Trolling and doxing in a hybrid war. Borat RAT. US State Dept. cyber bureau. CISA and the supply chain. Lapsus$ arraignments. | #cybersecurity | #cyberattack

Dateline Moscow, Kyiv, Mariupol, Bucha: Russian withdrawal, with atrocity and disinformation in its wake.

Ukraine at D+39: Pivot to the Donbas and the Black Sea. (The CyberWire) News of Russia’s war against Ukraine is dominated, as the week opens, by accounts of atrocities that have come to light as Russian forces retreat from areas they’d occupied in the northern parts of the country around the capital.

What Happened on Day 39 of the War in Ukraine (New York TImes) The devastating toll of the war became clearer as Russian forces withdrew from around Kyiv. World leaders promised more sanctions.

Images show thick plumes of smoke over Odesa as Russian sea and air missiles strike Ukraine’s most important port city (Business Insider) The Russian defense ministry said that it targeted oil facilities near the Ukrainian city Odesa with “high-precision sea and air-based missiles.”

The week that turned the war: How Ukraine fought back the Russian advance (The Telegraph) Vladimir Putin looks more isolated than ever as his forces suffer a series of shocking setbacks on the battlefield

Mystery Surrounds Russia Oil Site Strike Blamed on Ukraine, Claimed By None (Newsweek) Abrazen attack against a Russian oil depot in the border region of Belgorod has elicited international attention but few answers, as Ukrainian officials deflected accusations of their country’s involvement in the attack and some even alleged Moscow itself had staged the strike.

Russian War Report: Videos appear to show missiles striking Russian oil depot (Atlantic Council) Video surfaced showing a possible attack on a Russian oil depot in Belgorod. Elsewhere, a Russian official threatened Azerbaijan with nukes.

Ukrainian helicopters raid oil depot in Russian city: reports (Military Times) The Mi-24 helicopters can be seen launching missiles at the depot in videos posted to social media.

Friendly fire blunders, confusion, low morale: why Russia’s army has stalled (the Guardian) Analysis: The Ukraine invasion has far exceeded the capacity of Putin’s forces. An expert explains how they have fallen short in the field

Russian forces pull back from Kyiv, exposing horrors of war (Washington Post) Ukrainian troops recaptured territory around Kyiv on Saturday as Russian forces pulled back from towns they had seized in the opening days of the war and left in their wake scenes of destruction and horror, including the abandoned bodies of dead civilians.

Liberated villagers weep with joy as Ukrainian soldiers push back humiliated Russian forces (The Telegraph) Rapid retreat from the capital came days after Moscow announced it would reduce its operations around Kyiv in order to foster trust

Russia now synonymous with Bucha killings, says Zelenskiy (the Guardian) Ukraine president says worse atrocities may yet be found elsewhere as satellite images show mass grave near church in Bucha

Ukraine accuses Russia of massacre, city strewn with bodies (AP NEWS) Bodies with bound hands, close-range gunshot wounds and signs of torture lay scattered in a city on the outskirts of Kyiv after Russian soldiers withdrew from the area. Ukrainian authorities accused the departing forces on Sunday of committing war crimes and leaving behind a “scene from a horror movie.”

Corpses “all over” streets, yards as Russia retreats from Kyiv area: Report (Newsweek) “Russians are shooting civilians after tying their hands behind their backs,” one journalist wrote. “Mass graves are full of unidentified bodies.”

Streets of Bucha found strewn with corpses after Ukrainians retake strategic town (The Telegraph) Russia has been accused of committing war crimes after hundreds of Ukrainians were found dead in the town north-west of Kyiv

Ukrainian Troops Find 410 Massacred Civilians, Some Bound and Shot, After Liberating City (Time) Bodies with bound hands, close-range gunshot wounds and signs of torture lay scattered in Bucha on the outskirts of Kyiv after Russian soldiers withdrew from the area.

Rape as a weapon: huge scale of sexual violence endured in Ukraine emerges (the Guardian) Women and girls have recounted the abuse they have suffered at the hands of Russian soldiers

Russian retreat from Kyiv reveals extent of evil atrocities committed against civilians (The Telegraph) The full horror of torture, burnings, executions and mass graves of Ukrainians trapped behind enemy lines is exposed

Analysis: Latest atrocities in Ukraine were inevitable and won’t be the last (CNN) Never again, the phrase often uttered after crimes against humanity, in practice, almost never means never again.

Russia denies killing civilians in Ukraine’s Bucha (Reuters) Russia on Sunday denied Ukrainian allegations that it had killed civilians in the Ukrainian town of Bucha, describing footage and photographs of dead bodies as a “provocation” and a “staged performance” by Kyiv.

Russia calls Security Council meeting over Bucha (RT International) Moscow has demanded a meeting of the UN Security Council after Ukraine accused Russian troops of killing scores of civilians outside Kiev

Signs of massacre in Bucha spark calls for war-crime probes (Washington Post) Ukrainian officials said they have asked the International Criminal Court to visit the mass graves seen in Bucha, a suburb northwest of Kyiv, so that experts can gather evidence of possible Russian war crimes.

