Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+678: A template for hacktivist auxiliaries. (CyberWire) Reprisal and retaliation in the war of missiles, as President Putin says Ukraine is already destroyed, and that the real war is against the West. Cyber operations continue to represent the familiar mix of threat actors: intelligence services, hacktivist auxiliaries, and criminal privateers.
Critical Infrastructure Remains the Brass Ring for Cyber Attackers in 2024 (OODA Loop) Recent reporting reveals that both state and non state cyber actors are actively targeting critical infrastructures with impunity. What does this mean for the future?
Hamas Doesn’t Want a Cease-Fire (The Atlantic) It wants the war to expand.
Bernie Sanders Calls on Congress to Reject Unconditional Military Aid to Israel (The Messenger) Sanders said the supplemental funding bill gives aid 'for the right-wing Netanyahu government to continue its brutal war against the Palestinian people'
Israel Battles Spike in Wartime Hacktivist, OT Cyberattacks (DarkReading) Israel's cybersecurity industry made strides in the past year despite the backdrop of the military conflict.
Russia-Ukraine war: List of key events, day 679 (Al Jazeera) As the war enters its 679th day, these are the main developments.
Russia-Ukraine war live: Kyiv’s allies must respond to strikes ‘in language that Putin understands’, says Polish foreign minister (the Guardian) Radosław Sikorski says allies must deliver long-range missiles to Ukraine following barrage of strikes by Russia
Russian Missiles Strike Ukraine's Largest Cities (RadioFreeEurope/RadioLiberty) Ukraine's two largest cities, Kyiv and Kharkiv, came under attack from Russian hypersonic missiles on January 2, killing at least five people and injuring almost 100.
Russia unleashes missile barrage at Ukraine as holiday airstrikes persist (Washington Post) Russia bombarded Ukrainian cities with an overnight assault of drones and missiles Tuesday, extending a vicious wave of holiday season strikes on population centers by Moscow and Kyiv. The attacks have left dozens of civilians dead and suggest a brutal new stage of the war that is being felt well beyond the stagnating front lines.
Ukraine needs urgent air defense aid as Putin launches bombing campaign (Atlantic Council) As Russia launches a long-awaited new bombing campaign against Ukrainian cities, fears are mounting that deadlock over continued US and EU military aid may soon leave Ukraine facing critical air defense shortages, writes Peter Dickinson.
Ukraine Trains Its Sights on Russian Border Region, Seeking to Stir Up Discontent (Military.com) The Russian military said it shot down 12 Ukrainian missiles over Russia’s southern Belgorod region bordering Ukraine, as Kyiv’s forces seek to embarrass Russian President Vladimir Putin.
Ukraine Symposium – Retaliatory Warfare and International Humanitarian Law (Lieber Institute) On 29 December, Russia launched a massive country-wide drone and missile assault on Ukraine. Although Ukraine shot down 114 of the 158 inbound missiles, over 40 Ukrainian civilians died in the attacks, and more than 160 were wounded. In addition to military objectives, targets included hospitals, residential areas, schools, and other civilian infrastructure. It was one of the most intense Russian aerial bombardments since the beginning of the war.
Ukraine’s new year may end with a brutal Western betrayal
(The Telegraph) Spineless leaders are preparing to hand Putin victory
The War in Ukraine Is Not a Stalemate (Foreign Affairs) Last year’s counteroffensive failed—but the West can prevent a Russian victory this year.
‘It’s State Propaganda’: Ukrainians Shun TV News as War Drags on (New York Times) A government-approved news program intended to counter Russian disinformation and boost morale is coming under criticism for painting a rosy picture of the war.
Bailiffs recruit debtors for war in Ukraine (Eye on the Arctic) By Georgii Chentemirov
In Karelia, a bailiff sent a notice to a local resident, strongly recommending that he go to war in order to avoid paying his debt. The document is available to the Barents Observer.
According to the database of enforcement proceedings, the debt was 169 rubles (less than
SBU blocks webcams that ‘flashed’ operation of air defense during missile attack on Kyiv on Jan 2 (Interfax-Ukraine) The Security Service of Ukraine (SBU) has established addresses and dismantled webcams hacked by Russian special services and broadcast the work of air defense and locations of critical infrastructure in Kyiv during the Russian air attack on January 2.
