report (SafeBreach) Get key takeaways from the latest S&P Global Market Intelligence survey and discovery report on the continuous security validation market.
Q1 2023 Phishing and Malware Report: Phishing Increases 102% QoQ (Vade) Vade’s Q1 2023 Phishing and Malware Report reveals the latest phishing and malware threats and trends.
Marketplace
ID.me Raises $132 Million (Finovate) ID.me announced a $132 million funding round, bringing its total raised to $240 million, and has brought on Samantha Greenberg as CFO.
Cyfirma Raises $6 Million for Threat Management Platform (SecurityWeek) Threat intelligence and attack surface management company Cyfirma has raised $6 million in a pre-Series B funding round.
KnowBe4's CEO Stu Sjouwerman Wins 2023 Excellence in Customer Service Award (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced its CEO Stu...
Netskope recognized as a Leader in the 2023 Gartner® Magic Quadrant™️ for SSE. (Netskope) The Gartner® 2023 Magic Quadrant for Security Service Edge (SSE) describes vendors positioned to drive success across the complete security stack needed for Secure Access Service Edge (SASE).
Palo Alto Networks Named a Leader in the Gartner Magic Quadrant for SSE (Palo Alto Networks) Palo Alto Networks is the ONLY vendor to be recognized as a Leader in both the Magic Quadrants for SD-WAN and SSE SANTA CLARA, Calif., April 13, 2023 /PRNewswire/ -- According to Gartner®, a...
Zscaler Positioned as a Leader in the 2023 Gartner® Magic Quadrant™ for Security Service Edge (SSE) for Second Straight Year (GlobeNewswire News Room) Zscaler believes this recognition validates the company’s continued commitment to developing advanced cloud security solutions to accelerate secure digital...
Products, Services, and Solutions
Outscan NX – Outpost24 introduces enhanced threat intelligence technology to automate vulnerability risk management (Outpost24) Outscan NX is a pioneering threat intelligence led vulnerability risk solution enabling businesses to identify and prioritize the biggest security risks and reduce exposure time
ConnectWise expands AI integration across its Unified Monitoring and Management solution portfolio (GlobeNewswire News Room) ConnectWise accelerates AI initiatives by launching AI-assisted PowerShell scripting in the ConnectWise Asio™ platform through two of its cloud-hosted...
StackHawk Announces Open Beta for gRPC Security Testing Support (PR Newswire) StackHawk, the company making web application and API security testing part of software delivery, today announced the rollout of its gRPC...
Apptio Furthers Commitment to Public Sector Innovation; Announces CloudabilityMX Government & FedRAMP® Authorization at Public Sector Summit (Apptio) Apptio, the leading technology spend and value management company, today made several announcements at its Public Sector Summit 2023.
KnowBe4 offers free 30-day trial of SecurityCoach product (IT Brief Australia) KnowBe4 integrates or partners with over 20 of the world's top cybersecurity platforms across Endpoint, Network, Identity, Cloud and Data Security.
Raytheon and SpiderOak partner to secure satellite communications (Help Net Security) Raytheon and SpiderOak partner to develop and field a new generation of zero-trust security systems for satellite communications in pLEO.
Corero announces key customer wins as orders secured for SmartWall, (Shares Magazine) Shares provides unbiased commentary, ideas, views and news on stocks, funds, pensions and savings. Great investment tools with live data. Free registration.
Trinity Broadcasting Network Chooses Nyriad UltraIO Storage Platform and DigitalGlue creative.space to Safeguard Precious Content Workloads (Business Wire) UltraIO Storage Solution’s Performance, Resilience, and Efficiency + creative.space Simplified Use and Management = Value for Both Creatives and IT
Censys Provides $3.91 Million in Benefits, According to Forrester's Total Economic Impact™ Study (PR Newswire) Censys, the leader in External Attack Surface Management (EASM), commissioned Forrester to conduct a Total Economic Impact™ (TEI) report to...
