The US remains at Shields Up over Russia’s cyber threat. Microsoft and Okta discuss the Lapsus$ gang and its attacks. | #cybersecurity | #cyberattack

Dateline Moscow, Kyiv, Brussels, Washington: Shields Up.

Ukraine at D+27: Warnings of Russian cyber escalation as its army falters. (The CyberWire) As US and UK warnings of possible Russian cyberattacks continue, Russia’s Foreign Ministry offers a stop-me-before-I-kill-again excursus on the risk of cybercrime.

Nearly a month in, the Russia-Ukraine war is defying all expectations | Rajan Menon (the Guardian) Few anticipated what happened once the war began: the Ukrainians put up a tough resistance, even as the balance of power favored Russia

Russia-Ukraine latest news: Ukraine retakes strategic Kyiv suburb after pushing out Putin’s troops (The Telegraph) Russian troops have been forced out of an important Kyiv suburb after Ukraine regained control, as Vladimir Putin’s invasion continues to face fierce resistance.

Russia’s invasion of Ukraine: List of key events from day 28 (Al Jazeera) As the Russia-Ukraine war enters its 28th day, we take a look at the main developments.

Russians in retreat, blighted by frostbite and casualties, as Ukrainian troops regain key territory (The Telegraph) Moscow’s forces suffer setbacks in areas including Makariv, near Kyiv, raising fears a desperate Vladimir Putin may turn to chemical weapons

What Happened on Day 27 of Russia’s Invasion of Ukraine (New York Times) As he heads to Europe, President Biden will press U.S. allies to help impose even more aggressive sanctions on Russia.

Russia planning lightning advance to encircle Ukrainian army and claim victory (The Telegraph) Build-up of navy forces in Black Sea which appear ready to launch attack on Odesa could be a feint, warn experts

Before and after: the pictures that show how war has devastated the historic cities of Ukraine (The Telegraph) From the horror seen in Mariupol to sandbags in the streets in Odesa, we track how the war has changed the country

Trapped on the 11th floor, survivors of Kyiv towering inferno thought help would never come (The Telegraph) One family’s tale of being pulled to safety was recounted all over the capital, devastated from another day of relentless Russian onslaught

4 weeks, still defiant: Ukraine fights into 2nd month of war (AP NEWS) One month of war, still defiant. With its government still standing and its outnumbered troops battling Russian forces to bloody stalemates in multiple places, Ukraine is scarred, wounded, mourning its dead but far from beaten as it braces for a second month of bombing, combat, casualties and resistance.

Russian news site claims it was ‘hacked’ after revealing 9,800 troops died in Ukraine (Task & Purpose) That number includes at least five generals

As Mariupol hangs on, the extent of the horror not yet known (AP NEWS) As Mariupol’s defenders held out Monday against Russian demands that they surrender, the number of bodies in the rubble of the bombarded and encircled Ukrainian city remained shrouded in uncertainty, the full extent of the horror not yet known.

100,000 civilians trapped in Mariupol amid Russia’s ‘constant bombing’, says Zelenskiy (the Guardian) Ukraine president says conditions are ‘inhumane’ in devastated southern city, and accuses Russian forces of seizing convoy on humanitarian corridor

Latest pictures from Ukraine: Mariupol refuses to surrender despite Russia’s ultimatum (The Telegraph) Ukraine rejects Kremlin’s demands to lay down arms in besieged city

How Vladimir Putin could use chemical weapons to break the siege of Mariupol (The Telegraph) American warnings Russia raise fears for the future of besieged city

As Russian forces retreat, fears grow that desperate Vladimir Putin could unleash chemical weapons (The Telegraph) ‘Clear signs’ Putin considering use of weapons of mass destruction in Ukraine because his ‘back is against the wall’, Joe Biden warns

How Ukraine’s Outgunned Air Force Is Fighting Back Against Russian Jets (New York Tines) Each night, Ukrainian pilots like Andriy loiter in an undisclosed aircraft hangar, waiting, waiting, until the tension is broken with a shouted, one-word command: “Air!”

Russian air force action increases despite flood of antiaircraft missiles into Ukraine (Washington Post) The air war over Ukraine appears to have entered a new phase, with the Russian air force boosting the number of flights it makes per day by 50 percent and deploying an increasing array of Russian drones and munitions over the battlefield, according to U.S. defense officials and military analysts.

Russia’s Alleged Use of First Hypersonic Missile in Combat Downplayed by US Military and Allies ( Hypersonic missiles, which can travel five times the speed of sound, have inspired worry among U.S. officials and defense industry experts.

