Dateline
Ukraine at D+428: Ready for the spring offensive. (CyberWire) Russia resumes missile strikes against civilians as Ukraine says its preparations for a spring offensive are essentially complete. Ukraine advocates prosecution of cyber war crimes, and dismisses the idea that there are any genuine Russian hacktivists.
Russia-Ukraine war at a glance: what we know on day 429 of the invasion (the Guardian) Wave of deadly Russian air strikes on cities across Ukraine; EU votes that Russian deportation of children is genocide
Russia-Ukraine war live: death toll rises in Uman and Dnipro after most intense Russian strikes in weeks (the Guardian) At least 17 people confirmed dead in wake of Russian aerial bombing of Ukrainian cities on Friday morning
Russian missile and drone attack in Ukraine kills 16 people (AP NEWS) Russia has fired more than 20 cruise missiles and two drones at Ukraine in attacks that killed at least 16 people. Most of the victims died when two cruise missiles slammed into an apartment building in central Ukraine early Friday. The attacks included the first one on Ukraine’s capital in nearly two months. The Kyiv government said Ukraine’s air force intercepted 11 missiles and two drones, and no hits on any targets in the city were reported. The strikes on the apartment building occurred in Uman, a city located around 215 kilometers (134 miles) south of Kyiv. Fourteen people died in that attack, according to the interior ministry, including two 10-year-old children and a toddler.
Civilians, Including Children, Killed In Night Of 'Russian Terror,' Zelenskiy Says (RadioFreeEurope/RadioLiberty) At least five people were killed in a wave of Russia strikes on Ukrainian cities, including the capital, Kyiv, early on April 28, regional officials and the military reported, as heavy fighting continued in the devastated eastern city of Bakhmut.
Large-Scale Russian Attack on Ukraine Kills at Least 19 People (New York Times) Russia bombarded towns and cities across the country in its first major attack in more than a month.
Russian mercenary squabbles in Bakhmut as Ukraine prepares its advance (euronews) Analysts believe Russian mercenaries from Wagner and Potok are vying for power in the battle for Bakhmut as Ukraine prepares its counteroffensive. Euronews correspondent Sasha Vakulina has the latest.
Look out, Putin: Ukraine says it’s ‘ready’ to attack (POLITICO) ‘In a global sense, we’re ready,’ defense minister says.
Ukrainian Troops Repel Russian Attacks, and Hope Western Arms Turn the Tide (New York Times) Fierce fighting has yielded heavy casualties but little movement. Ukrainian forces need heavy weapons to change that, but they say it is no guarantee.
Ukraine Has Nearly All Combat Vehicles Allies Promised, NATO Says (New York Times) Gen. Christopher Cavoli, also the top commander of U.S. forces in Europe, made the comments to the House Armed Services Committee.
NATO: Ukraine allies sent 1,550 combat vehicles, ‘vast’ ammo (Military Times) NATO says alliance members and partners have delivered more than 98% of the combat vehicles promised to Ukraine to combat Russia.
Why Ukraine's Looming Offensive May Be The Most Important Clash Of The War. Period. (RadioFreeEurope/RadioLiberty) After a grinding winter in which Russian forces failed to regain battlefield momentum, both Moscow and Kyiv are girding for a new Ukrainian counteroffensive that officials have signaled is imminent. When it comes, it's likely to be a major turning point in the 14-month-old invasion.
Mariupol before and after: updated Google maps reveal destruction in Ukraine city (the Guardian) New satellite images offer a window into the aftermath of prolonged Russian shelling
Analysis: Xi's Call With Zelenskiy Sets The Stage For Greater Chinese Diplomatic Push In Europe (RadioFreeEurope/RadioLiberty) Chinese leader Xi Jinping spoke with Ukrainian President Volodymyr Zelenskiy for the first time since Russia poured troops into Ukraine 14 months ago. Is it optics to court the EU or damage control after controversial comments about former Soviet countries made by China’s ambassador to France?
Russian army commander arrested for ‘selling tank engines’ (The Telegraph) Colonel Alexander Denisov is accused of stealing seven V-92S2 engines and trading them on the black market
A glimpse of Sweden in NATO: Gotland could be a game-changer for Baltic defense (Atlantic Council) Sweden's largest military exercise in twenty-five years highlights the strategically important island of Gotland in defending NATO allies.
The West should supply Ukraine with F-16s (The Economist) Or Russian fighter jets may win control of Ukrainian skies
Putin Legalizes Deportation Of Residents Of Illegally Annexed Territories Who Refuse Russian Citizenship (RadioFreeEurope/RadioLiberty) Russian President Vladimir Putin has signed a decree that allows the deportation of residents of illegally annexed Ukrainian territories who refuse Russian citizenship.