Akamai launches two new scrubbing centres, aims to strengthen Indian business from DDoS attacks (CXO Today) The scrubbing centers in Chennai and Mumbai will further strengthen and safeguard customers in India Akamai’s new Prolexic DDoS scrubbing center will help
Trinity Broadcasting Network Chooses Nyriad UltraIO Storage Platform and DigitalGlue creative.space to Safeguard Precious Content Workloads (Nyriad - Data Storage Company) UltraIO Data Storage Solution’s Performance, Resilience, and Efficiency + creative.space Simplified Use and Management = Value for Both Creatives and IT
Technologies, Techniques, and Standards
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles (Cybersecurity and Infrastructure Security Agency CISA) Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles serves as a cybersecurity roadmap for manufacturers of technology and associated products. With recommendations in this guide, manufacturers are urged to put cybersecurity first, during the design phase of a product’s development lifecycle, to decrease user risk and provide out-of-the-box user protections by default at no extra charge.
Best Practices When Managing Identity Data (Telos Corporation) "Identity management" can be defined as the practices surrounding how identity data is managed and used.
Design and Innovation
Amazon Joins Microsoft, Google in AI Race Spurred by ChatGPT (Wall Street Journal) Amazon Web Services is the latest tech company to lay out its generative AI strategy.
Researchers discover a way to make ChatGPT consistently toxic (TechCrunch) Researchers have discovered a method to make OpenAI's AI-powered chatbot, ChatGPT, consistently racist and sexist.
Legislation, Policy, and Regulation
European privacy watchdog creates ChatGPT task force (Reuters) The body that unites Europe's national privacy watchdogs said on Thursday it had set up a task force on ChatGPT, a potentially important first step toward a common policy on setting privacy rules on artificial intelligence.
Italy gives OpenAI initial to-do list for lifting ChatGPT suspension order (TechCrunch) Italy's data protection watchdog laid out what OpenAI needs to do for it to lift an order that ChatGPT stop processing locals' data.
New hacker advocacy group seeks to protect work of security researchers (CyberScoop) "There are advocacy groups for reptile owners but not hackers, so that seems like a miss," said Ilona Cohen of HackerOne.
U.S. Cyber Command Requests Nearly $90M for Offensive Platform (Real Clear Defense) The request for the Joint Common Access Platform (JCAP) provides rare insight into a previously classified funding line.
New White House Cybersecurity Strategy Plots the Road Ahead (Security Intelligence) The White House's new cyber strategy document highlights infrastructure, vendor regulation, quantum computing and AI. Here's what you need to know.
Austin orders review of intel access and control in wake of leaks (The Hill) Defense Secretary Lloyd Austin has ordered a review of intelligence access after the arrest of an Air National Guardsman who is thought to have leaked troves of classified documents online.&nb…
Deputy defense secretary to troops: Don’t share classified information (Military Times) A memo reminding the force of their classified information responsibilities was sent out Wednesday by Deputy Defense Secretary Kathleen Hicks.
When ‘Top Secret’ Is Not So Secret (New York Times) The arrest of Jack Teixeira, a junior Massachusetts airman, in the leaking of classified documents opens a debate about security clearances.
A Plan to Ban TikTok in Montana Is a Preview for the Rest of the Country (New York Times) The fight has shown the difficult test and legally perilous road facing lawmakers or the White House if they try to enact a national ban on the social media service.
Litigation, Investigation, and Law Enforcement
What Happened When the IRS Got Audited (WSJ) Obsolete software. Archaic code. Tech so old it makes the typical member of Congress look young. The IRS has an IT problem.
Tech consultant charged in killing of Cash App founder Lee (AP NEWS) Authorities say a tech consultant has been arrested and charged with murder in the stabbing death of Cash App founder Bob Lee in San Francisco. Police Chief Bill Scott said that 38-year-old Nima Momeni was booked Thursday morning on suspicion of murder. San Francisco District Attorney Brooke Jenkins said Momeni is expected to be arraigned Friday. Police found Lee with stab wounds in the Rincon Hill neighborhood of San Francisco at 2:30 a.m. April 4. On his LinkedIn profile, Momeni describes himself as an “IT Consultant/Entrepreneur” as well as the owner of a company called Expand IT. Scott says the men knew each other but declined to describe how.