Hacktivism in Ukraine, surveillance in Russia. Subpoena scam. Spring4shell. Lapsus$ and Remcos return. Calendly phishing. | #computerhacking | #hacking


Dateline Moscow, Minsk, Kyiv, London, Washington, and Canberra: Russia’s intelligence failures in its hybrid war.

Ukraine at D+35: Stalemate at best, reverses at worst, as Russia’s war stalls. (The CyberWire) US and UK intelligence services conclude that President Putin is being badly served by his own intelligence services. Russian domestic security services appear to be increasing their surveillance of internal dissent. Ukrainian hacktivists continue to work against Russian interests.

Map: Where Russian Troops Are Positioned Around Ukraine (New York Times) An estimated 130,000 Russian troops are in position on Ukraine’s northern, eastern and southern sides.

Russia’s invasion of Ukraine: List of key events, day 36 (Al Jazeera) As the Russia-Ukraine war enters its 36th day, we take a look at the main developments.

Ukraine War: Putin demands Mariupol surrender to end shelling (BBC News) Russia’s defence ministry has since proposed a one-day ceasefire on Thursday to let civilians leave.

Ukraine’s battle-hardened soldiers dig into trenches as they await Russian assault in the Donbas (The Telegraph) Military experts believe that with both sides now lined up along a single front, hostilities could grind on for three years or more

Russia bombards Chernihiv hours after pledging to halt shelling (the Guardian) Mayor of northern Ukrainian city says there is no evidence of any withdrawal of Russian forces

Vladimir Putin’s troops withdrawing from Chernobyl, says US (The Telegraph) Russia has begun withdrawing its soldiers from the defunct Chernobyl nuclear power plant after seizing control of the facility on the opening day of its invasion of Ukraine.

Russian War Report: Contradictory reports of Russian vehicles returning to Belarus (Atlantic Council) Russian forces seen returning to Belarus, Telegram channels undermining peace talks with Ukraine, and how Russians continue using banned social media.

Why Russian troops are using tree branches for camouflage in Ukraine (Washington Post) Russian troops in Ukraine have scrambled to avoid detection and attack by using tree branches and straw, even swaths of carpeting, to conceal tanks and other armored vehicles, in what analysts call a surprising lack of sophistication for such an advanced military and further evidence of how ill-prepared some commanders were for the sustained fight that has unfolded.

‘Don’t underestimate Putin and his army – they’re still an incredible adversary’ (The Telegraph) Royal Marines commander says Russia’s failure so far to conquer Ukraine should not dupe the West into thinking their threat is abating

Ukrainian general dismisses POW torture video as Russian propaganda (Newsweek) Ukraine’s military has not yet been able to determine the authenticity of the video.

British fighters savour victory in ‘Battle of Irpin’, as dogs devour bodies of defeated Russians (The Telegraph) Irpin residents cheer a ‘small victory’ in the liberation of their ruined home as soldiers recount experiences ‘much worse’ than Afghanistan

Coffins in Buryatia: Ukraine invasion takes toll on Russia’s remote regions (the Guardian) A lot of the soldiers dying in Putin’s war are from poorer ‘ethnic minority’ republics, says Russian military expert

Ukrainian soldier who cursed at Russian warship returns home, given medal (Newsweek) Roman Gribov, who returned to his home region of Cherkasy, was part of the first exchange of captured soldiers between Ukraine and Russia.

Sacked, arrested: How Vladimir Putin is turning on his military advisers (The Telegraph) Russian president feels ‘misled’ by spy chiefs and generals over failings of the war, with several reportedly sacked or arrested

Vladimir Putin is being lied to by his advisers, says GCHQ (The Telegraph) Russian leader’s top brass afraid to reveal Ukraine invasion blunders, claims Sir Jeremy Fleming, head of the intelligence agency

U.S. intelligence suggests that Putin’s advisers misinformed him on Ukraine. (New York Times) One American official said that there “is now persistent tension” between the Russian president and his Defense Ministry.

