Dateline
Russia-Ukraine war: List of key events, day 448 (Al Jazeera) As the war enters its 448th day, we take a look at the main developments.
Armed with Storm Shadow, Ukraine could 'starve' Russian front lines of logistics, leadership (Breaking Defense) Giving the long-range missile to Ukraine "will help them to hit the command-and-control nodes, the logistics, where you have a sort of coalescence of Russian soldiers,” Rear Admiral Tim Woods told Breaking Defense.
Russia’s most potent hypersonic weapon neutralised, says Ukraine (the Guardian) Intense night-time bombardment of Kyiv damaged Patriot air defence system, air command confirms
Russia launches ‘exceptional’ air attack on Kyiv as Europe, China look (Military Times) Ukrainian air defenses thwarted an intense Russian air attack on Kyiv, shooting down all 18 missiles aimed at the capital with the help of Western-support.
U.S. Assesses Potential Damage to Patriot Missile System During Russian Strike on Kyiv (Wall Street Journal) Ukraine intercepts 18 missiles near capital; U.S.-made air-defense system remains operational, official says.
US-supplied Patriot air defence system 'damaged' in Russian barrage on Kyiv (Telegraph) During intense overnight barrage, Moscow claims to have struck Patriot system with a Kinzhal missile
Top Russian official in coma after grenade attack on Ukrainian barber shop (Telegraph) Acting interior minister of Russia-controlled Luhansk region one of eight injured in city centre explosion
Wagner chief’s rants highlight Russian infighting ahead of Ukraine offensive (Atlantic Council) Wagner chief Yevgeny Prigozhin's public rants against Russia’s military leadership point to mounting infighting within Putin’s invading army as it prepares to face a potentially decisive Ukrainian offensive, writes Olivia Yanchik.
Ukrainians Send a Message With Their Bombs. On Them, Too. (New York Times) Ukrainians have a lot to say to Russia, and many have chosen to say it in ink on the sides of rockets, mortar shells and even exploding drones.
Russian Mercenary Group Claims American Veteran Killed in Ukraine Firefight (Military.com) The video of Yevgeny Prigozhin, commander of the Wagner Group circulated online and appeared to show him holding a retiree card, driver's license and U.S. Department of Veterans Affairs identification card.
Russia’s Parliament votes to scrap Cold War armed forces deal (Military Times) The deal, now formally scrapped by Russia’s parliament, aimed to prevent Cold War rivals from massing forces at or near mutual borders.
Ursula von der Leyen steps up calls for tribunal for Russia’s ‘crime of aggression’ (the Guardian) Speaking before Council of Europe summit, European Commission president says ‘accountability for Russia’ will be big topic
Macron follows Britain by sending French 'Storm Shadow' missiles to Ukraine (The Telegraph) Just days after the UK’s long-range weapons were launched, the French president confirmed that he would also supply new munitions
Andriy Yermak: Italy is defending common European values in Ukraine (Atlantic Council) Italian Prime Minister Giorgia Meloni is right to say that helping Ukraine defend itself against Russian invasion is about freedom, justice, and common values, writes the head of Ukraine's Office of the President, Andriy Yermak.
UK and Netherlands agree ‘international coalition’ to help Ukraine procure F-16 jets (the Guardian) Rishi Sunak and Mark Rutte announced plans a day after Volodymyr Zelenskiy said Kyiv could soon receive fighter jets
US Aid to Ukraine On Track to Run Out in September (Defense One) In Washington, some are beginning to wonder what Biden is waiting for.
The conflict cannot end until Ukraine is part of the West (POLITICO) The question is not whether Ukraine should become a part of the Euro-Atlantic institutions, but when and how.
The Case for Increasing Aid to Ukraine (The Atlantic) The sooner Putin and his coterie are forced to face failure, the better.
Ukraine joins NATO Cyber Centre (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.
How One Millennial Ukrainian Is Defeating Russians: Viral Videos, Collaboration, and Lots of Drones (Defense One) But the 34-year-old battalion commander said if he had his enemies’ arsenal, he would “burn them off of the earth.”
Russian Officials Unnerved by Ukraine Bloodshed Are Contacting CIA, Agency Says (Wall Street Journal) The Central Intelligence Agency’s semipublic campaign to convince Russians to spy for Washington has borne fruit, officials said, as the spy agency released a new video aimed directly at Russian government figures.