When Russia is defeated in Ukraine, look to Chechnya (POLITICO) As far as Chechen volunteers are concerned, Ukraine is just the start of the fight against Russia.
The Week In Russia: Putin's 'Snarling Revanche' (RadioFreeEurope/RadioLiberty) Russian President Vladimir Putin decided on the large-scale invasion of Ukraine about a year before he launched it in late February 2022, and his main motives were personal, an investigative report released at a potentially crucial juncture in the devastating war concludes.
Iranian and Syrian factors shape Israeli response to Russia’s Ukraine invasion (Atlantic Council) Israel has sought to minimize its involvement in the international response to Vladimir Putin's Ukraine invasion, but deepening military cooperation between Russia and Iran may force a change in the Israeli position.
Pro-Russian hacktivism isn't real, top Ukrainian cyber official says (CyberScoop) Cyberattacks targeting Ukraine are mostly carried out by Russian intelligence agencies or state-sponsored groups, according to the official.
Fed’s Jerome Powell Tricked by Russian Pranksters Posing as Zelenskiy (Bloomberg) Federal Reserve Chairman Jerome Powell held a call with a pair of Russian pranksters posing as Ukrainian President Volodymyr Zelenskiy, according to video shown on Russian state television.
Guardsman in leak case wanted to kill a 'ton of people': US (AP NEWS) Prosecutors say the Massachusetts Air National guardsman accused of leaking highly classified military documents kept an arsenal of weapons, talked of “violence and murder” on a social media platform and an “assassination van.” They filed court papers ahead of Thursday's detention hearing for 21-year-old Jack Teixeira, and urged a federal judge to keep him jailed.
Jack Teixeira wanted to kill 'tons of people' and had Russian army pendants on bedroom wall (The Telegraph) Former reservist arrested on suspicion of leaking classified information believed in ‘culling the weak minded’, court documents say
Attacks, Threats, and Vulnerabilities
Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions (The Hacker News) Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Education and Political Institutions
Ransomware Roundup - UNIZA Ransomware | FortiGuard Labs (Fortinet Blog) FortiGuardLabs examines the UNIZA ransomware, yet another variant that encrypts files on victims' machines in an attempt to extort money. Learn more in this week’s Ransomware Roundup.…
New 'Atomic macOS Stealer' Malware Offered for $1,000 Per Month (SecurityWeek) A new piece of malware named Atomic macOS Stealer (AMOS), offered for $1,000 per month, offers a wide range of data theft capabilities.
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware (The Hacker News) Microsoft has confirmed that hackers linked to Cl0p and LockBit ransomware families are actively exploiting PaperCut servers.
Microsoft: Clop and LockBit ransomware behind PaperCut server hacks (BleepingComputer) Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data.
Hackers use PaperCut printer vulnerability to spread Clop ransomware (Record) Hackers linked to the Clop ransomware operation are exploiting two recently-disclosed vulnerabilities in print management software PaperCut to steal corporate data from victims.
“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer… (Guardio) Malverposting, the use of promoted social media posts and tweets to propagate malicious software and other security threats — is on the rise. One of those campaigns, linked to a Vietnamese threat actor, has been ongoing for months now gaining more traction lately using resilient deployment techniques and is estimated to surpass 500k infections worldwide so far.
Many Public Salesforce Sites are Leaking Private Data (KrebsOnSecurity) A shocking number of organizations -- including banks and healthcare providers -- are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows…
Abusing Misconfigured Salesforce Communities for Recon and Data Theft (Varonis) Our research team has discovered numerous publicly accessible Salesforce Communities that are misconfigured and expose sensitive information.
Hackers steal emails, private messages from hookup websites (TechCrunch) Unknown hackers have breached two hookup websites, stealing private messages, email addresses, and other personal data.
Hardenhuish School in Chippenham hit by cyber attack (BBC News) Hardenhuish School in Chippenham says disruption is ongoing after hackers broke in to their network.
UK school hit by ransomware attack (Computing) Hardenhuish School in Wiltshire says it hopes at least some systems will be back online next week
Security Patches, Mitigations, and Software Updates
CISA Releases One Industrial Control Systems Medical Advisory | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Trends
DataTribe Insights Q1 2023: Let's Ask ChatGPT What to Do About SVB (DataTribe) In this issue of Insights, we reflect on the first quarter of 2023, which was not boring, as there were notable surprises, but in the end, the quarter ended largely as expected.
53% Have Found Something Incriminating When Snooping on Others’ Devices (Secure Data Recovery) We surveyed Americans about experiences with snooping to better understand when and why people snoop and in which types of relationships it is most common.