White House: Intel shows Putin misled by advisers on Ukraine (AP NEWS) U.S. intelligence officials have determined that Russian President Vladimir Putin is being misinformed by advisers about his military’s poor performance in Ukraine, according to the White House.

Russian troops sabotaging their own equipment and refusing orders in Ukraine, UK spy chief says (CNBC) Russian President Vladimir Putin’s advisors are scared to tell him what’s happening in Ukraine, the head of Britain’s intelligence agency has said.

Britain’s GCHQ spy chief says Russian soldiers refused to carry out orders in Ukraine (Reuters) The head of Britain’s GCHQ spy service said on Wednesday that new intelligence showed some Russian soldiers in Ukraine had refused to carry out orders, sabotaged their own equipment and accidentally shot down one of their own aircraft.

UK spy chief says Russian soldiers disobey orders in Ukraine (AP NEWS) Demoralized Russian soldiers in Ukraine were refusing to carry out orders and sabotaging their own equipment and had accidentally shot down their own aircraft, a U.K. intelligence chief said on Thursday.

Why Russia’s military is bogged down by logistics in Ukraine (Washington Post) Ambushed convoys and broken-down tanks. Generals killed close to the front. Long-expired rations. Frostbite.

Audio reveals Russian troops are eating dogs because they are ‘sick’ of ration packs (The Telegraph) Ukraine’s security service intercepted an audio recording of a call from a soldier to his family, who said they were desperate for meat

Where Does Putin’s War Go From Here? (Foreign Policy) Experts outline five ways Russia’s bloody invasion of Ukraine might end.

Opinion | What if Putin Didn’t Miscalculate? (New York Times) It’s always wiser to treat an adversary as a canny fox, not a crazy fool. 

Ukraine Is Ready for Painful Concessions (Foreign Policy) The government and its people are recognizing what a cease-fire deal with Russia would really mean.

Convoy heads to Ukraine’s Mariupol to attempt evacuation (AP NEWS) A convoy of buses headed to Mariupol on Thursday in another attempt to evacuate people from the besieged port city, while Russia pressed its attacks in several parts of Ukraine ahead of a planned new round of talks aimed at ending the fighting .

Ukraine internet connections crippled after massive cyberattack (Computing) A massive cyber attack hit Ukraine’s state-owned telecommunications company Ukrtelecom on Monday, resulting in the country’s most severe Internet disruption since Russia invaded in late February.

Ukraine suffered two cyberattacks in the lead-up to Russia’s invasion (Washington Post) Good morning and happy Wednesday! If you read one thing (besides this newsletter) today, you should check out this article by my colleagues about Facebook’s nationwide campaign against TikTok.

Phishing campaign targets Russian govt dissidents with Cobalt Strike (BleepingComputer) A new spear phishing campaign is taking place in Russia targeting dissenters with opposing views to those promoted by the state and national media about the war against Ukraine.

Putin’s hackers gained full access to Hungary’s foreign ministry networks, the Orbán government has been unable to stop them (Direkt36) Russian state actors hacked into the Hungarian Foreign Ministry’s computer network compromising internal correspondence and even a secure network that transmits classified information. The cyberattacks, hushed up by the Orbán government and recurring for a decade, have not been countered. With the h

KA-SAT Network cyber attack overview (Viasat.com) Viasat is providing an overview and incident report on the cyber-attack against the KA-SAT network, which occurred on 24 February 2022, and resulted in a partial interruption of KA-SAT’s consumer-oriented satellite broadband service.

Tracking cyber activity in Eastern Europe (Google) An update on cyber activity in Eastern Europe.

Russia’s Yandex is harvesting data from millions of Android and iOS users, report (Computing) The company’s analytics code is included in about 52,000 apps on Apple and Google app stores

Ukrainian Hackers Take Aim at Russian Artillery, Navigation Signals (Defense One) Group says it has found several ways to keep lost units lost.

‘I can fight with a keyboard’: How one Ukrainian IT specialist exposed a notorious Russian ransomware gang (CNN) As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how — by sabotaging one of the most formidable ransomware gangs in Russia.

