Notes from the underworld. Cyberespionage in occupied Ukraine … – The CyberWire
Dateline
Ukraine at D+391: Attribution ambiguity. (CyberWire) A new, unattributed APT seems active in Russian occupied territories. A Russian proposal for new cyberspace norms.
Russia-Ukraine war: List of key events, day 392 (Al Jazeera) As the Russia-Ukraine war enters its 392nd day, we take a look at the main developments.
Ukraines Leadership Doubles Down on Bakhmut Defense as Russians Get Closer (Wall Street Journal) Ukrainian commanders say they are sapping Russian strength in the eastern city to give their planned offensive a better chance of success.
Russian cruise missiles destroyed in drone strike on Crimea train (The Telegraph) Kyiv says Kalibr missiles being transported on a train in Dzhankoi were destroyed while Russia's region chief blames drone attack
Ukraine, Russia Trade Claims After Blast Rocks Crimean Town (Military.com) Russian and Ukrainian officials have given conflicting accounts of what appeared to be a brazen attack on Russian cruise missiles being transported by train in Moscow-annexed Crimea.
Japan Prime Minister Fumio Kishida makes surprise visit to Ukraine (AP NEWS) Japanese Prime Minister Fumio Kishida arrived in Kyiv for a surprise visit shortly after noon Tuesday, hours after Chinese President Xi Jinping arrived in neighboring Russia for a three-day trip.
Xi, Putin signal unity against U.S. in joint statement (Nikkei Asia) China urges peace talks in Ukraine, Moscow backs Beijing on Taiwan
After Kremlin talks, Xi and Putin sign cooperation agreements as Japans leader visits Ukraine (Washington Post) Putin, Xi agree on expanding natural gas trade, other economic ties. Visit by Japans Kishida to Kyiv gives sharp contrast to Xi in Russia. Xi and Putin to meet for ceremony, talks and state dinner.
China lacks credibility to secure Ukraine ceasefire amid Russia drone fears (The Telegraph) Nato sceptical of Beijings plan for peace following reports that a Chinese firm was in talks to arm Moscow with kamikaze drones
Putin got very little out of Xis big visit except pomp and ceremony (The Telegraph) The Chinese presidents grand trip to Moscow looked like theatre that played more to his benefit than to Russias
Putins two-day charm offensive with Xi underlines whos boss (the Guardian) Kremlin toasts the Russian-Chinese partnership, which appears warm but far from equal
Why Xi can't solve Putin's Ukraine problem (The Telegraph) Chinese president could have profound influence but questions remain about whether he can, or wants to, end the war
7 myths standing in the way of Ukraines victory (POLITICO) If Kyiv is forced to settle, it will bring neither justice, nor peace. Only victory will stop Putin coming at us again.
Freeing Belarus from tyranny: A conversation with Sviatlana Tsikhanouskaya (Atlantic Council) How can the United States and its Western allies help support freedom and self-determination in Belarus? What effect has Russias full-scale invasion of Ukraine had on Belarusian democratic opposition and civil society?
Putin the Pariah: War crimes arrest warrant deepens Russias isolation (Atlantic Council) The ICC decision to indict Putin for war crimes is a highly consequential step that will deepen Russias international isolation while weakening Putins personal position both at home and abroad, writes Anders slund.
ICC arrest warrant for Putin is a step toward ending Russian impunity (Atlantic Council) The International Criminal Court decision to issue an arrest warrant for Putin over his alleged role in the deportation of Ukrainian children has sparked a lively debate. Is the move truly historic or merely symbolic?
Putin warns UK it is ramping up war with its 'nuclear component' arms for Ukraine (The Telegraph) Britain confirms it will send depleted uranium shells, but Kremlin accused of 'bonkers' reaction at press conference with President Xi
Putin says Russia will respond if UK supplies depleted uranium shells to Ukraine (the Guardian) Russian leader reacts to comments by UK defence minister that Britain will supply armour-piercing rounds to Kyiv
The Army Digs in for Competition Against Russia, Sets Garrison in Poland (Military.com) The Army now has a permanent garrison in Poland, a major milestone underscoring that country's central role as a hub of NATO support for Ukraine's fight against invading Russian forces.
