Dateline
Ukraine at D+426: Waiting for the spring offensive. (CyberWire) As Ukraine continues to prepare for its spring offensive (and Russia continues to chew on Bakhmut), digital evidence of atrocities is being collected.
Russia-Ukraine war at a glance: what we know on day 427 of the invasion (the Guardian) Strike on Kharkiv museum kills one, injures 10; number of Russian casualties drops in April after failure of winter offensive
Russia-Ukraine war live: Xi and Zelenskiy hold talks; Russian aircraft ‘intercepted in international airspace’ (the Guardian) Ukrainian president reports ‘long and meaningful’ call with Chinese president
Russia introduces new 'propaganda' tank to battlefield (Telegraph) Moscow uses T-14 Armatas with remote-controlled guns to fire on Ukrainian positions, despite warnings of their 'poor condition'
Putin’s dreams of a new Russian Empire are unraveling in Ukraine (Atlantic Council) Putin saw the invasion of Ukraine as a key step toward rebuilding the Russian Empire. Instead, it has forced countries across the former Soviet Union to distance themselves from the Kremlin, writes Mark Temnycky.
Three logical flaws stand in the way of a sufficient response to the Ukraine challenge (Atlantic Council) The West must make sacrifices in the present to secure the future.
Britain will consign Putin and his energy war to the dustbin of history (The Telegraph) Solidifying our energy security, and in turn our sovereignty, is a marathon not a sprint
Hacktivism Unveiled, April 2023 Insights into the footprints of hacktivists (Radware) This data-driven report provides insights into DDoS attacks claimed by hacktivists between February 18 and April 18, 2023.
Kaspersky Analyzes Links Between Russian State-Sponsored APTs (SecurityWeek) Kaspersky believes that Russia-linked threat actors Tomiris and Turla are cooperating at least at a minimum level.
FBI aiding Ukraine in collection of digital and physical war crime evidence (CyberScoop) U.S. law enforcement is helping officials in Kyiv process the huge amounts of data from investigations of alleged war crimes.
Russia’s invasion highlights the need to invest more in Ukrainian studies (Atlantic Council) The full-scale Russian invasion of Ukraine has highlighted the need for greater international investment into Ukrainian studies but has also created huge challenges for Ukrainian academia, writes Oleksandra Gaidai.
Defiance and resilience: Ukraine's financial sector (American Banker) A year after Russia's invasion of Ukraine thrust the country into chaos, financial services workers are helping to rebuild the country and are expressing hope for the future.
Attacks, Threats, and Vulnerabilities
Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware (Bitdefender Blog) With recent reports that Charming Kitten group (aka Mint Sandstorm) is actively targeting critical infrastructure in the US and other countries, we would like to share the most recent insights from Bitdefender Labs about modernization of Charming Kitten’s tactics, techniques, and procedures, including a new, previously unseen malware.
Chinese Alloy Taurus Updates PingPull Malware (Unit 42) A PingPull malware variant for Linux has been found. We’re also tracking a new backdoor attributed to Alloy Taurus called Sword2033.
Abuse of the Service Location Protocol May Lead to DoS Attacks (Cybersecurity and Infrastructure Security Agency CISA) The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.
Google Audit Finds Vulnerabilities in Intel TDX (SecurityWeek) Google researchers identified ten security defects in Intel TDX, including nine vulnerabilities addressed with TDX code changes.
Thales Seizes Control of ESA Demonstration Satellite in First Cybersecurity Exercise of Its Kind (Business Wire) For the third edition of CYSAT, the European event entirely dedicated to cybersecurity for the space industry, taking place on 26-27 April 2023 at Station F in Paris, the European Space Agency (ESA) set up a satellite test bench to simulate attempts to seize control of OPS-SAT, a nanosatellite operated by the agency for demonstration purposes.
Hackers to show they can take over a European Space Agency satellite (Record) Experts from French defense giant Thales and members of a team from the European Space Agency are presenting their findings at the CYSAT conference in Paris.
#RSAC: Ransomware Poses Growing Threat to Five Eyes Nations (Infosecurity Magazine) Representatives of four of the five Five Eyes nations outlined the growing threat ransomware poses and approaches to thwart it
Ransomware re-emerges as hackers ‘make up for lost time’: Zywave Cyber Risk 2023 (Insurance Insider) The re-emergence of ransomware as a major cyber threat, with actors displaying increasingly aggressive tactics, was a key theme at the Zywave Cyber Risk Insights Conference in London.