Ukraine says Russia hacked web cameras to spy on targets in Kyiv (Record) Ukraine’s security officers said they took down two online surveillance cameras that were allegedly hacked by Russia to spy on air defense forces and critical infrastructure in Ukraine’s capital, Kyiv.
Hacktivists Shut Down Top State-Owned Belarusian News Agency (GovInfo Security) Over the New Year's holiday weekend, Belarusian hacktivists shut down the country's leading state-owned media outlet, claiming they had wiped the main website
How Russia’s NoName057(16) could be a new model for hacking groups (CSO Online) The pro-Russia hacktivist group uses unique branding methods and financial incentives to build its DDoS network.
Finnish intelligence reorganizes to boost information gathering (Record) The agency known as Suojelupoliisi, or Supo for short, is streamlining some of its structure and has appointed an acting director.
Ukraine’s wartime economy is performing surprisingly well (Atlantic Council) The Ukrainian government is to be congratulated for its considerable accomplishments on the economic front while defending itself against Europe’s largest invasion since World War II, writes Anders Åslund.
Attacks, Threats, and Vulnerabilities
Cybercriminals Implemented Artificial Intelligence (AI) For Invoice Fraud (Rescurity) Resecurity has uncovered a cybercriminal faction known as "GXC Team", which specializes in crafting tools for online banking theft, ecommerce deception, and internet scams.
When “Everything” Goes Wrong: NPM Dependency-Hell Campaign (Checkmarx.com) Happy New Year! What a way to open 2024! NPM user account gdi2290, aka PatrickJS, published a troll campaign to the NPM registry by uploading a package named “everything”, which relies on every other public NPM package, resulting in millions of transitive dependencies.
Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data (BleepingComputer) The U.S. division of Xerox Business Solutions (XBS) has been compromised by hackers, and a limited amount of personal information might have been exposed, according to an announcement by the parent company, Xerox Corporation.
After ransomware claims, Xerox says subsidiary hit with cyberattack (Record) The printing and business services giant said its XBS division "experienced a security incident." A cybercrime gang called INC said it was responsible.
Dangerous new malware uses cookies to break into Google accounts (Android Police) This new zero-day exploit involving cookies helps cybercriminals bypass Google’s account protection measures
Experts warn of JinxLoader loader used to spread Formbook and XLoader (Security Affairs) JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader.
Online museum collections down after cyberattack on service provider (BleepingComputer) Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last week.
Quishing is the new phishing: Why you need to think before you scan that QR code (ZDNET) The FTC warns scammers are hiding harmful links in QR codes. Here's how you can stay protected.
Quishing is the New Phishing. What MSSPs Need to Know (MSSP Alert) Hackers infiltrating QR codes, commonly known as “quishing,” is on the rise. So much so that some cybersecurity experts are calling it the new phishing.
Scam Sniffer 2023: Crypto Phishing Scams Drain $300 Million from 320,000 Users (Scam Sniffer) Over the past year, phishing activities have steadily increased each month with phishing scammers employing more sophisticated tactics to evade security measures. Scam Sniffer has made findings on “Wallet Drainers” that warrant the industry’s full attention. Introduction Wallet Drainers, a type of malware related to cryptocurrency, has achieved significant “success” over the past year. These […]
Crypto phishing scams net $300 million from unsuspecting investors in 2023 (CryptoSlate) Phishing scammers stole nearly $300 million from cryptocurrency users last year, according to a Scam Sniffer report.
Hackers breach Australian court hearing database (Record) The court system for Australia’s second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings.
Orbit Chain Loses $81M in Cross-Chain Bridge Exploit (CoinDesk) The hacked funds remain "unmoved" according to Orbit Chain.
Swedish supermarket chain Coop responds to cyberattack (Record) Coop's organization in Sweden's county of Värmland has been affected by an incident that reportedly began on December 22.
