Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+679: Sandworm's patient campaign against Kyivstar. (CyberWire) Ukrainian special forces hit a Russian airfield east of the Urals. Ukraine's SBU reveals that the GRU's Sandworm was in Kyivstar's networks for months before its cyberattacks were discovered.
Hezbollah leader to speak after killing of Hamas official in Lebanon (Washington Post) In an anxiously anticipated speech Wednesday, Hasan Nasrallah, the leader of Hezbollah, the Lebanese paramilitary group and political party, was expected to address the assassination of a senior Hamas official in Beirut that was ascribed to Israel and raised fears of a wider regional war.
Iran Vows Response After Explosions Kill Nearly 100 During Ceremony For Slain General (RadioFreeEurope/RadioLiberty) At least 95 people died and more than 200 others were injured in two explosions set off during commemorations of the fourth anniversary of the death of Qasem Soleimani, a former commander of the Iranian Revolutionary Guards Corps' elite Quds Force killed in January 2020 in an air strike by U.S. forces near Baghdad.
Bombs kill at least 95 at grave of terrorist chief (The Telegraph) At least 95 people were killed on Wednesday when two bombs detonated by remote control tore through a crowd at the grave of Qassim Soleimani, the figurehead of Iran’s global terrorist operations.
Tehran’s Opponents See Possible False-Flag Operation in Deadly Attack Near Soleimani’s Gravesite (The New York Sun) ‘We, the people of Iran, know very well that the Islamic Republic has experienced many violent episodes by internal groups in order to put the blame on…
Opinion | Iran, the Fulcrum of Mideast Violence (Wall Street Journal) Disparate acts of war and terrorism all lead back to Tehran.
US, allies promise larger military response if Red Sea attacks persist (Military Times) A coalition of 13 nations warned of increased military response if Houthi assaults on commercial ships continue.
Why Saudi Arabia and the UAE may sit out new US-led Red Sea initiative (Breaking Defense) The Saudis and the Emiratis may have an obvious interest in secure shipping lanes themselves, former senior Pentagon official Mick Mulroy told Breaking Defense, "but [they] do not want to be seen as supporting Israel."
Israel pledges to protect tech start-ups from effects of Hamas war (Financial Times) Government sets aside $100mn for early-stage companies as country’s innovation agency calls on private investors to help
Binyamin Netanyahu is botching the war. Time to sack him (The Economist) To be safe, Israel needs new leadership
Palestinian Hackers Hit 100 Israeli Organizations in Destructive Attacks (SecurityWeek) A group of claimed Palestinian state cyber warriors has hit over 100 Israeli organizations with wipers and data theft.
Death Toll Rises To 32 From Russia's Deadliest Attack On Kyiv Since War Began (RadioFreeEurope/RadioLiberty) The Kyiv City Military Administration said overnight on January 3-4 that criminal investigators examining the scene of the deadliest air attack on the capital so far in the 22-month-old full-scale Russian invasion discovered two more bodies, raising the death toll to 32.
Ukraine-Russia war live: Ukraine 'blows up Russian jet 1,000 miles behind enemy lines' (The Telegraph) Ukrainian saboteurs have blown up a Russian fighter jet more than 1,000 miles behind enemy lines, it has been reported.
NATO Calls Meeting Of New Ukraine Council Amid Massive Russian Attacks. (UAZMI) NATO will hold a meeting with diplomats and officials from the alliance's members and Ukraine on January 10 to address the situation surrounding a wave of deadly Russian aerial attacks on Kyiv and other cities across the country.
Russia and Ukraine exchange hundreds of prisoners of war in biggest release so far (AP News) Russia and Ukraine have exchanged hundreds of prisoners of war in the biggest single release of captives since Russia’s full-scale invasion in February 2022.
Ukraine-Russia War latest: Nato buys 1,000 Patriot missiles as stockpiles dwindle (The Telegraph) A coalition of Nato countries has purchased 1,000 Patriot missiles to replenish dwindling Western stockpiles.
WSJ News Exclusive | Russia Moves Forward With Plans to Buy Iranian Ballistic Missiles (Wall Street Journal) Moscow in recent weeks has also begun receiving ballistic missiles from North Korea.
U.S. Says Reports It Wants Ukraine To Change War Strategy 'Not True' (RadioFreeEurope/RadioLiberty) The U.S. State Department says reports that Washington wants Ukraine to change its strategy in the full-scale war against Russia are untrue.
Opinion | Does Biden Want Ukraine to Win? (Wall Street Journal) By not arming Kyiv for a long-range campaign against Russia, the U.S. seems to be forcing a deal.