CIC Group, Inc. Notifies Individuals of Recent Data Breach (JD Supra) On April 24, 2023, CIC Group, Inc. filed a notice of data breach with the Texas Attorney General’s Office after learning that confidential consumer...
IMA Financial Group, Inc. Files Notice of 2022 Data Breach (JD Supra) On April 19, 2023, IMA Financial Group, Inc. (“IMA”) filed a notice of data breach with the Attorney General of Texas after experiencing a data...
Irrigation Systems in Israel Hit with Cyber Attack that Temporarily Disabled Farm Equipment (CPO Magazine) A cyber attack that targeted irrigation systems in Israel is thought to be part of an annual “hacktivist” campaign that takes place every April, and this year’s attempt at least managed to cause a nuisance for some farms in the Jordan Valley.
Defense Contractors in the Cyber Crosshairs – U.S. Shipbuilders Hit in Cyberattacks (ClearanceJobs) With cyber attacks on the rise, some experts are warning that the nation's defense industrial base could be a target.
Security Patches, Mitigations, and Software Updates
CISA Releases Two Industrial Control Systems Advisories (CyberSecurity & Infrastructure Security Agency (CISA)) CISA Releases Two Industrial Control Systems Advisories for Scada-LTS versions 2.7.4 and prior, and N8844A Data Analytics Web Service.
VMware fixes critical zero-day exploit chain used at Pwn2Own (BleepingComputer) VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors.
Google Authenticator now supports Google Account synchronization (Google Online Security Blog) Christiaan Brand, Group Product Manager We are excited to announce an update to Google Authenticator , across both iOS and Android, which a...
Trends
Quarterly Report: Incident Response Trends in Q1 2023 (Cisco Talos Blog) In 45 percent of engagements, attackers exploited public-facing applications to establish initial access, a significant increase from 15 percent the previous quarter.
New Silobreaker research reveals organisations are slow to disclose ransomware attacks (Silobreaker) An analysis of how delayed, incomplete disclosures can place customers and third parties at heightened risk of disruption. Silobreaker, a leading security and threat intelligence technology company, today released the findings of its study into how quickly and thoroughly organisations disclose that they have been hit by ransomware. The research looked at 430 known ransomware...
Cyberattackers Leveraged More Than 500 Unique Tools and Tactics in 2022, Sophos’ Active Adversary Report for Business Leaders Finds (GlobeNewswire News Room) The Most Common Root Causes of Attacks Were Unpatched Vulnerabilities and Compromised Credentials, While Ransomware Continues to Be the Most Common “End...
Global Threat Intelligence Report April (BlackBerry) Delivering Actionable and Contextualized Intelligence to Increase Cyber Resilience. Reporting Period: December 2022 – February 2023.
New Research From Absolute Software Underscores Security and Compliance Challenges Remain Across Distributed Workforces (Business Wire) Report reveals OS fragmentation, endpoint and network complexity creating false sense of security for enterprises
Survey Reveals Scale of Brand Imposter Risks to Consumers (YouMail Protective Services) YouMail Protective Services survey on the frequency and impact of the growing problem of brand impersonation scam calls and texts has shocking discoveries
Teenagers, young adults pose prevalent cyberthreat to US, Mandiant says (Cybersecurity Dive) The brains behind high-profile attacks last year, teenagers and young adults use sophisticated social engineering techniques for intrusions.
The truth about teens, social media and the mental health crisis (NPR) A striking decline in teen mental health has coincided with the rise of smartphones and social media. Is social media causing the mental health challenges? Finally, research can answer that question.
Marketplace
M&A Exits For VC-Backed Cyber Startups Continues To Sputter (Crunchbase News) M&A deal-making in the cybersecurity space continues to slow with only 13 deals announced for VC-backed startups in Q1, per Crunchbase data.
Cyber doesn't have a skills gap, says Holly Foxcroft (Computing) Understanding neurodiversity can help bring more people into cybersecurity, says keynote speaker Holly Foxcroft.
WSJ News Exclusive | PricewaterhouseCoopers to Pour $1 Billion Into Generative AI (Wall Street Journal) Multiyear investment in U.S. business includes accessing ChatGPT maker OpenAI’s language model, training staff in AI capabilities.