Russia faces growing outrage amid new evidence of atrocities (AP NEWS) Russia faced a fresh wave of condemnation on Monday after evidence emerged of what appeared to be deliberate killings of civilians in Ukraine. Some Western leaders called for further sanctions in response to the alleged atrocities, even as Moscow continued to press its offensive in the country’s east.

World leaders vow to hold Russia accountable for Bucha atrocities (Washington Post) The discovery of civilians’ bodies on the streets of Bucha, a suburb of Kyiv, has sparked international condemnation, calls for an investigation into possible Russian war crimes and vows that new sanctions are coming.

Blinken: growing evidence of Russian atrocities in Ukraine a ‘punch to the gut’ (the Guardian) Secretary of state promises US will join allies in documenting atrocities and hold perpetrators accountable

EU weighing new Russia sanctions after Bucha ‘atrocities’ (AL Jazeera) Spanish Prime Minister Pedro Sanchez says he has seen signs of a possible ‘genocide’ in Bucha as UN chief demands probe.

Live: Macron says ‘clear indications’ of war crimes in Bucha, more sanctions needed (France 24) French President Emmanuel Macron said on Monday that more sanctions on Russia were needed after Ukraine accused Russian forces of the killing of civilians in the Ukrainian town of Bucha. Moscow denie…

Bucha: U.S. Congress reacts to Russia’s alleged Ukraine massacre (Newsweek) Ukrainian authorities said civilians in Bucha, near Kyiv, were “executed arbitrarily” by Russian forces.

‘They executed civilians’: Survivors in Ukraine’s liberated towns recount violence of retreating Russians (The Telegraph) Russian troops are accused of planting land mines and targeting civilians as they pull back from around Kyiv

Condemning Russian War Crimes in Real Time Can Save Lives (World Politics Review) There has been much enthusiasm lately for a future tribunal to hold Russia accountable for its apparent war crimes in Ukraine. But before getting carried away by the siren call of international justice, it is important to focus on the immediate impact of public condemnations and documentation.

In eastern Ukraine, the epicenter of the war, a brutal fight rages (Washington Post) This town is slowly fading away. Most residents have fled after nearly a decade of bloody conflict since Russian-backed separatists in the eastern Ukrainian provinces took up arms against the Ukrainian state. One morning this week, a half dozen elderly women, some of the remaining 1,500 residents in town, huddled outside the only church in the village.

Estonian formin: Russia trampling on intl law, UN Charter is a threat to everyone (Baltic Times) On Friday, the Estonian Ministry of Foreign Affairs and the Estonian Foreign Policy Institute of the International Center for Defense …

Used as ‘cannon fodder’, the young Russians sent to their deaths in Ukraine (The Telegraph) Youngsters killed on the battlefield were ‘unprepared’ for the horrors of war

Hardcore Ukrainian soldiers resort to street fights as they endure ‘hell’ in Mariupol (The Telegraph) Members of the Azov Battalion are determined to protect the city as ‘it is the backbone of Ukraine’s defence’

Experts react: After Russia-Ukraine talks in Istanbul, is an end to war imminent? (Atlantic Council) Atlantic Council IN TURKEY asks experts for their perspectives on the talks and what they mean for Turkey.

Zelensky, entering new stage of war, faces political test (Washington Post) As the war grinds on and peace talks continue, the Ukrainian president confronts new challenges

Vladimir Putin ‘running out’ of missiles – because parts are made in Ukraine (The Telegraph) A substantial portion of fighter jet engines and tank components are made in Ukrainian factories, which no longer supply Russian forces

Russians booby-trapping homes as they retreat, claims Zelenskiy (the Guardian) Ukraine’s president says the Russians are leaving mines as they withdraw; central cities hit by new missile strikes

Russian soldier dies from radiation poisoning in Chernobyl (The Telegraph) Serviceman was part of a unit camped in the toxic nearby Red Forest, clueless about what they were being exposed to

Russians Likely to Encounter Growing Guerrilla Warfare in Ukraine (Foreign Policy) Kyiv says it plans to launch a coordinated campaign.

In Ukraine, I’ve seen the impossible become possible. The West hasn’t grasped that yet. (Atlantic Council) Atlantic Council editor Dan Peleschuk reflects on what it’s like watching stark realities unfold—and why policymakers should act now.

Estonia’s Prime Minister Says We’re Not Doing Enough to Stop Russian Aggression (Time) ‘If Putin wins, or if he even has the view that he has won this war, his appetite will only grow’

Putin-Zelensky meeting in Turkey now likely, says Ukrainian official (Newsweek) The statement comes as Russian forces have largely retreated from the area around Kyiv.

Oligarch Roman Abramovich persuaded the Russian government to hold peace talks over Zoom instead of in Belarus despite Kremlin’s security concerns, report says (Business Insider Africa) Russian oligarch Roman Abramovich is helping facilitate Russia-Ukraine peace talks

Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict (Security Affairs) This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Apr 02 – Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church Anonymous claims to have hacked the Russian Orthodox Church ‘s charitable wing and leaked 15 GB of alleged stolen […]

Insurers Urged to Stress Test Cyber Portfolios for Russian Attack Potential (Insurance Journal) Cyber risk and analytics firm CyberCube said it has seen cyber attacks on Ukrainian government services, infrastructure and other industries, and it urges

Remote Work May Make Employers More Vulnerable to the Threat of Russian Cyberattacks (Pre-Employ) Due to Russian cyberattacks threat, companies have introduced remote work policies but it looks like these policies are increasing the risk of getting hacked more. Find out why.

