Ransomware

Hermit warning. Ransomware as misdirection. Cyber phases of a hybrid war. CISA’s tabletop exercises. ICS advisories. – The CyberWire

Dateline

Ukraine at D+120: Russia’s maximalist war aims. (The CyberWire) Russia says the war will end if and only if all of its demands are met. Lithuania warns of a rising DDoS threat. Considerations on why think tanks are targets of cyber operations.

Russia-Ukraine war: List of key events, day 121 (Al Jazeera) As the Russia-Ukraine war enters its 121st day, we take a look at the main developments.

Ukrainian troops forced to retreat from ‘smashed to pieces’ Severodonetsk (The Telegraph) It follows weeks of fighting against the Russians in the key Donbas city

Ukraine war: Zelensky addresses Glastonbury – and asks festival-goers to help fund war effort (The Telegraph) Volodymyr Zelensky has asked revellers at Glastonbury festival to donate to Ukraine’s war effort, warning that "time is priceless and every day is measured in human lives".

Ukraine Is at Its ‘Most Dangerous Point’ of the War (Intelligencer) Michael Kofman on Russia’s momentum, how long Putin can weather sanctions, and the trouble with battlefield predictions.

Top US Air Force general says the Russian air force’s struggles in Ukraine are surprising because Russia is fighting its ‘own systems’ (Business Insider) “How come they don’t understand their own systems and how they might defeat their own systems?” US Air Force Gen. Charles Brown Jr. said.

The modern cannons that may make the difference in Ukraine (The Economist) Who will pound harder?

US to send Ukraine rocket systems, other aid in new package (Defense News) The aid is part of the $40 billion in security and economic assistance passed last month by Congress.

U.S. Sending 18 Patrol Boats to Ukraine as Part of Latest Aid Package (USNI News) The United States will send 18 patrol boats to Ukraine as part of continued aid to the country as the Russian invasion stretches into the 119th day. The Department of Defense, using supplies already available, will send 18 coastal and riverine patrol boats, it announced Thursday. The DoD will also send high mobility artillery rocket …

Ukraine must accept every single one of our demands before peace—Russia (Newsweek) “Ukraine knows everything very well,” Kremlin spokesperson Dmitry Peskov said when asked to clarify Moscow’s demands.

Russia blames U.S. for Kaliningrad transit restrictions (Reuters) Moscow’s foreign ministry on Friday blamed the United States for a Lithuanian ban on sanctioned goods crossing from the Russian mainland to the Russian exclave of Kaliningrad, which has increased already high tensions between Moscow and the West.

Russians on Kaliningrad train get a gruesome glimpse beyond the media blackout (The Telegraph) Passengers offered free Wi-Fi – with a catch – on rail services bound for Kremlin-controlled Baltic enclave

Britons sentenced to death for fighting in Ukraine prepare appeal (The Telegraph) Britons Aiden Aslin and Shaun Pinner and Moroccan Brahim Saadoun were found guilty of “mercenary activities

First Russian soldier appears in court accused of raping Ukrainian woman (The Telegraph) Mikhail Romanov, 32, is accused of murdering man and then violating his wife in what could be a precursor to many more similar prosecutions

US embassy pushing Kremlin to reveal location of veterans captured in Ukraine (the Guardian) Alexander Drueke’s mother said her son and the other former soldier should be treated according to the Geneva convention

Why the west risks condemning Ukraine to slow strangulation (the Guardian) Before war fatigue sets in further, a rethink needed to avoid a years-long conflict

The Fall and Fall of Dmitry Medvedev (Foreign Policy) How the former Russian president went from geeky technocrat to deranged war hawk.

For Putin, War Is Power (and Power Is War): Why Russians Do Not React to War (Wilson Center) The extent to which Russian society supports Russia’s war against Ukraine is a matter of endless debate. Polling in an environment permeated by propaganda and repression is hard, and the results are likely to favor pro-government views. The outcomes are also likely to be swayed by propaganda storylines or political change.

Can Putin Survive? (Foreign Affairs) The lessons of the Soviet collapse.

The Perils of Pessimism (Foreign Affairs) Anxious nations are dangerous nations.