U.S. charges Russian in global ransomware attacks, including on D.C. (Washington Post) The Justice, Treasury and State departments announced a crackdown on suspect Mikhail Matveev, with economic sanctions and a $10 million reward for his arrest
Ex-Apple Engineer Indicted in Crackdown on Flow of Restricted Tech to China, Russia (Wall Street Journal) A former Apple engineer has been charged with trying to steal the company’s self-driving-car technology, U.S. authorities said.
U.S. charges Apple ex-employee for trying to steal technology, fleeing to China (Reuters) The United States on Tuesday announced charges in five cases involving alleged efforts to steal technology to benefit China, Russia and Iran including a former Apple Inc engineer accused of targeting the company's technology on autonomous systems, including self-driving cars, and then fleeing to China.
US ‘strike force’ charges Chinese and Russian nationals with stealing sensitive tech (Record) The Justice Department on Tuesday announced a round of indictments against foreign nationals who attempted to illegally gain access to sensitive U.S. technologies, including the source code for Apple's autonomous driving system.
Attacks, Threats, and Vulnerabilities
Pro-Houthi hacking group linked to spyware operation on Arabian Peninsula (CyberScoop) A group that appears to support the Houthis in Yemen is targeting organizations working in the region with malicious Android-based apps.
CISA and Partners Release BianLian Ransomware Cybersecurity Advisory (Cybersecurity and Infrastructure Security Agency CISA) CISA, the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) have released a joint Cybersecurity Advisory (CSA) with known BianLian ransomware and data extortion group technical details. Microsoft and Sophos contributed to the advisory.
#StopRansomware: BianLian Ransomware Group (Cybersecurity and Infrastructure Security Agency CISA) The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ACSC investigations as of March 2023.
More Supply Chain Attacks via Malicious Python Packages (Fortinet Blog) The FortiGuard Labs team recently discovered over 30 new zero-day attacks in PyPI packages. Read to learn more about all the packages that were found.…
The Dragon Who Sold His Camaro: Analyzing Custom Router Implant (Check Point Research) Check Point Research (CPR) exposes a malicious firmware implant for TP-Link routers allowed attackers to gain full control of infected devices and access compromised networks while evading detection. CPR attributes the attacks to a Chinese state-sponsored APT group dubbed "Camaro Dragon".
China's Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks (The Hacker News) Chinese nation-state actor Mustang Panda is utilizing custom firmware implants for TP-Link routers and compromising networks.
TP-Link routers provide entry point for Chinese hackers (Computing) Malicious firmware is vendor-agnostic, so other routers, not just TP-Link, are at risk of being co-opted into a 'sophisticated' attack
Manage WORM Compliant Storage with a Data Governance Plan (Datadobi) StorageMAP can solve WORM storage retention risks by identifying files that have exceeded their retention period and helping you act on them.
Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source code (Cisco Talos Blog) Cisco Talos recently discovered a new ransomware actor called RA Group that has been operating since at least April 22, 2023.
New Babuk-Based Ransomware Targeting Organizations in US, Korea (SecurityWeek) An emerging ransomware gang called RA Group is targeting organizations in the United States and South Korea.
New RA Group ransomware targets U.S. orgs in double-extortion attacks (BleepingComputer) A new ransomware group named 'RA Group' is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea.
Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched (Naked Security) Yes, it’s a buffer overflow bug. No, it’s not going get fixed.
BatLoader Impersonates Midjourney, ChatGPT in Drive-by Cyberattacks (eSentire) Learn more about how threat actors are exploiting ChatGPT and Midjourney to deliver the BatLoader malware using Google Search Ads and get security recommendations from our Threat Response Unit (TRU) to protect your business from this cyber threat.
Checkmate: New VIP Invoice Authorization Fraud Attack Targeting Businesses (Armorblox) Today, we shine a light on a brand new type of email attack that Armorblox stopped - VIP Invoice Authorization Fraud. This socially engineered attack targets end users at an organization, taking advantage of unsuspecting victims' authority bias, in order to request payment for a fraudulent invoice.
Fake ChatGPT Apps Scam Users Out of Thousands of Dollars, Sophos Reports (GlobeNewswire News Room) These Apps—Known as Fleeceware—Take Advantage of App Store Policy Loopholes and Coercive Tactics to Overcharge Users for AI Assistants...
