Dateline
Ukraine at D+432: Waiting for the counter-offensive. (CyberWire) While Ukraine continues to prepare its spring offensive, preliminary lessons learned from Russia's war suggest that cyber ops have proven more combat multiplier than combat power.
Russia-Ukraine war: List of key events, day 433 (Al Jazeera) As the war enters its 433rd day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 433 of the invasion (the Guardian) US estimates 20,000 Russian soldiers have died in five months; Black Sea grain initiative talks scheduled for Wednesday
Russia missile attack on Ukraine injures 34, damages homes (Military Times) Ukrainian officials say that Russia launched its second large salvo of missiles at Ukraine in recent days.
Ukraine claims Russian troops and Wagner mercenaries are fighting each other (Task & Purpose) The military and the mercenaries are beefing hard.
Ukraine live briefing: Russia has suffered 100,000 casualties since December, U.S. says (Washington Post) The United States estimates Russia has suffered 100,000 casualties since December, including more than 20,000 killed in action, the National Security Council said Monday. Roughly half of those killed, NSC spokesman John Kirby said, were working with the Wagner mercenary group, often ex-convicts who had been recruited from prison.
More than 20,000 Russian soldiers killed in five months in Ukraine, US says (the Guardian) Figure is acceleration in casualties, with most troops killed in brutal trench warfare for eastern city of Bakhmut
Putin claims he’s cancelling public celebrations over safety fears. The truth is more humiliating (Guardian) With even nationalist pro-war bloggers criticising Putin’s actions in Ukraine, his desperation and paranoia are growing
The World Awaits Ukraine’s Counteroffensive (The Atlantic) As the country approaches a battle for its ultimate fate, democracy and Western civilization hang in the balance.
The little-known group that’s saving Ukraine (POLITICO) The 40-nation bloc that's sending weapons to Kyiv seems to have pulled off the impossible. Now comes the hard part.
Cyber lessons from Ukraine: Prepare for prolonged conflict, not a knockout blow (Breaking Defense) Instead of fixating on the apocalyptic possibility of a "cyber Pearl Harbor," experts say, the US should prepare for digital wars of attrition like the one ongoing in Ukraine.
‘They don’t know how they are viewed here’: Russians in Georgia revive old tension (the Guardian) Russians in Tbilisi often arrive unaware of historical sensitivities and simmering hostility
Marine veteran killed while evacuating Ukrainian civilians from Bakhmut (Task & Purpose) Marine veteran Cooper “Harris” Andrews has been killed during a mortar attack near Bakhmut, Ukraine, on a road used to evacuate civilians.
Attacks, Threats, and Vulnerabilities
Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense (Ars Technica) Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?
Magecart threat actor rolls out convincing modal forms (Malwarebytes) To ensnare new victims, criminals will often devise schemes that attempt to look as realistic as possible. Having said that, it is not every day that we see the fraudulent copy exceed the original piece.
Three New BGP Message Parsing Vulnerabilities Disclosed in FRRouting Software (Forescout) In our new vulnerability research report, Forescout Vedere Labs discusses an often-overlooked aspect of Border Gateway Protocol (BGP) security: vulnerabilities in its software implementations. More specifically, vulnerabilities in BGP message parsing found in the popular FRRouting implementation that could be exploited by attackers to achieve a denial of service (DoS) condition on vulnerable BGP peers.
New LOBSHOT malware gives hackers hidden VNC access to Windows devices (BleepingComputer) A new malware known as 'LOBSHOT' distributed using Google ads allows threat actors to stealthily take over infected Windows devices using hVNC.
New 'Lobshot' hVNC Malware Used by Russian Cybercriminals (SecurityWeek) Russian cybercrime group TA505 has been observed using new hVNC malware called Lobshot in recent attacks.
Elastic Security Labs discovers the LOBSHOT malware (Elastic Blog) An analysis of LOBSHOT, a malvertising malware family spreading through Google Ads.
TBK DVR Authentication Bypass Attack (FortiGuard) DVR camera system vulnerability actively exploited in the wild
Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram (Naked Security) These malware peddlers are specifically going after Mac users. The hint’s in the name: “Atomic macOS Stealer”, or AMOS for short.
Netskope: Attackers Double Down on Social Engineering Techniques and Malicious Functionalities Leading to Sharp Increase in Malware Downloads (Netskope) Researchers Find Attackers Are Successfully Evading Detection By Blending in with Normal Network Traffic Via HTTP and HTTPS
Beware of Fake Google Chrome Update Error Messages (Trend Micro News) Google Chrome users should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message.
