Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+677: MIssile strikes continue at a high tempo. (CyberWire) Russia's government rehabilitates Stalin and frames its strikes against Ukrainian cities as punitive retaliation for Ukrainian crimes. Russian hacktivist auxiliaries claim to be disrupting targets in Finland.
Ukraine at D+676: Cities attacked as the new year arrives. (CyberWire) Heavy missile strikes combine mass and mix to tax air defenses. Russian sources reemphasize the war's maximalist objectives as influence operations seek to undermine Western support for Ukraine and prepare the battlespace for other reconquests.
Ukraine at D+674: Reactions to Russia's missile attacks. (CyberWire) Ukraine and its supporters react to Russia's missile strikes, which Russia's Ministry of Defense described as successful, and carefully targeted. The G7 may consider confiscation of $300 billion in frozen Russian assets.
Ukraine at D+673: Largest air strikes of the war hit Ukraine. (CyberWire) Russia conducted its largest air strikes of the war as Western observers seek to decode Russian war aims.
Ukraine D+672: Battlefield frightfulness. (CyberWire) Little change at the front as Russia continues local assaults. Ukrainian strikes against Russia's Black Sea Fleet erode lines of communication with occupied Crimea. Hacktivist auxiliaries on both side claim unverified successes.
Ukraine at D+671: Another strike at Russia's Black Sea Fleet. (CyberWire) Ukraine sinks a warship, Russia rockets a passenger rail station, and the Economist offers a look at the MH17 shootdown as (among other things) a case study of disinformation.
Ukraine at D+669: More on back-channel disinfo. (CyberWire) Ukrainian air defenses may have exacted a significant toll against Russian fighter-bombers. Back-channel reports of Russian willingness to negotiate with Ukraine are being received as disinformation.
Ukraine at D+668: Backchannel signaling. (CyberWire) A static front produces rumors of negotiation (probably fostered in bad faith) and reports of rats and mice in both sides' positions (and mouse fever among the Russian troops).
Ukraine at D+667: "Pulp fiction." (CyberWire) Western intelligence sources trace Prigozhin's assassination to Nikolai Patrushev, Secretary of the Security Council of Russia.
Egypt's Ambitious Proposal For an Israeli-Hamas Ceasefire (TIME) The Egyptian proposal comes amid one of the deadliest Israeli airstrikes to hit the Gaza Strip, with a death toll over 100.
Why Gaza Matters (Foreign Affairs) Since antiquity, the territory has shaped the quest for power in the Middle East.
Drone that hit tanker off India was launched from Iran, says US (The Telegraph) ‘Israel-affiliated’ ship was en route from Saudi Arabia when it came under attack, but no casualties were reported
Biden orders strikes on an Iranian-aligned group after 3 US troops injured in drone attack in Iraq (AP News) President Joe Biden ordered the U.S. military to carry out retaliatory airstrikes against Iranian-backed militia groups.
Statement from Secretary of Defense Lloyd J. Austin III on U.S. Strikes in Iraq (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III's statement on U.S. Strikes in Iraq.
Opinion | It’s Time for the U.S. to Give Israel Some Tough Love (New York Times) The Biden administration needs to do more than give gentle nudges on the war.
How Israel Could Lose America (Foreign Affairs) Netanyahu risks letting the war in Gaza jeopardize an essential alliance
On-Demand Webinar | Crossing the Rubicon: Hacktivist Intrusions Against Israeli-Made OT (Dragos) Learn how a hacktivist group targeting Israeli-made technology affected PLCs at a U.S. water utility and the impact to OT utilities globally. Watch now →
Israel’s Cyber Directorate warns of phishing attack by Iran-based hacking squad (Times of Israel) Governmental software safety watchdog alerts IT officers to malware posing as software update from American cybersecurity firm F5; says Iranian hackers clearly did their homework
Cyber directorate unveils Iranian phishing attempt disguised as security software update (Times of Israel) A new Iranian phishing attack designed to trick Israeli organizations into downloading malware that steals and deletes information has been detected by the Israel National Cyber Directorate.
Israeli power firm denies cyberattack claims after reports of major blackout (WION) Israel on Monday (Dec 25) found itself grappling with widespread power outages and internet blackouts after at least two production units of a major power company collapsed.
The blackout fueled speculations that it might have something to do with the ongoing war in Gaza and a potential cyberattack by Iran.
However, Meir Spiegler, the CEO of Israel Electric Corporation (IEC) rubbished these claims, without providing any cause for the collapse of the units.
Spiegler instead said the cause of the blackout is not known yet.
Iran, Hamas and Hezbollah collaborate in attacks against Israel, cyber directorate says (Y Net News) Israel National Cyber Directorate report says some 15 groups associated with Hamas, Hezbollah and Iran share intelligence, methods and tools with each other to conduct more targeted cyber attacks
Over 15 cyber attack groups affiliated with Iran, Hezbollah or Hamas are operating against Israel, says National Cyber Directorate (CTech) According to a report published by the National Cyber Directorate summarizing the cyber events since the beginning of the war, their main targets include academia, healthcare, water, energy, fuel, transportation and maritime shipping sectors
Pro-Palestinian operation claims dozens of data breaches against dozens of Israeli firms (Record) A group calling itself Cyber Toufan has raised alarms for cybersecurity researchers.
Multiple organizations in Iran breached by a mysterious hacker (Security Affairs) Hudson Researchers reported that a mysterious hacker launched a series of attacks against industry-leading companies in Iran.
Israel and Iran are waging a cyberwar in the shadows - opinion (The Jerusalem Post) This escalating exchange of cyberattacks between adversaries with advanced capabilities could have dangerous long-term consequences.