New Videos Show Russian Navy Firing 8 Naval Cruise Missiles From the Black Sea (USNI News) The Russian Navy fired eight long-range naval cruise missiles from a guided-missile warship near the Black Sea port of Sevastopol, according to multiple videos of the launch on several posts on social media. Several posts on Instagram and Telegram show a video of eight missiles launching from a ship operating off the coast of Crimea …

Vladimir Putin is now borrowing freely from Stalin’s playbook (The Telegraph) The harrowing treatment of Mariupol’s civilians recalls the mass deportations ordered by Russia’s Soviet leader to crush resistance

Analysis: Why Putin is mercilessly targeting civilians even as Zelensky pleads for peace talks (CNN) Ukrainian President Volodymyr Zelensky is issuing his most fervent appeal yet for ceasefire talks with Vladimir Putin, but the so-far immovable Russian President is delivering a ruthless response by escalating atrocities against civilians.

What If Russia Makes a Deal? (Foreign Affairs) How to end a war that no one is likely to win.

‘Winging It’: Russia Is Getting Its Generals Killed on the Front Lines (Foreign Policy) Russian generals have had to lead from the front because its amateur army can’t move otherwise.

As Russia Stalls in Ukraine, Dissent Brews Over Putin’s Leadership (New York Times) Military losses have mounted, progress has slowed, and a blame game has begun among some Russian supporters of the war.

Amid Russia’s new crackdowns, small signs of defiance emerge (AP NEWS) When Alexei Navalny was arrested in January 2021, tens of thousands of Russians filled the streets in protest, demanding that the top Kremlin critic be released and chanting slogans against President Vladimir Putin.

Russia warns it will target Western weapons convoys in Ukraine (The Telegraph) Supplies of anti-tank and anti-aircraft missiles, rifles and body armour have been flooding into Ukraine, bolstering the resistance effort

Putin drank the Kremlin Kool-Aid (Atlantic Council) Russian President Vladimir Putin drank the Kremlin Kool-Aid and seems to have sincerely believed his disastrous Ukraine war would be an imperial triumph with minimal costs on the domestic and international fronts.

Opinion | The Grand Theory Driving Putin to War (New York Times) The goal, plainly, is empire.

Putin Made a Profound Miscalculation on Ukraine (New York Times) Ukraine is once again at the center of a potentially global conflict.

Vladimir Putin’s criminal war has killed the myth of Russian-Ukrainian unity (Atlantic Council) The Russian invasion of Ukraine was meant to secure Vladimir Putin’s place in history and reunify what Moscow views as the divided lands of historic Russia. Instead, it has killed the myth of Russian-Ukrainian unity.

Opinion | Russia Will Remake Itself. But It Has to Crumble First. (New York Times) We will rebuild Russia, of course, slowly and patiently, just like the generation before us. But not before this one crumbles first.

Putin’s bombers could devastate Ukraine but he’s holding back. Here’s why (Newsweek) The Russian leader has to keep destruction and pressure at a very careful, just-bad-enough level to not draw in NATO but push Ukraine to negotiate.

How Russian mothers could change the course of the war (The Telegraph) As the sole group with the moral authority to challenge Vladimir Putin, it is their voices raised in horror that are shaking the Motherland

Opinion | Would a Russian Coup Solve Anything? (Wall Street Journal) Putin’s successor would face the same political and geographic conditions that led him to confrontation.

Israel blocked Ukraine from getting potent Pegasus spyware (Washington Post) Worries about Russia drove Israel’s decision to keep the surveillance technology out of the hands of the Ukrainian government

Ukraine war has put our relationship with US at breaking point – Russia (Daily Post Nigeria) The Ukraine conflict has brought Russia-United States relations to breaking point, according to Russian Deputy Foreign Minister Sergei Ryabkov. Ryabkov

Kremlin dismisses U.S. warning of potential Russian cyber attacks (Reuters) The Kremlin on Tuesday rejected U.S. warnings that it may be preparing to conduct cyber attacks in response to Western sanctions, and said it did not engage in “banditry”.

As Biden puts US on alert, Russia seeks talks to help prevent cyber war (Newsweek) “The main task is not to frighten each other with digital means,” Russia’s top cyber diplomat said, “but to try to reach agreements before it is too late.”

U.K. echoes Biden warning on Russian cyberattacks (The Record by Recorded Future) The United Kingdom’s top cyber authority on Tuesday backed the Biden administration’s call for vigilance and beefed up security against potential Russian digital attacks as Moscow’s invasion of Ukraine grinds to a stalemate.

Biden: Russia mulling cyberattacks on US (C4ISRNet) “As I said, the magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming,” President Joe Biden said March 21.

