Dateline Russia's War against Ukraine: Exchanging drone strikes.
Ukraine at D+446: Drone strikes and false flags. (CyberWire) Heavy drone and cruise missile strikes against Ukraine, and Ukraine answers with British-supplied Storm Shadows.
Russia-Ukraine war: List of key events, day 447 (Al Jazeera) As the war enters its 447th day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 447 of the invasion (the Guardian) Ukraine claims it shot down 18 of 18 missiles in overnight attack on Kyiv; Russia claims a hypersonic Kinzhal missile destroyed a Patriot surface-to-air missile defence system
Ukraine war: Kyiv hit by 'exceptional' number of missiles (BBC News) It is the eighth time Ukraine's capital has been targeted by Russia so far this month.
Russia launches 'exceptional' air attack on Kyiv as Europe, China look to exert influence (AP NEWS) Ukrainian air defenses have thwarted an intense Russian air attack on Kyiv, shooting down all 18 missiles aimed at the capital. The assault early Tuesday came as European leaders sought new ways to punish Russia for the war and a Chinese envoy sought traction for Beijing’s peace proposal. Loud explosions boomed over Kyiv as the nighttime attack combined Russian missiles launched from the air, sea and land in an apparent attempt to overwhelm Ukraine’s air defenses. No casualties were reported as Western-supplied weapons helped fend off the assault. A Ukrainian oficial said Russia’s latest attack on Kyiv was “exceptional in its density."
Strikes in Russian-held Luhansk showcase Ukraine’s longer-range missiles (Washington Post) An explosion rocked the occupied eastern Ukrainian city of Luhansk early Monday morning, the latest in a barrage of strikes in recent days that show Kyiv using new, longer-range weapons to hit deep inside Russian-held territory.
Ukraine strikes Russian forces in Luhansk before expected counteroffensive (the Guardian) Smoke seen rising in eastern city as Moscow says British-supplied Storm Shadow missiles were used
Opinion: Bakhmut Rising (Get the Latest Ukraine News Today - KyivPost) Is the ongoing battle for Bakhmut, to quote Churchill, the beginning of the end or the end of the beginning?
Opinion Why preparations for Ukraine’s counteroffensive have taken so long (Washington Post) After months of near-daily coverage on the World War I-style fighting between Ukraine’s army and various Russian units near Bakhmut, the anticipated Ukrainian spring offensive will likely occur soon. How soon? It’s impossible to tell. It could kick off within days or within weeks. Those speculating on exactly when such an attack might take place need to understand the complex challenge facing Ukrainian forces.
Zelensky, in private, plots bold attacks inside Russia, leak shows (Washington Post) THE DISCORD LEAKS | U.S. intercepts reveal the Ukrainian’s leader’s aggressive instincts, a marked contrast to his public-facing image as the stoic statesman weathering Russia’s brutal onslaught
Iran Expands Military Aid to Russia Amid War in Ukraine, U.S. Says (Wall Street Journal) Moscow is seeking more lethal drones from Tehran, which wants attack helicopters and other military equipment from Russia in return, a senior White House official said.
The D Brief: Germany, France pledge more aid; 4 Russian aircraft downed?; Patriot under attack; SOCOM vs. McNamara; And a bit more... (Defense One) The German government announced its largest weapons package yet for Ukraine over the weekend. The latest batch totals nearly $3 billion in arms and makes Germany the second-largest military aid supplier to Ukraine, behind the United States.
Britain to train Ukrainian pilots, supply more missiles and drones (Defense News) Debates within NATO nations over providing Ukraine with combat jets continues unabated.
Britain to send Ukraine suicide drones with twice the range of Himars (The Telegraph) Announcement that Kyiv will get hundreds of the kamikaze devices to strike back at Russia came as Volodymyr Zelensky met with Rishi Sunak
Ukrainian Tank Crews, Maintainers to Begin Training on U.S. M1 Abrams in Germany Soon (U.S. Department of Defense) The Defense Department announced the arrival of 31 M1 Abrams tanks to Grafenwoehr, Germany, in preparation for U.S.-led training of Ukrainian tank crews and maintainers.