Russia intensifies Ukraine attacks on New Year’s Eve (Financial Times) Volodymyr Zelenskyy pledges retaliation for deadly air strikes
Russia strikes Kharkiv hotel in Ukraine used by foreign journalists in ‘revenge’ attack (The Telegraph) The ‘deliberate’ missile strike comes after Putin vowed to ‘punish’ the country for an alleged Ukrainian missile strike on a Russian city
Russia-Ukraine war: Kharkiv under wave of drone attacks on New Year’s Eve – as it happened (the Guardian) Kremlin complains after Ukraine hits back with attacks on Belgorod; more Russians troops die as military’s quality degrades, says British MoD
Ukraine’s defense intel refutes Russian report on casualties among operatives during Kharkiv shelling (Ukrinform) Not a single operative from the Main Intelligence Directorate of Ukraine’s Defense Ministry (GUR) or the KRAKEN special operations unit was injured during yesterday's Russian missile attack on Kharkiv.
Russia blames Ukraine for deadly attack on border city (Financial Times) Moscow says it shot down dozens of drones and missiles a day after launching strike that killed 39
Russia fires 122 missiles and 36 drones in what Ukraine calls the biggest aerial barrage of the war (AP News) At least seven civilians were killed in what appeared to be one of the biggest aerial barrages of the 22-month war.
Ukraine Says At Least 30 Dead After Massive Russian Air Assault On Kyiv, Other Major Cities (RadioFreeEurope/RadioLiberty) Ukrainian officials say at least 30 people died in a massive Russian air attack overnight that combined hypersonic and other missiles along with drones to hit military and civilian targets all over the country including the capital, Kyiv, in what appeared to be the biggest bombardment of the war.
UK to rush air defence missiles to Ukraine after Russian bombardment (The Telegraph) Telegraph understands announcement by Defence Secretary was brought forward over fears Moscow could strike again
Ukrainian Air Force Claims Destruction Of Russian Ship In Crimea; Moscow Confirms Missile Strike (RadioFreeEurope/RadioLiberty) Ukraine's air force hit a major naval port on the Russian-occupied Crimean Peninsula, and claimed a Russian naval landing ship docked there was destroyed.
Russia confirms Ukraine destroyed its warship in Crimea attack (Al Jazeera) One person reported killed in attack targeting the Novocherkassk, which Ukraine suspects of transporting drones.
1 Dead, 4 Wounded In Russian Strike On Kherson Train Station, Says Ukrainian Interior Minister (RadioFreeEurope/RadioLiberty) A Russian strike on a train station in the southern Ukrainian city of Kherson has killed at least one person and wounded four others, the Ukrainian interior minister said on December 26.
Russo-Ukrainian war, day 672: Ukraine strikes back against Russia on land, sea, cyber fronts (Euromaidan Press) Ukraine unleashed attacks on multiple fronts against the Russian invasion this week, blasting a ship in the Black Sea and breaching an enterprise management system, which resulted in million-dollar losses for Russia.
Opinion Russia’s deadly new salvos challenge Congress to respond (Washington Post) The Soviet Union designed the S-300, a mobile, surface-to-air defense weapons system, during the Cold War to hit incoming U.S. bombers or ballistic missiles.
Ukraine’s soldiers use cheap tech to hide from Russia’s deadly drones (Defense One) But the makers of lifesaving drone detectors can’t keep up with demand.
US, Europe should 'stop fooling around' expecting Russia’s collapse — Putin (TASS) The Russian leader noted that the US and Europe must themselves contemplate what they are being motivated by
Russia-Ukraine war live: Moscow ‘will be defeated’, Zelenskiy says as Ukraine marks Christmas Day on 25 December for first time (the Guardian) ‘All Ukrainians are together,’ president says after government changed date of Orthodox Christmas in snub to Russia
A New Year’s interview with Volodymyr Zelensky (The Economist) The Ukrainian president remains defiant, despite the prospect of a bleak year ahead
Ukrainian troops open up about stalled counteroffensive (Deutsche Welle) After six months of an intense counteroffensive, Ukraine has failed to push back Russian forces in any significant way. DW sat down with soldiers and medics on leave in Kyiv to talk about what that means for them and for their country.
Russia-Ukraine war live: Zelenskiy says security of Ukraine, Europe and US relies on forceful response to Russia (the Guardian) Ukraine president thanks US for final aid package under current US legislation
DOD Announces Aid Package for Ukraine (U.S. Department of Defense) The Defense Department announced a security assistance package for Ukraine valued at up to $250 million that includes air defense capabilities, artillery and antitank weapons and other equipment.
With hopes of victory fading, Ukraine’s war against Russia could get even harder in 2024 (NBC News) Intense fighting is likely to continue in the new year, with much hinging on the presidential election in the U.S., Ukraine’s largest military supporter.
How many Russian generals have been killed in Ukraine? (Task & Purpose) Ukraine’s use of drones and long-range fires have made the battlefield especially dangerous for Russian generals.
Russia covered up and undercounted true human cost of floodings after dam explosion, AP investigation finds (AP News) AP investigation finds that Russian occupation authorities vastly and deliberately undercounted the dead in one of the most devastating chapters of the war in Ukraine.
‘We’re tired of being good girls’: Russia’s military wives and mothers protest against Putin (the Guardian) Female-led movements are challenging the official narrative that mobilised troops are required for war against Ukraine
Russia’s military wives emerge as wild card to Putin’s triumphal mood (Washington Post) The loved ones of the drafted Russian soldiers forced to fight in Ukraine indefinitely have tried everything: They appealed to the Defense Ministry, wrote letters to President Vladimir Putin, met with many officials and even protested publicly. Their questions to Putin’s annual “direct line” call-in show for Russians last week were ignored.