Ukraine News: Russia Calls E.U. Move to Advance Ukraine’s Joining ‘Hostile’ (New York Times) The decision, which sets Ukraine on a probably lengthy path toward becoming a member of the bloc, signals more resistance to Putin. Russian forces advanced on a key eastern city, threatening its supply lines.

The EU Should Think Hard About Admitting Ukraine (Bloomberg) Europe needs to support Ukraine’s future, not promise the impossible.

FAST THINKING: The EU gives Ukraine a shot at membership. What’s next for Kyiv? (Atlantic Council) While candidacy is an important symbolic gesture when Ukraine is under attack from Russia, EU membership is far from a done deal for Kyiv.

The EU’s Balance of Power Is Shifting East (Foreign Policy) Russia’s war has opened up a vast strategic chasm within the European Union.

With Russia, Vernacular Realism Trumps Political Realism (Wilson Center) As Europe faces the possibility of a big war, the continental political class has divided into two camps. The first is represented by the likes of Emmanuel Macron and Olaf Scholz, people willing to talk to Vladimir Putin and perhaps grant him something in exchange for peace. There was even talk of helping the Kremlin save face.

Can European industry support Macron’s ‘war-time economy’? Firms are wary. (Breaking Defense) “We need to have a European strategy for industry and innovation because it’s good for our industries and our industrialists, it’s good for employment in our countries, it’s good to have a capacity for innovation that is dual and that our economy needs, and it’s good for our strategic sovereignty,” said Emmanual Macron.

Asia and the War in Ukraine (The Moscow Times) Opinion | Europe loomed large during Asia’s premier defense summit, the IISS Shangri-La Dialogue.

‘Cold War mentality’: China’s Xi denounces ‘abuse of sanctions’ (Al Jazeera) At BRICS meeting, Chinese leader says world must move away from US-led hegemony and towards harmonious future.

China’s Strategic Calculations in the Russia-Ukraine War (Wilson Center) Like many non-Western countries, China has formulated its stance on the Russia-Ukraine war in keeping with its general foreign policy approach and its perception of the value and purpose of international alliances. In general, China’s public pronouncements on the war have been confined to a few key messages, repeated from the first day of the invasion:

Will China and Russia Stay Aligned? (Foreign Affairs) A groups of experts weighs in on whether Chinese-Russian alignment will be a durable feature of the international system.

Lithuania warns of rise in DDoS attacks against government sites (BleepingComputer) The National Cyber Security Center (NKSC) of Lithuania has issued a public warning about a steep increase in distributed denial of service (DDoS) attacks directed against public authorities in the country.

Financial service providers a prime target for Russian and criminal hackers  (Newsroom) From the theft of 26,000 Kiwisaver customers’ data to DDoS attacks on the NZX and two big banks, the Financial Markets Authority is trying to assist the financial sector in fighting back.

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug (Threatpost) The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.

Ukraine cyber agency enlists Radware to protect government networks (ComputerWeekly) Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks.

Ukraine’s State Service of Special Communications and Information Protection Selects Radware for Cloud and Application Security Services (GlobeNewswire News Room) Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today…

Microsoft: Russia Stepping Up Hacking, Cyber Penetration Efforts on 42 Ukraine Allies (Nextgov.com) Almost one in three detected Russian attacks are successful, Microsoft said.

Why think tanks are such juicy targets for cyberspies (The Record by Recorded Future) New Microsoft report on Russian cyber tactics during invasion of Ukraine notes cyberattacks on foreign think tanks and NGOs.

The war in Ukraine is showing the limits of cyberattacks (Tech Monitor) It was expected to be the first ‘cyberwar’. Instead, Russia’s invasion of Ukraine has cast doubt over the military value of cyberattacks.

European natural gas prices spike after Germany declares ‘alarm’ stage of emergency gas plan as Russia cuts supplies to Europe (Markets Insider) “The cut in gas supplies is an economic attack on us by Putin,” German Economy Minister Robert Habeck said about his country’s gas crisis.

Russia’s war is making energy a new battlefield. What can the US and EU do about it? (Atlantic Council) European and US leaders discussed the new energy landscape at the Atlantic Council’s EU-US Defense & Future Forum.