Clearspeed Announces Momentum Led By 200% Client Growth and Global Management Expansion (Business Wire) The Voice Analytics Technology Company is Building ‘Trust Faster’ with a Record Past Year of Doubling Client Base, Launching New Solutions and a New Brand Identity, and the Appointment of Three New Executives to Fuel Insurance and Security Sectors
Bishop Fox Announces UK Expansion at RSA Conference Amidst Growing Global Momentum (GlobeNewswire News Room) Offensive security powerhouse achieves CREST accreditation, bringing award-winning Attack Surface Management, Red Teaming, and Pen Testing solutions to new...
Quorum Cyber Sets Sights on North America (Security Today) UK-based cybersecurity firm Quorum Cyber has announced its intention to focus on the North American market after achieving impressive year-over-year growth.
Retired NSA director won lucrative consulting deals with Saudis, Japan (Washington Post) Retired Army Gen. Keith Alexander, who led the National Security Agency under Presidents Barack Obama and George W. Bush, secured $2 million in consulting deals with foreign governments after leaving office, including a $700,000 contract to advise Saudi Arabia on cybersecurity after the 2018 killing of journalist Jamal Khashoggi, newly released records show.
SAIC bags $889M contract for Defense Counterintelligence and Security Agency (Seeking Alpha) Science Applications International (SAIC) has been awarded a $889M contract by the Federal Systems Integration and Management Center in support of Defense Counterintelligence and...
US-based Palantir Technologies plans to establish a regional hub of big data competencies in Vilnius (Benzinga) Palantir Technologies Inc., a software and services company which specializes in big data analysis, plans to expand its operations in Lithuania, after entering into a strategic partnership, together with the Ministry of
CyberGRX Announces Winners of the Inaugural Cyber Risk Nation Awards (Business Wire) Awarded individuals and companies are trailblazers in Third-Party Risk Management
Mimecast Announces Two New Executive Appointments to Drive Customer and Operational Excellence (Yahoo Finance) Jeff Hess and Purnima Jandial Join Corporate Leadership Team as Part of Amplified Organizational Focus on Customer Centricity
Vade Announces René Bonvanie as New Executive Board Member (Vade) Former CMO of Palo Alto Networks and advisor to start-ups and VCs joins Vade during rapid business expansion.
Enterprise Software Veteran Rita Selvaggi Joins BackBox (BackBox Software) BackBox announced that IT software industry leader Rita Selvaggi has joined the BackBox board of directors.
Ron Gula Joins Conceal’s Board of Directors (Business Wire) Conceal, the leader in Zero Trust web-browser isolation technology, today announced that Ron Gula has joined its Board of Directors. As a member of the Board, Ron will use his deep experience as a technologist and business leader to support the further development of Conceal’s critical security products and help ensure its widespread adoption and deployment to protect individuals and enterprises from malicious actors.
Products, Services, and Solutions
Gurucul Disrupts Next-Gen SIEM Market with Unparalleled Observability, Data Searchability and Identity-Based Threat Detection and Response (Business Wire) Enhancements to award-winning platform solves critical security issues while enabling reliability at scale, reduced TCO and fast time to value
Token Debuts Next-Generation MFA at RSA Conference 2023 to Stop Phishing and Ransomware Attacks (Business Wire) Innovative multifactor authentication smart ring removes human vulnerabilities and implements in minutes to deliver passwordless, FIDO2-compliant network and cloud security
HashiCorp and Microsoft collaborate to help organizations adopt a zero trust security strategy (GlobeNewswire News Room) Customer adoption of identity-based security accelerates with availability of HCP Vault Plus on Azure; HashiCorp joins Microsoft Intelligent Security...
Cynet Unveils Major Product Release Ahead of RSA with Updates to Endpoint Detection and Prevention Services, New Mobile Capabilities and More (Business Wire) This year’s RSA Conference will be a major event for Cynet as the company prepares to roll out the newest version of its cybersecurity solution for lean IT teams
Forcepoint Delivers Data Security Everywhere, Extending DLP Policies from Endpoints to the Cloud (Business WIre) Data Security Simplified: Forcepoint ONE SSE integration extends enterprise DLP to the cloud and web; with just a few clicks all DLP policies applied across CASB, SWG and ZTNA channels. Security ROI Simplified: Forcepoint ONE Insights optimizes the value and efficacy of security investments through interactive, at-a-glance analytics for business leaders and security professionals
Dig Security Announces New Integration with CrowdStrike and Delivers the First Data Security Posture Management (DSPM) Offering with Malware Analysis (PR Newswire) Dig, the cloud data security leader, today announced its new technology integration with CrowdStrike, a leader in cloud-delivered protection of...