‘Almost Naked’: a Louche Celebrity Soiree at Moscow Shocks the Russian Soldiers in Rat-Infested Trenches at the Front (The New York Sun) Modern bacchanalia at Moscow evokes a famous earlier fin de regime gala — the Tsarist Winter Ball of 1903.
The Week In Russia: Party Of War (RadioFreeEurope/RadioLiberty) The choreographed backlash over a risqué holiday party speaks volumes about Russia as the New Year approaches. So does the treatment of imprisoned Kremlin opponent Aleksei Navalny, who has been transferred to a harsh prison in the country's frigid Far North.
The Monster Returns: Stalin Looms Large Over Putin's Russia (RadioFreeEurope/RadioLiberty) Although Soviet dictator Josef Stalin died 70 years ago, his presence seems ubiquitous in the increasingly authoritarian Russia of Vladimir Putin. “We are definitely living inside Stalin’s legacy, where the main things are fear, atomization, submission, and other social evils,” a commentator wrote.
Don’t Give Up on a Better Russia (Foreign Affairs) An opposition activist in Moscow on how his country can change.
The truth about Putin’s shootdown (The Economist) Investigating MH17, the crime that presaged the war in Ukraine
New malware found in analysis of Russian hacks on Ukraine, Poland (Record) Researchers at Ukraine's computer emergency response team said that during attacks in December, Russian hackers deployed novel malware via a phishing campaign.
Videos of Elijah Wood and Mike Tyson were used in a Russian disinformation campaign (GeoTv News) For about $340, actor Elijah Wood can record a personal video wishing you a happy birthday. John McGinley, best known for his role in the medical TV show Scrubs, will give you a lengthy pep talk for about $475. Priscilla Presley will record a segment talking about everything from Christmas shopping to Graceland for about $200.
Ukrainian hackers’ cyber attack on biggest enterprise management system results in million-dollar losses for Russia (Euromaidan Press) Hackers from the Ukrainian IT army have paralyzed the operation of the Russian automated enterprise management system 1C-Rarus, as reported by the Ministry of Digital Transformation on Telegram.
Ukraine war: What's the impact of cyber guerrillas? (Deutsche Welle) In response to Russia's invasion, Ukraine called for support from volunteers operating in cyberspace. Since then, hackers have helped Kyiv's war effort. But this new phenomenon also draws criticism.
Ukraine's Cyber Militia: Volunteer Hackers Take Aim at Russian Targets (BNN Breaking) Ukraine's digital defense intensifies as volunteer hackers target Russian businesses, with plans to formalize their role in the armed forces.
Putin has declared a cyber war on Britain (The Telegraph) Thankfully we are ahead of the pack when it comes to protecting our elections
Russia is working to subvert French support for Ukraine, documents show (Washington Post) From the top floor of the house he shares here with a senior Russian diplomat — to whom he rents the apartment below — the man who helped bankroll the French presidential bid of far-right candidate Marine Le Pen has been working on plans to propel pro-Moscow politicians to power.
The Rebirth of Russian Spycraft (Foreign Affairs) How the Ukraine war has changed the game for the Kremlin’s operatives—and their Western rivals.
Russian celebrities forced to make public apologies after ‘almost naked’ party (The Telegraph) Members of Moscow’s elite provoke the ire of Vladimir Putin by wearing lingerie and drag at a ‘decadent’ Christmas gathering
Putin Quietly Signals He Is Open to a Cease-Fire in Ukraine (New York Times) Despite its bravado in public, the Kremlin has indicated its interest in striking a deal to halt the war — so long as it could still declare victory.
Opinion | Ukraine Doesn’t Need All Its Territory to Defeat Putin (New York Times) Putin is not trustworthy, but if he turns out to be serious, Ukraine should not pass up an opportunity to end the bloodshed.
Washington puts forward G7 plan to confiscate $300bn in Russian assets (Financial Times) Proposal would accelerate preparations in time for a February summit to show solidarity with Ukraine
Russia Threatens To Break Ties With Washington, After U.S. and EU Eye Seizing $300 Billion in Moscow’s Overseas Reserves (The New York Sun) America ‘must not act under an illusion ... that Russia is clinging with both hands to diplomatic relations with that country,’ Russia’s deputy foreign…
Russia warns US and Europe over reports Ukraine may get its seized assets (the Guardian) Kremlin threatens ‘serious consequences’ if there is an unprecedented seizure of Russian assets held abroad
Biden signs an executive order aimed at financial facilitators of the Russian defense industry (AP News) President Joe Biden signed a new executive order aimed at targeting financial facilitators of the Russian defense industry.
Iceland to join two coalitions providing support to Ukraine (Ukrinform) Iceland has announced it will join two coalitions that support Ukraine - the IT Coalition and the Mine Action Coalition
Ukraine Accuses Senior Defense Official of Embezzling $40 Million (New York Times) The Ukrainian authorities said they had uncovered a scheme for the purchase of artillery shells at inflated prices, amid a wider effort to tackle wartime corruption.
The imprisoned Russian opposition leader Alexei Navalny resurfaces with darkly humorous comments (AP News) Russian opposition leader Alexei Navalny has released a sardonic statement about his transfer to a Arctic prison colony nicknamed the “Polar Wolf.”
Attacks, Threats, and Vulnerabilities
How Cybercriminals Will Sway 2024 US Elections, or Try To (Dark Reading) "Coordinated inauthentic behavior" networks are already attempting to build up audiences for their fake news outlets, social media platforms, and other avenues.
ESET uncovers malicious Python projects spreading via PyPI (SecurityBrief New Zealand) ESET Research has discovered a series of malicious Python projects distributed via PyPI repository, introducing a customised backdoor into Windows, Linux systems, and stealing personal data.