The end of Ukraine aid is rapidly approaching. Reupping it won’t be easy (POLITICO) The Pentagon could run out of money for weapons by midsummer.
Ukraine cannot win on promises alone (The Telegraph) The war is entering a critical phase as Kyiv continues preparations for a counter-offensive. It needs the weaponry Nato promised
NATO mulls future security guarantees for Ukraine but wary of igniting a wider war (Federal News Network) NATO Secretary-General Jens Stoltenberg says U.S. President Joe Biden and his counterparts are discussing ways to ensure that Ukraine does not come under attack from Russia again once the war is over.
The EU should start planning now for Russia after Putin | Alexander Clarkson and Kirill Shamiev (the Guardian) Political destabilisation could lead to armed conflict within Russia itself, say Alexander Clarkson and Kirill Shamiev
The risks of learning the wrong lessons in Ukraine - Breaking Defense (Breaking Defense) The Center for the Study of the Presidency & Congress's Joshua Huminski argues that while it's good that the US is learning from the war in Ukraine, it must be selective in what it applies more broadly.
What the Wagner Group boss's rants reveal about the Kremlin's deepening power struggle (Task & Purpose) A war is raging within Putin’s inner circles.
Cybercriminals who targeted Ukraine are actually Russian government hackers, researchers say (TechCrunch) Security researchers believe that a ransomware group is actually Russian government hackers targeting Ukraine's military.
DDoS Attacks Targeting NATO Members Increasing (NETSCOUT) As the effects of COVID-19 and inflated numbers of DDoS attacks have settled into some semblance of normalcy, it has been all out DDoS war for Finland, Hungary, and Turkey.
From the front line of "the world's first cyberwar" (New Statesman) Victor Zhora exchanged a career in business for a top job in Ukraine’s civil service. A year later he was helping lead the defence against Russia's online war.
Attacks, Threats, and Vulnerabilities
Monitoring organizations report widespread internet outages in Sudan, Pakistan (Record) Internet outages in Sudan and Pakistan have alarmed experts concerned about people in both countries being cut off from the web amid political turmoil.
Twitter under fire for restricting content before Turkish presidential election (CBS News) Owner Elon Musk said the platform faced the risk of being "throttled" if it didn't limit access to some Turkish users.
Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors (Symantec) Merdoor backdoor is low prevalence and used in highly targeted attacks.
Lancefly APT Custom Backdoor Targets Government and Aviation Sectors (Infosecurity Magazine) Symantec's Threat Hunter Team said these campaigns have been ongoing for several years
Stealthy MerDoor malware uncovered after five years of attacks (BleepingComputer) A new APT hacking group dubbed Lancefly uses a custom 'Merdoor' backdoor malware to target government, aviation, and telecommunication organizations in South and Southeast Asia.
Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign (The Hacker News) Government, aviation, education, and telecom sectors in South and Southeast Asia are under attack!
Qilin's Dark Web Ransomware Targets Critical Sectors (Infosecurity Magazine) Group-IB's threat intelligence team said it infiltrated and analyzed Qilin's inner workings
You’ve been kept in the dark (web): exposing Qilin’s RaaS program (Group-IB) All you need to know about Qilin ransomware and its operations targeting critical sectors.
North Korean crypto thefts target Japan, Vietnam, Hong Kong (Nikkei Asia) Study finds Japan's $721m loss accounts for 30% of global total since 2017
Emerging ransomware group quickly hits 4 critical infrastructure providers (Cybersecurity Dive) The financially motivated threat actor attacked organizations in manufacturing, finance, insurance and pharmaceuticals within a week of its debut.
New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems (The Hacker News) Beware of hypervisor jackpotting! Linux and VMware ESXi systems under attack by the new ransomware-as-service (RaaS) operation MichaelKors.
Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online (CyberScoop) A new cybercrime outfit calling itself RA GROUP is just the latest to take advantage of leaked Babuk ransomware source code.