I spent a year with Zelensky – and saw his personality transform (The Telegraph) In an exclusive extract from his book, Simon Shuster reveals how war changed the Ukrainian President... and not entirely for the better
Ukraine-Russia war latest: Putin's party recruiting 'football hooligans' for private army; Russia and Ukraine swap hundreds of PoWs (Sky News) Russia has used a "significant proportion" of its long-range missile stockpiles after days of heavy strikes in Ukraine - and has aimed at defence industry targets in a change from attacks last winter, according to British intelligence.
'Hot Potato:' Ukrainian Mobilization Bill Driving A Wedge Between President And Armed Forces (RadioFreeEurope/RadioLiberty) Ukrainians aren’t rushing to sign up for military service as they did in the early days of Russia’s invasion, causing manpower issues and frustrating many on the front lines. A new bill in parliament aims to rectify the problem, but politicians and military officials seem leery of backlash.
UAC-0050 Remcos RAT: Pipe Method Used for Evasion in Ukraine Attack (Uptycs) Explore UAC-0050's latest cyber-attacks on Ukraine using RemcosRAT and sophisticated 'pipe method', signaling an escalation in cyber-espionage tactics.
Firmware prank causes LED curtain in Russia to display ‘Slava Ukraini’ — police arrest apartment owner (Record) The owner of an apartment in Veliky Novgorod in Russia has been arrested for discrediting the country’s armed forces after a neighbor alerted the police to the message ‘Slava Ukraini’ scrolling across their LED curtains.
Lukashenka Signs Law Putting New Curbs On Religious Groupings In Belarus (RadioFreeEurope/RadioLiberty) Authoritarian Belarusian leader Alyaksandr Lukashenka has signed a law tightening the activities of religious organizations by forcing re-registration and restricting associations to older groups with nationwide presences, his office said January 3.
Attacks, Threats, and Vulnerabilities
G-20 website was subjected to an organised cyber attack during India summit: CEO of I4C (The Hindu) During G-20 summit in 2023, the official website of the conference was targeted by 16 lakh cyber attacks per minute, Rajesh Kumar of the MHA, said.
A Gamer Turned Malware Developer: Diving into Silverrat and its Syrian Roots (CYFIRMA) This report provides a glimpse into the evolving landscape of RAT development and malicious activities performed by threat...
New Xamalicious Backdoor Infects 25 Android Apps, Affects 327K Devices (Hackread) Despite Google’s proactive removal of these apps, the threat persists through third-party markets, compromising over 327,000 devices globally.
Nearly 11 million SSH servers vulnerable to new Terrapin attacks (BleepingComputer) Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections.
Google Kubernetes Engine Vulnerabilities Could Allow Cluster Takeover (Hackread) An attacker with access to a Kubernetes cluster could chain two vulnerabilities in Google Kubernetes Engine (GKE) to escalate privileges and take over the cluster.
Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking (CloudSEK) A detailed blog on Analysis of the Global Malware Trend: Exploiting Undocumented OAuth2 Functionality to Regenerate Google Service Cookies Regardless of IP or Password Reset.
WordPress Google Fonts Plugin Vulnerability Affects Up To +300,000 Sites (Search Engine Journal) WordPress Google Fonts Plugin vulnerability allows unauthenticated attackers to delete directories and stage Cross Site Scripting attacks
21 New Mac Malware Families Emerged in 2023 (SecurityWeek) A total of 21 new malware families targeting macOS systems were discovered in 2023, a 50% increase compared to 2022.
Council Post: The Pegasus Wake-Up Call: IPhone Security In The Face Of Zero-Click Exploits (Forbes) The revelation of the zero-click iOS vulnerability and the subsequent deployment of Pegasus spyware serve as stark reminders of the evolving threat landscape.
Cybercriminals Flood Dark Web with X (Twitter) Gold Accounts (Dark Reading) Verified accounts for celebs and organizations deliver a deep vein of cybercrime riches for crooks.
Mandiant’s account on X hacked to push cryptocurrency scam (BleepingComputer) The Twitter account of American cybersecurity firm and Google subsidiary Mandiant was hijacked earlier today to impersonate the Phantom crypto wallet and share a cryptocurrency scam.
Security firm's social media account hacked by scammers (Computing) The X account of Mandiant, the cybersecurity and threat intelligence company bought by Google in 2022, was taken over for 6 hours by a group of cryptocurrency scammers.
23andMe tells victims it's their fault that their data was breached (TechCrunch) In a letter to victims who filed a lawsuit against the company, 23andMe blames its breach on customers for reusing passwords.
23andMe faces backlash for blaming customers data breach (Proactiveinvestors NA) Genetic testing company 23andMe is embroiled in more than 30 lawsuits from victims of a significant data breach, involving the theft of genetic and ancestry...