Cisco is exiting Russia and Belarus, becoming the last big Silicon Valley company to depart (Silicon Valley Business Journal) Cisco’s decision comes nearly four months after the company said it was halting operations following Russia’s decision to go to war with Ukraine.

Attacks, Threats, and Vulnerabilities

BRONZE STARLIGHT Ransomware Operations Use HUI Loader (SecureWorks) Since at least 2015, threat actors have used HUI Loader to load remote access trojans (RATs) on compromised hosts. Secureworks® Counter Threat Unit™ (CTU) researchers link two HUI Loader activity clusters exclusively to China-based threat groups.

Chinese hackers use ransomware as decoy for cyber espionage (BleepingComputer) Two Chinese hacking groups conducting cyber espionage and stealing intellectual property from Japanese and western companies are deploying ransomware as a decoy to cover up their malicious activities.

Chinese Threat Actor Uses Ransomware as a ‘Smokescreen’ For Espionage (Decipher) Researchers say evidence points to Chinese-based Bronze Starlight using five different ransomware families as a method to disguise its actual goal of espionage.

Chinese APT ‘Bronze Starlight’ Uses Ransomware to Disguise Cyberespionage (SecurityWeek) A China-linked state-sponsored hacking group named Bronze Starlight was observed deploying various ransomware families to hide the true intent of its attacks.

These hackers are spreading ransomware as a distraction – to hide their cyber spying (ZDNet) Five ransomware strains have been linked to Bronze Starlight activities.

Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside (The Hacker News) Tropic Trooper Chinese hacker group has been spotted using a new malware coded in the Nim language, and distributed hidden inside an “SMS bomber” tool

Chinese actor takes aim, armed with Nim Language and Bizarro AES (Check Point Research) Executive Summary In this article, Check Point Research shares findings on a group / activity cluster with ties to Tropic Trooper: The infection chain includes a previously undescribed loader (dubbed “Nimbda”) written in Nim language. This loader was observed bundled with a Chinese language greyware “SMS Bomber” tool that is most likely illegally distributed in… Click to Read More

Chinese HUI Loader malware ups the ante on espionage attacks (SearchSecurity) Nefarious new DLL loader, HUI Loader, is linked to multiple IP-stealing campaigns out of China.

Apple and Android phones hacked by Italian spyware, Google says (Reuters) An Italian company’s hacking tools were used to spy on Apple Inc and Android smartphones in Italy and Kazakhstan, Alphabet Inc’s Google said in a report on Thursday.

Google is notifying Android users targeted by Hermit government-grade spyware (TechCrunch) Hermit spyware works on all Android versions, and also targets an unknown number of iPhone users.

Google: Seven zero-days in 2021 developed commercially and sold to governments (The Record by Recorded Future) Google released a new report on Thursday chronicling the startling expansion of the government-backed spyware industry.

Italian spyware used to target Apple and Android phones, says Google (Computing) News comes as NSO says Pegasus spyware used by at least five EU countries

Spyware vendor targets users in Italy and Kazakhstan (Google Threat Analysis Group) Google has been tracking the activities of commercial spyware vendors for years, and taking steps to protect people. Just last week, Google testified at the EU Parliamentary hearing on “Big Tech and Spyware” about the work we have done to monitor and disrupt this thriving industry.

Iranian cyber-attackers trying, and so far failing, to create panic in Israel (JNS.org) Observers say Iranian-Israeli cyber war has seen Iranians employ “opportunistic loopholes” • Advent of quantum computing could see new capabilities surface in cyber domain.

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems (CISA)  CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon® and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches.

CISA, US Coast Guard warn of Log4Shell attacks after 130GB data breach in May (The Record by Recorded Future) CISA and the US Coast Guard Cyber Command warned organizations that unpatched VMWare Horizon servers are still being exploited through Log4Shell.

ICS Vendors Respond to OT:Icefall Vulnerabilities Impacting Critical Infrastructure (SecurityWeek) The ICS vendors whose products are affected by the OT:Icefall vulnerabilities have started releasing advisories.

Avos ransomware threat actor updates its attack arsenal (TechRepublic) The Avos ransomware threat actor has recently updated its tooling, not only using malicious software but also commercial products.