Russia Inches Toward Its Splinternet Dream (Wired) For years, the country has been trying to create its own sovereign internet—a goal given new impetus by the backlash to its invasion of Ukraine.

Russian internet Great Wall might require too much hardware (Fudzilla) Internet close to breaking point Russian plans to build a great wall of Moscow which will mean its citizens only hear what Tsar Putin and his glorious state broadcasters tell them, might fall flat because of a lack of hardware. TorrentFreak has been looking at Russia’s plans and reach the conclusion…

As Russia Plots Its Next Move, an AI Listens to the Chatter (Wired) With vast amounts of data becoming available to intelligence analysts, new tools will help them sift and interpret it all—but they will introduce new risks, too.

China accused of cyber-attacks on Ukraine before Russian invasion (the Guardian) UK investigating claims, but Ukrainian security service says it has ‘nothing to do with’ memos obtained by Times

DECODED – Did China Help Moscow Hack Ukraine & Share Critical Intelligence Before The Russian Invasion? (Eurasian Times) According to the intelligence memos obtained by Ukraine’s security service, the SBU said that the Chinese government launched cyber-attacks targeted at 600 websites belonging to the government and other key institutions, the British daily newspaper The Times reported. The security agency alleged that China appeared to have had advance notice of the invasion because the […]

Listen Now: Deputy national security adviser talks about the risk of Russia waging cyberwar (NPR One) National Security on NPR One | 6:38

Inside Cyber Front Z, the ‘People’s Movement’ Spreading Russian Propaganda (Vice) In an effort to win the information war, Kremlin allies have deployed a new kind of troll farm.

Ukraine Accuses Russia of Using WhatsApp Bot Farm to Ask Military to Surrender (Vice) Ukraine’s Security Service announced that it had disrupted a Russian operation that sent 5,000 messages to police and military officers asking to defect and surrender.

Ukraine intelligence leaks names of 620 alleged Russian FSB agents (Security Affairs) The Ukrainian Defense Ministry’s Directorate of Intelligence leaked personal data belonging to 620 alleged Russian FSB agents. The Ukrainian Defense Ministry’s Directorate of Intelligence has leaked the alleged personal data of 620 Russian FSB officers. Personal details leaked by the Ukrainian body include names, phone numbers, addresses, vehicle license plates, SIM cards, date and location […]

Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church (Security Affairs) Anonymous claims to have hacked the Russian Orthodox Church ‘s charitable wing and leaked 15 GB of alleged stolen data. Anonymous continues to target Russian government entities and private businesses, this week the group claimed to have hacked the private firms Thozis Corp and Marathon Group owned by oligarchs. Now the collective announced the hack of the […]

Data leak from Russian delivery app shows dining habits of the secret police (The Verge) The Yandex Food leak exposed the data of 58,000 users.

‘It’s like 1937’: Informants denounce anti-Ukraine war Russians (The Telegraph) Telephone hotlines and websites set up to enable ‘good citizens’ to inform on people Vladimir Putin describes as ‘traitors’

Cyber Espionage Actor Deploying Malware Using Excel (Bank Info Security) Researchers from Malwarebytes have found that cyber espionage actor UAC-0056, also known as SaintBear, UNC2589 and TA471, is now using a macro-embedded Excel

Russian government hackers linked to cyber attack on first day of Ukraine invasion (Sky News) On the same day that tanks and troops began pouring into Ukraine, a cyber attack knocked a satellite broadband company’s customers offline.

Turla Android Spyware From Russia Can Access Your Device’s Location, Record Audio, and More | Beware of This Malware (Tech Times) The Lab52 team found out that known Android spyware could be connected to a Russian state-sponsored hacking group known as Turla.

Russian-linked Android malware records audio, tracks your location (BleepingComputer) A previously unknown Android malware has been linked to the Turla hacking group after discovering the app used infrastructure previously attributed to the threat actors.

Regular web users unwittingly launch DDoS attacks on Ukraine (TechRadar) A malicious script hijacks browsers

Meet the frontline workers keeping the internet online in Ukraine (The Record by Recorded Future) On the morning of Feb. 24, Ukrainian Oleksandr Stadnyk woke up to the sound of explosions. 

Zelensky Blames War in Ukraine on World Being Soft on Putin (Newsweek) Ukrainian President Volodymr Zelensky argued Thursday that if the world had punished Russia for its earlier actions in the region, the invasion of Ukraine wouldn’t have happened. His comments came during a video appearance before the Australian Parliament.

‘Mindless’ killing in Ukraine won’t stop until Biden changes strategy (Newsweek) Russia and Ukraine both know they can’t achieve their military goals, but the U.S., focused on punishing Putin, isn’t moving to broker a deal.