Population health software company HealthEC suffers major data breach (SiliconANGLE) Population health software company HealthEC suffers major data breach - SiliconANGLE
Academy Mortgage Notifies Consumers of Data Breach Following March 2023 Cyberattack (JD Supra) On December 21, 2023, Academy Mortgage Corporation (“Academy”) filed a notice of data breach with the Attorney General of New Hampshire after...
Estes refuses to pay off ransomware crew, says data stolen (Register) Pay up, or just decline to submit
Ransomware Group Claims Cyber Breach of Xerox Subsidiary (Dark Reading) After Xerox cybersecurity personnel discovered the breach, they brought in third-party experts to investigate.
‘Large-scale’ cyberattack hits French township, all local services down (Record) Pays Fouesnantais, a coastal township in Brittany, is warning that “all services of the community … are impacted” by an unspecified cybersecurity incident.
Kansas Court Records Back Online After October Cyber Attack (GovTech) The web portal that allows people to search for Kansas district court cases is back online for the first time since being knocked out by a cyber attack in October 2023.
Cybersecurity Incident Forces Missouri Hospital to Divert Patients (Campus Safety Magazine) Liberty Hospital's cybersecurity incident was discovered on Dec. 19 and continues to impact staff and potentially patient care.
CISA Adds Two Known Exploited Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency | CISA) CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CISA warns federal agencies of exploited Google Chrome and open-source vulnerabilities (Record) The agency added two bugs affecting Google Chrome and the open-source Perl library to its Known Exploited Vulnerabilities (KEV) catalog.
Security Patches, Mitigations, and Software Updates
LastPass will finally enforce a 12-character minimum master password (The Verge) The more characters the better.
LastPass now requires 12-character master passwords for better security (BleepingComputer) LastPass notified customers today that they are now required to use complex master passwords with a minimum of 12 characters to increase their accounts' security.
OpenAI Changes Data Controller in Bid to Adhere to GDPR (DIGIT) OpenAI, plans to change its official data controller for EU customers to Ireland in a bid to assuage concerns over data protection breaches.
Trends
Facts and misconceptions about cybersecurity budgets (Help Net Security) In this article, 2023 survey excerpts will help your organization understand both the facts and misconceptions about cybersecurity budgets.
Cyber Leaders With Tight Budgets Still Must Secure AI, Cloud (Wall Street Journal) The new year brings new pressure for security chiefs to justify cyber spending.
Snyk Report on AI Code Generation Exposes Risks, Developers’ False Sense of Security (Acceleration Economy) In episode 111 of the Cybersecurity Minute, Chris Hughes explores a new report on cybersecurity and artificial intelligence (AI) code generation from Snyk, which is on the Acceleration Economy Top 10 Shortlist of Cybersecurity Providers.
Revealed: almost half of British teens feel addicted to social media, study says (the Guardian) Exclusive: Millennium Cohort’s finding raises questions about why a large proportion has a difficult relationship with social media
Consumers prepared to ditch brands after cybersecurity issues (Help Net Security) 75% of consumers express their readiness to sever ties with a brand in the aftermath of any cybersecurity issue, according to Vercara.
Marketplace
What the cybersecurity workforce can expect in 2024 (Security Intelligence) The cyber industry continues to evolve, and 2024 promises to offer many opportunities and obstacles for cybersecurity pros.
Briefing: Intel Spins Out Generative AI Software Group (The Information) Intel said on Wednesday that it is spinning out its generative artificial intelligence software project, including intellectual property and its employees, as an independent company called Articul8 AI. The company said the decision to create an independent firm and raise outside capital will accelerate how quickly it can sell the software. Intel did not disclose whether it will have a majority
ZeroFox Awarded $289M from U.S. Office of Personnel Management for Digital Identity Protection Services (GlobeNewswire News Room) Award extensions offer protection and restoration to 22.1M individuals impacted by previous cybersecurity incidents...
Israeli spyware co NSO moving to bigger offices (Globes) NSO Group has leased the four top floors in the high rise office tower under construction in Glilot near Tel Aviv.
Kevin Nolten announced as Cyber Innovation Center president (Bossier Press) In a press release/letter sent to local media outlets on Tuesday January 2, 2024, Cyber Innovation Center (CIC) Executive Director Craig Spohn announced that Kevin Nolten has assumed the role of CIC president.
Rising Stars: Promoting Two Exceptional Cowbellers as We Approach Our Five Year Anniversary (Cowbell Cyber) Caroline Thompson has been promoted to Chief Underwriting Officer, and Sonja Kozel, has been promoted to SVP, Sales and Distribution.
Products, Services, and Solutions
Wirex Integrates ZeroFox to Combat Dark Web Threats (Finance Magnates) Wirex has incorporated ZeroFox to combat the threats of dark web activities and money mules.
Wickr Is Dead (404 Media) The app was a privacy-championing startup, before becoming an app of choice for drug traffickers and being acquired by Amazon Web Services. Near the stroke of midnight on December 31, 2023, AWS shut down the free version of Wickr for good.