Official Python repository served cyberespionage backdoor, gathered 10,000+ downloads (India Technology News) ESET Research has discovered a cluster of malicious Python projects being distributed via PyPI, the official Python
Chinese Spy Balloon: A New Twist in Cyber Espionage (ISP Today) In a surprising revelation, U.S. intelligence officials have uncovered a shocking development regarding the Chinese spy balloon that captured global attention earlier this year. It was discovered that this sinister contraption utilized an American internet provider to clandestinely communicate and exchange information primarily related to navigation, according to a recent report.
U.S. intelligence officials determined the Chinese spy balloon used a U.S. internet provider to communicate (NBC News) An American intelligence assessment found that the balloon used a commercially available U.S. network to communicate, primarily for navigation, U.S. officials say.
India: Damning new forensic investigation reveals repeated use of Pegasus spyware to target high-profile journalists (Amnesty) Amnesty International, in partnership with The Washington Post, has unearthed shocking new details about the continued use of NSO Group’s highly invasive spyware Pegasus to target prominent journalists in India, including one who had previously been a victim of an attack using the same spyware.
India targeted high-profile journalists with Pegasus spyware: Amnesty (Al Jazeera) Investigation shows journalists in India face ‘threat of unlawful surveillance’ along with other ‘tools of repression’.
Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania (Security Affairs) Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania, a government agency reported.
Albanian parliament, telecom company hit by cyberattacks (Record) The Albanian parliament and a telecom company operating in the country were targeted by cyberattacks this week, the country’s cyber agency said in a statement.
Trinidad and Tobago social security agency hit with post-Christmas ransomware attack (Record) A key government agency in Trinidad and Tobago said it was hit with a ransomware attack that will limit its operations for at least the rest of the year.
New Black Basta decryptor exploits ransomware flaw to recover files (BleepingComputer) Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free.
Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day (SecurityWeek) Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances.
SonicWall Discovers Critical Apache OFBiz Zero-day -AuthBiz (SonicWall) SonicWall Capture Labs Unveils Critical Authentication Bypass Vulnerability CVE-2023-51467 in Apache OfBiz, impact and patch details.
4-year campaign backdoored iPhones using possibly the most advanced exploit ever (Ars Technica) "Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.
Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones (SecurityWeek) iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices.
NSA iPhone Backdoor? Apple Avoids Russian Blame Game (Security Boulevard) “No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain.
Malicious GPT Can Phish Credentials, Exfiltrate Them to External Server: Researcher (SecurityWeek) A researcher has shown how malicious actors can create custom GPTs that can phish for credentials and exfiltrate them to external servers.
ReasonLabs Researchers Discover Large-Scale Cashback Scam Within Torrented Video Game Files (PR Newswire) ReasonLabs, the cybersecurity pioneer equipping home users with the same level of cyber protection used by Fortune 500 companies, today...
Cybercriminals launched 'Leaksmas' event in the Dark Web exposing massive volumes of leaked PII and compromised data (Security Affairs) Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported.
OwnCloud : CVE-2023-49103 Vulnerability Analysis and Exploitation (CYFIRMA) EXECUTIVE SUMMARY CYFIRMA’s Research team conducted a thorough analysis of the critical security vulnerability, CVE-2023-49103, in OwnCloud’s Graph API. Discovered...
Carbanak malware returned in ransomware attacks (Security Affairs) Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks.
ByteRAT: the dark sorcerer of cyberspace (Cybernews) “The Dark Sorcerer of Cyberspace” – that’s how ByteRAT is introduced by RAT developers: a sophisticated trojan that operates as a Remote Administration Tool (RAT) targeting both Windows and MacOS users.
Iranian cyberspies target US defense orgs with new backdoor (Register) Also: International cops crackdown on credit card stealers and patch these critical vulns
Careless oversight of Linux SSH servers draws cryptominers, DDoS bots (Record) Researchers at AhnLab are urging administrators of Linux SSH servers — which are intended to allow for secure remote access — to maintain strong passwords and take other security measures.
How Strangers Got My Email Address From ChatGPT (New York Times) Researchers at Indiana University used ChatGPT to extract contact information for more than 30 New York Times employees.
RingGo, ParkMobile Owner EasyPark Suffers Data Breach, User Data Stolen (Hackread) ParkMobile, a globally-used parking app, is the same platform that suffered a massive data breach in 2021 when hackers leaked the data of 21 million customers.
WSJ News Exclusive | A ‘Recipe for Disaster’: Insiders Warned Meta’s Privacy Push Would Shield Child Predators (Wall Street Journal) The company’s own child-safety experts sounded the alarm about efforts to encrypt messages on Instagram and Facebook. This month, it started doing it anyway.
INC RANSOM ransomware gang claims to have breached Xerox Corp (Security Affairs) The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp.
Ubisoft apparently stopped a 900GB data breach (Mashable) It's not clear yet how much, if anything, the hackers got.
Ubisoft says it's investigating reports of a new security breach (BleepingComputer) Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online.
'YOU HAVE BEEN PWND': Victoria's court system hit by ransomware attack (ABC) Recordings of hearings including witness testimony from highly sensitive cases may have been accessed or stolen from Victoria's court system in an attack discovered in the lead-up to the Christmas break.
‘Unsettling’: hackers break into Victorian court recordings database (the Guardian) Court Service Victoria says it will notify those captured on recordings of hearings of the breach
Ohio Lottery Hit by Ransomware, Hackers Claim Theft of Employee and Player Data (SecurityWeek) The DragonForce ransomware group has taken credit for the Ohio Lottery hack, claiming to have stolen millions of data records.