Marketplace
Aadya Raises $5 Million for SMB-Focused Security Platform (SecurityWeek) Cybersecurity firm Aadya has raised $5 million in Series A funding for its all-in-one platform tailored for small and mid-sized businesses.
Lookout sells off consumer security business to go all-in on enterprise (TechRadar) F-Secure expands US foothold with purchase of Lookout mobile security business
Cybersecurity Firms Cut Staff as Fears About Economy, Funding Mount (Wall Street Journal) The wave of layoffs started this summer and has spanned departments, including workers in technical roles.
Kelly Bissell Joins Avertium as Board Advisor (Avertium) Microsoft Corporate Vice President adds Microsoft Security expertise to Cyber Fusion Company.
Druva Appoints Mike Houghton as Global Partner and Alliance Lead (Druva) With a strong track record in strengthening partner ecosystems, Houghton is set to play a key role in driving accelerated growth
Photos: RSA Conference 2023 (Help Net Security) RSA Conference 2023 took place at the Moscone Center in San Francisco. Here's a photo gallery from the event.
RSA Conference 2023 – Announcements Summary (Day 3) (SecurityWeek) Summary of announcements made at the 2023 RSA Conference, on day 3 of the cybersecurity event.
Products, Services, and Solutions
Optiv Convenes Industry-Leading Partner Ecosystem (Optiv) Cybersecurity Leader Refreshes Partner Program and helps clients rationalize and implement innovative security solutions that accelerate business outcomes.
Connect with fraud experts worldwide in the new Sifters customer community (Sift Blog) Our new Sifters customer community brings together trust and safety experts using Sift to share knowledge, get product help, and network.
Laminar Named AWS Security Competency Partner, Receives Amazon RDS Ready Product Designation for its Data Security Posture Management (DSPM) Solution (Laminar) Laminar is the first pure play DSPM to receive AWS Security Competency Partner status in the Data Protection category and is the first to enable sensitive data discovery, classification, and protection in Amazon RDS.
Nok Nok Partners With Carahsoft to Provide Phishing-Resistant MFA Solutions to Federal, State and Local Government Agencies (Carahsoft) Partnership Enables Federal Agencies to Meet Regulations for Phishing-Resistant MFA, Expanding Nok Nok’s Presence in the Government Sector
INE Awarded 4 Global InfoSec Awards at RSAC (GlobeNewswire News Room) INE Recognized as Cybersecurity Leader in Enterprise Training...
BlackBerry revamps AI-based Cylance cybersecurity portfolio (IT Brief New Zealand) From the largest multi-nationals to the smallest mom and pop businesses, and every organisation in-between, no one is immune to cyber threats.
High Wire to Provide Overwatch OT/IoT Security™ Agentless, Zero Trust, Cybersecurity Solution for Major U.S. Health System (GlobeNewswire News Room) High Wire Networks, Inc. (OTCQB: HWNI), a leading global provider of managed cybersecurity and...
Technologies, Techniques, and Standards
How an undercover content moderator polices the metaverse (MIT Technology Review) “We can be the first line of defense.”
US Army to tailor long-range jammer for Europe, Indo-Pacific theaters (C4ISRNet) TLS-EAB might not be well-suited for the Family of Medium Tactical Vehicles in the Indo-Pacific. But in Europe, the trucks might be the best option.
Design and Innovation
NSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI (WIRED) The security issues raised by ChatGPT and similar tech are just beginning to emerge, but Rob Joyce says it’s time to prepare for what comes next.
Request for Comment on Secure Software Self-Attestation Common Form | CISA (Cybersecurity and Infrastructure Security Agency CISA) On April 27, 2023, CISA in accordance with EO14028 and the Office of Management and Budget’s (OMB) guide in OMB M-22-18, released through regulations.gov a 60-day Request for Comment to solicit public feedback on a self-attestation form to be used by software producers.
OMB, CISA set to release common form for software self-attestation (FCW) Federal CISO Chris DeRusha said the new standardized approach to collecting self-attestation forms from third-party software providers could be released as early as this week.
I Cloned Myself With AI. She Fooled My Bank and My Family. (Wall Street Journal) Our columnist replaced herself with AI voice and video to see how humanlike the tech can be. The results were eerie.
A chatbot that asks questions could help you spot when it makes no sense (MIT Technology Review) Engaging our critical thinking is one way to stop getting fooled by lying AI.
RSA Conference's 'Most Innovative Startup' Does ... You Guessed It: AI (Virtualization Review) Like most things these days, the security-focused RSA Conference 2023 prominently featured AI, the topic of many sessions and announcements and the specialty of multiple award winners.