4,000 letters and four hours of sleep: Ukrainian leader wages digital war (Washington Post) 31-year-old Mykhailo Fedorov is building wartime apps and recruiting an IT army to beat Russia in what he calls ‘World Cyberwar I’

Russian efforts in Ukraine have not yet spilled over into cyberattacks on US, says lawmaker (C4ISRNet) “Russia is one of the two most capable cyber adversaries we face globally. Whether they have the ability to completely destabilize our country and win a war is a whole different conversation.”

Number of Ukraine refugees passes worst-case U.N. estimate (AP NEWS) The number of people who have fled Ukraine since Russian troops invaded has surpassed 4 million, the United Nations reported Wednesday as shelling continued in places where Moscow had vowed to ease its military operations.

Deep unease in Belarus over country’s role in Russian invasion of Ukraine (Atlantic Council) Vladimir Putin is pushing Belarus dictator Alyaksandr Lukashenka to join the invasion of Ukraine, but the war is deeply unpopular among Belarusians who fear direct participation will have catastrophic consequences.

Ramzan Kadyrov’s boast about fighting in Ukraine is shot down by his own social media post (The Telegraph) The Chechen leader posed with a machine gun at a petrol station, however the pump behind him gave away a Russian brand name

Breakaway Georgian Region Seeks to Be Putin’s Next Annexation (Bloomberg) The breakaway Georgian region of South Ossetia will seek to join Russia, potentially leading to a new escalation in the Kremlin’s conflict with the West.

Georgia says ‘unacceptable’ for breakaway region to vote on joining Russia (Reuters) Georgia said on Thursday that plans by the Russian-backed breakaway region of South Ossetia to hold a referendum on joining Russia were unacceptable, while the Kremlin stressed no action had been taken to make that happen.

Which countries have expelled Russian diplomats? (Washington Post) As Russia batters Ukraine and NATO countries send troops to Eastern Europe, a separate conflict between Moscow and the West is playing out in the world of diplomacy.

Central Europe leads the way in backing Ukraine. Here’s its game plan for what’s next. (Atlantic Council) The European Union’s eastern members have an opportunity to prove their political and diplomatic mettle—and they’re seizing it.

German defense minister: ‘We cannot look away or stand apart’ on Ukraine (Atlantic Council) Germany is committed to stepping up in global efforts to support Ukraine in its fight against Russia, German Minister of Defense Christine Lambrecht said at an Atlantic Council Front Page event.

Germany Enacts Emergency Gas Plan as Russia Wields Ruble Threat (Bloomberg) Economy Minister Habeck sees risk Russian gas could be cut off. Germany faces significant exposure to Russian energy imports.

Finland’s Spy Service Warns of Russian Interference, Attacks (SecurityWeek) Finland’s Supo spy agency wanted about Russian interference and hybrid attacks as it weighs whether to join the NATO military alliance

Iran won’t break with Russia over Ukraine. Here’s why. (Atlantic Council) There are no signs that Tehran is walking away from its relationship with Moscow despite Russia’s actions toward Iran and its invasion of Ukraine.

Will Slovakia send Ukraine S-300 air defenses? The Pentagon is working on it. (Defense News) A top Pentagon official told lawmakers on Wednesday the Biden administration is working to accommodate NATO ally Slovakia’s offer to send more S-300 surface-to-air missile systems to Ukraine, in the wake of Russia’s invasion.

Snort and Talk (Foreign Affairs) Why Washington has long struggled to deter Russia—and how it can now.

The Perilous Long Game in Ukraine (Foreign Affairs) Compromising with Putin may be America’s best option.

EU Is Considering New Russian Bank Sanctions, Diplomats Say (Wall Street Journal) European countries aiming to tighten sanctions over the war in Ukraine are considering targeting more banks and oligarchs’ relatives, as well as strengthening cryptocurrency restrictions, according to people familiar with discussions.