Biden warnt vor russischen Cyberattacken (Funkschau) Die Regierung von US-Präsident Joe Biden befürchtet digitale Racheakte aus Russland und hat deshalb wichtige Unternehmen und Infrastruktur-Anbieter dazu aufgerufen, sich gegen entsprechende Cyberangriffe zu wappnen.

National Security Advisor details new intelligence on potential Russian cyberattacks (FOX 5 DC) The White House is ramping up its warnings that Russia could soon launch cyberattacks against the U.S. in response to their invasion of Ukraine, and there are concerns Russia has already laid the groundwork.

The Threat of Russian Cyberattacks Looms Large (The New Yorker) So far, the Russian invasion of Ukraine has not involved the sort of devastating cyberattacks that many anticipated. But it’s not clear why, or whether that pattern will hold.

FBI sees growing Russian hacker interest in US energy firms (AP NEWS) The FBI is warning that it has seen increased interest by Russian hackers in energy companies since the start of Russia’s war against Ukraine, though it is offering no indication that a specific cyberattack is planned.

Cyberattack threat: ‘No one is prepared’ for Russian retaliation, expert says (Yahoo) Silverado Policy Accelerator Chairman Dmitri Alperovitch joins Yahoo Finance Live to discuss the threat of Russian cyberattacks on the U.S. and its allies following financial sanctions on Russia.

CISA Call with Critical Infrastructure Partners on Potential Russian Cyberattacks Against the U.S. (YouTube) On the three-hour call, CISA Director Jen Easterly, Deputy Executive Assistant Director for Cybersecurity Matt Hartman, and Tonya Ugoretz, Deputy Assistant D…

CISA highlights new reporting hotline amid warnings about potential Russian cyber attacks (Federal News Network) CISA is highlighting several tools amid warnings from the White House about potential Russian cyber attacks.

Bolster Cyberresilience Against Ukraine Conflict Crossfire (Security Boulevard) In the June 2017 NotPetya attack, a Russian cyberattack targeting Ukraine, French company Saint-Gobain was forced to halt operations resulting in the loss

US, Ukraine quietly try to pierce Putin’s propaganda bubble (AP NEWS) The U.S. and Ukraine have knocked back Russian President Vladimir Putin’s efforts to falsely frame the narrative of his brutal war, but they are struggling to get a more accurate view of the Kremlin’s invasion in front of the Russian people.

UK slams Russia after officials duped by hoax video calls (AP NEWS) Britain accused Russia of spreading misinformation on Tuesday by posting doctored clips of the U.K.’s defense chief speaking to a hoaxer posing as Ukraine’s prime minister. Two videos of Defense Secretary Ben Wallace speaking to the imposter were posted on the YouTube channel of Russian prankster duo Vovan and Lexus.

A TikTok video, an apology and allegations of disinformation: How Russia’s assault on Ukraine is inflaming German fears of hybrid warfare (Washington Post) The debunked video, describing an attack on a Russian-speaking boy in Germany, is the latest salvo in a battle over truth playing out in parallel with the war in Ukraine

Ukraine, Russia, and the Bear Hug of Authoritarianism (Foreign Policy) Of all the democracies that emerged in the collapse of the Soviet Union, Ukraine has suffered the most from Russian interference.

China’s Ukrainian Juggling Act Isn’t Over (Bloomberg) Xi Jinping may be forced to recalibrate his support for Vladimir Putin’s Russia. But that moment hasn’t yet come.

UK-Netherlands Cyber Dialogue 2022: joint statement (SystemTek) The UK and the Netherlands gave a joint statement following the annual Cyber Dialogue in London on 15th March 2022.

Ukraine Update: Zelenskiy Will Join NATO Summit Via Video Link (Bloomberg) Ukraine President Volodymyr Zelenskiy will take part via video in this week’s special NATO summit to discuss the Russian invasion, his spokesman said. Kyiv said evacuation of civilians from the besieged southern port of Mariupol continued, but about 100,000 people remain there under bombardment.

Biden seeks new sanctions, help for Ukrainians in Europe (AP NEWS) With Europe facing its most precarious future since World War II, President Joe Biden will huddle with key allies in Brussels and Warsaw this week as the leaders try to prevent Russia’s war on Ukraine from spiraling into an even greater catastrophe.

Biden to Unveil New Russia Sanctions, Energy Aid in Brussels (Bloomberg) President Joe Biden and allies meeting Thursday in Brussels are expected to announce both new sanctions against Russia over its invasion of Ukraine and fresh measures designed to keep the Kremlin from sidestepping existing economic penalties, the White House said.