Dictators like Putin surround themselves with liars and propaganda. That leads to very bad decisions | Robert Reich (the Guardian) Trump, Putin, Xi – these men aren’t stupid. But they have no way of eliciting, recognizing, or assessing useful criticism

How control freak Vladimir Putin is repeating Adolf Hitler’s mistakes (The Telegraph) The history-obsessed president might ponder how he has landed himself in a position not dissimilar to that of another great megalomaniac

Russian contempt for Ukraine paved the way for Putin’s disastrous invasion (Atlantic Council) The many miscalculations that paved the way for Vladimir Putin’s disastrous invasion of Ukraine are rooted in longstanding Russian ignorance of Ukraine and contempt for all things Ukrainian, writes Anders Åslund.

Vladimir Putin ‘visited by cancer doctor 35 times and bathes in deer antler blood’ (The Telegraph) Russian president is said to keep a thyroid specialist at his side and regularly take steroids as a treatment

A youthquake against Putin seems unlikely. The history of Soviet hippies shows why | Juliane Fürst (the Guardian) They created parallel universes without confronting the political order – although their satirical stance lives on, says Juliane Fürst of the Centre of Contemporary History at Potsdam

Red is dead: Russian anti-war protesters fly a new flag for peace (the Guardian) Seeing the tricolour as tainted, they took the ‘blood’ out to leave blue and white, then found others had done so too

Ukrainian civil society can help hold Russia accountable for war crimes (Atlantic Council) The quest for international justice over the ongoing Russian invasion of Ukraine is already underway and should seek to involve Ukrainian civil society, argues Danielle Johnson.

President Zelenskyy Gives Powerful Grammys Speech: ‘Our Musicians Wear Body Armor Instead of Tuxedos’ (Variety) Ukrainian president Volodymyr Zelenskyy appeared at the 64th annual Grammy Awards to give a pre-taped speech amid Russia’s continued invasion of his country. An insider confirmed the appearan…

NATO Intervention in Ukraine Won’t Spark World War III (Foreign Policy) A Western aversion to casualties and fears of Russian nuclear use are impeding NATO intervention against a vastly inferior opponent.

How Russia is turning into North Korea (The Telegraph) Flag-waving rallies, food shortages and a draconian crackdown on what people can see and say have swung Russia towards full totalitarianism

Australia to send armored vehicles to Ukraine after request (AP NEWS) Prime Minister Scott Morrison said Friday that Australia will send armored Bushmaster vehicles to Ukraine after President Volodymyr Zelenskyy specifically asked for them while appealing to Australian lawmakers for more help in Ukraine’s war against Russia.

Ukraine to get first wartime tank transfer in preparation for ‘heavy’ battles in east and south (Telegraph) In a significant strategy shift, US defence sources said America would would work with allies to transfer Soviet-made tanks

Pentagon commits another $300 million to Ukraine for security assistance (Washington Post) The Pentagon will provide up to $300 million in military supplies to Ukraine, including drones, armored vehicles and machine guns, as part of a broader effort to boost Ukrainian forces fighting Russia’s invasion.

White House sends protective equipment to Ukraine for chemical weapon attack (The Telegraph) The United States is providing Ukraine with supplies and protective equipment in case Russia deploys chemical or biological weapons, the White House has confirmed.

The West Is With Ukraine. The Rest, Not So Much. (Foreign Policy) Africa and Asia’s long-standing ties to Russia and resentments against Washington keep them on the fence—for now.

Pro-Putin Leaders in Hungary and Serbia Set to Win Re-election (New York Times) Viktor Orban declared victory, and Serbia’s Aleksandar Vucic seemed likely to emerge on top. Both pledged to stay out of Russia’s war in Ukraine.

Russia praises India’s neutral stance on Ukraine fighting (AP NEWS) Russia’s foreign minister lauded India for not judging in a “one-sided way” as he discussed Moscow’s military involvement in Ukraine with his Indian counterpart on Friday, after Washington urged New Delhi to use its leverage with Russia to end the war.

In Serbia, pro-Russia is seen as the winning election stance (AP NEWS) Serbian President Aleksandar Vucic, who has fostered close ties with Russia and refused to impose sanctions against Moscow for its invasion of Ukraine, is expected to extend his almost 10-year grip on power in the Balkan country when it holds national elections on Sunday.

China calls U.S. “leading instigator” of Russia, Ukraine conflict (Newsweek) “NATO should have been disbanded after the collapse of the former Soviet Union,” Chinese Foreign Ministry spokesperson Zhao Lijian said on Friday.

China Gas Buyers Seek Cheap Russian Fuel Shunned by the World (Bloomberg) Importers in discussions to buy Russian LNG at deep discount. Companies use cautious approach to avoid overseas backlash.

Germany says West to agree more sanctions on Russia after Bucha killings (Reuters) Germany has so far resisted calls to impose an embargo on energy imports from Russia, saying its economy and that of other European countries are too dependent on them.

EU must discuss import ban on Russian gas, Germany says (Reuters) Germany has so far resisted calls to impose an embargo on energy imports from Russia, saying its economy and that of other European countries are too dependent on them.

‘No hope for science in Russia’: the academics trying to flee to the west (the Guardian) Russian scientists are turning to partners abroad to help them escape, but face an uncertain future even if successful

‘A Nail In The Coffin’: Tech Workers Are Fleeing Russia And The Impact Will Last For Years (RadioFreeEurope/RadioLiberty) Start-up founder Sergei Krupnik, who left Russia shortly after it invaded Ukraine, is one of tens of thousands of IT workers who have fled the country. The exodus will have economic and cybersecurity ramifications for years.