West cannot lift Russian sanctions until Ukraine ‘has justice’, warns Volodymyr Zelensky (The Telegraph) Ukraine’s president suggests ‘certain countries’ want measures lifted sooner because of their economic links to Russia

Russia war ends era of globalization that kept inflation low (AP NEWS) For decades, the free flow of trade across much of the world allowed the richest nations to enjoy easy access to low-priced goods and supplies. It meant solid economies and stable markets. And for households and businesses, especially in the United States and Europe, it meant an entire generation of ultra-low inflation.

How to prevent China from coming to Russia’s rescue | Opinion (Newsweek) With Russia’s military bearing down on civilian population centers, it is high time that China learn that lesson for itself.

Pro-Russia Sentiment on Indian Twitter Draws Scrutiny (New York Times) While India and Russia have long had close ties, researchers say there are signs that social media posts parroting Kremlin talking points may not be legitimate.

Russia Offers SWIFT Alternative to India for Ruble Payments (Bloomberg) Suggests India use SPFS system to settle rupee-ruble payments. Russian Foreign Minister said to visit New Delhi Thursday.

Ahead of Lavrov’s arrival, U.S. to send Deputy NSA to India (The Hindu) The visit of U.S. Deputy NSA Daleep Singh comes just before Russian Foreign Minister travels to India

Use of Russian technology products and services following the invasion of Ukraine (NCSC) Cyber security – even in a time of global unrest – remains a balance of different risks. Ian Levy, the NCSC’s Technical Director, explains why.

Risks of Using Russian Tech Analyzed by UK Cybersecurity Agency (SecurityWeek) UK’s NCSC cybersecurity agency has shared recommendations on the use of Russian technology products and services for both individual users and organizations.

NCSC Cybersecurity Chief Warns Citizens About Using Russian Technology (Tech Times) The National Cyber Security Center Cybersecurity Chief warns citizens regarding the risks of using Russian technology. Learn more.

Proposal to Sanction Russian Cybersecurity Firm Over Ukraine Invasion Splits Biden Administration (Wall Street Journal) Officials warn Kaspersky Lab could be used by the Kremlin as a surveillance tool against its customers.

Biden Is Expected to Tap Oil Reserves to Control Rising Gasoline Prices (Wall Street Journal) President Biden is preparing to announce the release of up to 1 million barrels of oil a day from the U.S. Strategic Petroleum Reserve, according to people familiar with the plans.

Oil prices plummet 4% as the US weighs up largest-ever release from its strategic reserves (Markets Insider) Crude oil headed for an 11% weekly loss after reports the US may release as much as 180 million barrels from its strategic reserves.

Half of Russia’s 20 Richest Billionaires Are Not Sanctioned (Bloomberg) Half of Russia’s 20 richest people have not been sanctioned over its war in Ukraine, leaving a group of super-rich, powerful billionaires free to operate around the world without legal restriction.

NJ Judiciary Blocks Web Traffic From Outside US For Security (Law360) The New Jersey Judiciary is ramping up its cybersecurity efforts by blocking web traffic from outside the United States in light of Russia’s invasion of Ukraine and its increasingly hostile relations with the U.S.

Attacks, Threats, and Vulnerabilities

Intrusion Truth – Five Years of Naming and Shaming China’s Spies (Substack) In 2017, a mysterious group called Intrusion Truth began exposing the real identities of hackers behind Chinese spy operations. In an interview, the group discusses their controversial work.

New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits (Fortinet Blog) FortiGuard Labs discovered a campaign by Deep Panda exploiting Log4Shell, along with a novel kernel rootkit signed with a stolen digital certificate also used by Winnti. Read to learn about these a…

New Spring Framework RCE  Vulnerability Confirmed – What to do? (Sonatype) A new remote code execution flaw dubbed Springshell is affecting Spring-core, exploiting a previously unknown security vulnerability.

New Spring4Shell Zero-Day Vulnerability Confirmed: What it is and how to be prepared (Contrast Security) On March 29, 2022, a Chinese cybersecurity research firm leaked an attack that could impact most enterprise JAVA applications, globally. An investigation of the issue showed that the root cause was a vulnerability in the open-source programming framework called Spring Core. Contrast Security Labs team confirmed the zero-day vulnerability, Spring4Shell, which could be the source of Remote Code Execution (RCE).