WSJ News Exclusive | Biden to Sanction Hundreds of Russian Lawmakers, U.S. Officials Say (Wall Street Journal) The Biden administration is preparing sanctions on most members of Russia’s State Duma, the lower house of parliament, as the U.S. continues its crackdown on Moscow over its ongoing war against Ukraine.

This is NATO’s Casablanca Moment (The Cipher Brief) Cipher Brief Expert and former CIA Chief of the Central Eurasia Division Rob Dannenberg writes that this is NATO’s Casablanca moment

U.S. Grand Strategy After Ukraine (Foreign Policy) Seven thinkers weigh in on how the war will shift U.S. foreign policy.

Ukraine Update: Scholz Says Russian Economic Pain Only Beginning (Bloomberg) German Chancellor Olaf Scholz said Russia is only beginning to feel the harshest effects from sanctions and that more measures are on the way. Poland became the latest eastern European nation with plans to expel Russian diplomats.

Removing Russia from the European gas balance: A major role for Caspian gas (Atlantic Council) Exporting more Caspian gas to Turkey could free up precious LNG cargoes for consumption in the EU market. Three Caspian options in particular would go a long way to ensuring the EU can get out from under Russian gas hegemony.

Russian Crypto Trading Falls Even as Doubts Persist on Sanctions (Bloomberg) Exchange-based data show ruble-denominated trading is dropping. Lagarde says Russians are still trying to bypass sanctions.

Is Russia’s Largest Tech Company Too Big to Fail? (Wired) It took 20 years for Arkady Volozh to build Yandex into Russia’s Google, Uber, Spotify, and Amazon combined. It took 20 days for everything to crumble.

Italian public sector to replace Kaspersky products (SC Magazine) The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.

‘We’re going back to a USSR’: long queues return for Russian shoppers as sanctions bite (the Guardian) After an hour and a half queuing for sugar, or worse still fighting for it in a market, Russians are feeling the effect of shortages caused by an unprecedented cutoff from the world

U.S. Threat to Sanction China Is Spooking Other Nations in Asia (Bloomberg) U.S. warned China of consequences if it supports Russia in war. Indonesia, Thailand among countries concerned about sanctions.

Attacks, Threats, and Vulnerabilities

Microsoft, Okta Investigating Data Theft Claims (SecurityWeek) The Lapsus$ hacker group claims to have stolen information, including source code and customer data, from Microsoft, LGE and Okta.

Hackers hit authentication firm Okta, customers ‘may have been impacted’ (Reuters) Okta Inc , whose authentication services are used by companies including Fedex Corp and Moody’s Corp to provide access to their networks, said on Tuesday that it had been hit by hackers and that some customers may have been affected.

‘This Is Really, Really Bad’: Lapsus$ Gang Claims Okta Hack (Wired) Lapsus$ leaking Microsoft source code would be bad enough. Breaching Okta could be much, much worse.

Okta ‘identifying and contacting’ customers potentially affected by Lapsus$ breach (The Record by Recorded Future) Okta’s chief security officer David Bradbury released a statement on Tuesday afternoon saying Okta “has not been breached and remains fully operational.”

Okta Investigates Report of Security Breach, Says It Finds No Evidence of New Attack (Wall Street Journal) Identity-management provider Okta said a preliminary investigation found no evidence of ongoing malicious activity after hackers posted images they said were of the company’s internal systems.

Fury As Okta—The Company That Manages 100 Million Logins—Fails To Tell Customers About Breach For Months (Forbes) With $25 billion market cap and over 100 million customers, Okta is one of the biggest cybersecurity companies around. If it suffered a breach, it could have widespread ramifications, security experts warn.

Cloudflare’s investigation of the January 2022 Okta compromise (Cloudflare Blog) Today, March 22, 2022 at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result. We do not use Okta for customer accounts; customers do not need to take any action unless they themselves use Okta.

Updated Okta Statement on LAPSUS$ (Okta) This update was posted at 6:31 PM, Pacific Time. As we shared earlier today, we are conducting a thorough investigation into the recent LAPSUS$ clai…

Okta breached by Lapsus$, customer data exposed (CRN Australia) Ransomware gang posting breach claims on its Telegram channel.

Hackers hit authentication firm Okta, customers ‘may have been impacted’ (Reuters) Okta Inc , whose authentication services are used by companies including Fedex Corp and Moody’s Corp to provide access to their networks, said on Tuesday that it had been hit by hackers and that some customers may have been affected.

Lapsus$ hackers leak 37GB of Microsoft’s alleged source code (BleepingComputer) The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft’s internal Azure DevOps server.