NCC Group appoints its first Strategy and Transformation Director (Mynewsdesk) We are pleased to announce the appointment of Diji Akinwale to the role of Director of Strategy and Transformation with immediate effect.
Elastic joins CISA’s Joint Cyber Defense Collaborative (JCDC) to defend against US cyber threats (Elastic Blog) Elastic has officially become a member of the US Joint Cyber Defense Collaborative (JCDC). We see this as an opportunity to contribute our expertise and collaborate with other leading organizations in the fight against cybersecurity threats.
Akamai Introduces Prolexic Network Cloud Firewall (Akamai) New Capability Expands Prolexic Protections with Firewall and Access Control Capabilities
Panorays Launches Risk Insights and Response Portal, Turning Panorays into the Industry’s First End-to-End Solution for Third-Party Security Risk Management (GlobeNewswire News Room) The new portal being launched at RSA will give organizations full visibility and control over supply chain risks, speeding up response and mitigation time...
Talon Cyber Security Announces New Integrations with CrowdStrike to Deliver Comprehensive Visibility for Robust Threat Protection (Talon Cyber Security) Talon’s Enterprise Browser Expands Integrations with CrowdStrike Falcon Platform to Provide Powerful Security Control for Customers
Code42 Now Offers Real-Time Blocking Capabilities (Code42) Code42 Software, Inc., the Insider Risk Management (IRM) leader, today announced that it has added real-time blocking capabilities to the IncydrTM IRM solution. The enhancement allows security teams to prevent unacceptable data exfiltration without the management burden, inaccuracy, and endpoint impact of content-based policies. Insider Risk is emerging as the most difficult threat to detect […]
Cisco joins the AI wave — to protect against misuse of the technology (Morningstar, Inc.) Cisco execs caution that OpenAI's ChatGPT will make phishing attempts in particular harder to detect
Second Front Systems and Snowflake Announce Partnership (PR Newswire) Second Front Systems, a public-benefit software company focused on accelerating the delivery of mission-critical software-as-a-service (SaaS)...
Defence consultancy launches digital forensics lab (Insider Media Ltd) Defence consultancy CDS Defence and Security, part of the Bailie Group, has launched a new digital forensics lab.
Recorded Future Launches New Capabilities to Enhance Threat Visibility, Increase Automation, and Reduce Threat Exposure (AsiaOne) Company Announces Intelligence Analytics to Prioritize the Threats Most Likely to Target Organizations
Canon India partners with ESET; forays into cyber-security domain (India Technology News) Canon India partners with ESET; forays into cyber-security domain
Coalfire Wins Penetration Testing and Vulnerability Management Awards in the Prestigious 11th Annual Global InfoSec Awards (PR Newswire) Coalfire is proud to announce the acceptance of three coveted awards in Cyber Defense Magazine's 11th anniversary of the Global InfoSec Awards:...
Uptycs Launches Cloud Security Early Warning System (Uptycs) Uptycs announces the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD).
ThreatX Expands API & Application Protection With New Botnet Console, API Catalog 2.0 (Business Wire) The new dashboards enable security teams to stay ahead of rapidly evolving, automated threats, more effectively protecting APIs and applications
Xcitium announces integration of Intel® Threat Detection Technology to add hardware-based Ransomware detection to patented detection-less cybersecurity platform (GlobeNewswire News Room) Today at RSA San Francisco, Xcitium the cybersecurity industry's only provider of ZeroDwell Containment...
Ambient.ai Announces Integration with Software House’s C•CURE 9000 for AI-Powered Alert Prioritization (GlobeNewswire News Room) Ambient.ai, the computer vision intelligence company helping to transform physical security, today...
Technologies, Techniques, and Standards
CISA, Cyber National Mission Force Leaders Share How They Partner: First-Ever Ops Revealed to Industry (Cybersecurity and Infrastructure Security Agency) Cybersecurity and Infrastructure Security Agency sent this bulletin at 04/25/2023 01:40 PM EDT
NIST Releases Draft Post-Quantum Encryption Document (Nextgov.com) The agency continues its post-quantum cryptography push as it looks to create guidance for all sectors.