Ohio Lottery knocked offline by cyberattack: payouts impacted (SC Media) DragonForce cyberattack hits Ohio Lottery Ohio Lottery had several of its primary systems taken down and payouts impacted following a cyberattack.
Social Security numbers of some Xfinity customers vulnerable in latest data breach: What to know (The Hill) A major data breach on Comcast-owned Xfinity has affected more than 35 million customers.
Scammers Are Ruining Facebook Marketplace (WIRED) I tried to sell a futon on Facebook Marketplace and nearly all I got were scammers.
Fidelity National Financial subsidiary says 1.3 million affected by November cyberattack (Record) A subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators this week after a cyberattack in November.
Cyberattack Disrupts Operations of First American, Subsidiaries (SecurityWeek) A cyberattack appears to have caused significant disruption to the systems and operations of title insurer First American and its subsidiaries.
First American says funds secure despite cyberattack (Record) The title insurance provider said that despite the “regrettable disruption to normal business operations,” it is still able to process funds “safely and securely.”
LoanCare Notifying 1.3 Million of Data Breach Following Cyberattack on Parent Company (SecurityWeek) LoanCare is informing 1.3 million individuals that their personal information was compromised in a data breach.
Ransomware Group Claims 100 Gb of Data Stolen From Nissan (SecurityWeek) The Akira ransomware group has taken credit for the recent attack that impacted Nissan Australia and New Zealand.
National Amusements Confirms Cyberattack; Paramount & CBS Parent Says 82,000 People Affected (Deadline) UPDATED with company statement: Shari Redstone’s National Amusements, the controlling shareholder of Paramount Global, has confirmed it was the victim of a hack that affected more than 82,000…
Entertainment giant National Amusements says more than 82,000 affected by cyberattack (Record) National Amusements — which controls a sprawling empire of popular entertainment and news brands — announced a data breach last week that affected more than 82,000 people.
Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop (Security Affairs) The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden.
Rhysida ransomware group hacked Abdali Hospital in Jordan (Security Affairs) The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan.
Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network (Security Affairs) A Lockbit ransomware attack against German hospital network Katholische Hospitalvereinigung Ostwestfalen caused service disruptions.
Hackers Claim They Stole Data Of More Than 2 Million INTEGRIS Health Patients (News 9) INTEGRIS Health said it is working to investigate a data breach in which hackers claimed they stole the data of more than 2 million patients to sell on the dark web.
INTEGRIS Health reports patient data breach (Newstalk KZRG) An Oklahoma health care system is reporting a data breach that may have compromised patients personal data. Read the entire press release from INTEGRIS Health b
Integris Health patients get extortion emails after cyberattack (BleepingComputer) Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors.
Corewell Health announces second cybersecurity breach; Michigan Attorney General's Office (WWJ) A cybersecurity breach at a third-party health management platform exposed the information of more than one million patients at a local health system, the Michigan Attorney General said.
Clash of Clans gamers at risk while using third-party app (Security Affairs) An exposed database and secrets on a third-party app puts Clash of Clans players at risk of attacks from threat actors.
Steam game mod delivered malware on Christmas Day - Epsilon Information Stealer was hidden in a Slay the Spire expansion (Tom's Hardware) The Malware was distributed through the mod on Steam to gain user information and passwords stored in browsers and chat clients.
Australia's largest car dealer group targeted by cyber attack (CarExpert) Eagers Automotive has fallen victim to a cyber security breach that has compromised some of its Australian and New Zealand IT systems.
Cybersecurity issue affecting Grenfell Campus of Memorial University (CBC News) The university says IT services at the Marine Institute have been temporarily shut down and it will directly notify anyone whose information may have been affected by this incident.
Giant Iranian Online Food Ordering Platform Hacked (Iran Front Page) Iranian online food ordering platform SnappFood has confirmed that hackers have broken into its users’ data.
Security Patches, Mitigations, and Software Updates
Microsoft disables app installation protocol abused by hackers (Record) Microsoft said Thursday that it disabled a feature intended to streamline app installation after it discovered financially motivated hacking groups using it to distribute malware.
Barracuda fixes new ESG zero-day exploited by Chinese hackers (BleepingComputer) Network and email security firm Barracuda says it remotely patched all active Email Security Gateway (ESG) appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers.
Google Fixes Nearly 100 Android Security Issues (WIRED) Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.
Trends
How ransomware could cripple countries, not just companies (The Economist) Experts think 2023 was a record year for digital attacks
The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead (SecurityWeek) While AI can significantly bolster defense mechanisms, it also equips adversaries with powerful tools to launch sophisticated cyberattacks.
Cybersecurity in the Year Ahead: Think 2023 on Steroids (Wall Street Journal) WSJ Pro’s executive guide to security threats and spending.
CYFIRMA Industry Report: Real Estate & Utilities Industry (CYFIRMA) EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven statistics of global industries, covering one sector each...
The Epic Rise of Cybersecurity in 2024 (Medium) The rising tide of technology meets its match in the cybersecurity surge, crafting a future where safety and innovation coexist
The Worst Hacks of 2023 (WIRED) It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure.
The Internet Is About to Get Weird Again (Rolling Stone) The internet seems ripe for change, and millions of people seem poised to connect in new ways, as they reconsider their relationship to technology.
Marketplace
2023 showed cybersecurity isn't immune from brutal layoffs (TechCrunch) Despite a strong workforce and an ever-increasing number of cyberattacks and breaches, cybersecurity firms aren't exempt from layoffs.
Remembering the startups we lost in 2023 (TechCrunch) From Braid to Zume, here are some of the startups that won't see 2024
Microsoft is new cybersecurity titan, challenging big tech rivals (MarketBeat) Microsoft is a key player in cybersecurity, competing with companies such as CrowdStrike and Amazon. Its annual cybersecurity business grew to $20 billion.