The new info-stealing malware operations to watch out for (BleepingComputer) The information-stealing malware market is constantly evolving, with multiple malware operations competing for cybercriminal customers by promoting better evasion and increased ability to steal data from victims.
Infostealer Market Booming, Despite Genesis Market and RaidForums Takedowns (Secureworks) Secureworks Counter Threat Unit (CTU) has revealed a thriving infostealer market that serves as a key enabler for the most damaging forms of cybercrime such as ransomware attacks.
The Growing Threat from Infostealers (Secureworks) Learn how the Secureworks Counter Threat Unit researchers had observed infostealers playing an increasingly important role in the cybercrime ecosystem.
Hackers exploit WordPress vulnerability within hours of PoC exploit release (CSO Online) The exploitation of the vulnerability leads to a cross-site scripting (XSS) attack in which a threat actor can inject malicious scripts, redirects, advertisements, and other forms of URL manipulation into a victim site.
CrowdStrike Warns VMware’s Hypervisor ‘Highly Attractive’ To Cybercriminals (CRN) Endpoint protection specialist CrowdStrike is warning VMware users that the virtualization all-star’s popular ESXi hypervisor has proven to be a popular target for crooks this year and it expects that trend to continue.
Redirect Rampage Released Via Cloud Storage (Media Trust) DustRoyal-3PC redirect influx hides behind CDNs
Arm confident Cortex-M is secure after side-channel attack (Register) Spectre-esque exploit figures out when interesting info might be in memory
Dallas says it 'will likely take weeks to get back to full functionality' after ransomware attack (Record) It will likely take weeks for government systems in the city of Dallas to get back to full functionality, officials said on Friday afternoon.
Philadelphia Inquirer unable to go to print due to ‘cyber incident’ (Record) The company was unable to produce an updated version of its Sunday paper. Staff have been told to avoid the office until later in the week.
Lowell Hit With Cyberattack, Some Data Released to Dark Web (NBC Boston) The city government in Lowell, Massachusetts, temporarily took all systems offline after a cyberattack. Lowell officials were alerted of the security breach in late April. In response, all city computers had to be shut down, wiped and restored. Miran Fernandez, chief information officer for Lowell’s Management Information Systems, spoke at a city council meeting Tuesday, calling the incident “the biggest…
Hackers claim to publish data seized from Lowell in cybersecurity breach - The Boston Globe (BostonGlobe.com) Cybersecurity experts say the group that has claimed responsibility for the disruption in Lowell has published sensitive information purportedly seized from the city with a threat to release more data unless a ransom is paid.
Brightly Software Notifying 3 Million SchoolDude Users of Data Breach (SecurityWeek) Brightly Software has started informing roughly three million users that their personal information was compromised in a recent data breach.
PharMerica Discloses Data Breach Impacting 5.8 Million Individuals (SecurityWeek) The personal information of more than 5.8 million was compromised in a data breach at national pharmacy network PharMerica.
Data of 5.82M PharMerica patients stolen, accessed during cyberattack (SC Media) Just over five months into 2023, eight healthcare entities have each reported a data breach involving over 950,000 patients. This week’s roundup also details the NextGen and Uintah Basin Health incidents.
Electronics manufacturer Lacroix closes three factories after cyberattack (Tech Monitor) Electronics specialist Lacroix will lose at least a week of production time after closing three factories dealing with a cyberattack.
Cyber attack disrupts Philadelphia Inquirer (Register) Breaking news, literally
Methodist Family Health reports patient information data breach (5newsonline.com) Methodist Family Health in Arkansas is notifying certain individuals about a ransomware attack in which protected health information was breached.
ChatGPT get-rich-quick schemes are flooding the web (Washington Post) The internet is filled with videos promising AI can make you rich. But there is little evidence to prove it can.
Searchlight Cyber Alerts Energy Sector to Dark Web Threats (Business Wire) New threat intelligence report shows how cybercriminals routinely target energy companies on dark web forums
Corero Network Security Releases DDoS Threat Intelligence Report (PR Newswire) Corero Network Security, the specialists in distributed denial of service (DDoS) protection solutions, today released its annual DDoS Threat...