Cybereason vs. Black Basta Ransomware (Cybereason) The Black Basta ransomware is a new strain of ransomware discovered in April of 2022. Although active for just two months, the group already rose to prominence claiming attribution of nearly 50 victims as of the publication of this report.

Conti ransomware hacking spree breaches over 40 orgs in a month (BleepingComputer) The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month.

Got your Keys, Phone, and … Wallet? MetaMask Crypto Wallet Phishing Attack (Armorblox) This blog examines a phishing attack that spoofs a verification email from MetaMask, one of the most widely used crypto applications. Clicking the link steals sensitive credential information.

The curious tale of a fake Carrier.app (Project Zero) The curious tale of a fake Carrier.app Posted by Ian Beer, Google Project Zero NOTE: This issue was CVE-2021-30983 was fixed in iOS …

3 threats dirty data poses to the enterprise (SearchSecurity) Learn about three threats dirty data poses to the enterprise that could affect your organization’s reputation and competitive advantage.

Timing is Everything (DomainTools) Everyone loves that ‘in the right place at the right time’ feeling, including illicit actors. In this article, we look at domain registration correlating with current eve

US Subsidiary of Automotive Hose Maker Nichirin Hit by Ransomware (SecurityWeek) A US subsidiary of Japanese automotive hose maker Nichirin has been hit by ransomware, which forced the company to shut down some production controls.

Automotive hose maker Nichirin hit by ransomware attack (BleepingComputer) Nichirin-Flex U.S.A, a subsidiary of the Japanese car and motorcycle hose maker Nichirin, has been hit by a ransomware attack causing the company to take the network offline.

Delivery Firm Yodel Scrambling to Restore Operations Following Cyberattack (SecurityWeek) UK delivery services provider Yodel is working on restoring operations after falling victim to a disruptive cyberattack.

U.K. Shipping Company Yodel Left Scrambling by ‘Cyber Incident’ (Wall Street Journal) The Liverpool-based company didn’t specify the nature of the network disruption and said it is struggling to restore full service. In the meantime, clothes, wine and other shipments have been delayed.

Halfords removes vulnerability that leaked customer details (Register) I like driving in my car, hope my data’s not gone far

Brazilian retail giant confirms cyberattack after extortion group takes over Twitter account (The Record by Recorded Future) Brazilian retail giant Fast Shop has regained control of its Twitter account after hackers took it over and sent several messages about a cyberattack.

Hackers Steal $100 Million by Exploiting Crypto’s Weak Link (Bloomberg) Harmony has notified authorities and forensic experts. Hackers have stolen more than $1 billion from bridges.

Here’s Why You’re Still Stuck in Robocall Hell (Wired) Despite major progress fighting spam and scams, the roots of the problem go far deeper than your phone company’s defenses.

Security Patches, Mitigations, and Software Updates

CISA releases 6 Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency) ICS-CERT released the following 6 advisories today, June 23, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities.

OFFIS DCMTK (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: OFFIS Equipment: DCMTK Vulnerabilities: Path Traversal, Relative Path Traversal, NULL Pointer Dereference 2.

Yokogawa STARDOM (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely Vendor: Yokogawa Equipment: STARDOM Vulnerabilities: Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials CISA is aware of a public report known as, “OT:ICEFALL,” which details vulnerabilities found in multiple operational technology (OT) vendors.

Yokogawa CAMS for HIS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: High attack complexity Vendor: Yokogawa Equipment: Consolidation Alarm Management Software for Human Interface Station (CAMS for HIS) Vulnerability: Violation of Secure Design Principles 2.

Secheron SEPCOS Control and Protection Relay (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Secheron Equipment: SEPCOS Control and Protection Relay Vulnerabilities: Improper Enforcement of Behavioral Workflow, Lack of Administrator Control over Security, Improper Privilege Management, Insufficiently Protected Credentials, Improper Access Control 2.

Pyramid Solutions EtherNet/IP Adapter Development Kit (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Pyramid Solutions, Inc. Equipment: EtherNet/IP Adapter Development Kit Vulnerability: Out-of-bounds Write 2.