As Russia sees tech brain drain, other nations hope to gain (AP NEWS) Russia’s tech workers are looking for safer and more secure professional pastures. By one estimate, up to 70,000 computer specialists, spooked by a sudden frost in the business and political climate, have bolted the country since Russia invaded Ukraine five weeks ago .

Putin’s war in Ukraine is devastating Russia’s economy, wiping out 15 years of growth and sending inflation skyrocketing (Business Insider) Russia’s economy is on track to shrink 15% this year by some estimates, dredging up memories of the dark days of the 1990s.

In targeted Russian economy, businesses operate without Western products (Washington Post) Sanctions and the withdrawal of foreign firms are hitting small businesses especially hard

Russian Ships Switch Flags at Record Rate on Sanctions Scrutiny (Bloomberg) Over three times usual number changed flags in March: Windward. Increase comes as Russia is sanctioned for invasion of Ukraine.

Russia is on pace to rake in $321 billion from energy exports this year as trade partners continue buying its oil and gas (Markets Insider) The $321 billion would mark an increase of more than a third from 2021, according to a Bloomberg analysis.

Putin Would Be Crazy to Cut Off Europe’s Gas. Or Desperate. (Bloomberg) The Russian president might find a way to rationalize a decision to halt exports, even if the consequences for his economy would be dire.

Europe needs a new energy option that isn’t Russia. It should turn to North Africa. (Atlantic Council) North Africa has the potential to play an even more substantial role in Europe’s energy mix, especially because of its massive solar resources.

The West must now wage total economic war against Vladimir Putin (The Telegraph) Sanctions are losing their potency and have failed to crush the Russian economy

They founded a $17.5 billion startup in Russia. Then a war broke out. Here’s how Miro cut ties with its homeland. (Business Insider) Miro, one of the world’s most valuable startups, is carefully distancing itself from its Russian homeland.

From Russia with money: Silicon Valley distances itself from oligarchs (Washington Post) A Putin youth leader-turned-investor once touted connections to wealthy Russians. Now she denies knowing ‘anyone.’

Europe should take aim at its true data threat: Russia (Atlantic Council) Over the past decade, the EU’s data overseers have focused almost monomaniacally on the United States. Russia’s war in Ukraine shows why that is the wrong approach.

Attacks, Threats, and Vulnerabilities

Two different “VMware Spring” bugs at large – we cut through the confusion (Naked Security) Whoever came up with the name “Spring4Shell” didn’t help at all… we cut through the Spring Bug confusion

VMware sprung by Spring4shell vulnerability (iTnews) Other big name vendors investigating.

Spring4Shell Zero-Day Vulnerability: While You’re Waiting for Your WAF (Kasada) Find out how we are protecting our customers against the Spring4Shell zero-day vulnerability, while they are waiting for their WAF to update.

Experts Insight On Spring4Shell Vulnerability (Information Security Buzz) Following the news that a new zero-day vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed, please see below comments from security experts.

Experts Warn Defenders: Don’t Relax on Log4j (SecurityWeek) Four months since the Log4j issue exploded onto the internet, all the major affected vendors have released patches – but even where companies have patched, security experts warn it’s a mistake to relax.

China-linked APT Deep Panda employs new Fire Chili Windows rootkit (Security Affairs) The China-linked hacking group Deep Panda is targeting VMware Horizon servers with the Log4Shell exploit to install a new Fire Chili rootkit. Researchers from Fortinet have observed the Chinese APT group Deep Panda exploiting a Log4Shell exploit to compromise VMware Horizon servers and deploy previously undetected Fire Chili rootkit. The experts observed opportunistic attacks against organizations […]

Cyber Attack in Greenland (High North News) Greenland’s self-rule authorities have been subject to a massive cyber attack during the past week and have suffered under extensive data problems, according to Sermitsiaq.

Social Engineering Remains Key Tradecraft for Iranian APTs (Recorded Future) Insikt group analyzed Iranian social engineering cases and methodologies to better understand typical targets, organizations, and objectives, and prepare for and preempt an attack by Iranian operators.

Iran’s Cyber Army: A Force of Disinformation for a Cursed Cause (NCRI) “We created new accounts on Twitter, using the persona of other Twitter influencers who were mainly counter-revolutionary activists. Ours just differed in

North Korea is linked to a cyberattack disguised as a Covid vaccine (WION) Hackers linked to North Korea were suspected of carrying out a cyberattack on South Koreans through emails disguised as official messages sent from a medical journal calling on recipients to book appointments for a new coronavirus vaccine, a South Korean cybersecurity company said in a statement Friday.

Chinese Hackers Are Abusing Log4Shell to Deploy Rootkits (GBHackers On Security) A new rootkit named Fire Chili has been deployed on VMware Horizon servers by the Chinese hacking group Deep Panda using the Log4Shell exploit.