Huntress Secures $60 Million Series C Funding to Expand Suite of Solutions that Protect SMBs from Cyber Attacks (GlobeNewswire News Room) Led by Sapphire Ventures, latest investment round brings total equity funding to $118 million...
CISO Global Creates vCISO LLC to Hold Intellectual Property (GlobeNewswire News Room) SaaS subsidiary will own and out-license next generation security software...
ZeroFox Announces Expanded LookingGlass Contract with Strategic U.S. Department of Defense Agency (GlobeNewswire News Room) LookingGlass Cyber Solutions, a ZeroFox company, expands contract with critical U.S. government department of defense organization...
SVB’s Former CEO Says Fed, Social Media Contributed to Bank’s Collapse (Bloomberg) Becker cites efforts made to overhaul bank in his testimony. Signature Bank executives are also set to testify Tuesday.
Embrace neurodiversity and close the cyber skills gap, says Cybersecurity Festival keynote (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.
Picnic Corporation Appoints Entrepreneur and Cybersecurity Executive Christopher Key to its Board of Directors (EIN) Christopher Key Brings Unparalleled Cybersecurity Leadership to Picnic's Board Amid Growing Threats of Human-Centric Attacks
Naftali Bennett appointed to Quantum Source board (Globes) Bennett said, “Quantum computing is one of the few technologies that has the potential to move the world forward in a significant way.
Cowbell Appoints Industry Leader Andrea Collins as Its First Chief Marketing Officer (PR Newswire) Cowbell, the leading provider of cyber insurance for small and medium-sized enterprises (SMEs), today announced Andrea Collins' appointment as...
Alcatraz AI Appoints Moderna’s Dean Geribo to Advisory Board (GlobeNewswire News Room) Seasoned security leader will help advance company’s mission to accelerate the adoption of facial authentication and AI-based security to create safer...
Sectigo Announces Executive Appointment of Julie Gettys as Chief Human Resources Officer (GlobeNewswire News Room) ROSELAND, NJ, May 16, 2023 (GLOBE NEWSWIRE) -- Sectigo®, a global leader in automated Certificate Lifecycle Management (CLM), and digital certificates,...
Products, Services, and Solutions
Island Introduces the World’s First Self-Protecting Browser (Island) Island today announced Self-Protection for the Enterprise Browser, delivering a fundamentally new approach and level of security to enterprise work.
ComplyAdvantage Takes on Payment Fraud with New AI-powered Solution ComplyAdvantage (ComplyAdvantage) Fraud Detection uses innovative machine learning algorithms to identify and prevent transaction fraud
ReliaQuest Launches GreyMatter Mobile App (GlobeNewswire News Room) New capability enables customers to quickly and efficiently resolve threats...
Aqua Security Launches Industry First Real-Time CSPM (GlobeNewswire News Room) Aqua reduces attack surface by 99%, allowing teams to focus on and fix the most critical threats...
Leostream Delivers Secure Remote Computing with Zero-Trust Network Access for AWS (Business Wire) Leostream™, the world's leading Remote Desktop Access Platform provider, today announced federated identity management with Zero-Trust Network Access (ZTNA) for secure remote computing.
Veza launches Authorization Platform on the Snowflake Data Cloud (Business Wire) New integration enables customers to enforce access governance for sensitive data across all enterprise identities at scale
WhatsApp is getting locked conversations (The Verge) Chat Lock is rolling out now.
The AvePoint Confidence Platform Empowers Organizations to Improve Operational Efficiency (Database Trends and Applications) AvePoint, an advanced platform that optimizes SaaS operations and secures collaboration, is introducing updates to the AvePoint Confidence Platform that will help organizations modernize their digital workplaces with scalability and control. According to the company, as organizations increase their dependencies on SaaS applications for digital collaboration, AvePoint's new SaaS management capabilities further improve operational efficiency, increase visibility, and enable security and compliance.