InfoSec Global Federal Added to Department of Homeland Security Continuous Diagnostics and Mitigation Approved Product List (PR Newswire) InfoSec Global Federal, the leader in cryptographic vulnerability management, today announced the company has been added to the Department of...
Meet Align: Your Fastest Path to Google and Yahoo Compliance (Valimail) Valimail launched a new product: Align. Learn more about how it can help marketers reach Google and Yahoo compliance.
LogRhythm Product Innovation Prioritizes Speed and Efficiency for Fast, Agile and High-Performing Security Teams (Business Wire) SOC team efficiency bolstered by a new seamless, integrated user experience
Technologies, Techniques, and Standards
Can We Protect the Ballot Box? Global Guide to Election Cyber Threats (Infosecurity Magazine) In 2024, democracy faces an unprecedented barrage of cyber threats aimed at spreading discord and manipulating outcomes
Defending the Year of Democracy (Foreign Affairs) What it will take to defend 2024’s 80-plus elections from hostile actors.
New risk management framework helps with SEC mandate compliance (CSO Online) The authors of the new Cyber Risk Management Program framework explain how it can set an organization up to better comply with SEC and other disclosure and reporting regulations.
Cybersecurity Threats and How PR Can Help Mitigate Them in 2024 (4 Hoteliers) The latest findings from the German Federal Office for Information Security (BSI) paint a worrying picture of the cybersecurity situation in Germany.
Design and Innovation
FTC soliciting contest submissions to help tackle voice cloning technology (Register) The challenge is an effort by the FTC to monitor and stop scammers from exploiting voice cloning technology.
Research and Development
Quantum computing is taking on its biggest challenge: noise (MIT Technology Review) For a while researchers thought they’d have to make do with noisy, error-prone systems, at least in the near term. That’s starting to change.
Academia
Qatar to Add Cybersecurity Curricula in Private Schools (Dark Reading) The goal is to raise cybersecurity awareness for all students in the country.
Legislation, Policy, and Regulation
How to prepare for increased oversight of cybersecurity (Federal Times) Opinion: Cyber risk management at federal agencies driven from the top is becoming more pressing as the U.S. enters an era of near-peer competition with Chin
Britain’s got some of Europe’s toughest surveillance laws. Now it wants more (POLITICO) Despite the protestations of industry and campaigners, ministers are whisking a new bill through parliament.
What’s in Biden’s Executive Order on Artificial Intelligence? (Lawfare) A summary of the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.
States and Congress wrestle with cybersecurity after Iran attacks small town water utilities (AP News) The hacking of a municipal water authority in a small Pennsylvania town is prompting new warnings from U.S. security officials as states and the federal government are wrestling with how to harden water utilities against hackers.
A Better Cyber Service (War on the Rocks) 2024 will mark the fifth year of America’s newest military service, the Space Force. Its success has led to increased calls for a new service for the
Ban on ransomware payments? The alternative isn't working (Register) With the average demand hitting $1.5 million, something's gotta change
The FBI is adding more cyber-focused agents to U.S. embassies (CyberScoop) The agency’s deployment of additional cyber assistant legal attachés comes as it takes on a more proactive approach to combating cybercrime operations and infrastructure.
Litigation, Investigation, and Law Enforcement
DOJ Slams XCast with $10 Million Fine Over Massive Illegal Robocall Operation (The Hacker News) XCast, a VoIP provider, faces a $10 million penalty for facilitating illegal robocalls and deceptive telemarketing campaigns since 2018.
Korean National Police Agency investigating $81 million crypto theft from Orbit Chain (Record) Crypto platform Orbit Chain said it is working with the Korean National Police Agency and Korea Internet & Security Agency (KISA) to address a cyberattack that led to the theft of more than $81 million worth of cryptocurrency.
Nigerian hacker arrested for stealing $7.5M from charities (BleepingComputer) A Nigerian national was arrested in Ghana and is facing charges related to business email compromise (BEC) attacks that caused a charitable organization in the United States to lose more than $7.5 million.
NJ Law Enforcement Unwittingly Bought Banned Chinese Surveillance Cameras (Courwatch) New Jersey Bought $15 Million Worth of Surveillance Equipment From a Company Selling Rebranded, Banned Chinese Cameras Using COVID Relief Funds
Multiple state Capitols evacuated due to mass-emailed bomb threats (CNN) Capitol buildings in multiple states were temporarily shut down and evacuated Wednesday because of threats.
FBI calls bomb threats that led to brief lockdowns and evacuations of some state capitols a hoax (AP News) A bomb threat emailed to officials in several states has briefly disrupted government affairs and prompted some state capitol evacuations, but no explosives have been found and federal officials quickly dismissed the threats as a hoax.