Cyber Chiefs Forge Partnerships With Physical Security Units as Combined Threats Grow (Wall Street Journal) AI can help identify potential cyber-physical attacks, says Schneider Electric CIO Elizabeth Hackenson.
A Security Team Is Turning This Malware Gang’s Tricks Against It (WIRED) The cybercriminals behind the Gootloader malware have found clever ways to avoid detection. But researchers are using those same mechanisms to stop them.
Excessive Data Access Leads to More Insider Attacks—Here’s How To Reduce Your Company’s Risk (Capterra) Our research finds that the amount of data access companies allow to employees foretells the extent to which they experience insider attacks.
Design and Innovation
Worried about quantum breaking encryption? Give it 30 years (Register) RSA's Adi Shamir thinks we're safe for a generation, but more gnarly keys are still a good idea
How ChatGPT and other advanced AI tools are helping secure the software supply chain (VentureBeat) AI tools like ChatGPT are improving intelligence gathering and detection and patching of vulnerabilities in the software supply chain.
OpenAI Offers New Privacy Options for ChatGPT (Bloomberg) The startup will let people decide whether AI will train on the data they give the chatbot.
New study from Yubico reveals now is the time to move from legacy authentication to modern, phishing-resistant MFA (Yubico) New study from Yubico reveals now is the time to move from legacy authentication to modern, phishing-resistant MFA
Legislation, Policy, and Regulation
(ISC)² Calls for Global Cybersecurity Standards based on New Research (PR Newswire) (ISC)² – the world's largest nonprofit association of certified cybersecurity professionals, and the Royal United Services Institute (RUSI),...
Space, the latest frontier for cyberdefense (Washington Post) The Biden administration is going on the road to tackle satellite cybersecurity
U.S. Cyber Plans Are Built to Endure Political Winds, Senior Security Official Says (Wall Street Journal) Kemba Walden, acting national cyber director, said broad bipartisan agreement means national cybersecurity agenda will survive administrations.
National cyber strategy implementation will be ‘dynamic and iterative,’ acting National Cyber Director says (Record) A plan to enact the Biden administration’s recently released national cyber strategy could be published within the next few months, according to a senior White House official.
Biden’s Cybersecurity Announcement - Some Subtle Points are Being Lost (onShore Security) Biden’s Cybersecurity Announcement – Some Subtle Points Are Being Lost – Stel Valavanis The Biden Administration recently announced a new, […]
CISA establishing ‘systemically important entities’ office (Federal News Network) CISA is working to identify a subset of critical infrastructure that underpin the economy, national security and public health and safety.
Senate Republicans call on Biden administration to clamp down on cloud companies with ties to China | CNN Business (CNN) A group of Republican senators on Tuesday urged the Biden administration to "use all available tools" to sanction cloud computing firms with links to China.
WSJ News Exclusive | TikTok Ban in Montana Faces Speed Bump as Governor Seeks Changes (Wall Street Journal) Gov. Greg Gianforte is requesting amendments to the bill to broaden it to all social-media apps that provide certain data to foreign adversaries.
Washington Gov. Inslee signs bill expanding cyber governance (StateScoop) The new law creates two new panels to advise the governor's office and the state CIO on emerging threats and incident response practices.
Bill proposes new DHS centers for testing security of critical government tech (Record) The legislation by Democratic Rep. Ritchie Torres is based on recommendations from the Cyberspace Solarium Commission.
New cyberspace test squadron activated (Eglin Air Force Base) New squadron will conduct cyber security, resiliency
Brig. Gen. Wayne Barker to Head Army Intelligence & Electronic Warfare Office (Executive Gov) Looking for the latest Government Contracting News? Read about Brig. Gen. Wayne Barker to Head Army Intelligence & Electronic Warfare Office.
Litigation, Investigation, and Law Enforcement
DOJ urges CISOs to continue working with law enforcement ahead of Uber security chief’s sentencing (Record) Deputy Attorney General Lisa Monaco urged cybersecurity and compliance leaders to continue working with law enforcement agencies, tacitly responding to concerns raised by cybersecurity officials after the conviction of Uber’s former security chief.
The Andy Warhol Copyright Case That Could Transform Generative AI (WIRED) The US Supreme Court’s upcoming decision could shift the interpretation of fair use law—and all the people, and tools, that turn to it for protection.