Amazon's Silent Sacking (Justin Garrison) Companies are fighting back for quiet quitting and it's having a big impact.
Palo Alto Networks Completes Acquisition of Talon (SecurityWeek) Palo Alto Networks completed the acquisition of Talon Cyber Security, an Israeli startup selling a secure browser technology to enterprise customers.
Phosphorus Cybersecurity now has raised $65M since relocating two years ago (Nashville Business Journal) The three-time startup CEO anticipated many of the benefits he's found since moving to Nashville in 2021. "The top talent wants to come here: We've relocated most of our executives to Nashville and we've relocated engineers from top universities to Nashville," he said. But there's one thing he didn't expect.
Pentagon cloud tie-up with Silicon Valley off to a slow start (Washington Post) In the past year, less than 2 percent of $9 billion set aside to upgrade the U.S. military’s computing technology has been committed
Why Cisco is Paying a High Price to Acquire a Cloud Networking Startup (The Information) Cisco Systems’ acquisition of Isovalent, a cloud networking and security startup backed by Google and Microsoft, announced on Thursday, suggests that the enterprise software stock rebound is also boosting startup valuations in the sector. Cisco, a pioneer in data center networking equipment that ...
CrowdStrike Stock: Too Fast Too Furious (NASDAQ:CRWD) (Seeking Alpha) CrowdStrike reported impressive 3Q24 results, outperforming expectations in growth and profitability despite economic challenges. Read more on CRWD stock here.
Anthropic Projects At Least $850 Million in Annualized Revenue Rate Next Year (The Information) Anthropic, an OpenAI rival backed by Amazon and Google, has projected it will generate more than $850 million in annualized revenue by the end of 2024, according to two people with knowledge of its financial picture. Just three months ago, Anthropic told some investors it was generating revenue ...
Musk’s xAI Incorporates as Benefit Corporation With ‘Positive Impact’ Goal (The Information) Elon Musk’s artificial intelligence startup, xAI, is following in the footsteps of rivals OpenAI and Anthropic in opting for an unusual corporate structure. xAI has been organized in Nevada as a for-profit benefit corporation, a structure that allows the company to prioritize having a positive ...
The Co-opting of Twitter (The Atlantic) The alternative to mainstream social media came from inside the house.
Musk’s Mouthpiece: How Nick Pickles Fights Governments on Behalf of X (The Information) Nick Pickles has spent much of the last decade getting beaten up before legislative bodies. But one day this August, appearing via video in Canberra, Australia, he was having a particularly brutal time. The Australian Parliament was wrapping up a long-running inquiry into online child sexual ...
OpenAI’s Annualized Revenue Tops $1.6 Billion as Customers Shrug Off CEO Drama (The Information) OpenAI recently topped $1.6 billion in annualized revenue on strong growth from its ChatGPT product, up from $1.3 billion as of mid-October, according to two people with knowledge of the figure. The 20% growth over two months represented in that figure—a measure of the prior month’s revenue ...
‘King of the cannibals’: How Sam Altman took over Silicon Valley (Washington Post) Investing in everything from speakeasys to nuclear fusion, the Silicon Valley wunderkind, dealing-making prodigy is full of contradictions
The People With Power at AI Startup Cohere (The Information) Artificial intelligence startup Cohere develops large language models that businesses can use to streamline tasks, much like its better-known rivals OpenAI and Anthropic. But Cohere has a far more conventional corporate structure. The engineering-heavy organization brings together young AI ...
Victim? Villain? Huawei finds itself trapped in US-China dispute (Financial Times) Judging which incompatible version of the truth is correct is impossible
Uzbekistan to host Group-IB’s first Digital Crime Resistance Center in Central Asia (Group-IB) Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, is pleased to announce the opening of its first Digital Crime Resistance Center (DCRC) in Central Asia, with the launch of a new cutting-edge facility in Tashkent, Uzbekistan.
Products, Services, and Solutions
New infosec products of the week: December 22, 2023 (Help Net Security) Here’s a look at the most interesting products from the past week, featuring releases from Argus Cyber Security, Cleafy, Kasada, and Stratus Security.
Technologies, Techniques, and Standards
Essential skills for today’s threat analysts (CSO Online) Knowledge across different programming languages and tools, machine learning, and artificial intelligence are some of the technical skills threat analysts will need to tackle cyber threats in 2024.
Saving Schrödinger’s Cat: Getting serious about post-quantum encryption in 2024 (Breaking Defense) The National Institute of Standards & Technology is about to release its long-awaited "post-quantum encryption" algorithms. Then comes the hard part: installing them everywhere.
Understanding the NSA’s latest guidance on managing OSS and SBOMs (CSO Online) Open-source software is ever vulnerable to malicious actors, but software bills of material can help mitigate the threat. NSA guidance sets a solid foundation for managing the ecosystem.
New NASA Guidance Seeks to Secure Space Systems From Cyber Threats (Executive Gov) Looking for the latest Government Contracting News? Read about New NASA Guidance Seeks to Secure Space Systems From Cyber Threats.
DOD Seeks Comments on Proposed CMMC Program Rule to Protect Sensitive Unclassified Information (Executive Gov) Looking for the latest Government Contracting News? Read about DOD Seeks Comments on Proposed CMMC Program Rule to Protect Sensitive Unclassified Information.
Pentagon Wants Feedback on Revised Cybersecurity Maturity Model Certification Program (SecurityWeek) DoD is requesting public opinion on proposed changes to the Cybersecurity Maturity Model Certification program rules.