Absolutely a quick study: Ukrainians master Patriot system faster than expected (POLITICO) They are the best of the best in what they do in air defense for Ukraine," a U.S. general said.
Ukrainians to Get U.S. Tanks by Fall (U.S. Department of Defense) The U.S. will send M1A1 Abrams tanks from refurbished hulls already in U.S. inventory to Ukraine, and the delivery will be in the fall, which isfaster than what was initially expected.
US speeds up Abrams tank delivery to Ukraine war zone (AP NEWS) The Pentagon is speeding up its delivery of Abrams tanks to Ukraine, opting to send a refurbished older model that can be ready faster, with the aim of getting the 70-ton battle powerhouses to the war zone by the fall, the Pentagon said Tuesday.
US to accelerate delivery of tanks to Ukraine (CNN) The US will dramatically accelerate the time it takes to ship Abrams tanks to Ukraine by sending older M1-A1 models of America's main battle tank instead of the more modern version of the tank, according to two US officials.
The Dangers of a New Russian Proposal for a UN Convention on International Information Security (Council on Foreign Relations) Russia recently issued a new draft for a UN international convention on cybersecurity. An alternative proposal offers a freer vision of internet governance, and would provide a more action-oriented p
Bad magic: new APT found in the area of Russo-Ukrainian conflict (Securelist) In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.
Unknown actors target orgs in Russia-occupied Ukraine (Register) If this is Kyiv's work, Russia can Crimea river
New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War (The Hacker News) New "Bad Magic" activity cluster targeting gov't, agriculture & transportation orgs in Donetsk, Lugansk & Crimea amid ongoing Russia-Ukraine war.
Partisan suspects turn on the cyber-magic in Ukraine (Cybernews) A previously unidentified threat actor is believed to be using new malware programs called CommonMagic and PowerMagic to phish for details of targets in disputed Russian-controlled areas of Ukraine.
Hacker tied to D.C. Health Link breach says attack 'born out of Russian patriotism' (CyberScoop) The hacker who took responsibility for the D.C. Health Link breach claims to have targeted U.S. politicians out of allegiance for Russia.
Financial cyber threats heightened by ideologically motivated hacktivism amidst geopolitical tension (SC Media) Russia's war with Ukraine has triggered a surge in ideologically motivated hacktivism that persists to this day, posing by far the most significant impact on the cyber threat landscape for financial services, according to a report by the Financial Services Information Sharing and Analysis Center.
Review: Protecting and Defending Ukraines Cultural Identity (New York Times) A festival responds to the assaults and insults of war by celebrating the composer who shaped the nations contemporary music, Borys Liatoshynsky.
ENISA Transport Threat Landscape (ENISA) This report is the first analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the transport sector in the EU. The report aims to bring new insights into the reality of the transport sector by mapping and studying cyber incidents from January 2021 to October 2022. It identifies prime threats, actors and trends based on the analysis of cyberattacks targeting aviation, maritime, railway and road transport over a period of almost 2 years.
Ransomware likely to target transportation OT systems, warns EU cyber agency (Record) The European Union's cyber agency says ransomware is the biggest cyberthreat to Europe's ports, railways and aviation, and attackers are likely to target operational technology (OT) instead of information technology (IT) at some point.
Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution (Cisco Talos Blog) Cisco Talos recently discovered four vulnerabilities in the Netgear Orbi mesh wireless system, including the main hub router and satellite routers that extend the networks range.
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022 (The Hacker News) 55 zero-day vulnerabilities exploited in 2022, mainly in software from Microsoft, Google, and Apple.