Theft of Vancouver rape crisis centre server containing sensitive data raises privacy concerns (CBC News) Cybersecurity experts are warning of serious data privacy risks after a Vancouver rape crisis centre told clients and donors a computer server containing their sensitive personal information and banking details was stolen from its office last month.
Akumin radiology and oncology reports ransomware attack and data breach (BeyondMachines) On December 29, 2023, Akumin Inc., a healthcare company providing radiology and oncology services, reported a data breach following an October 11 ransomware attack, compromising sensitive consumer data including personal and medical information. The company is taking action to restore and secure systems and notify affected individuals.
Fallon Ambulance Service Data Breach Impacts 911K Individuals (Health IT Security) The now-defunct ambulance service suffered a data breach when a threat actor accessed its data storage archive.
Bunker Hill Community College Notifies Over 170k Current and Former Students of Data Breach (JD Supra) On December 28, 2023, Bunker Hill Community College (“BHCC”) filed a notice of data breach with the Attorney General of Massachusetts after...
Vulnerability Summary for the Week of December 25, 2023 (Cybersecurity and Infrastructure Security Agency | CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.
Security Patches, Mitigations, and Software Updates
2023-12 Security Bulletin: JSA Series: Multiple vulnerabilities resolved (CEC Juniper Community) These issues affect Juniper Secure Analytics (JSA) 7.5.0. Affected platforms: JSA Series Virtual Appliance
Juniper Releases Security Advisory for Juniper Secure Analytics | CISA (Cybersecurity and Infrastructure Security Agency CISA) Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Google Groups is ending support for Usenet to combat spam (BleepingComputer) Google has officially announced it's ceasing support for Usenet groups on its Google Groups platform, a move partly attributed to the platform's increasing struggle with spam content.
Trends
The State of Ransomware in the U.S.: Report and Statistics 2023 (Emsisoft | Cybersecurity Blog) The U.S. was bombarded by financially-motivated ransomware attacks throughout 2023. This report looks at the numbers, the costs and the solution.
Marketplace
SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider (PR Newswire) SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge (SSE)...
Aqua Security Closes $60M Additional Funding at a Valuation Above $1B (GlobeNewswire News Room) New Investment Reinforces Leadership of Aqua’s Cloud Native Security Platform...
SentinelOne® to Expand Cloud Security Capabilities with Acquisition of PingSafe (SentinelOne) Addition of Cloud Native Application Protection Platform will create a comprehensive cloud security platform powered by AI and full analytics capabilities
Major cybersecurity layoffs of 2023 revisited (SC Media) Ongoing economic downturn has prompted job cuts in the cybersecurity industry even in the face of increasingly prevalent cyberattacks, with over 110 cybersecurity firms reducing their workforce since the beginning of 2023, reports TechCrunch.
New Spin on a Revolving Door: Pentagon Officials Turned Venture Capitalists (New York Times) Retired officers and departing defense officials are flocking to investment firms that are pushing the government to provide more money to defense-technology startups.
Bitcoin climbs above $45,000 to 21-month peak as new year kicks off (Reuters) Bitcoin galloped past $45,000 on Tuesday, for the first time since April 2022, as the world's biggest cryptocurrency started the new year with a bang, buoyed by optimism around the possible approval of exchange-traded spot bitcoin funds.
Elon Musk's X gets another valuation cut from Fidelity (Axios) Fidelity has again marked down the value of its shares in X Holdings, which the mutual fund giant helped Elon Musk buy for $44 billion when the company was known as Twitter.
BT misses deadline for removing Huawei from network core (Register) Former British state telco claims only tiny percentage of voice and data traffic passes over kit
Coalfire Welcomes Camie Shelmire as Chief People Officer (PR Newswire) Coalfire, an industry-leading cybersecurity services and solutions company, is pleased to announce the appointment of Camie Shelmire as its new...
Products, Services, and Solutions
Synack earns FedRAMP Moderate Authorized status to extend leadership in public sector security testing (PR Newswire) Synack has achieved the Moderate "Authorized" designation from the U.S. Federal Risk and Authorization Management Program (FedRAMP),...