SASE and cyber insurance: an effective combination for protection against cyberattacks (InCyber) SASE, by definition, refers to a network architecture that combines advanced security functionality with WAN (Wide Area Network) capabilities. The solution integrates various security services, including Secure Web Gateways, Cloud Access Security Brokers, Firewall-as-a-Service and Zero Trust Network Access, directly into the WAN to route Internet and cloud computing traffic securely and efficiently.
Why context matters in the future of enterprise security (Security Magazine) Enterprises often see employees as their greatest vulnerability and as being victims of outside threats, but sometimes the latter is not true.
Design and Innovation
Investigation Finds AI Image Generation Models Trained on Child Abuse (Stanford Cyber Policy Center) A new report identifies hundreds of instances of exploitative images of children in a public dataset used for AI text-to-image generation models.
Researchers Have a Magic Tool to Understand AI: Harry Potter (Bloomberg) Academics are using the best-selling series to test how generative artificial intelligence systems learn and unlearn certain pieces of information.
Why training LLMs with endpoint data will strengthen cybersecurity (VentureBeat) LLMs are uniquely positioned to take on the challenge of predicting potential intrusion attempt patterns across endpoints using collected attack data.
‘Wall of Flippers’ detects Flipper Zero Bluetooth spam attacks (BleepingComputer) A new Python project called 'Wall of Flippers' detects Bluetooth spam attacks launched by Flipper Zero and Android devices.
Research and Development
Quantum Computing’s Hard, Cold Reality Check (IEEE Spectrum) Hype is everywhere, skeptics say, and practical applications are still far away
Army tests long-range quantum radio communication (Defense One) A new form of atomic radio detection could protect sensitive communications from hackers—or reveal hidden adversaries.
Experts divided over claims of 1st 'practical' algorithm to protect data from quantum computers (Live Science) LaV's creators claim it's the first practical algorithm that can replace current-day encryption as the industry inches closer to creating a large-scale quantum computer.
Legislation, Policy, and Regulation
The Problem of Misinformation in an Era Without Trust (New York Times) Elon Musk thinks a free market of ideas will self-correct. Liberals want to regulate it. Both are missing a deeper predicament.
When Silicon Valley’s AI warriors came to Washington (POLITICO) Effective altruism is increasingly described as a cult. But as the movement’s billionaire adherents pour money into D.C., its obsession with the AI apocalypse is remaking the capital’s tech policy landscape.
A New Kind of AI Copy Can Fully Replicate Famous People. The Law Is Powerless. (POLITICO) New AI-generated digital replicas of real experts expose an unnerving policy gray zone. Washington wants to fix it, but it’s not clear how.
The European Data Act: New Rules for a New Age (cyber/data/privacy insights) In today’s digital age, data is the new currency. The European Union recognises this and has introduced the European Data Act, a set of new rules that will revolutionise the way data generated by connected devices is shared and used. Consumers and businesses will be able to access their devices’ dat
Australia aims to become global cybersecurity leader by 2030 (SecurityBrief Australia) Australia intensifies its cybersecurity measures with ambitions of becoming a global frontrunner in digital protection initiatives by 2030.
Indonesia's Crypto Bourse To Become Mandatory for All Crypto Exchanges (Yahoo Finance) Crypto exchanges must obtain an exchange license (PFAK) from Indonesia's national bourse to operate legally in Indonesia.
Pakistan adopts blockchain KYC platform for financial institutions (CoinGeek) Pakistan's central bank has approved blockchain KYC for banks, boosting security and efficiency with privacy measures, uniformity, cost savings, and smoother customer onboarding.
To stem North Korea’s missiles program, White House looks to its hackers (POLITICO) The Biden administration is doing more to counter North Korean hackers amid concerns their cryptocurrency heists are powering the country’s weapons programs.
Biden signs short-term FISA extension before year-end deadline (Record) President Joe Biden on Friday signed a short-term extension of controversial surveillance efforts after the provision easily cleared Capitol Hill as part of an annual defense policy bill.
Biden signs defense policy bill, extending controversial spying program (POLITICO) The final version drops an even more contentious rollback of the Pentagon’s abortion travel policy.
ITI Reacts to Proposed Cybersecurity Maturity Model Certification Rule - Information Technology Industry Council (ITI) Today, global tech trade association ITI issued the following statement from its Executive Vice President of Policy Gordon Bitko in response to the U.S. Department of Defense’s (DoD) interim rule on the Cybersecurity Maturity Model Certification (CMMC) program [...]
Cybersecurity for Underserved Communities (National Initiative for Cybersecurity Careers and Studies) With over 570,000 open cybersecurity positions across the United States alone, now more than ever we need qualified, determined individuals to enter the cybe
FBI mission to M'sia in wake of mounting cyberattacks (New Straits Times) KUALA LUMPUR: There has been a dramatic increase in the volume and frequency of cyberattacks in Malaysia, says the United States Federal Bureau of Investigation (FBI).
FBI director's accusation of hacking attacks 'absolutely groundless', says Russian ambassador (New Straits Times) The US allegations that Russia is using computer attacks to steal intellectual property, citizens' personally identifiable information and sensitive government data to gain competitive or strategic advantage are absolutely groundless.
HHS Unveils Cybersecurity Blueprint Amid Soaring Healthcare Breaches (Government CIO) HHS initiatives tackle rising data breaches and include comprehensive strategy to safeguard health systems.
With car privacy concerns rising, automakers may be on road to regulation (Record) Even if consumers don’t sync their phones to the infotainment system, the myriad sensors and geolocation capabilities in connected vehicles reveal a great deal, including to police who can warrantlessly extract it.