AI Chatbots Have Been Used to Create Dozens of News Content Farms (Bloomberg) A new report documents 49 new websites populated by AI tools like ChatGPT and posing as news outlets
T-Mobile discloses second data breach since the start of 2023 (BleepingComputer) T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023.
T-Mobile discloses 2nd data breach of 2023, this one leaking account PINs and more (Ars Technica) Hack affecting 836 subscribers lasted for more than a month before it was discovered.
T-Mobile Announces Another Data Breach (CNET) It affected just over 800 people but follows the data breach impacting 37 million customers in January.
Bitmarck, one of Germany’s largest IT providers, hit by cyberattack (Record) Bitmarck, which has a big presence in Germany's healthcare system, says it has taken taken all of its customer and internal systems offline.
Researchers see surge in scam websites linked to coronation (Computer Weekly) Scammers and fraudsters continue to take advantage of large public events, with the coronation of King Charles III no exception.
Cyber Attacks Hit in Massachusetts and South Carolina (GovTech) Lowell, which is Massachusetts’ fourth largest city, discovered a cyber intrusion early last week, and its response saw many city systems taken offline. Meanwhile, Spartanburg County, S.C., was struck by ransomware, too.
UK pension funds warned to check on clients’ data after Capita breach (Record) The Pensions Regulator has written to hundreds of pension funds, urging trustees to contact Capita to learn if their data had been affected.
Hackers leak images to taunt Western Digital's cyberattack response (BleepingComputer) The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach.
Trends
How Morris Worm Command and Control Changed Cybersecurity (Security Intelligence) The Morris worm was one of the earliest documented instances of C2 attack infrastructure. Decades later, these attacks still pose a threat.
Hacking Caused 80% of Healthcare Data Breaches in 2022 (Security Intelligence) Healthcare remains the costliest industry for data breaches. Protecting against malicious actors should be a top priority.
ESG Survey: The Freedom to Communicate and Collaborate (Abnormal) New survey reveals the latest trends shaping communication and collaboration application security.
Marketplace
Artificial Intelligence Voice Scams on the Rise with 1 in 4 Adults Impacted (Business Wire) McAfee researchers find you can clone a voice from just three seconds of audio
Beware the Artificial Impostor (McAfee) A McAfee Cybersecurity Artificial Intelligence Report
10 Cybersecurity Companies Making Moves: April 2023 (CRN) Cybersecurity companies with major announcements in products, acquisitions and executive hires in April 2023 included CrowdStrike, Google Cloud, SentinelOne, Cisco and Wiz, with some of the product launches at RSAC 2023.
RADCOM Completes its Acquisition of Continual (PR Newswire) RADCOM Ltd. (Nasdaq: RDCM) today announced that further to its announcement from February 21, 2023, it has completed the acquisition of the...
L7 Defense Rebrands as ammune.ai to Focus on AI Security (Financial Post) L7 Defense, a leading API Security solutions provider, announced today that it has rebranded as ammune.ai as a leader of the “AI Security”.
ei3 to Lead OMAC’s Cyber Resilience Act Task Force (GlobeNewswire News Room) ei3, a renowned leader in industrial-grade secure remote access solutions, is leading the Cyber Resilience Act...
KnowBe4 appoints VP of sales for APAC (Channel Asia) Security awareness training provider KnowBe4 has hired David Bochsler as vice president of sales for Asia Pacific.
Products, Services, and Solutions
SOOS Launches Innovative Partner Program for MSSPs to Boost Clients' SBOM Compliance and Application Security (PR Newswire) SOOS, a leading provider of Software Bill of Materials (SBOM) management solutions, is announcing the launch of a comprehensive partner program...
IDEMIA Identity & Security Achieves Key Milestones in 2023 (IDEMIA North America) IDEMIA Identity and Security has delivered 60 million smart credentials, administered 50 million state and local government enrollments, and processed 17 million TSA PreCheck® enrollments for the Transportation Security Administration (TSA) Reston, Virginia (April 25, 2023) – IDEMIA Identity and Security, the leading provider of biometrics and secure identity solutions to federal, state, and local government […]
BlueVoyant Supply Chain Defense Delivered Nearly 300% Return on Investment, According to Leading Independent Research Firm (BlueVoyant) BlueVoyant today announced findings from a commissioned Total Economic Impact™(TEI) study conducted by Forrester Consulting on behalf of the company.
Poly and Pexip Unite to Meet the Demands of Security-Conscious Customers with New Joint Offerings (HP) Poly, an HP company, is strengthening its focus on delivering the best collaborative devices, management, and services to its customers.
Introducing storage on Vercel (Vercel) New to the Vercel dashboard: Vercel KV, Vercel Postgres, and Vercel Blob
Logically Announces New SaaS Security Solution (PR Newswire) Logically, one of the nation's leading managed security and IT service providers, today announced a partnership with SaaS Alerts and the launch...