Spring Core on JDK9+ is vulnerable to remote code execution (Praetorian) Update: March 31, 2022 A patch has officially been released. https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement https://tanzu.vmware.com/security/cve-2022-22965 Overview Spring Core on JDK9+ is vulnerable to remote code execution due to a bypass for CVE-2010-1622. At the time of writing, this vulnerability is unpatched in Spring Framework and there is a public proof-of-concept available. As we have remediation advice for customers […]

Spring4Shell: No need to panic, but mitigations are advised (Help Net Security) Spring4Shell is a bypass of an incomplete patch for CVE-2010-1622 and affects Spring Core on Java Development Kit (JDK) version 9 or later.

Remcos Trojan: Analyzing the Attack Chain (Morphisec) Morphisec Labs has detected a new wave of Remcos trojan infection. In this blog post, get an analysis of the full attack chain used by the threat actor.

Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests (Bloomberg) Hackers compromised the emails of law enforcement agencies. Data was used to enable harassment, may aid financial fraud.

Fresh Phish: Phishers Schedule Victims on Calendar App (INKY) In the constant search for novel hacks, cybercriminals have been cycling their way through a multitude of free sites, both to send phishing emails and to host malware injection mechanisms. In a recent attack, black hats tried to lure victims to Calendly, a free calendar app, where they had crafted a clever sequence that led to a credential-harvesting payload.

Lapsus$ claims Globant as its latest breach victim (TechCrunch) A threat intelligence provider said the leaked data contained private keys and source code.

Lapsus$ Claims Hack of IT Giant Globant After Arrests of Alleged Members (SecurityWeek) The Lapsus$ hacker group claims to have hacked IT giant Globant just days after several alleged members of the group were arrested in the UK.

Lapsus$ ‘back from vacation’ with claimed Globant breach (Computing) The group has reportedly released 70 GB data on major global firms

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data (The Hacker News) LAPSUS$ data extortion gang claims to have breached Globant software services company, and leaks a large amount of data (70GB).

As Lapsus$ comes back from ‘vacation,’ Sitel clarifies position on data breach (ZDNet) Lapsus$ also claims to have compromised a software solutions provider.

Is Lapsus$ back for good after Globant breach? (Tech Monitor) Today’s Lapsus$ Globant breach shows arrests of alleged gang members are unlikely to put a stop to its activities.

Shutterfly Employee Data Compromised in Ransomware Attack (SecurityWeek) Shutterfly is notifying employees that their data might have been compromised in a Conti ransomware attack in December 2021.

Facebook Messenger Four-Word Phishing Scam (Trend Micro News) Facebook Messenger users are being advised to ignore a four-word phishing message that is currently making the rounds. Scammers, posing as a Facebook friend, are sending messages with the words “look what i found” accompanied by a laughing face emoji.

Researchers Find Python-Based Ransomware Targeting Jupyter Notebook Web Apps (SecurityWeek) Researchers have found what they believe to be the first Python-based ransomware sample specifically targeting Jupyter Notebooks.

Wyze cameras were vulnerable to strangers watching your feed for years (Android Police) Shouldn’t security cameras be, you know, secure?

Remote ‘Brokenwire’ Hack Prevents Charging of Electric Vehicles (SecurityWeek) Researchers have identified a new attack method, dubbed Brokenwire, that can be used to remotely interrupt the charging of electric vehicles.

More than $625 million stolen in DeFi hack of Ronin Network (The Record by Recorded Future) The Ronin Network announced on Tuesday that hackers have stolen more than $600 million worth of Ethereum (173,600 ETH) and $25.5 million of US dollar-pegged stablecoin USDC, making it one of the largest decentralized finance (DeFi) hacks to date. 

Crypto-Bridge Hacks Reach Over $1 Billion in Little Over a Year (Bloomberg) More than $21 billion locked on Ethereum bridges, Dune says. Ronin was built to handle surging demand from Axie gamers.