Elcomplus SmartICS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elcomplus LLC Equipment: SmartICS Vulnerabilities: Improper Access Control, Relative Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to view files on the system or terminate processes on the system.

Cybersecurity’s bad and it’s getting worse (Washington Post) It’s hard to overstate how much cybersecurity has surged as a top concern

New Research: 57% of Organizations Take Days or Weeks for Infrastructure Access to be Approved (PR Newswire) strongDM, the company behind the world’s only People-First Access Platform, today released the results of its latest survey, the 2022…

Banyan Security Research Uncovers Primary Considerations Influencing Zero Trust Network Access (ZTNA) Adoption (GlobeNewswire News Room) While VPN deployments remain the most popular option for secure remote access, adopting a zero trust model is a top priority for almost all organizations…

Panther Labs Releases ‘State of Threat Detection and Response’ Report (GlobeNewswire News Room) Panther Labs, provider of a cloud-native SIEM that solves the challenges of security operations at…

The State of Threat Detection and Response (Panther Labs) Panther surveyed over 400 security professionals to understand the experiences of security teams at the forefront of their organization’s detection and response operations.

ShiftLeft Releases its 2022 AppSec Progress Report 2022 (Business Wire) ShiftLeft, an innovator in automated application security testing, released its second annual AppSec Progress Report documenting critical trends in ap

PH biggest target of phishing in Southeast Asia—cybersecurity report (INQUIRER.net) MANILA, Philippines—From February to April this year, nearly seven out of 10—or 68.95 percent—phishing attacks recorded in the Philippines targeted finance-related transactions, according to

Avast Digital Wellbeing Report (MySecurity Marketplace) This vital report illustratesthat cyberattacks go hand inhand with online repression.We’re proud that FreedomHouse’s Freedom on the…

Ransomware, IP & data theft top concerns for Indian pharma firms (The Hans India) Ransomware attacks and IP and data theft are the top cybersecurity concerns for pharma companies in India as they take the digital leap, a new report showed on Thursday.

Marketplace

Cybersecurity M&A: Creating Rough Seas in the Channel (Channel Futures) M&A has resulted in a sea change in the cybersecurity channel, creating both opportunities and challenges for partners. This report takes an in-depth look.

ConductorOne Lands $15M Series A to Solve Identity Security and Access Control Challenges (PR Newswire) ConductorOne announced today that it raised a $15M Series A led by Accel, along with participation from existing investors Fuel Capital, Fathom…

Johnson Controls Acquires Tempered Networks to Shield Buildings From Cyberattacks (SecurityWeek) Johnson Controls has acquired Tempered Networks to help protect buildings From cyberattacks

Firmware Security Startup Binarly Raises $3.6 Million in Seed Funding (SecurityWeek) Firmware supply chain security company Binarly has announced a $3.6 million seed funding round led by Westwave Capital and Acrobator Ventures.

Kaseya finalises Datto acquisition: what you need to know (CRN Australia) Changes in leadership, pricing and investment commitments.

Ego, Reputation, and Risk: New Startup Risk Index Report Explores Founder Mindset in New High Stakes Environment (Business Wire) As VC-backed startups enter an unprecedented era of risk, a new report finds that rising costs, employee concerns and inflation weigh heavily on the m

Parsons’ chief executive talks acquisitions, Ukraine and the defense budget (Defense News) Carey Smith took over as chief executive of Parsons in April 2021. Since then, the contractor has kept up a busy pace of acquisitions, most recently picking up Xator, which specializes in cybersecurity, counter-drone technology, biometrics and more.

L3Harris Receives DoD’s Top Industrial Security Excellence Award for the 18th Consecutive Year (Business Wire) L3Harris Technologies (NYSE:LHX) has received three of the U.S. Department of Defense’s prestigious James S. Cogswell awards for outstanding industria

VMware channel chief Sandy Hogan to depart (CRN Australia) First high-level departure following Broadcom deal.

Cloudera names Colin Pont as ANZ senior alliances manager (CRN Australia) Colin Pont hired from Boomi.