Tenable Makes Generative AI Security Tools Available to the Research Community (Dark Reading) Tenable®, the Exposure Management company, today published a new report outlining the use of generative AI to build new security research tools.
Tenable opens playground for generative AI cyber tools (Computer Weekly) A set of generative AI cyber tools designed to help security researchers in reverse engineering, debugging and other areas of work have been made available for the community to experiment with.
Legislation, Policy, and Regulation
The perilous path to a new cybercrime treaty (Washington Post) A U.N. panel is working on a cybercrime treaty. Here’s what it could look like.
First draft of controversial UN Cybercrime Treaty slated for June (Record) The first draft of the UN Cybercrime Treaty will be released in June after years of debate and concern over what the document might cover.
China has widened its already sweeping counter-espionage law. Experts say foreign businesses should be worried (CNN) China has broadened the scope of its already sweeping counter-espionage law in a move that analysts warn could create further legal risks or uncertainty for foreign companies, journalists and academics.
Army to raise dedicated cyber operations wings in all commands, with an eye on China | India News - Times of India (The Times of India) India News: With China’s potent cyber-warfare and cyber-espionage capabilities posing a clear and present danger, the Indian Army will now raise dedicated special
Business groups balk at tougher cyber rules for directors (InnovationAus.com) Australia’s business and employer groups have rejected proposals that would see them face tougher rules and more responsibility for cyber incidents, but are open to a new Cyber Security Act if it consolidates existing regulations. The groups argue existing obligations on directors already recognise cyber risks while new prescriptive cyber regulations like an enforceable code for businesses would create a compliance burden. The call against additional regulation comes despite Australia's most high profile cyber incidents occurring in the private sector in the last year.
(ISC)2 Urges Countries to Strengthen Collaboration on Cybersecurity Regulation (Infosecurity Magazine) A new report examines global approaches to cyber legislation across six jurisdictions
Global Approaches to Cyber Policy, Legislation and Regulation Report ((ISC)2) (ISC)² sponsored a policy guide with the Royal United Services Institute (RUSI) to raise awareness of the world’s leading cybersecurity policies that will impact the future of the global cybersecurity workforce.
DHS pushes Congress to formally establish Cyber Safety Review Board (Record) DHS Undersecretary Rob Silvers said at the RSA Conference that the CSRB should have subpoena power and dedicated funding, as proposed in draft legislation.
CISA’s Eric Goldstein on Bridging Public-Private Cyber Gaps (Wall Street Journal) A senior official at the U.S. Cybersecurity and Infrastructure Security Agency discusses the challenges of working with the government and industry.
Lawmakers Introduce Bill to Keep AI from Going Nuclear (Nextgov.com) This week, lawmakers reignited the legislative charge into investigating and regulating how automated and artificial intelligence systems will be implemented in crucial operations.
The Case for Realistic Action to Regulate Artificial Intelligence (The Information) The overnight success of ChatGPT and GPT-4 marks a clear turning point for artificial intelligence. It also marks an inflection point for public discourse about the risks and benefits of AI for our society. Practitioners, policymakers and pundits alike have voiced loud concerns, ranging from ...
FBI Director: US Cyber Agents, Intel Analysts Outnumbered By Chinese Hackers (International Business Times) The FBI warned of China's "unparalleled" cybersecurity threat during a Congress hearing Thursday as lawmakers push for a TikTok ban.
US Navy’s top cyber adviser on why the service ‘fell behind’ and how it’s catching up (Record) Chris Cleary’s tenure as the Department of the Navy’s principal cyber advisor (PCA) got off to an awkward start.
Pentagon reviewing how it vets for security clearances (The Hill) The Pentagon is looking into how it vets individuals for security clearances after an alleged leaker of hundreds of pages of secret U.S. documents gained authorized access despite past issues. “Th…
Litigation, Investigation, and Law Enforcement
Safeguarding Customer Records and Information at Branch Offices (US SEC) The Division of Examinations (EXAMS) is issuing this risk alert* to highlight the importance of establishing written policies and procedures for safeguarding customer records and information at branch offices.1
SEC Sends Warning on Protecting Client Info at Branch Offices (Advisor Hub) While many brokerage and advisory firms have strict protections in place for customer information stored at their headquarters, safeguards are weaker at local branch offices, the Securities and Exchange Commission said in a risk alert on Wednesday.
Breach Roundup: Ukrainian Police Detain a PII Vendor (Bank Info Security) Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. In the days between April 21 and April 27, the
Data Breach Lawsuits Tied to Tracking Pixel Use On the Rise In Healthcare (Health IT Security) Since August 2022, more than 50 lawsuits have been filed against health systems related to their use of tracking pixels, BakerHostetler observed.