Latest on TransUnion data leak: Hackers release Ramaphosa, Malema info privately (702) Data analyst at World Wide Worx Bryan Turner talks about the latest information on the TransUnion data breach.

Hive ransomware group claims to steal California health plan patient data (VentureBeat) The Hive ransomware group claims to have stolen data from the Partnership HealthPlan of California, which reports” technical difficulties.”

Hive ransomware uses new ‘IPfuscation’ trick to hide payload (BleepingComputer) Threat analysts have discovered a new obfuscation technique used by the Hive ransomware gang, involving IPv4 addresses and a series of conversions that eventually lead to downloading Cobalt Strike beacons.

Security Patches, Mitigations, and Software Updates

Security Bulletin: IBM Db2 Web Query for i is vulnerable to denial of service in Apache Commons Compress (CVE-2021-36090), arbitrary code execution in Apache Log4j (CVE-2021-44832), and cross-site scripting in TIBCO WebFOCUS (CVE-2021-35493) – IBM PSIRT Blog (IBM PSIRT Blog) There are vulnerabilities in Apache Commons Compress (CVE-2021-36090), Apache Log4j (CVE-2021-44832), and TIBCO WebFOCUS (CVE-2021-35493) as described in the vulnerability details section. Apache Commons Compress is used by Db2 Web Query for zipping and unzipping objects, such as import and export packages via Change Management or log files via the Administration Console.

Third-party bugs squashed in IBM database software (iTnews) Apache Log4j rears its head.

Federal Agencies Instructed to Patch New Chrome Zero-Day (SecurityWeek) The US Cybersecurity and Infrastructure Security Agency (CISA) has warned federal agencies about a recently patched zero-day vulnerability in Google’s Chrome browser.

Chrome Browser Gets Major Security Update (SecurityWeek) Google has released a Chrome browser makeover with patches for 28 vulnerabilities, including multiple use-after-free and inappropriate implementation flaws.

Identity Fraud Losses Total $52 Billion in 2021, Impacting 42 Million U.S. Adults (GlobeNewswire News Room) Fraud landscape shifts dramatically as criminals increasingly highjack victims’ online lives according to 2022 Identity Fraud Study by Javelin Strategy &…

Cofense Annual Phishing Report Highlights 10 Point Increase in Credential Phishing (Business Wire) Cofense released its 2022 Annual State of Phishing Report, shedding light on the downfalls of relying on technology controls to prevent phishing.

2022 Annual State of Phishing Report (Cofense) Enriched with robust threat intelligence from the Cofense Phishing Defense Center (PDC), which analyzes millions of user-reported emails, the Annual Report provides an in-depth look at the phishing trends through 2021 with expert predictions for security leaders in 2022.

Lacework Labs Cloud Threat Report Identifies Most Exploited Vulnerabilities Targeting Businesses In the Cloud (PR Newswire) Lacework®, the data-driven cloud security company, today released the third volume of its Cloud Threat Report, a semi-annual accounting of the…

2022 Cloud Threat Report, Volume 3 (Lacework) The 2022 Cloud Threat Report, Volume 3, delivers detailed threat intelligence on new vulnerabilities and tactics in the fast-evolving cybercrime landscape. Download the latest report.

Marketplace

Wing Security Emerges Out of Stealth with Comprehensive Platform Addressing Security Gaps Introduced by SaaS Applications (Business Wire) Wing has raised $26M to date from leading venture capital firms GGV Capital, S-Capital, Harmony Partners and Silicon Valley CISO Investments group.

Investors Bet on Cyberpion in Attack Surface Management Space (SecurityWeek) Attack surface management specialists Cyberpion has secured $27 million in early-stage funding to build technology that helps organizations manage exposure to risk.

QuoLab Secures Funding Round Backed by TEDCO (Business Wire) QuoLab Technologies announced that it has raised a seed funding round backed by TEDCO

Fastly Acquires Fanout to Unlock Real-Time App Development at the Edge (Fastly) Fastly’s edge cloud platform helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences.