OTORIO Discovers Vulnerabilities That Jeopardize Users of Major Industrial Cellular Routers' Cloud Management Platforms (PR Newswire) OTORIO, the leading provider of operational technology (OT) cyber and digital risk management solutions, today announced that three significant...
Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched (Naked Security) Yes, it’s a buffer overflow bug. No, it’s not going get fixed.
Multiple Counter-Strike Zero-Day Flaw Let Hackers Control Client Machine (Cyber Security News) The extensive availability of game modes, community servers, and modding support in Counter-Strike: Global Offensive results in a significant attack surface.
This Is Catfishing on an Industrial Scale (WIRED) Hired as customer service reps, these freelancers were instead tasked with luring in the lonely and lovestruck through a network of dating and hookup sites.
Infamous cybercrime marketplace offers pre-order service for stolen credentials (Help Net Security) Infostealer malware remains widely available to buy through underground forums, while Russian Market remains the top seller.
Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts (The Hacker News) New findings reveal that affiliates associated with the Qilin ransomware-as-a-service scheme earn a staggering 80-85% of ransom payments.
Qilin Ransomware Operation Outfits Affiliates With Sleek, Turnkey Cyberattacks (Dark Reading) Researchers infiltrate a ransomware operation and discover slick services behind Qilin's Rust-based malware variant.
Infiltration of Qilin reveals customizable nature of RaaS marketplace (SC Media) Affiliates are given access to a detailed admin dashboard with all the bells and whistles to make extorting their victims a breeze.
New ZIP domains spark debate among cybersecurity experts (BleepingComputer) Cybersecurity researchers and IT admins have raised concerns over Google's new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery.
Re-Victimization from Police-Auctioned Cell Phones (KrebsOnSecurity) Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found.…
The Philadelphia Inquirer’s operations continue to be disrupted by a cyber incident (Philadelphia Inquirer) It was unclear when systems would be fully restored. The incident is the greatest disruption to Inquirer publication since 1996.
Cyber Attack Disrupts Philadelphia Inquirer (Insurance Journal) The Philadelphia Inquirer experienced the most significant disruption to its operations in 27 years due to what the newspaper calls a cyberattack. The
Apparent cyberattack forces Philadelphia Inquirer office to close ahead of mayoral primary (CNN Business) An apparent cyberattack forced the Philadelphia Inquirer to close its office through Tuesday, the newspaper’s spokesperson Evan Benn told CNN in an email on Monday.
Vulnerability Summary for the Week of May 8, 2023 (Cybersecurity and Infrastructure Security Agency CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
CISA Releases Three Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released three Industrial Control Systems (ICS) advisories on May 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Trends
Coalition Finds Organizations with Unresolved Critical Vulnerabilities Are 33% More Likely to Experience a Cyber Claim (Business Wire) New 2023 Cyber Claims Report From Coalition Also Confirms Human Error or Inaction as the Top Exploited Attack Vector, with Organizations Using End-of-Life Software Experiencing Three Times More Claims
Download Here: Coalition's 2023 Cyber Claims Report (Coalition) This report aims to help educate brokers on the most prevalent cyber incidents, how to help their clients reduce cyber risk exposure, and why Active Insurance is a better model of protection for evolving digital risks.
Shadow API Usage Surges 900%, Revealing Alarming Lack of API Visibility Among Enterprises (Business Wire) New Research Highlights APIs are Now a Leading Attack Vector, Posing New and Significant Threats to Organizations
Marketplace
Confirmed: IBM acquires Polar Security for $60M to automate cloud data management (TechCrunch) Cloud data management is getting more complex from a security standpoint; IBM's acquired a startup to bolster its business on that front.
Eagle Eye Networks and Brivo Announce $192M Investment – One of the Largest Ever in Cloud Physical Security (Business Wire) SECOM CO., LTD, a $15B enterprise and one of the largest security integration companies in the world, invests in the two global cloud physical security leaders, accelerating the use of AI and improving safety and security
ReliaQuest acquires agent software and engineering assets from EclecticIQ (GlobeNewswire News Room) ReliaQuest, a force multiplier of security operations, today announced the acquisition of agent software...