Addressing cyber shortages and going after zero trust: Pentagon’s efforts to modernize its forces (Federal News Network) This year Federal News Network heard from top defense tech officials about their priorities, developments and plans as the DoD is moving forward with its modernization efforts in line with the…
September 2023: Cyberattack strikes at ‘very heart’ of government (Royal Gazette) The reverberations from a crippling cyberattack that struck at the “very heart of public services” in Bermuda in mid-September were still being felt as 2023 drew to a close.
The hackers infiltrated th...
Committee advances "paradigm shift" cybersecurity bill (Athol Daily News) Regulating artificial intelligence, creating an agricultural disaster relief fund and boosting food security emerged as areas of focus that lawmakers could tackle in 2024 following a batch of committee votes.Joint House-Senate panels advanced...
Litigation, Investigation, and Law Enforcement
US Pushed Dutch Maker of Chip Equipment to Block Chinese Sales Before Deadline (Bloomberg) ASML canceled shipments of a limited number of devices. Biden is cracking down on Beijing’s semiconductor industry.
Chinese teenager found alive in Utah woods after ‘cyber-kidnapping scam’ (the Guardian) Exchange student Kai Zhuang, 17, discovered in tent by police days after being reported missing
China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks (Hackread) The police arrested two suspects in Beijing and two in Inner Mongolia.
South Korea designates DPRK individuals for cyber activities & arms trade (Global Sanctions) South Korea has reportedly designated Ri Chang Ho, the head of the DPRK Reconnaissance General Bureau, for his alleged involvement in “earning foreign currency through illegal cyber activities and technology theft”. 7 other North Korean individuals were also designated, including former China-based diplomat Yun Chol, for allegedly being involved in the “trade of lithium-6, a […]
Musk’s X Fails to Block California Content Moderation Law (Bloomberg) Measure seeks to control toxic posts on social media platforms. Company alleged state is trying to censor controversial speech.
New York Times Sues Microsoft and OpenAI, Alleging Copyright Infringement (Wall Street Journal) The Times said the tech companies exploited its content without permission to create their AI products, benefiting from billions of dollars of investment by the news outlet.
Briefing: Google Settles Claims That It Misled Chrome ‘Incognito’ Users (The Information) Google settled a lawsuit that alleged the company broke privacy laws by secretly collecting users’ data through its “incognito” private browsing option on its Chrome web browser.
In a joint filing Tuesday, lawyers for the plaintiffs and Google said they were preparing a final settlement agreement within 30 days. The terms of the deal weren’t disclosed, and Google didn’t immediately respond
Pornhub’s Parent Company Admits to Profiting From Sex Trafficking (New York Times) The company that operates Pornhub and other adult websites has agreed to pay damages to women who said pornographic videos of them were posted online without their consent.
Accused leaker Teixeira was seen as potential mass shooter, probe finds (Washington Post) Fellow airmen at the Massachusetts base where Teixeira worked warned superiors about his ‘fringe thinking’ and called him ‘the active shooter kid.’ Their concerns went unreported.
Police Warn Hundreds of Online Merchants of Skimmer Infections (Security) Law enforcement authorities in 17 countries discovered more than 400 online merchants infected with skimmers.
FDA and CISA need to update cyber agreement for medical devices, watchdog says (Nextgov.com) The Government Accountability Office said medical devices are not commonly hacked but still called them “a source of cybersecurity concern warranting significant attention.”
He Stole Hundreds of iPhones and Looted People’s Life Savings. He Told Us How. (Wall Street Journal) A convicted iPhone thief explains how a vulnerability in Apple’s software got him fast cash—and then a stint in a high-security prison.
Marjorie Taylor Greene reports Christmas Day swatting attempt on Ga. home (Washington Post) Rep. Marjorie Taylor Greene was the victim of a swatting attempt during Christmas celebrations at her Georgia home, the Republican congresswoman said on social media. She said it was the eighth such incident in which she had been targeted.
Air Force Academy moves to monitor social media for potential cadet misconduct (DefenseScoop) The Air Force Academy is moving to monitor social media for potential cadet misconduct.
Opinion | The Military’s Phantom ‘Extremists’ (Wall Street Journal) An independent study puts to rest another false media narrative.
Confusion, uneven reporting hurting Pentagon effort to combat extremism (Task & Purpose) Internal Pentagon efforts to track military extremism are hamstrung by a lack of unified policies, even as the threat continues.
Michael Cohen Used Artificial Intelligence in Feeding Lawyer Bogus Cases (New York Times) Donald Trump’s former fixer had sought an early end to court supervision after his 2018 campaign finance conviction. He enlisted the help of Google Bard.
Class-action lawsuit filed against Integris Health following data breach (KOCO) The class-action lawsuit claimed Integris Health did not notify its patients of the breach until extortion emails were sent out by cybercriminals.
NCAA investigating suspected data breach of software used to study practice film ahead of Michigan-Alabama Rose Bowl showdown (WWJ) The University of Michigan football team said they’re taking steps to ensure their practice footage isn’t stolen after the NCAA announced Friday that they’re investigating a suspected data breach at sports performance analytics company, Catapult.
Politicians in Both Parties Targeted by Swatting Hoaxes (TIME) A rash of swatting hoaxes since Christmas targeting political figures is raising concerns that the dangerous practice will be a go-to weapon of political intimidation in 2024
Reporting Hacked or Impersonated Social Media Accounts in India: Step-by-Step Guide (The420CyberNews) Have you become a victim of online identity theft on Facebook, WhatsApp, or Instagram? Don’t fret, there’s a way to fight back and restore control of your accounts. Here’s a comprehensive guide on reporting hacked and impersonating accounts in India: ALSO READ: Registrations are now OPEN for the “FutureCrime Summit 2024”. Register Now! CLICK HERE TO […]