Onapsis Announces Inaugural Customer Advisory Board to Shape the Future of Cyber Resiliency (Business Wire) Onapsis taps cybersecurity industry luminaries from Fortune 500 companies to collaborate on strategic initiatives and drive its company vision

ReversingLabs Names Kathleen DeShields Senior Vice President of Human Resources (GlobeNewswire News Room) ReversingLabs, the leader in software supply chain security, today introduced Kathleen DeShields as…

Open Systems Wins Microsoft Award for Security MSSP of the Year (Open Systems) We kicked off this year’s RSA conference by receiving the Security MSSP of the Year award at the Microsoft Security Excellence Awards 2022.

Products, Services, and Solutions

New infosec products of the week: June 24, 2022 (Help Net Security) The featured infosec products this week are from: Arcserve, Cavelo, ComplyCube, CompoSecure, and Hillstone Networks.

Okta Gives Back With Launch Of Nonprofit Cybersecurity Portfolio (Forbes) Okta announced the launch of a Nonprofit Cybersecurity Portfolio and over $1 million in grants to support better security across the social sector as part of its Okta for Good Fund efforts.

Ingram Micro launches Cybersecurity Practice Builder program (CRN Australia) To assist resellers to build information security practices.

SecurityScorecard Joins Snowflake Partner Network (SecurityScorecard) Snowflake Data Marketplace Customers Can Gain Actionable Insights and Achieve Greater Cyber Risk Visibility with SecurityScorecard’s Ratings Data New York, NY, June 23, 2022 – SecurityScorecard , the global leader in cybersecurity ratings announced today that it has joined Snowflake’s Partner…

Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS (Palo Alto Networks) Latest Prisma Cloud platform updates help organizations continuously monitor and secure web applications with maximum flexibility SANTA CLARA, Calif., June 23, 2022 /PRNewswire/ — Over the last…

Insights from 1Password to Provide Businesses with Instant Oversight of Security Risks (PR Newswire) 1Password, the leader in human-centric security and privacy for businesses and consumers, today launched Insights from 1Password to make it…

PerimeterX Extends Comprehensive Account Protection Strategy with the Introduction of Account Defender (PerimeterX) New Solution Addresses the “Post-Login Wasteland;” Fills Gap in Web App Fraud Protection Market by Detecting and Preventing Account Takeover and Fake Account Creation

NightDragon and Orange Cyberdefense deliver cybersecurity services to European organizations (Help Net Security) NightDragon announced a new partnership with Orange Cyberdefense to bring innovative technologies and services to European organizations.

Kyndryl : and Veritas Technologies Announce Global Partnership to Help Customers Address Cyber Threats and Implement Recovery Solutions (MarketScreener) Kyndryl , the world’s largest IT infrastructure services provider, and Veritas Technologies, a leader in multi-cloud data management,…

Cinchy Advances Boundaries of Modern Data Architecture Again with New Dataware Release (Business Wire) The global leader in press release distribution and regulatory disclosure. Public relations and investor relations professionals rely on Business Wire for broad-based and targeted market reach.

DH2i Named A Winner in the Globee® Awards, 2022 IT World Awards (PRWeb) DH2i® the leading provider of multi-platform Software Defined Perimeter (SDP) and Smart High Availability Clustering software for Windows and Linux, toda

Retrospect, a StorCentric Company, Announces Retrospect Cloud for Simple Offsite Data Protection (Retrospect) Retrospect Cloud Storage Provides Seamless Cloud Backup Experience for Ransomware Protection and Detection in A Single Subscription with Retrospect Backup 19 and Retrospect Virtual 2022

Technologies, Techniques, and Standards

Identity and Access Management at NIST: A Rich History and Dynamic Future (NIST) Digital identity for access control is a fundamental and critical cybersecurity capability that ensures the right people and things have the right access to

Cyber insurers are starting to require lateral movement defense. Here’s why (Security Magazine) Cyber insurance providers are raising premiums and starting to require users to defend against lateral movement with tools like multi-factor authentication and endpoint detection and response.  

Anglo American cyber lead calls for continuity strategies in industrial control space (Cyber Security Hub) Critical national infrastructure continues to be a high-value target for cyber criminals making business continuity plans vital

NSA warns against silly mistake in the fight against Windows malware (TechRadar) PowerShell can be used for good, too

U.S. cyber-team takes third at international competition (Brookings Register) The U.S. Cyber Team – which features three Dakota State University Trojans – won third place in the first-ever International Cybersecurity Challenge.