Chatbots, Celebrities, and Victim Retargeting: Why Crypto Giveaway Scams Are Still So Successful (Akamai) Akamai researchers have been monitoring several cryptocurrency giveaway scam kits that impersonate celebrities and brands, notably Elon Musk and his associated companies. The scams are delivered through various social media platforms as well as direct messaging apps such as WhatsApp or Telegram.
ZenGo uncovers security vulnerabilities in popular Web3 Transaction Simulation solutions: The red pill attack (ZenGo) ZenGo uncovers security vulnerabilities in popular Web3 Transaction Simulation solutions: The red pill attack ZenGo is the first keyless bitcoin and cryptocurrency wallet the most simple and secure way to manage your crypto assets.
Google Pixel phones had a serious data leakage bug heres what to do! (Naked Security) What if the safe images you shared after carefully cropping them had some or all of the unsafe pixels left behind anyway?
Stopping a $36 Million Vendor Fraud Attack (Abnormal Intelligence) Abnormal recently observed an attempted vendor email compromise attack that sought to steal $36 million. Here's how we detected and stopped the attack.
Ransomware gangs incite fear in victims to fuel attacks (Cybersecurity Dive) Attacks involving data theft nearly doubled and harassment spiked 20 times by late 2022, Palo Alto Networks Unit 42 said.
Harvest Keeper Rugged Users And Shows Why "AI Crypto" Can't Work (CryptoMode) Harvest Keeper boasted of being an AI project that "optimizes the trading process for maximum payout" and promised users a 4.81% return on deposits.
Personal details of 8,000 staff and clients compromised in cyber attack, health organisation says (ABC) After a lengthy investigation, an Aboriginal health organisation says hackers accessed Medicare numbers, licences, passports and tax file numbers in the attack last year.
Ferrari Extorted Over Client Database Breach (Tech Times) The Italian automaker opted not to pay the ransomhere's why!
WSJ News Exclusive | U.S. State-Government Websites Use TikTok Trackers, Review Finds (Wall Street Journal) The presence of the Chinese apps trackers means that U.S. states might be inadvertently participating in data-collection efforts for a foreign-owned company.
Cybercriminals care about security too: how shady business is done on the dark web (ANI News) Latest Kaspersky research reveals cybercriminals posted more than 1 million messages mentioning escrow services on the darknet in 2020-2022. Escrow agents are third-party intermediaries involved in such deals to control the fulfillment of agreements and reduce the risks of cheating. They partner with cybercriminals who want to sell or buy data, services, or conclude a partnership - usually earning from three to 15 per cent of the transaction. However, the deal can still fail for various reasons, including those related to escrow scams. How such business is done on the darknet is described in a new report by Kaspersky Digital Footprint Intelligence team.
CISA Releases Eight Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released eight Industrial Control Systems (ICS) advisories on March 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
These Fortune 500 Companies Show Up Most Often in Compromised Password Data (Specops Software) Today, the Specops research team is sharing the results of their latest findings on the use of Fortune 500 company names in compromised passwords. The...
Fortinet Annual Skills Gap Rep (GuruFocus) New Fortinet research reveals escalating cyber risks due to the ongoing talent shortage while the number of organizations experiencing five or more breaches jumped by 53%
Only 1 in 10 workers remembers all their cyber security training (CybSafe) Only 1 in 10 workers remembers all their cyber security training. Read more...
Join the Brightest Startups at RSAC Innovation Sandbox (RSA Conference 2023) For 17 years, cybersecurity's boldest new innovators have competed in the RSAC Innovation Sandbox contest to put the spotlight on their potentially game-changing ideas. This year, 10 finalists will again have three-minutes to make their pitch to a panel of judges.
XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud workloads to Extend CNAPP Capabilities (XM Cyber) Learn more about XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud workloads to Extend CNAPP Capabilities . Read more on XM Cyber website.
dope.security Lands $16M in Funding for Fly-Direct Secure Web Gateway (Business Wire) Former Symantec, Forcepoint Product Leader Takes on Legacy Vendors, Disrupting SWG Market with Radical New Architecture
Backslash Security Emerges from Stealth to Fuse Code Security with Cloud-Native Context, Transforming a Decades-Long AppSec Paradigm (Yahoo Finance) Backed by StageOne Ventures and a stellar roster of security industry leaders, AppSec disruptor secures $8M to equip AppSec teams with visual control over cloud-native applications by identifying toxic code flows and automating threat models
Summers Predicts Cleaning Out of Fintech Sector After SVB Failure (The Information) Former Treasury Secretary Larry Summers predicted Silicon Valley will see a cleaning out in the fintech sector as a result of regulatory attention flowing from the failure of Silicon Valley Bank. In an interview with The Informations editor in chief Jessica Lessin, Summers also said that the ...
Briefing: TikTok CEO to Pledge App Will be Free From Any Government Influence (The Information) TikTok CEO Shou Zi Chew will offer a broad series of promises to protect American users data and keep the app free from government interferencein his upcoming testimony to Congress. We will firewall protected U.S. user data from unauthorized foreign access, he will say, according to a copy of the prepared remarks . Tiktok will remain a platform for free expression and will not be
TikTok CEO appears on TikTok to warn users about the TikTok ban (The Verge) A message to the apps 150 million US users
TikTok bans deepfakes of nonpublic figures and fake endorsements in rule refresh (The Verge) TikTok says realistic deepfakes need to be clearly labeled.
TikTok is D.C.'s new boogeyman. Can Silicon Valleys tactics save them? (Washington Post) The app, owned by Beijing-headquartered ByteDance, is adopting the lobbying tactics of many of its American tech company peers
Here's Why CrowdStrike Is Thrilled to Partner With Dell (The Motley Fool) There's a lot of good stuff here for investors to think about.
Check Point tells employees no raises in 2023 (CTech) The Israeli cyber giant informed its employees that, in view of the economic situation, instead of salary increases, they will receive a special bonus of blocked shares for one year in the amount of 5% of their base salary
Radware Named a Gold Winner for Application Security in the 2023 Globee Cybersecurity Awards (GlobeNewswire News Room) Receives top honors for Radware SecurePath, its innovative application security architecture ...
Industry Veteran Kevin Senator Joins aDolus as CEO (EIN News) Experienced OT/IT/IoT executive to expand customer base
AppOmni Bolsters C-Suite with Key Leadership Appointments (Business Wire) SaaS security leader names new Chief Development Officer and Chief Customer Officer
NinjaOne Appoints Robert Gibbons as Chief Technology Officer (NinjaOne) Read first-hand accounts of how Ninja's products and superior support help companies deliver fast and effective IT management.
SaaS Data Security Leader DoControl Announces Christine Castro as its New Vice President of Marketing (PR Newswire) DoControl, the automated Software as a Service (SaaS) security company, today announced that Christine Castro has joined as Vice President of...
HUMAN Expands Legal and Compliance Capabilities with Newly-Appointed General Counsel (HUMAN Security) HUMAN Expands Legal and Compliance Capabilities with Newly-Appointed General Counsel, Kirsten Canton.
https://www.businesswire.com/news/home/20230322005527/en/Orca-Security-Appoints-Co-Founder-Gil-Geron-as-CEO (Business Wire) Strategic Changes Position Company for Next Stage of Growth as Cloud-Native Application Protection Platform Market Leader
This Ukrainian Startup Is Looking to Automate Crypto Crime Reporting Using Smart Contracts, AI (Yahoo Finance) HAPI Labs has launched a platform for reporting of scam- and crime-related addresses in partnership with Ukraines cyber police.
Intelligent CloudCare Launches Online Cybersecurity Employee Training Courses (GlobeNewswire News Room) Intelligent CloudCare, an IT services firm for small and medium-sized businessesand a subsidiary of...