Proact subsidiary Conoa partners with Isovalent (Cision) Proact and its subsidiary Conoa – a Kubernetes, cloud native and container technology consulting firm has entered into a partnership with Isovalent to further expand its portfolio around visibility, control, performance, and security of customers’ container environments.
Nozomi Networks Delivers Industry’s First AI-powered Cybersecurity Analysis and Response Engine for Critical Infrastructure (Nozomi Networks) Nozomi Networks Delivers Industry’s First AI-powered Cybersecurity Analysis and Response Engine for Critical Infrastructure – press release from Nozomi Networks
Transportation Security Administration Chooses SecurityScorecard to Deliver New Era of Resiliency for Critical Infrastructure (Business Wire) Critical infrastructure operators working with the agency now have complimentary access to SecurityScorecard’s automated cyber ratings platform
Decentralized Web3 Threat Detection Network Forta Approves New Fee Model (Benzinga) Proposal passes with overwhelming 96% community support
Camana Bay, Cayman Islands
The community behind real-time Web3 threat monitoring network Forta has voted to...
Versa Networks Enterprise Firewall Earns a 99.48% Security Effectiveness Score from Independent Testing Lab CyberRatings.org (Business Wire) In Test Comparing Eight Leading Firewall Vendors, Versa Earned a Recommended Rating and Four Top ‘AAA’ Ratings, Delivering the Highest Rated Throughput and the Lowest Price per Protected Mbps
Axiad Partners with Ping Identity to Enhance Cybersecurity Posture With Certificate-Based Authentication (PR Newswire) Axiad, a leading provider of organization-wide passwordless orchestration, announced a new integration with Ping Identity, the intelligent...
Gigamon Deep Observability Pipeline Dramatically Reduces Power Consumption and Carbon Emissions, Driving Significant Cost Efficiencies for Customers Around the World (Business Wire) For every watt invested in Gigamon, organizations save up to 11 watts or more in tool efficiencies, by significantly reducing the network data processing
GitGuardian joins forces with Snyk to offer best-in-class software supply chain security (EIN News) GitGuardian joins Snyk Technology Alliance Partner Program, collaboration will help improve overall code security posture for organizations
Technologies, Techniques, and Standards
TSA is testing facial recognition at more airports, raising privacy concerns (AP NEWS) The agency tasked with securing America's airports is testing the use of facial recognition technology at a number of airports across the country. The Transportation Safety Administration says the technology is an effort to more accurately identify the millions of passengers traveling through its airports every day and that passengers can opt out. The technology is both checking to make sure the person at the airport matches the ID presented and that the identification is in fact real. It's currently at 16 airports. Critics have raised concerns about questions of bias in facial recognition technology and possible repercussions for passengers who want to opt out.
Object Management Group Announces Its Sponsorship Agreement With Dassault Systèmes (OMG) Dassault Systèmes Solutions Enhance Omg Standards Development
Permhash — No Curls Necessary | Mandiant (Mandiant) Diving into permhash, showing its theory, real-word successes and shortcomings.
Ensuring effective cybersecurity in the retail sector (Intelligent CIO Middle East) Prioritizing cybersecurity measures can help CIOs in the retail sector minimise the risk of cyberattacks and protect their organization’s reputation, finances and customers. Muneer Abdurahman, CIO SPAR and Al Sadhan Retail, tells us: “As the CIO in a retail organisation without a dedicated CISO, it is important to prioritise cybersecurity measures to protect the business […]
Why do businesses and organizations fail to prevent cyber attacks? (BCI) Cyber-attacks are an ever-increasing threat to businesses and organizations worldwide.