New variant of Chinese Gimmick Malware targeting macOS users (InfotechLead) Researchers have now published the details of newly discovered macOS malware implants. According to a cybersecurity firm called Volexity

Borat RAT, a new RAT that performs ransomware and DDoS attacks (Security Affairs) Cyble researchers discovered a new remote access trojan (RAT) named Borat capable of conducting DDoS and ransomware attacks. Researchers from threat intelligence firm Cyble discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Unlike other RATs, the Borat RAT provides Ransomware and DDOS services […]

New Borat remote access malware is no laughing matter (BleepingComputer) A new remote access trojan (RAT) named Borat has appeared on darknet markets, offering easy-to-use features to conduct DDoS attacks, UAC bypass, and ransomware deployment.

Deep Dive Analysis – Borat RAT (Cyble) Cyble Research Labs analyzes Borat , a sophisticated RAT variant that boasts a combination of Remote Access Trojan, Spyware, Ransomware and DDoS capabilities.

15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks (The Hacker News) A 15-year-old account hijacking vulnerability has been disclosed in the PEAR PHP repository that could allow attackers to launch supply chain attacks.

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers (The Hacker News) Beastmode DDoS botnet is now exploiting recently disclosed TOTOLINK bugs in order to enslave more routers.

CrowdStrike finds ‘logging inaccuracies’ in Microsoft 365 (SearchSecurity) CrowdStrike researchers found a Microsoft 365 logging problem that could pose a security risk to enterprises.

New Vulnerabilities Allow Stuxnet-Style Attacks Against Rockwell PLCs (SecurityWeek) Researchers have discovered two serious vulnerabilities that can be exploited to launch Stuxnet-style attacks against PLCs from Rockwell Automation.

Dissecting Blackguard Info Stealer (Cyble) Cyble Research Labs analyzes the Blackguard Info Stealer, which currently has an extremely sophisticated variant out in the wild.

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums (The Hacker News) Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

Sitel on Okta breach: “spreadsheet” did not contain passwords (BleepingComputer) Okta’s outsourced provider of support services, Sitel (Sykes) has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack.

Text From Myself Scam Explained — You’re Not Going Crazy! (Trend Micro News) Received a suspicious text message that appears to have been sent from your phone number? If so, you’re not alone! And you’re not going crazy either — it’s one of the latest scams sweeping the country.

Sephora Warns Users of Data Breach (Infosecurity Magazine) Account holders in Asia-Pacific region impacted by Sephora’s data breach.

Services Giant Admits $42m Fallout from Ransomware Attack (Infosecurity Magazine) Atento case highlights the costs that can stem from serious breaches

Ronin Network Attacked Via NFT Game in One of the Biggest Breaches of a DeFi Platform (CPO Magazine) Decentralized finance (DeFi) networks are increasingly becoming a target of prime interest to cyber criminals, due to a variety of unique vulnerabilities. This phenomenon has once again been illustrated by a breach of the Ronin network, with the perpetrators attacking a bridge between it and the popular NFT game “Axie Infinity.”

Ola Finance DeFi platform hacked, nearly $5 million stolen (The Record by Recorded Future) Decentralized lending platform Ola Finance said it was hacked on Thursday morning, reporting that about $4.67 million in cryptocurrency was stolen. 

Nordex hit by cyber security incident, shuts IT systems (Reuters) Germany’s Nordex Group, which along with its subsidiaries, develops, manufactures and distributes wind power systems, has been hit by a cyber security incident since Thursday and has shut down its IT systems across multiple locations and business units to contain the issue, the company said on Saturday.

‘Computer Glitch’ Leads to Release of Over 100 Suspects from Harris County Jail (The Texan) A computer system outage brought the criminal justice system in the state’s largest county to a grinding halt and prompted a magistrate to order the release of more than 100 suspects.

CSI Laboratories and Christie Clinic Report Data Breaches; Scripps Health Sends Additional Notification Letters (HIPAA Journal) Conti Ransomware Gang Claims Responsibility for Cyberattack on CSI Laboratories Cytometry Specialists, Inc. doing business as CSI Laboratories in CSI Laboratories was the victim of a Conti Ransomware attack, Christie Clinic suffers an email account breach, and Scripps Health notifies additional patients about its May 2021 ransomware attack.

Nearly Two-thirds of Ransomware Victims Paid Ransoms Last Year, Finds “2022 Cyberthreat Defense Report” (Business Wire) CyberEdge Group, a leading research and marketing firm serving the cybersecurity industry’s top vendors, today announced the launch of its ninth annua

CISA adds seven bugs to Known Exploited Vulnerabilities Catalog (The Record by Recorded Future) The Cybersecurity and Infrastructure Security Agency (CISA) added seven vulnerabilities to its catalog of Known Exploited Vulnerabilities.

Security Patches, Mitigations, and Software Updates

Spring Releases Security Updates Addressing “Spring4Shell” and Spring Cloud Function Vulnerabilities (CISA) Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution (RCE) vulnerability CVE-2022-22963 as well as Spring Framework versions 5.3.18 and 5.2.20 to address RCE vulnerability CVE-2022-22965, known as “Spring4Shell.” A remote attacker could exploit these vulnerabilities to take control of an affected system.