SentinelOne unveils multi-layer cybersecurity AI platform (SecurityBrief New Zealand) SentinelOne threat-hunting platform seamlessly fuses real-time, embedded neural networks and a large language model-based natural language interface.
Proact achieves Rubrik Authorized Support Partner status (News Powered by Cision) Europe's leading independent cloud services and data centre provider Proact has had a strong
SecurityHQ Achieves CREST Accreditation - The Highest Audit Standards (PR Newswire) SecurityHQ, a Leading Global Managed Security Services Provider (MSSP), have received CREST accreditation, which highlights an ongoing...
BullWall Launches North American Channel Program to Growing Demand for Ransomware “Kill Switch” (Business Wire) Sold 100% Via Channel Partners Throughout Europe, BullWall Blocks Ransomware Attacks in <10 Seconds. 77% of Organizations That Took Ransomware Assessments Became Customers in 2022
Häfele Recovers from Ransomware Attack with Cato Networks (Cato Networks) Cato SASE Cloud enables Häfele to transform its 180-site global network and security infrastructure in less than a month
Omada Partners with CyberSolve to Expand U.S. Enterprise IGA Market Reach (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), today announced a partnership with CyberSolve, a...
Alcatraz AI Collaborates with Genetec Inc. to Advance Enterprise Access Control and Physical Security (GlobeNewswire News Room) Collaboration delivers biometric access control solution that allows customers to see, know, and understand their environment making people and places...
CYTRIO Launches Privacy UX Platform to Help Businesses Navigate Complex Data Privacy Laws (CYTRIO) CYTRIO unifies consent and preference management, DSAR management, do not sell my information, and policy templates into affordable, easy-to-deploy, all-in-one platform BOSTON — May 2, 2023 — CYTRIO, a next-generation data privacy compliance company, introduced a comprehensive data privacy UX platform that includes consent and preference management, do not sell my information, Data Subject Access […]
Appdome Partners with GitLab to Enhance Security in the Mobile App Economy (PR Newswire) Appdome, the mobile app economy's one and only Cyber Defense Automation platform, today announced that it has released a pre-built integration...
Spin.AI Announces New Google Integration for App Risk Assessment (Spin.AI) Recent analysis reveals that a staggering 75% of SaaS applications with OAuth permissions to Google Workspace pose a high or medium risk to sensitive data within Google Workspace – highlighting the ever-growing need to prioritize securing SaaS ecosystems.
Palo Alto Networks Unveils Its Cloud Next-Generation Firewall for Microsoft Azure Customers (PR Newswire) Palo Alto Networks (NASDAQ: PANW) today announced it is bringing its industry-leading ML-Powered Next-Generation Firewall (NGFW) to Microsoft...
Technologies, Techniques, and Standards
CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans | CISA (Cybersecurity and Infrastructure Security Agency CISA) The Federal Communications Commission (FCC) maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national security pursuant to the Secure and Trusted Communications Networks Act of 2019.
Reigning in ‘Out-of-Control’ Devices (SecurityWeek) The first step to reign in out-of-control devices is to gain visibility into what’s happening on your network.
Building Cyber Resiliency in the U.S. Government (Nextgov.com) The public sector is making progress but must embrace technological innovation.
Leveraging AI & Machine Learning in identity security (Innovation News Network) Discover how AI and ML accelerate identity security by streamlining processes and providing actionable insights to administrators and users.
CYBER HYGIENE | Keeping safe on social media (919th Special Operations Wing) Social media sites and apps are great ways to connect and share information. User profiles, timelines, social media statuses, friend lists, and message services grant your contacts insights into your
Juniper Research: Operator Losses from Business Messaging Fraud to Reduce by 66% over 4 Years, as SMS Firewalls Deliver $4.4 billion Global Savings (Business Wire) Juniper Research, foremost experts in mobile messaging markets, has found that the operator revenue loss to SMS grey route traffic will decline by 66% over the next 4 years; owing to the increasing adoption and efficiency of SMS firewalls.
The hidden security risks in tech layoffs and how to mitigate them (CSO Online) Layoffs can be tough for both companies and employees. When grappling with anger, fear, and uncertainty, it's hard for anyone to be at their best. Here are some strategies for avoiding negative outcomes during layoffs.
Design and Innovation
Deep learning pioneer Geoffrey Hinton has quit Google (MIT Technology Review) Hinton will be speaking at EmTech Digital on Wednesday.