Communicating cyber risk: Keep it simple says MHR CISO (Computing) Will North assessed many expensive GRC tools, then went back to Excel
Introducing the chief trust officer (MIT Technology Review) Building and maintaining stakeholder trust is now a key responsibility across the C-suite
Research and Development
Illinois Tech’s CARNATIONS Receives $10M Federal Grant as New Tier 1 Transportation Center to Bolster Cybersecurity in Navigation Systems (IIT) The Center for Assured and Resilient Navigation in Advanced Tran
CISA and Secret Service Release Toolkit for K-12 Schools to Strengthen School Safety Reporting Programs (Cybersecurity and Infrastructure Security Agency) Joint toolkit includes action-oriented guidance, self-assessment worksheets, reference resources, and useful checklists
Cyberattacks disrupt Tennessee, Georgia colleges (SC Media) Separate cyberattacks have impacted Tennessee-based Chattanooga State Community College and Georgia-based Mercer University over the past week, reports The Record, a news site by cybersecurity firm Recorded Future.
Legislation, Policy, and Regulation
An interview with Bart Groothuis — the man writing the EU’s cybersecurity laws (Record) An interview with Member of Parliament Bart Groothuis, one of the European Union’s most significant voices on cybersecurity.
UK's policing minister argues for more facial recognition (Computing) Chris Philp, the UK's policing minister, is advocating for the nationwide expansion of controversial facial recognition technology.
Senators Introduce Rural Hospital Cybersecurity Enhancement Act (Health IT Security) The Rural Hospital Cybersecurity Enhancement Act aims to address cybersecurity workforce gaps and improve cybersecurity training at rural healthcare facilities.
The FISA Section 702 Debate Intensifies (Lawfare) Let’s take a closer look at incidental collection, FBI querying, and the Fourth Amendment as we head into a potential 702 sunset.
Litigation, Investigation, and Law Enforcement
A Global Scavenger Hunt for Classified Documents Pits Gamers vs. U.S. (Wall Street Journal) The government secrets leaked on Discord have become fodder for users seeking fun and attention.
Prosecutors accuse Ghanaian Instagram star of participating in cybercrime ring (Washington Post) With millions of people scouring their every tweet, TikTok or Instagram post, perhaps it was inevitable that some influencers would go too far to get money from their fans.
Prosecutor ends probe of FBI's Trump-Russia investigation with harsh criticism, but no new charges (AP NEWS) Special counsel John Durham's report represents the long-awaited culmination of an investigation that Trump and allies had claimed would expose massive wrongdoing by law enforcement and intelligence officials. Instead, Durham’s investigation delivered underwhelming results, with prosecutors securing a guilty plea from a little-known FBI employee but losing the only two criminal cases they took to trial.
Durham report sharply criticizes FBI’s 2016 Trump campaign probe (Washington Post) Special counsel says “extremely troublesome” failures appear to stem from bias that kept agents from carefully examining evidence
FBI accused of failures but key report finds no deep-state plot against Trump (the Guardian) Agency ‘failed to uphold mission of strict fidelity’, special counsel John Durham concludes in investigation launched by Bill Barr
Durham Report: FBI, DOJ 'Failed to Uphold Their Mission' in Trump Probe (The Daily Signal) "There was significant reliance on investigative leads provided or funded ... by Trump's political opponents,” the Durham report says.
Takeaways from the Durham report on the Trump-Russia probe (POLITICO) Why Durham played defense, who gave him the cold shoulder and what the report means for a key surveillance authority.
NYDFS Penalizes bitFlyer $1.2 Million for Violations to Cybersecurity Regulation (JD Supra) On May 1, 2023, bitFlyer USA, Inc. (“bitFlyer”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) for multiple...
Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France (Naked Security) We asked you once, we told you twice, now we’re ordering you for the third time…
Transportation Needs to Improve Cyber Policy Implementation, Watchdog Finds (Nextgov.com) The Department of Transportation should better implement its policies for established cyber roles, including improving training and role expectations, according to a recent GAO report.
US Department of Transportation responds to breach of employee data (Record) The U.S. Department of Transportation (DOT) is still investigating a data breach that came to light on Friday.
Hack on Transportation Systems Exposes Employee Information (Nextgov.com) The Department of Transportation breach exposed the data of 237,000 current and former employees.
Eyes on the poor: Cameras, facial recognition watch over public housing (Washington Post) Surveillance cameras purchased with federal crime-fighting grants are being used to punish and evict public housing residents, sometimes for minor rule violations, a Washington Post investigation found