International space security researchers qualify for the 3rd annual Hack-A-Sat competition organized by USSF and USAF (Satnews) The third annual Hack-A-Sat qualification round occurred virtually May 21-22, with more than 800 teams and 2,500 individual security researchers working through a set of space-related cybersecurity challenges for a chance to win cash prizes and entry into the final event.

How to conduct a cyber-war gaming exercise (SearchSecurity) Learn how to conduct a war gaming cybersecurity exercise, including key participants and steps, that helps organizations prepare for real-world attacks.

Arkansas Air National Guard Participates in Cyber Shield 2022, the DoD’s Largest Unclassified Cyber Defense Exercise (Air National Guard) Sixteen Arkansas Air National Guard cyber and computer security specialists honed their skills, June 5-17, as part of Cyber Shield 2022, the Department of Defense’s largest unclassified cyber defense

Design and Innovation

Battlefield robots getting ‘common sense’ training before deployment (C4ISRNet) Although legged robots have existed for several years, in order to be deployed, they would need to adapt in real-time to unseen scenarios such as changing terrains, changing payloads and wear and tear.

Pentagon’s long-awaited ‘Responsible AI’ pathway highlights flexibility, ‘trust’ (Breaking Defense) One key element is ensuring a transformation from “viewing AI as an enigmatic and incomprehensible technology to understanding the capabilities and limitations of this widely adopted and accepted technology.”

Research and Development

Are babies the key to the next generation of artificial intelligence? (EurekAlert!) Babies can help unlock the next generation of artificial intelligence (AI), according to Trinity College neuroscientists and colleagues who have just published new guiding principles for improving AI. The research, published in the journal ‘Nature Machine Intelligence’, examines the neuroscience and psychology of infant learning and distils three principles to guide the next generation of AI, which will help overcome the most pressing limitations of machine learning.

Alan Turing’s Everlasting Contributions to Computing, AI and Cryptography (NIST) Suppose someone asked you to devise the most powerful computer possible.

Legislation, Policy, and Regulation

Iran appoints new IRGC spy chief as Israel tensions rise (Al Jazeera) No reasons were provided on why Hossein Taeb, now an adviser to IRGC commander-in-chief, was replaced.

Cyber security threats are biggest risk to National security: NCSC (The Hindu) Awareness and building cyber hygiene followed by audits is very important, says the National Cyber Security Coordinator

Sweden’s politicized decision on Huawei will only delay the progress of its own 5G (Global Times) Evidently, Sweden’s unreasonable move is very unwise and unnecessary. It does not benefit its own national interests. It hurts the feelings of Chinese consumers and will have an impact on the development of Swedish companies in China. It seems that it has become very difficult for the US to completely replace Huawei’s equipment and is now frustrated with its own 5G progress. It is hard to say whether the US will sacrifice Sweden’s national interests and harm the interests of Swedish companies to serve its calculations in the future. After all, the US has a very bad precedent in this regard.

China envoy says Australia fired first shot with Huawei ban (Washington Post) Australia had fired the “first shot” in its deteriorating relations with China four years ago when the then-government banned Chinese-owned telecommunications giant Huawei from rolling out the country’s 5G network due to security concerns, a Chinese ambassador said on Friday.

Cybersecurity framework still not finalized after 3 years, N.L. agency blames COVID for delay (CBC) The Newfoundland and Labrador Centre for Health Information is defending the fact that its cybersecurity framework has remained in draft format since 2019.

U.S. data privacy and security solutions emerging at the federal level (CSO Online) The American Data Privacy and Protection Act bill faces a tough battle for passage, but the Biden administration is considering actions of its own.

New Legislation Tightens CISA with State, Local Governments to Fortify Cybersecurity (MSSP Alert) President Joe Biden has signed three bipartisan cybersecurity bills aimed to strengthen ties between the Cybersecurity and Infrastructure Security Agency (CISA) and state and local governments.

Pair of Brand-New Cybersecurity Bills Become Law (Dark Reading) Bipartisan legislation allows cybersecurity experts to work across multiple agencies and provides federal support for local governments.