Scared of Leaking Data to ChatGPT? Microsoft Tests a Private Alternative (The Information) Not everyone trusts OpenAI’s ChatGPT. While the new artificial intelligence–powered chatbot has proved popular with some businesses looking to automate business tasks, other companies, such as banks, have avoided adopting ChatGPT for fear that their employees would inadvertently give the chatbot ...
Research and Development
OTORIO Secures U.S. Patent for Innovative Operational Network Risk Mitigation System and Method (OTORIO) OTORIO delivers next generation secured OT, IOT, industrial control systems (ICS) security and digital risk management solutions. Our End-to-end industrial cyber-security services are delivered by an experienced team of OT cyber experts, and include Risk Assessment, Threat Intelligence, Incident Response, Penetration Testing and Cyber Analyst-as-a-Service.
Academia
Colleges and schools across US dealing with ransomware incidents, cyberattacks (Record) Thousands of students at several U.S. schools started the week feeling the impact of ransomware attacks and other cybersecurity incidents.
Legislation, Policy, and Regulation
EU, US Warn Malaysia of Security Risk in Huawei's Bid for 5G Role - FT (US News) The European Union and U.S. have warned Malaysia over risks to national security and foreign investment as it finalises a review of its 5G rollout that could allow China's Huawei Technologies Co Ltd to bid for a role in its telecoms infrastructure, the Financial Times reported on Tuesday
Taiwan Forges Closer Ties With the Five Eyes (ClearanceJobs) Fearing threats from China, Taiwan is now sharing intelligence with the U.S. and the other nations that make up the Five Eyes.
US pushed for cyberspace investment as tension mounts over Taiwan (The Hill) The Big Story US pushes for cyberspace investment as tension mounts over Taiwan Increasing tension…
Maintaining a Premier Cyber Force on a World Stage (CyberEdge by SIGNAL) The U.S. Department of Defense aims to align technology, policy and warfighter abilities to confront near-peer adversaries in the digital domain.
Joint Staff Hosts Combatant Commands for C4/Cyber Summit (U.S. Department of Defense) Director of the Joint Staff J6, Lt. Gen Mary O'Brien hosted the Inaugural J6 C4/Cyber Global Summit at the Pentagon.
Partnerships Power Cyber Readiness (SIGNAL) DoD’s cyber big three present a united front.
The High-Stakes Scramble to Stop Classified Leaks (WIRED) AI tools? A porn filter, but for Top Secret documents? Just classifying less stuff? US lawmakers are full of ideas but lack a silver bullet.
U.S. officials say AI will be a big cyberthreat. How it’ll materialize is less clear. (Washington Post) U.S. officials say AI will be a big cyberthreat. How it’ll materialize is less clear.
Bill would require disclosure of AI-generated content in political ads (Washington Post) Legislation introduced Tuesday by Rep. Yvette D. Clarke (D-N.Y.) responds to AI’s increasing deployment in political messaging.
Governor signs law requiring BMV to disclose how it spends money generated from selling your personal info (WRTV Indianapolis) Governor Eric Holcomb signed legislation that will require the Indiana Bureau of Motor Vehicles (BMV) to disclose how they’re spending money generated from selling your personal information.
2023 State-by-State Artificial Intelligence Legislation Snapshot (Bryan Cave Leighton Paisner) Artificial Intelligence (AI), once limited to the pages of science fiction novels, has now been adopted by more than 1/4 of businesses in the United States, and nearly half of all organizations are…
Litigation, Investigation, and Law Enforcement
288 dark web vendors arrested in major marketplace seizure (Europol) Law enforcement on three continents seize EUR 50.8 million in cash and virtual currencies, 850 kg of drugs and 117 firearms
FBI adapting to 'growing' threat from Chinese cyber activity, senior official says (Record) The threat posed by malicious Chinese cyber activities is “absolutely a growing problem” as the U.S. tracks Beijing’s designs on Taiwan and prepares for the 2024 presidential election, according to a senior FBI official.
Chinese suspect’s computer held millions of stolen IDs, passwords (The Asahi Shimbun) A Chinese student whose computer contained millions of stolen IDs and passwords appears to have been a key player in a fraud ring connected to another group that has been smuggling Japanese e-cigarettes to China.
Merck Cyberattack Isn’t ‘Warlike Action’ Under NJ Insurance Law (Bloomberg Law) Merck & Co. is entitled to insurance payouts in connection with a malware attack that was possibly orchestrated by agents of the Russian government, as a New Jersey appellate court on Monday rejected several insurance companies’ argument that the attack falls under a policy exemption for warlike actions.
Patient Drops Request to Compel Hospital Group to Pay Ransom (Wall Street Journal) A Jane Doe plaintiff had sought to force Lehigh Valley Health Network to meet hackers’ demand for more than $5 million after they posted naked photos of her and other patients.