Microsoft confirms Lapsus$ hackers stole source code via ‘limited’ access (The Verge) Microsoft says a single account was compromised.

Microsoft Confirms Hack by Lapsus$ Group (Decipher) Microsoft has confirmed that the Lapsus$ group gained “limited” access after the group leaked Bing, Bing Maps and Cortana source code.

Aktuelle Warnung: Cyberkriminelle veröffentlichen Quellcode von Microsoft (unn | UNITED NEWS NETWORK GmbH) Cyberkriminelle haben sich Zugang zu internen Systemen bei Microsoft verschafft und insgesamt 37 Gigabyte vertraulicher Daten ausgeleitet und veröffentlicht. Auch…

GOLD ULRICK leaks reveal organizational structure and relationships (Secureworks) Messages reveal collaboration and support among threat groups.

Details of Conti ransomware affiliate released ( Information about a new Conti affiliate has been released by eSentire and BreakPoint Lab after a joint investigation into the group’s indicators of compromise.

More can be done to curb misuse of Cobalt Strike, expert says (VentureBeat) HelpSystems should do more to combat the malicious use of its Cobalt Strike tool in ransomware attacks, a Red Canary researcher said.

QNAP Devices Targeted in New Wave of DeadBolt Ransomware Attacks (SecurityWeek) Censys warns that a new wave of DeadBolt ransomware attacks targets QNAP NAS products, with nearly 1,500 devices currently infected.

[New research] Subdomain takeovers are on the rise and are getting harder to monitor (Detectify Blog) As attackers use more sophisticated methods to infiltrate a company, it is becoming harder to monitor subdomain takeover, new research shows

Posing as GDPR information, attacker targets French organizations with backdoor (SC Magazine) The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.

Ransomware Encrypts Nearly 100,000 Files in Under 45 Minutes (Splunk-Blogs) Splunk SURGe Report reveals the need for ransomware prevention over response and mitigation.

An Empirically Comparative Analysis of Ransomware Binaries (Splunk) A lot has been written on ransomware, but many organizations continue to react tactically to these attacks instead of with mindful intent.

Bitdefender detects novel spam trends as fraudsters build repertoire of Ukraine charity scams (Hot for Security) Bitdefender researchers have been keeping a close eye on spam campaigns
piggybacking on the war in Ukraine in recent weeks.

$1.7M in NFTs Stolen From Crypto VC by Hackers (Vice) Attacks targeting crypto startups and investment funds have picked up in recent months.

Ransomware group attacks Scottish mental health charity (The Record by Recorded Future) A Scottish mental health charity is in the process of recovering from a ransomware incident after it was attacked last Thursday. 

Japanese Medical Consultation Platform Exposes Customer Images (SafetyDetectives) Intro
The SafetyDetectives cybersecurity team uncovered a data exposure affecting the Japanese medical Q&A service Doctors Me.
Doctors Me is a website that prov

Plainfield Town Computer System Hit by Ransomware Attack (NBC Connecticut) The Town of Plainfield’s computer system suffered a ransomware attack over the weekend, according to police. The attack is affecting the police department and some town administration computers, according to Deputy Police Chief William Wolfburg. Plainfield police currently have no access to electronic records, no access to view or download bodycam video, can’t perform fingerprinting services, and have limited telephone…

Security Patches, Mitigations, and Software Updates

High-Severity UEFI Vulnerabilities Patched in Dell Enterprise Laptops (SecurityWeek) Binarly has disclosed the details of several vulnerabilities that impact the UEFI of multiple Dell enterprise laptop models.

HP printers vulnerable to remote code execution (CRN Australia) Security bulletins of a potential issue with print and digital sending products.

Delta Electronics DIAEnergie (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Path Traversal, Incorrect Default Permissions, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution, causing a user to carry out an action unintentionally.

Delta Electronics DIAEnergie (Update B) (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Delta Electronics
Equipment: DIAEnergie
——— Begin Update A Part 1 of 3 ——— 

NCC Group Monthly Threat Pulse – February 2022 (Mynewsdesk) We’ve identified that the number of victims of double extortion ransomware attacks increased 52.89% between January and February, representing a marked exit…

2021 Thales Data Threat Report (Thales) The 2021 Thales data threat report reveals various aspects of data security challenges and trends in the era of accelerated cloud transformation and remote work

2022 The State of Cyber Assets Report Reveals Security Vulnerabilities (PR Newswire) The 2022 State of Cyber Assets Report (2022 SCAR) conducted by JupiterOne, the industry’s leading cyber asset attack surface management (CAASM)…

How Shame Defines Our Digital Lives (Wired) In the pre-internet age, an embarrassing moment might have generated some jokes among friends. But today, a single slip can turn into a global event.