Apple Releases Security Updates (CISA) Apple has released security updates to address vulnerabilities—CVE-2022-22674 and CVE-2022-22675—in multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected device. These vulnerabilities have been detected in exploits in the wild. CISA encourages users and administrators to review the security update page for the following products and apply the necessary updates as soon as possible:

Apple releases fixes for two zero-days affecting Macs, iPhones and iPads (The Record by Recorded Future) Apple published two notices on Thursday about two zero-day vulnerabilities affecting Macs, iPhones and iPads. 

Apple pushes out two emergency 0-day updates – get ’em now! (Naked Security) More Apple zero-days – mobile devices, laptops and desktops affected. Update now!

Trend Micro fixes actively exploited remote code execution bug (BleepingComputer) Japanese cybersecurity software firm Trend Micro has patched a high severity security flaw in the Apex Central product management console that can let attackers execute arbitrary code remotely.

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts (The Hacker News) DevOps platform GitLab has released software updates to fix a critical vulnerability that could allow attackers to hijack accounts.

Voice of the Modern Developer: Insights From 400+ Developers (Tromzo) Development sprints pressure software developers to produce more and more code quickly. Everyone wants secure code, but organizations do not incentivize developers to spend precious time addressing the endless stream of issues from the security team.


Terra Quantum nets $75m for cryptography, security work (Register) Ferroelectric devices key for this qubit-slinging startup

Cloudflare Completes Acquisition of Area 1 Security (Business Wire) Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced it has completed

How Microsoft Became Washington’s Favorite Tech Giant (Wall Street Journal) President Brad Smith has taken an amicable role with regulators. Rivals say he also directs negative attention toward them. Microsoft’s Activision deal, under FTC review, will test the strategy.

Government workers rely on Microsoft. That could be a security problem, Google claims (ZDNet) Updated: Does the US government’s reliance on Microsoft Office 365 make it more vulnerable to cyberattacks? Google Cloud says that’s what its survey shows.

Google: Microsoft Tech Is Bad for Government Security (Redmondmag) Google is pointing to government organizations’ reliance on Microsoft technology as a serious security threat.

Huawei’s CFO promoted to a top post months after U.S. extradition deal (Washington Post) Chinese tech giant Huawei Technologies has promoted chief financial officer Meng Wanzhou to a key role just half a year after the end of her U.S. extradition fight, setting up a potential family succession at one of China’s most important companies.

Products, Services, and Solutions

Infosec products of the month: March 2022 (Help Net Security) The featured infosec products this month are from: Actiphy, Anomali, AvePoint, Ciphertex Data Security, Contrast Security, and more.

WhiteSource Launches Free Developer Tool to Detect and Remediate Spring4Shell Vulnerability (PR Newswire) WhiteSource, a leader in application security, today launched WhiteSource Spring4Shell Detect, a free command-line interface (CLI) tool that…

Orca Security Launche First Attack Path Analysis & Business Impact Score (MarTech Series) Orca Security, the cloud security innovation leader, announced the industry’s first Attack Path Analysis and Business Impact Score for Cloud-Native Applications.

Apollo Fintech links up with ThetaRay for monitoring service (FXcompared) Apollo Fintech, a South Africa-based provider of financial technology services, has announced that it will use ThetaRay for international money transfer monitoring purposes. Read more about the international payments market with our money transfers news.

Israel’s Vulcan Cyber joins Microsoft Intelligence Security Association (Israel Hayom) Vulcan Cyber, developers of a cyber risk management platform for infrastructure, application and cloud security, has joined the Microsoft Intelligent Security Association (MISA), the company announced Sunday.

Victoria installing Zscaler on students’ personal devices to monitor traffic (iTnews) Packet inspection extended to BYOD.

FiVerity Launches New Fraud Analytics Suite, Providing Financial Servi (PRWeb) FiVerity, a leading provider of digital fraud detection solutions, today announced the release of its holistic fraud analytics platform. This expanded digital fraud

Technologies, Techniques, and Standards

Supply Chain Integrity Month (CISA) April is National Supply Chain Integrity Month.

What Can Be Done Immediately to Improve Your OT Security Posture (Dragos) Learn what you can do immediately to strengthen your cyber defenses and improve your operational technology (OT) security posture.

Comments to the CISA Cybersecurity Advisory Committee on Process Sensor Cyber Insecurity (Control Global) The DHS CISA Cybersecurity Advisory Committee held a conference call Thursday, March 31, 2022 that discussed current CISA Cybersecurity Advisory Committee activities and the Government’s ongoing cybersecurity initiatives.

Design and Innovation

Quantum computing has a hype problem (MIT Technology Review) Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.

Chatbots could one day replace search engines. Here’s why that’s a terrible idea. (MIT Technology Review) Language models are mindless mimics that do not understand what they are saying—so why do we pretend they’re experts?


US Cyber Command Partners with APUS (Infosecurity Magazine) American Public University System joins CYBERCOM’s Academic Engagement Network

Legislation, Policy, and Regulation

EU draft law adds security checks to all crypto transactions (BleepingComputer) The European Parliament has taken the first steps for new legislation against money-laundering that covers cryptocurrency transactions, which are an important part of illicit activities today.

ECOWAS Court orders Nigeria to amend Cybercrime Law (The Record by Recorded Future) Order highlights the digital security risks and challenges journalists and dissidents face in the country and around the world.