House Clears ICS Cyber Training Bill (MeriTalk) The U.S. House of Representatives has passed legislation that would strengthen U.S. cybersecurity protections for Industrial Control Systems (ICS) amid increased Russian cyber threats to ICS targets.

CISA Chief to Weigh Findings on Workforce, Chief People Officer (MeriTalk) Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly is considering a big basket of recommendations delivered this week by the agency’s Cybersecurity Advisory Committee, including suggestions that the agency boost its workforce development and acquisition efforts and establish a new chief people officer position.

Businesses risk “catastrophic financial loss” from cyberattacks, US watchdog warns (The Verge) Mounting threats and lack of insurance is a recipe for disaster.

U.S. lawmakers unveil bill barring U.S. data flows to high-risk countries (Reuters) A bipartisan group of U.S. senators introduced legislation on Thursday that would give the Biden administration the power to block exports of U.S. personal data to countries like China that they say pose national security risks.

Sen. King wants regular reports from Cyber Command on election security (Washington Post) Angus King wants transparency on election threats with regular reports from Cybercom

CISA advisory panel wants agency to act on election disinformation, multifactor authentication (CyberScoop) CISA’s director has 90 days to respond to the suggestions.

Navy about to release unified cyber strategy (FedScoop) The Department of the Navy is currently reviewing and preparing to release an overarching cybersecurity strategy and vision statement that will shape how it operates moving forward as the modern battlespace becomes increasingly digital.  Core tenets of the new governance document are “secure, survive and strike,” the Navy’s Principal Cyber Advisor (PCA) Chris Cleary confirmed […]

WSJ News Exclusive | U.S. Spy Agencies Could Hire Former Marijuana Users Under Senate Bill (Wall Street Journal) The current ban has been seen as an impediment to hiring young professionals in critical national security roles.

Which States Have Cybersecurity Task Forces? (GovTech) As cybersecurity continues to concern state governments, many have turned to task forces to address issues such as ransomware, phishing and other threats. But what have they accomplished so far?

Litigation, Investigation, and Law Enforcement

Italian data protection authority warns against the use of Google Analytics (Computing) Google Analytics data collected through cookies constitutes a violation of the EU General Data Protection Regulation, it says

MCG Health Faces Lawsuit Over Data Breach Impacting 1.1 Million Individuals (SecurityWeek) The personal information of more than one million patients was impacted in a March 2022 incident at patient care guidelines provider MCG Health.

Former U.S. Military Pilot Admits Acting as Paid Agent of China and Lying on National Security Background Forms (US Department of Justice) A former U.S. Army helicopter pilot-turned-civilian-contractor pleaded guilty in federal court today, admitting that he acted as an unregistered agent of China and accepted thousands of dollars from representatives of the Chinese government to provide aviation-related information from his defense-contractor employers.

Cisco wins reversal of $2.75 bln damages award because judge’s wife owned stock (Reuters) A U.S. appeals court on Thursday threw out a more than $2.75 billion award against Cisco Systems Inc , saying the trial judge should have disqualified himself after learning that his wife owned Cisco stock.

Cisco’s $2 Billion Loss Nixed Over Judge’s Wife Owning Stock (2) (Bloomberg Law) The Federal Circuit threw out a $1.9 billion patent infringement verdict against Cisco Systems Inc., finding the judge who levied the penalty should’ve recused himself after learning that his wife had stock in the company.

Immutable e-mail archives reveal ‘gold mine’ of fraud information (ITWeb) iOCO’s XTND uses Mimecast e-mail archiving to to index and investigate suspicious communications.

Vishing scams are on the rise and Interpol is cracking down (Avast) Vishing scams that use voice and voicemail to target victims are becoming more prominent. Interpol is cracking down, but you still need to protect yourself.

0 thoughts on “Hermit warning. Ransomware as misdirection. Cyber phases of a hybrid war. CISA’s tabletop exercises. ICS advisories. – The CyberWire

  1. Your comment is awaiting moderation.

    транспортная компания из Испании //www.litepic.ru/.

Leave a Reply

Your email address will not be published. Required fields are marked *