Shipping’s ‘culture of secrecy’ makes it more vulnerable to cyber-attacks (The Loadstar) Rather than being particularly attractive as a target for cyber-criminals, it is the shipping industry’s internal behaviour that poses the biggest risks, a cyber security expert has told The Loadstar. A survey into cyber-attacks on the maritime industry by CyberOwl and law firm HFW, collating findings from 200 C-suite respondents, found that only 3% reported that their company had paid a ransom – yielding a scary, but statistically insignificant, ‘average’ payout …

Styra Report Finds Rapid Cloud-Native and Open-Source Adoption is Shifting Security Responsibilities Across Teams (Business Wire) Styra, Inc., the creators and maintainers of Open Policy Agent (OPA) and leader of cloud-native authorization, today released results of a new “2022 C


F-Secure launches WithSecure, spinning off entire enterprise portfolio (IT PRO) After years of trying to integrate business and consumer streams, F-Secure signals a complete split will help both new entities focus on their customers and industry relevance

Exclusive: Investors Still See Potential In Kubernetes As Spectro Cloud Locks In $40M Series B (Crunchbase News) Spectro Cloud closed a $40 million Series B led by Stripes, as the company looks to help companies build on the open-source Kubernetes platform.

Application Security Firm ForAllSecure Raises $21 Million (SecurityWeek) ForAllSecure raises $21 million to accelerate growth, hire new talent, and build a solution to secure open source projects.

SSE Company Skyhigh Security Emerges From McAfee Enterprise (SecurityWeek) Symphony Technology Group announces the launch of SSE company Skyhigh Security after McAfee Enterprise has been split into two organizations.

Private equity firm that created Trellix spins off another cyber business, Skyhigh Security (CyberScoop) Skyhigh is essentially the last piece of the puzzle created by Symphony Technology Group’s shakeup of several big cybersecurity brands.

Former McAfee-FireEye SSE portfolio now Skyhigh Security (Register) CEO chats to us about zero trust, data protection, and more

Cybersecurity Startup ThreatBlockr Announces New Identity and Over $5 Million in Additional Funding to Power the Next Generation of Active Threat Defense (Yahoo) Formerly Bandura Cyber, the innovative, autonomous active defense security solution also added two new key executivesTYSONS, VA / ACCESSWIRE / March 22, 2022 /ThreatBlockr®, the autonomous cyber intelligence and active threat defense platform, today announced its new brand identity and $5 million in funding. This funding round was led by Gula Tech Adventures, Tenfore Holdings, Saul Holdings and Lord Baltimore Capital Partners.

Tanium Cloud Customers Grow More Than 300% Year over Year (Yahoo) As organizations around the world gathered their diminishing IT resources to identify and remediate the critical level Log4J vulnerability with CVSS score 10, Tanium Cloud, the only multi-OS endpoint management and security platform that requires zero infrastructure, enabled customers to quickly roll out new capabilities that thwarted the exploit in a matter of minutes. Tanium achieved more than 300% year-over-year growth in Tanium Cloud customers and noted a 5X

Cyber Security ETFs are spotlighted as the FBI raises awareness against Russian hackers (SeekingAlpha) Cyber security exchange traded funds come front and center as markets evaluate the news from the FBI as they warn organizations against Russian hackers.

Toronto, the Quietly Booming Tech Town (New York Times) For all the excitement around places like Austin and Miami, the biggest tech expansion has been in Canada’s largest city.

Akamai Recognized as a Leader in the ‘IDC MarketScape: Worldwide Commercial Content Delivery Network Services 2022 Vendor Assessment’ (Yahoo) Akamai Technologies (NASDAQ: AKAM), the world’s most trusted solution to power and protect digital experiences, has again been recognized as a Leader in the IDC MarketScape: Worldwide Commercial Content Delivery Network Services 2022 Vendor Assessment. The IDC MarketScape noted Akamai’s balanced and comprehensive portfolio, and an appetite for innovation among the capabilities and differentiators that helped position it in the Leaders Category.

Meet KnowBe4, a 2022 Best Places to Work honoree (Tampa Bay Business Journal) KnowBe4 is a publicly-traded cybersecurity company headquartered in Clearwater.