Entro Raises $6M for First End-to-End Secrets Security and Management Solution (Business Wire) Backed by StageOne Ventures and Hyperwise Ventures, Entro Security equips CISOs and security teams to discover, monitor and govern machine authentication credentials (secrets) and programmatic access to cloud services and data
Huntress: Tripling Down on Protecting the 99% - Forgepoint Capital (Forgepoint Capital) On behalf of our team, I’m excited to announce Huntress’ $60 million Series C funding round led by Sapphire Ventures, with the continued participation of Forgepoint and JMI Equity.
Managing Security for the 99%: Why We’re Excited to Lead Huntress’ Series C (Sapphire Ventures) Most security breaches dominating headlines are the results of sophisticated efforts to compromise high-profile enterprises — those with troves of valuable data and the ability to pay large ransoms. Despite the lack of press coverage, bad actors aren’t just focused on the Fortune 500. With ever-expanding attack surfaces and advancements in automation, cybercriminals are actively targeting small and mid-sized businesses (SMBs) — the backbone of the global economy.
CISO Global Inc. Announces Pricing of $4.0 Million Registered Direct Offering (GlobeNewswire News Room) CISO Global Inc. (“CISO Global” or the “Company”) (NASDAQ: CISO), an industry leader as a...
Elon Musk: Working from home is 'morally wrong' when service workers still have to show up (CNBC) The Tesla CEO excoriated Silicon Valley workers who Musk claimed demanded to work from home while continuing to get support and help from in-person workers.
Keeper Security Expands Global Reach with APAC Headquarters in Japan (PR Newswire) Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software, is expanding further into global markets with...
Zscaler Appoints Syam Nair as Chief Technology Officer (Zscaler) Syam Nair has been appointed as the company’s Chief Technology Officer and EVP of Research and Development.
Sepura Invests in Two Key Senior Management Team Roles (EIN Presswire) Critical Communications supplier Sepura has added a new Worldwide Sales Director and R&D Director to its Senior Management Team.
NeoSystems Announces Executive Leadership Progression (NeoSystems LLC) Appoints Brad Mitchell President and CEO; Co-Founder Michael Tinsley Named Chairman of the Board RESTON, Va., May 17, 2023 –...
Products, Services, and Solutions
RegScale Selected as SC Media 2023 Excellence Award Finalist in the Best Regulatory Compliance Solution Category (PR Newswire) RegScale, a real-time Governance Risk and Compliance (GRC) software company, today announced that its platform had been selected as a 2023...
Ping Identity Achieves DOD IL5 Authorization (PR Newswire) Ping Identity, the intelligent identity solution for the enterprise, announced its core identity and access management (IAM) solutions are now...
Why you can't trust Twitter's encrypted DMs (Platformer) A promised audit hasn't actually happened, sources say. PLUS: Twitter's Turkey problem, and a new CEO
XM Cyber Announces Strategic Partnership with SAP to Deliver Robust Security for Hybrid Environments (PR Newswire) XM Cyber, the leader in hybrid cloud security, today announced its strategic partnership with SAP. Leveraging the capabilities of XM Cyber's...
Okta rolls out identity-based security service (SC Media) SiliconANGLE reports that the new Security Center service by Okta has entered general availability.
Aqua Security Integrates with ServiceNow to Accelerate Cloud Native Risk Remediation (GlobeNewswire News Room) Customers can scale cloud native security by integrating the world’s most popular unified scanner with ServiceNow container vulnerability triage...
One New Zealand Selects Palo Alto Networks to Protect its Starlink for Business (Fast Mode) One New Zealand has announced it will offer its Enterprise customers Starlink for Business, with orders open from today.
WithSecure launches new range of incident response and readiness services (News Powered by Cision) New retainer provides expert support starting in the first 72 hours of the incident response
Rubrik Announces Industry’s First Advanced User Intelligence on Rubrik Security Cloud (GlobeNewswire News Room) New solution leverages Rubrik's Time Series Data and Metadata architectureOrganizations will be able to proactively fight cyber crime and reduce data risks...
Technologies, Techniques, and Standards
The Challenges To Cybersecurity In Critical Control Systems With Joe Weiss (CHATTINN CYBER) In this episode of CHATTINN CYBER, Marc Schein interviews Joe Weiss, the Managing Partner at Applied Control Solutions LLC, Managing Director at ISA99 ICS Cyber Security Pioneer and keynote speaker. The discussion revolves around cybersecurity challenges in control systems, with a focus on those in critical infrastructure like nuclear plants. Joe was formerly a control system engineer who worked on instrumentation controls, primarily control and safety systems in nuclear plants.