NSA orders immediate cybersecurity sensitisation for MDA’s (Premium Times Nigeria) The NSA says the directive is meant to contain cybercrimes and their impact on information and security infrastructure in the country.

Morocco, UK Launch Cyber Security Centre for Africa in Marrakech (Morocco World News) A delegation of British parliamentary representatives and Moroccan politicians, corporate, and academic leaders met this yesterday in Rabat to commemorate the launch of a ‘Cyber Security Centre of Excellence for Africa’, which will be built in Marrakech.

Biden administration is studying whether to scale back Trump-era cyber authorities at DOD (CyberScoop) The Biden administration is considering revising the Trump-era NSPM-13, which gave broad cyber authorities to the DOD and Cyber Command.

State Department launches cyberbureau amid concerns over Russia and China’s digital authoritarianism (CNN) The State Department’s new cybersecurity bureau formally launched on Monday in an effort to make digital rights issues an intrinsic part of US foreign policy at a time when Russia and China are increasingly trying to put their own authoritarian stamp on the internet.

Establishment of the Bureau of Cyberspace and Digital Policy (United States Department of State) The Department is pleased to announce that the Bureau of Cyberspace and Digital Policy (CDP) began operations today. A key piece of Secretary Blinken’s modernization agenda, the CDP bureau will address the national security challenges, economic opportunities, and implications for U.S. values associated with cyberspace, digital technologies, and digital policy. The CDP bureau includes three […]

Acting DHS intelligence chief steps down as Biden appointee still awaits confirmation (CNN) The temporary head of the Department of Homeland Security’s intelligence division, John Cohen, is stepping down this month as President Joe Biden’s appointee awaits confirmation, according to an internal memo sent to the workforce and obtained by CNN.

Rep. Ruggiero bill would create an incident response team for cybersecurity breaches at state agencies (What’s Up Newp) Sometime between Aug. 3 and 5 last year, a hacker stole a sensitive file from the computer of a payroll clerk at the offices of the Rhode Island Public Transit Authority. But it wasn’t until Dec. 21 that a letter was sent about the breach to the more than 17,000 state employees whose Social Security numbers, names, […]

Agency Director Receives Hopper Award (U.S. Department of Defense) Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, received the prestigious 2022 Rear Admiral Grace Hopper Award.

Litigation, Investigation, and Law Enforcement

Bulgaria blames Russian spies for tensions with North Macedonia (Jersusalem Post) Bulgaria’s Specialized Prosecutor’s Office is already investigating alleged Russian espionage activity in the country’s National Security Agency and searching the offices.

Lapsus$: Two UK teenagers charged with hacking for gang (BBC News) The actions of the relatively new group have led to an international police hunt.

UK Charges Alleged Lapsus$ Gang Members With Hacking (SecurityWeek) The City of London Police on Friday announced that two teenagers were officially charged for their alleged roles in a hacking group that is believed to be the infamous Lapsus$ gang.

Lapsus$: Two teenagers released on bail after court appearance (Computimg) Two teenagers have been charged with a number of offences in connection with an investigation into an unnamed cybercrime gang (although it’s probably Lapsus$).

NSA Employee Accused of Sharing National Defense Secrets (Infosecurity Magazine) Indictment alleges NSA employee used personal email account to send Top Secret info

NSA employee indicted for ‘leaking top secret defense info’ (Register) Managed to send material from his private email address, it is claimed

NSA Employee Indicted for Sending Classified Data Outside the Agency (Dark Reading) Even the NSA has a malicious insider problem. The employee used his personal emails to send classified data to unauthorized outsiders on 13 different occasions.

NSA employee indicted on accusations he shared national defense secrets (WBAL) A National Security Agency employee with top-secret clearance is indicted on accusations he shared national defense secrets.

HACKING CAMPAIGN: Eight things you need to know about US’s claims of Russian cyberattack on SA (Daily Maverick) The US claims three Russians with links to that government targeted at least 135 countries, including South Africa, in a hacking campaign.

Google Target Mandiant Sued by Shareholder Over Acquisition (Bloomberg) Mandiant Inc. was sued in New York by a shareholder alleging the cybersecurity company made incomplete and misleading disclosures while asking investors to approve its proposed $5.4 billion purchase by Alphabet Inc.’s Google.

UAE state funds were used to buy Israeli spyware (ABNA24) An Abu Dhabi state-owned investment company has been an investor in “Israeli” cyberweapon maker NSO Group since 2019, during which time NSO’s Pegasus spyware has been traced to the phones of journalists, human rights activists and the estranged wife of Dubai’s ruler.

Facebook Sent To Trial In Nonusers’ Face Scan Privacy Suit (Law360) A California federal judge has found that it would be “patently unreasonable” to hold Facebook liable for claims that it failed to inform nonusers in Illinois about its collection and storage of their facial scans, while advancing to trial allegations that the company neglected to publicly post a biometric data retention policy.

Access Health CT failed to report 44 breaches, didn’t adequately protect client data (The Hour) State auditors find the Affordable Care Act exchange in Connecticut “did not take…

Original Source link

Leave a Reply

Your email address will not be published.

− eight = 2