Aryaka Recognized in Top 7 for Fourth Consecutive Year in 2021 U.S. Carrier Managed SD-WAN LEADERBOARD by Vertical Systems Group (Business Wire) Aryaka, the leader in fully managed Cloud-First WAN solutions, today announced the company maintained its number seven position on Vertical Systems Gr

Trulioo Appoints Reno Mathews as First Chief Compliance Officer (Business Wire) Trulioo appoints Reno Mathews as the company’s Chief Compliance Officer. Mathews is a former executive at Google and most recently Meta.

Ionir Bolsters Leadership Team with Two New Executives (PR Newswire) ionir today announced the hiring of two new executives, Tad Lebeck as senior vice president of product development and Barak Azulay as vice…

GrammaTech Appoints Dan Goodwin Head of Cybersecurity Research Division (Business Wire) We are committed to expanding our research organization, which develops important advancements for various government agencies.

Cerberus Sentinel Appoints New Chief Information Security Officer to Executive Team (GlobeNewswire News Room) U.S. cybersecurity services firm adds experienced CISO from Booz Allen…

Products, Services, and Solutions

LastPass Business Announces New Integrations with PingOne and PingFederate for Enterprise Companies (GlobeNewswire News Room) Now integrates with all major identity providers to reduce implementation lift for IT teams…

Checkmarx Launches Industry’s Most Comprehensive Supply Chain Security Solution to Help Organizations Block Previously Undetectable Malicious Open Source Packages (PR Newswire) Checkmarx, the global leader in developer-centric application security testing (AST) solutions, today announced the launch of the Checkmarx…

Viakoo Extends Zero Trust to IoT Through Automation With New Device Certificate Manager (PR Newswire) Viakoo, the leader in IoT vulnerability remediation, today announced the release of its Device Certificate Manager (DCM) as a part of the…

GTT Launches Secure Connect to Enhance Enterprise Cloud Security (GlobeNewswire News Room) GTT Secure Connect offering leverages the SASE (Secure Access Service Edge) framework, augmenting GTT’s portfolio of Secure Networking Services Addresses…

Sequitur Labs Releases Turnkey Solution to Simplify Protection of Edge AI Models Powered by the NVIDIA Jetson Platform (Business Wire) Sequitur Labs Releases Turnkey Solution to Simplify Protection of Edge AI Models Powered by the NVIDIA Jetson Platform

Kaspersky to consolidate local distribution with Leader after Dicker Data exit (CRN Australia) Dicker to drop vendor on 30 April 2022.

Zscaler Unveils Industry-First Security Service Edge Innovations to Protect Enterprises from the Most Sophisticated Cyber Attacks (GlobeNewswire News Room) Advancements to the Most Deployed ZTNA Solution Strengthen the Zscaler Zero Trust Exchange with New Private App Protection, Deception, and Privileged…

Avosec Partner with Ukraine security company Zillya! ( 21 03 2022 London Founded in 2002 as an IT Security Distributor Avosec has an excellent reputation for Partnering with award winning solutions We offer our solutions to Resellers across Europe and worldwide providing them with remote technical assistance project …

Juniper takes Apstra and IBN to edge data centers (Light Reading) Juniper’s latest version of Apstra to support smaller edge data centers comes in response to enterprise customers’ increased use of edge data centers for applications such as industrial automation and augmented reality.

GitLab 14.9 released with epic to epic linking and integrated security training (GitLab) Today, we are excited to announce the release of GitLab 14.9 with epic to epic linking, integrated security training, a new Environments page design, rule mode for scan result policies and much more!

Secure Code Warrior Launches Integration With GitLab to Help Developers Build and Release Secure Software Faster (Business Wire) Secure Code Warrior, the global developer driven security leader, today announced it has joined GitLab Inc.’s global partner program. As part of the p

Invixium Debuts High Performance, Competitively Priced IXM TFACE Biometric Solution to North American Market at ISC West 2022 (Invixium) Delivers Perfect Balance of Affordability and Biometric Accuracy for General Purpose Access Control and Workforce Management Applications

DIGISTOR® Poised to Receive Common Criteria Certification for FIPS Self-Encrypting Drives in 2022 (The Bakersfield Californian) DIGISTOR®, a leading provider of secure Data At Rest (DAR) storage solutions, announced it is in the validation stage of the Common Criteria (CC) certification process. Once achieved, its FIPS 140-2 L2 Self-encrypting Drives (SEDs) will be the only products offering this class of security in the market, making it the de facto standard for companies needing to validate their secure DAR solutions.

Technologies, Techniques, and Standards

NSA on How to Harden Kubernetes (The New Stack) The National Security Agency (NSA) has issued guidelines on how to make Kubernetes environments more secure.

CEOs: How to withstand potential cyber conflict (VentureBeat) While it’s uncertain if Russia is behind recent cyberattacks, one thing is certain: American companies and security teams need to be ready.