Skan raises $40M Series B round to accelerate enterprise adoption of their ground-breaking Process Intelligence solution as distributed, remote work collides with complex business operations. (PR Newswire) Skan.ai has announced the close of $40M in Series B venture capital funding. The round was led by Dell Technologies Capital, with participation…

Cyberpion secures $27 million Series A to thwart external attacks (CTech) The Israeli cybersecurity startup’s platform identifies and reduces the ever-expanding external attack surface, continuously detecting vulnerabilities by identifying, analyzing, and monitoring the company’s assets linked to the internet

Will Darktrace grow its customer base as Russia sparks cyber warfare fears? (CMC Markets) The Russia-Ukraine war has concentrated minds on the need for cyber security, putting Darktrace’s share price in focus.

Hackers’ Path Eased as 600,000 U.S. Cybersecurity Jobs Sit Empty (Bloomberg) Job openings rose at double prepandemic rate in last 12 months. Cyber professional shortfall could rise to 3.5 million by 2025.

NetCentrics Wins Best Place to Work in Washington, D.C. Award (EIN News) NetCentrics Has Won This Award Four Times

Palantir taps former Pentagon officials for new advisory board (Defense News) Palantir hopes the advisory board members will help it better understand the cultures and priorities of the services.

Products, Services, and Solutions

LogicHub Launches Free SOAR Edition (LogicHub) Unique free platform offering enables organizations of all sizes to improve SOC security by automating repetitive tasks

Nebulon combined server and storage solution for ‘four-minute ransomware recovery’ (Continuity Central) Nebulon has unveiled Nebulon TimeJump, a solution architected to address key ransomware mitigation challenges. The company says that Nebulon TimeJump is ‘the first and only combined server and storage solution architected to offer complete ransomware recovery in less than four minutes’.

Offensive Security Unveils Learn Fundamentals Training Program (Business Wire) Offensive Security, the leading provider of hands-on cybersecurity training and certification, today announced the launch of Learn Fundamentals, the c

Dynatrace Named a Leader in the GigaOm Radar for Cloud Observability Solutions (Business Wire) Dynatrace’s deep and broad observability earns top ranking for delivering answers and intelligent automation in hybrid, multicloud environments

Revima Adopts LoRaWAN-based IoT Water Metering (Actility) REVIMA Group has deployed IoT solutions to monitor water consumption to monitor the temperature & hygrometry on its site.

Austria awards Secunet €15M border biometric entry/exit system contract (Biometric Update) Secunet has been awarded a €14.6 million contract by Austria’s Federal Ministry of the Interior to work on the country’s entry/exit system (EES).

IBM unveils hybrid cloud security key management service (SC Magazine) IBM announced the launch of the Unified Key Orchestrator, a managed service that gives users in hybrid or multiple cloud environments a single tool to manage all of their security key management systems, according to Network World.

Kenya Gets Huawei-Linked Chinese Communications Cable (VOA) Some are calling arrival of underwater cable the new digital Cold War, as China and US battle for internet dominance through growing undersea cable network

Anchore to Contribute Grype Open Source Vulnerability Data to the Global Security Database (Business Wire) CSA’s Global Security Database Working Group will receive a contribution of open source vulnerability data from Anchore.

Technologies, Techniques, and Standards

Security Awareness Training as a Key Element in Changing the Security Culture (Osterman Research) Cybersecurity technology can only go so far in protecting an organization. Good security awareness training is essential in protecting the organization from security threats. Security awareness tra…

World Backup Day: 5 data recovery tips for everyone! (Naked Security) The only backup you will ever regret is the one you didn’t make

Voice of the Modern Developer: Insights From 400+ Developers (Tromzo)      A WORD FROM Harshit Chitalia, CTO, Tromzo Development… Continue reading Voice of the Modern Developer: Insights From 400+ Developers

Where should companies start when it comes to device security? (Help Net Security) When you need to know what’s in your devices without vendor cooperation, binary analysis provides an good baseline security testing strategy.