Portugal’s Judiciary Police Enhances Security Infrastructure via Securnet and BIO-key (GlobeNewswire News Room)
Portugal’s Judiciary Police Enhances Security Infrastructure via Securnet and BIO-key.
...
Technologies, Techniques, and Standards
European Central Bank to Put Banks Through Cyber Stress Test (GovInfo Security) 109 Banks to Participate in Simulated Cyberattacks to Assess Cyber Resiliency
The New CMMC Rule: FAQs for Federal Contractors and Subcontractors (JD Supra) The Department of Defense (DoD) delivered its proposed Cybersecurity Maturity Model Certification Program rule (CMMC) the day after Christmas this...
Artificial Intelligence’s Threat to Democracy (Foreign Affairs) How to safeguard U.S. elections from AI-powered misinformation and cyberattacks.
Legislation, Policy, and Regulation
Homeland Threat Assessment 2024 (Office of Intelligence and Analysis, US Department of Homeland Security) The Department of Homeland Security (DHS) Intelligence Enterprise Homeland Threat Assessment reflects the insights from across the Department, the Intelligence Community, and other critical homeland security stakeholders.
Five major threats to US national security in 2024 (The Hill) The new year is looking to be a tumultuous one for U.S. security, with ongoing conflicts in Ukraine and Israel, growing unrest in the Middle East and Indo-Pacific, and an upcoming presidential elec…
FCC proposes $200M cyber program for schools, libraries (StateScoop) The Federal Communications Commission is considering a new program that would provide schools and libraries "cybersecurity and advanced firewall services."
New SEC rules: The murkiness of materiality (Federal News Network) Before their finalization, the proposed rules received over 200 comments from industry groups, universities and legal firms. Many of them highlight the complexities of cyber incident reporting and the…
Air Force cyber wing looking for new ways to recruit, keep top talent (DefenseScoop) As the Air Force is on the hook to provide six more cyber mission force teams, attracting and maintaining top cyber talent is criticality.
Michigan Attorney General Advocates for Mandatory Data Breach Reporting Laws (BNN Breaking) Michigan Attorney General Dana Nessel advocates for mandatory data breach reporting laws following two data breaches at Corewell Health.
Litigation, Investigation, and Law Enforcement
UK regulator fires warning shot on cookie compliance (Computing) Data protection watchdog the Information Commissioner’s Office (ICO) has ordered organisations failing to comply with cookie rules to clean up their act or face enforcement action.
Delhi Cyber Police Busts Fraud Ring Exploiting Work-From-Home Aspirations (The420CyberNews) The Cyber Police Station in Delhi has successfully dismantled an international syndicate exploiting individuals seeking work-from-home opportunities. The operation resulted in the arrest of three individuals and the freezing of 32 accounts, uncovering a deceitful network preying on unsuspecting Indian citizens. Initial Complaint and Scheme Unraveling The investigation stemmed from a complaint filed […]
Medical College of Wisconsin named in lawsuit following data breach by Russian hackers (BizTimes - Milwaukee Business News) The Medical College of Wisconsin (MCW) is being sued by a Greenfield man following a data breach that occurred last November.
Crypto-crook Sam Bankman-Fried spared a second trial (Register) Eighth charge related to campaign contributions would just take too dang long
Missing Riverdale foreign exchange student found near Brigham City in case of ‘cyber kidnapping’ (ABC4) A missing and endangered 17-year-old Chinese foreign exchange student has been located and returned to his family, according to Riverdale City Police.
What is ‘cyber kidnapping’ and what can you do to stay safe online? (Deseret News) A 17-year-old Chinese exchange student living in Utah was recently found safe after going missing. He’s thought to have been the victim of cyber kidnapping.
Website Pixel Use Leads to $300K Fine for New York Presbyterian Hospital (HIPAA Journal) New York Presbyterian Hospital has agreed to settle alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule with the New York Attorney General and will pay a financial penalty of $300,000.
NYPD faces backlash as it prepares to encrypt radio communications (the Guardian) Critics say encryption is an ‘attack on transparency’, and that radio monitoring is one of the few ways to keep track of the police