Three steps to secure an organization during mergers and acquisitions (Help Net Security) While merger and acquisition transactions create great business opportunity, they can have undetected exposed vulnerabilities.

6 questions CISOs should ask if their cybersecurity vendor is acquired (CSO Online) M&A activity in the cybersecurity industry is at record levels, and that could have a negative impact on your investment in tools and platforms.

Rapid7 : 8 Tips for Securing Networks When Time Is Scarce (Market Screener) “At this particular mobile army hospital, we’re not concerned with the ultimate reconstruction of the patient. We only care about getting the kid out of here alive enough for someone else to put on the fine touches. We work fast and we’re not dainty, because a lot of these kids who can stand 2 hours on the table just can’t stand one second more. We try to play par surgery on this course. Par is a live patient.” – Hawkeye, M*A*S*H

Modernization of crypto isn’t the core mission for DoD and the IC, it’s what enables the mission (Breaking Defense) Modernizing cryptographic systems is a lot more complicated than a software patch or iOS update, and oftentimes unfunded, but is vital to securing the nation’s most important secrets.

Design and Innovation

Vade Develops New Method to Avoid Detection by Phishing Kits (Vade Secure) Vade Develops New Method to Avoid Detection by Phishing Kits


Ethical Hacking Taught by University to Boost Cybersecurity | CSUF News (CSUF News) To promote cybersecurity, CSUF is equipping students with ethical hacking skills via the Offensive Security Society club and hands-on practice.

Legislation, Policy, and Regulation

EU proposes cybersecurity rules for EU bodies amid cyberattack worries (Reuters) EU countries should put in place a framework to manage cybersecurity risks at EU institutions, the European Commission said on Tuesday, amid concerns about rising cyberattacks that could disrupt key activities and steal sensitive information.

Greater balance needed in AU Critical Infrastructure Bill (IT Brief Australia) The proposed measures go too far and need stronger guardrails, otherwise they could adversely affect Australia’s critical infrastructure operators.

Nakasone nixes the idea of an info-ops sub command (FCW) Gen. Paul Nakasone, the commander of U.S. Cyber Command, told lawmakers he wanted to integrate more personnel trained in information operations into cyber teams.

Ice Miller Cybersecurity Law Snapshot: Biden Signs into Law Critical Infrastructure Ransomware Payment and Cyber Incident Reporting (Lexology) On March 15, 2022, President Biden enacted, through an omnibus spending package, the Cyber Incident Reporting for Critical Infrastructure Act of 2022…

Congress wants regular updates from FAA on any issues that arise from 5G growth (Federal News Network) House lawmakers are pressing the FAA on what it’s doing to ensure safety as commercial companies roll out 5G wireless services.

Litigation, Investigation, and Law Enforcement

China’s ZTE exits probation after U.S. court ruling, shares soar (Reuters) China’s ZTE Corp , saw its shares soar as much as 60% in Hong Kong on Tuesday after the telecommunications equipment maker completed five years of probation in the United States, marking the end of a U.S. criminal case.

Russian court finds jailed Kremlin critic Navalny guilty of fraud (Reuters) A Russian court found jailed Kremlin critic Alexei Navalny guilty of large-scale fraud and contempt of court on Tuesday, a move likely to extend by years the time that President Vladimir Putin’s most prominent critic spends in jail.

‘Spam Nation’ Villain Vrublevsky Charged With Fraud (KrebsOnSecurity) Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “Spam Nation,” was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and…

The secret police: Inside the app Minnesota police used to collect data on journalists at protests (MIT Technology Review) Intrepid Response is a little-known but powerful app that lets police quickly upload and share information across agencies. But what happens to the information it collects?

Is Cyber Insurance an Invitation to Cybercriminals? (CSO Online) Anecdotal evidence suggests that cybercriminals are quite adept at finding out which organizations have cyber insurance. This is helpful to them because they know that insured organizations are more likely to pay a ransom.

The SEC won’t free Elon Musk from his “Twitter sitter” (Quartz) In a court filing the agency asked a federal judge to keep in place an agreement to oversee Musk’s tweets.

Wales and London No 1 Place in the UK Affected by Cybercrime (Business News Wales) Wales is officially the number one place in the UK (alongside London) where people are most affected by cybercrime according to a study by the University

Gadsden man faces child pornography charges after cyber tip (The Gadsden Times) David Trimble faces child pornography charges after a cyber tip led to an investigation and search of his home, according to Sheriff Jonathon Horton.

Original Source link

Leave a Reply

Your email address will not be published.

40 + = forty eight