ConnectWise Challenges IT Solution Providers to Prepare for the Future at IT Nation London Conference (GlobeNewswire News Room) MSP software leader kicks off annual conference in Europe with broad updates to tools and services and messages on solving challenges in time of rapid...
Cybersecurity & Compliance Platform from Onapsis Now an SAP Endorsed App Available on SAP Store (Onapsis) Customers can benefit from accelerated cloud and digital transformation initiatives through supplementary, independent cybersecurity and compliance capabilities.
Sophos Partners with Cowbell to Provide Businesses with Easier Access to Cyber Insurance (Sophos) Partnership Helps Organizations Apply for Cyber Insurance and Assess Security Health for Insurability
Sophos Partners with Cowbell (Sophos News) Providing Small and Medium Enterprises with streamlined access to cyber insurance coverage and facilitating optimal insurance provision for Sophos customers in the U.S. through the opt-in sharing o
Cellebrite Announces Enhanced Solution Capabilities for Digital Investigations (GlobeNewswire News Room) Cellebrite's latest AI-enabled Investigative Analytics Solution, Pathfinder X, equips investigators with new breadth of investigative tools and enterprise...
Cellebrite Announces RelativityOne Integration for Quicker, Safer Data Review (GlobeNewswire News Room) Cellebrites LegalView add-on for RelativityOne to simplify how modern data is collected and reviewed...
Dell strengthens security portfolio (IT-Online) Dell Technologies has announced new security services and solutions to help organisations protect against threats, respond to attacks and secure their devices, systems and clouds. Seventy-two percent of IT business leaders and professionals believe the changing working world exposes their organization to even greater risk. The highly distributed IT environment creates new opportunities for cybercriminals []
Launch of Virtru Private Keystore Enables Heightened Privacy and Secure Collaboration in the Cloud (GlobeNewswire News Room) Encryption Key Management Solution Gives Customers Full Control of Cloud-Hosted Data...
Cemtrex Announces Vicon End-to-End Security System Order for Next Generation Zero-Carbon Prison System in United Kingdom (GlobeNewswire News Room) $0.8 Million in Vicon Surveillance Equipment with Latest Smart Technologies to Better Protect Prisoners, Staff and Public...
OP[4] Launches with Groundbreaking IoT and Embedded Systems Security Tech (Yahoo Finance) Automated Platform Detects, Prioritizes, Remediates Exploitable VulnerabilitiesCHANTILLY, Va., March 22, 2023 (GLOBE NEWSWIRE) -- OP[4], a new company built on pioneering cybersecurity technology originally developed for DARPA and productized via AFWERX, launched today with over $2 million U.S. dollars in initial seed funding secured through a combination of product sales and private investment. OP[4]'s revolutionary security platform is designed to automatically find and fix N-Day and 0-Day vul
Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution (Vectra news release) Published: Mar 22, 2023. Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution. Visit our news releases page to read more!
Bluescape and Jazz Solutions Add Virtual Workspace Solutions to Automa (PRWeb) FedRAMP-certified Bluescape helps achieve new levels of agility for dispersed teams Bluescape, a visual collaboration and workspace platform,
Cohesity and OwnBackup Partner to Offer Simplified and Consolidated Data Protection for SaaS workloads (Cohesity) Leading Data Protection and Management Providers OwnBackup and Cohesity Join Forces to Streamline Data Backup for Customers and Elevate Business Continuity in the Ransomware Era
Lightspin Launches Remediation Hub to Identify and Fix the Cloud Security Threats that Matter Most (PR Newswire) Lightspin, the leading cloud security solution for SaaS companies, today launched the Remediation Hub as part of its cloud-native application...
CISA Releases Updated Cybersecurity Performance Goals (Cybersecurity and Infrastructure Security Agency CISA) Today, we published stakeholder-based updates to the Cybersecurity Performance Goals (CPGs). Originally released last October, the CPGs are voluntary practices that businesses and critical infrastructure owners can take to protect themselves against cyber threats
CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management | CISA (Cybersecurity and Infrastructure Security Agency CISA) As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has released Identity and Access Management Recommended Best Practices Guide for Administrators. These recommended best practices provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM).