Do You Really Need to Buy an Antivirus App or a VPN Anymore? (PCMAG) Isn’t the built-in security on today’s PCs, phones, and tablets good enough? The answer depends on the OS you’re running.

Research and Development

Microsoft security chief warns of metaverse crime (BusinessLIVE) Develop firewalls because hackers target users with things such as avatars of people they trust, says Charlie Bell

Interested in the Metaverse? Think Security First, Microsoft Says. (Commercial Integrator) Microsoft’s EVP of security, compliance, identity and management urges organizations to prioritize the cybersecurity of the metaverse.

Academia

We Need Senior Cyber Leaders. Service War Colleges Can Train Them (War on the Rocks) With the White House warning of Russian cyber attacks, senior U.S. cyber leaders could soon be forced to make critical and unprecedented decisions in this

Legislation, Policy, and Regulation

Australia Sends a $7.5 Billion Cyber Signal to China (Bloomberg) The target of Canberra’s new cybersecurity budget is clear, and it’s a savvy way to boost defenses.

US national emergency extended due to elevated malicious cyber activity (BleepingComputer) US President Joe Biden today has extended the state of national emergency declared to deal with increasingly prevalent and severe malicious cyber threats to the United States national security, foreign policy, and economy.

Notice on the Continuation of the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities (The White House)      On April 1, 2015, by Executive Order 13694, the President declared a national emergency pursuant to the International Emergency

House sends bipartisan cyber crime bill to Biden (TheHill) The House passed bipartisan cybersecurity legislation on Tuesday that would improve the way the federal government tracks, measures and analyzes cyber crime.

Biden-Harris Administration Proposes Increased Spending for R&D (Meritalk) President Biden’s fiscal year (FY) 2023 proposed budget includes a proposed increase in Federal spending on research and development (R&D) to $86 billion, up from the estimated $79.7 billion from FY2022.

Cyber Command’s acquisition growing pains (FCW) A Government Accountability Office report found that while CyberCom has matured its Joint Cyber Warfighting Architecture, it doesn’t yet have the metrics needed to justify investments in new capabilities.

GAO: Cyber Command lacks metrics for assessing its weapons and platforms (FedScoop) Despite some progress in maturing its architecture for guiding major purchases of platforms, U.S. Cyber Command still has not developed an outcome-based metric to support assessments of programs and staffing issues for acquisitions, according to a Government Accountability Office report released Wednesday. The Senate mandated study, titled “Defense Acquisitions: Cyber Command Needs to Develop Metrics […]

Local cyber is finally getting its moment, city CISOs say (StateScoop) Local cybersecurity officials are boosting regional collaborations with added support from the federal government.

Litigation, Investigation, and Law Enforcement

FBI disrupts BEC cybercrime gangs targeting victims worldwide (BleepingComputer) A coordinated operation conducted by the FBI and its international law enforcement partners has resulted in disrupting business email compromise (BEC) schemes in several countries.

Law Enforcement Agencies Arrested 65 in BEC Crackdown (Decipher) A widespread, international crackdown on business email compromise resulted in the arrest of 65 suspects.

Suspected Lapsus$ Hackers Arrested; London Group Between the Ages of 16 and 21 (CPO Magazine) Accused LAPSUS% hackers found in England, Brazil; some members still living … or British teenager cast as the stereotypical cyber troublemaker.

Ubiquiti sues infosec journo for defamation over hack report (Register) Network equipment maker insists it acted responsibly following intrusion

CNN: ‘Realistic chance’ Hunter Biden could be indicted (TheHill) A top legal analyst at CNN said it is possible President Biden’s son Hunter Biden could be indicted by the U.S. government following an investigation into his foreign business dealings. 

Here’s how The Post analyzed Hunter Biden’s laptop (Washington Post) Two experts confirm the veracity of thousands of emails, but say a thorough examination was stymied by missing data

Inside Hunter Biden’s multimillion-dollar deals with a Chinese energy company (Washington Post) A Washington Post review confirms key details and offers new documentation of Biden family interactions with Chinese executives



Original Source link




Leave a Reply

Your email address will not be published.

− four = six