Design and Innovation
Generative AI and data ethics: Just because you can, does it mean you should? (Computing) Natalie Cramp and Alistair Dent of data consultancy Profusion, set out the impact of generative AI on data ethics on day 2 of the Computing Cybersecurity Festival.
Next Financial Crisis Could Come From AI, SEC Chair Says (Wall Street Journal) Gary Gensler sounded a cautious note on the technology that joined skepticism from other U.S. officials.
Research and Development
Microsoft Says New A.I. Shows Signs of Human Reasoning (New York Times) A provocative paper from researchers at Microsoft claims A.I. technology shows the ability to understand the way people do. Critics say those scientists are kidding themselves.
Legislation, Policy, and Regulation
EU’s Crypto Legal Framework Inches Towards Law With Finance Ministers’ Sign-Off (CoinDesk) The landmark Markets in Crypto Assets regulation was given final approval by the EU’s Council, which also agreed a new law for sharing data on crypto tax holdings.
Combating US cyber adversaries calls for whole-of-government approach (C4ISRNet) While cyber criminals take advantage of gaps in our visibility over domestic infrastructure, foreign nation states, such as Russia, give them safe harbor.
SEC Responds to Coinbase Request For Action: 'No' (Blockworks) The SEC has responded to Coinbase's demand for action, and the response is not what the crypto industry wanted to hear.
Cyber experts say controversial U.S. spying powers should stay — but with some revisions (Washington Post) Biden administration security officials have been touting how some expiring surveillance powers have helped counter cyberattacks, even as others say the surveillance violates Americans’ civil liberties. It’s up to Congress to decide by the end of the year whether to let those powers expire, renew them as-is or make changes to them and preserve them.
OpenAI CEO tells Senate that he fears AI’s potential to manipulate views (Washington Post) OpenAI chief executive Sam Altman testified before Congress for the first time on Tuesday, as the surging popularity of his company’s ChatGPT continues to trigger debate about the possibilities and perils of artificial intelligence.
White House plan to implement cyber strategy includes ambitious digital education effort (CyberScoop) The strategy roll out will focus on educating Americans on digital risks and expanding the cyber workforce.
ES&S Supports Federal Requirements for Independent Security and Penetration Testing of U.S. Voting Systems (GlobeNewswire News Room) ES&S CEO states: “Programmatic testing performed by independent security experts helps ensure equipment stays ahead of threats, and it helps increase...
Pentagon hacking fears fueled by Microsoft's monopoly on military IT (Newsweek) Everyone uses Microsoft, including the U.S. government and military. The reliance on one vendor makes us more vulnerable to hackers and cyberspies, experts say.
Litigation, Investigation, and Law Enforcement
Three-quarters of Irish data watchdog’s data privacy decisions since 2018 overruled – report (The Irish Times) Meta, Google, Airbnb, Yahoo!, Twitter, Microsoft, Apple and Tinder account for 87^% of cross-border GDPR complaints to Ireland’s DPC
Jailed Saudi dissident, sister sue Twitter under RICO act in spy case (Washington Post) The lawsuit alleges that the FBI told Twitter in 2015 that it has a Saudi spy problem but did nothing about it
China shuts 100,000 fake news social media accounts, ramps up content cleanup (Reuters) China has intensified efforts to clean up the internet from false news and rumours, closing more than 100,000 online accounts over the past month that misrepresented news anchors and media agencies, its cyberspace regulator said.
Israel Illegally Storing Millions of People’s Photos, Audit Says (Bloomberg) Review says database kept by immigration authorities illegal. Government report also warns of airport security ‘loopholes’.
DHS directs review of personnel with access to classified material in wake of Pentagon leak (CNN Politics) The Department of Homeland Security has directed its agencies to review and assess who has access to classified information, according to an internal memo obtained by CNN – a move that comes on the heels of a leak of highly classified Pentagon documents discovered earlier this year.
What’s the right penalty for the MacDill airman who kept 300 classified docs? (Tampa Bay Times) Retired Air Force intelligence officer Robert Birchum appeared for sentencing Monday, but a judge wanted more time to research similar cases.
Knocking down Hive: How the FBI ran its own ransomware decryption operation (Record) Bryan Smith, section chief for the FBI’s Cyber Criminal Operations Section, explains to the Click Here podcast team how the bureau acquired and shared decryption keys as it took down the Hive ransomware gang.