ESF Partners, NSA, and CISA Release Identity and Access Management Recommended Best Practi (National Security Agency/Central Security Service) As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the Recommended Best Practices Guide for
Identity and Access Management: Recommended Best Practices for Administrators (NSA and CISA) Identity and access management (IAM) is a framework of business processes, policies, and technologies that facilitate the management of digital identities to ensure that users only gain access to data when they have the appropriate credentials.
How to Manage Cyber Risk as a Board Director (OODA Loop) The evolving responsibilities of board members to cyber security and cyber risk were highlighted as a theme in the OODA Almanac 2023. While cybersecurity has been a focus of corporate boardrooms in the past, it is about to become a required focus as the Securities and Exchange Commission (SEC) seeks to have companies identify a board of directors member as the cybersecurity lead. OODA has specific expertise supporting the nexus between technical cybersecurity and corporate governance risk management and looks forward to supporting a wide range of companies by either placing a cybersecurity expert directly on the board or working as a consultant to the board to help guide their strategic initiatives and ensure they are exercising due care in managing cyber risks. Following is a guide for board members as they begin to explore the impact of cyber risk on the fiduciary responsibilities of a board of directors.
Weak, Repetitive Passwords a Common Problem in Government, Says Report (FEDweek) Use of weak and/or repetitive passwords is a common problem in government, according to a report by a cybersecurity firm that is the latest caution about
Meet Data Privacy Mandates With Cybersecurity Frameworks (CPO Magazine) In the coming months, data protection laws will continue to evolve and strengthen, requiring organizations to refine their data protection policies further and take demonstrable steps to safeguard the privacy of individual customers information.
Proactive Defence : How Enterprises Are Using Dark Web Threat Intelligence - Searchlight Cyber (Searchlight Cyber) Download our latest research report - based on a survey of more than 1,000 CISOs in the US and UK - to find out how large enterprises are using dark web intelligence. We found that 93 percent of CISOs are concerned about dark web threats but the use of threat intelligence varies by geography and...
Opinion Social media is devastating teens mental health. Heres what parents can do. (Washington Post) If we are serious about addressing the alarming worsening of teens mental health, we must reduce their social media use.
What is the CIA Triad? - Check Point Software (Check Point Software) Learn what the CIA Triad is, and how potential cyber threats to an organizations systems are limited if they ensure confidentiality, integrity, and availability.
Cyber Warfare is Upon Us: Why the Next Generation of War Games so Important (Infosecurity Magazine) Modern businesses are increasingly used as pawns in cyber battles between nation-states and affiliated groups
Turing Award Won by Co-Inventor of Ethernet Technology (New York Times) In the 1970s, Bob Metcalfe helped develop the primary technology that lets you send email or connect with a printer over an office network.
Google Rolls Out Its Bard Chatbot to Battle ChatGPT (WIRED) A new bot has entered the chat. But Google warns that, like its competitor, it will sometimes hallucinate.
Google just launched Bard, its answer to ChatGPTand it wants you to make it better (MIT Technology Review) Under pressure from its rivals, Google is updating the way we look for information by introducing a sidekick to its search engine.
Amazon Faces Moment of Truth on Alexa as ChatGPT Steals Its Thunder (The Information) At the 2018 Consumer Electronics Show, Amazon announced one of its biggest partnerships yet to help make its Alexa voice assistant ubiquitous: a deal with Toyota to integrate Alexa into the auto giants cars. Our vision for Alexa is that she should be everywhere a customer might need herat ...
The case for slowing down AI (Vox) Pumping the brakes on artificial intelligence could be the best thing we ever do for humanity.
Go here to read the rest:
Notes from the underworld. Cyberespionage in occupied Ukraine ... - The CyberWire