Cyber aspects of the Ukraine crisis. Misusing Cobalt Strike. Logistics firm hit by effects of cyberattack. ICS security trends. – The CyberWire

Disclaimer: These articles have been sourced from internet, Estrategya doesn’t own or in any way belives any opinion as projected in these articles.

How can a virtual Chief Information Security Officer (vCISO) impact business growth for your business? BARR Advisory’s vCISOs become an extension of your team, bringing the experience and perspective needed by every scaling organization to stay secure at every stage. BARR’s vCISOs take on the burden of security assessments, fielding security questionnaires, and leading cybersecurity audits. Learn how BARR helps innovative technology companies cut their sales cycles and close more deals with a human-first approach to cybersecurity.
Reuters reports that Ukraine yesterday renewed its warning that it saw signs of renewed cyberattacks against its banks, its defense sector, and government websites. The EU’s Cyber Rapid Response Team has been activated and will deploy to Ukraine. The move, POLITICO says, has been welcomed by Kyiv. Activation was a joint decision of the six states that contribute to the Team: Croatia, Estonia, Lithuania, the Netherlands, Poland and Romania. POLITICO also reports that the Baltic states (Latvia, Lithuania, and Estonia) are particularly sensitive to, and alert for, signs of Russian cyber operations spilling over against them.
The high-level diplomacy France believed it had arranged between Russia and the US is off. Moscow was ambivalent about a Putin-Biden summit, indicating to French President Macron that it was willing in principle to hold such talks, and then, as TASS was authorized to disclose, moved such talks to the realm of possibility, but the US isn’t playing. Secretary of State Anthony Blinken called off this week’s meeting with his Russian counterpart, explaining that Russia’s escalation makes the meeting pointless. Newsweek quotes the Secretary as saying, “Now that we see the invasion is beginning and Russia has made clear its wholesale rejection of diplomacy,” the talks, which had been planned for Thursday, would be pointless.
Western sanctions have been quick and clear, but also graduated and incremental. Germany’s refusal to certify the Nord Stream 2 pipeline, a move that blocks a substantial increase in Russian sales of natural gas to Europe, was the first and most consequential of the sanctions imposed as the week began. Other sanctions have aimed to reduce Russian access to global financial and capital markets. The Telegraph reports that Britain has imposed what Prime Minister Johnson describes as the “first barrage” in its own sanctions program, singling out five banks and three “high-net-worth individuals.”
The EU has, according to the AP, sanctioned the three-hundred-fifty-one members of the Duma who voted for recognition of Donetsk and Luhansk, and also twenty-seven other Russian institutions and individuals from the defense and banking sectors.
The US imposed further sanctions beyond those already imposed Monday that prohibited US persons from doing business with the two Ukrainian provinces Russia is seeking to detach. The newest measures are designed to punish Russian oligarchs and impede Moscow’s ability to sell sovereign debt. Administration officials say they’re holding more (and more severe) sanctions in reserve. Bloomberg quotes a US Treasury Department source as calling the US sanctions “incremental,” and EU members who moderated the sanctions Europe imposed described their approach as “proportionate.”
Cyber operations against Western targets are considered likely, the Wall Street Journal notes, and policymakers and the security industry advise businesses to take prudent steps to protect themselves. Moody’s Investors Service has taken a look at the cyber implications of the crisis, which it sees as central to assessing credit quality. Its analysts have concluded that attacks on critical infrastructure are a high risk, in terms of consequence, vulnerability, and likelihood. “Critical infrastructure is a likely target of cyberattacks amid ongoing Russia–Ukraine tensions for two reasons. First, the Russian government has a history of launching cyberattacks on critical infrastructure, according to a wide spectrum of cybersecurity experts; and second, these types of attacks are typically more damaging for a country than are attacks on other targets.”
Criminals continue to misuse Cobalt Strike. Ahn Lab reports that the tool is being distributed to vulnerable MS-SQL servers. BleepingComputer explains that the legitimate penetration-testing software package is attractive to the underworld because of its ready availability and extensive suite of capabilities (hence its widespread misuse).
Operations at the major logistics firm Expediters International have been disrupted by a cyberattack disclosed Sunday, and the Wall Street Journal reports that the company currently still has only a “limited ability” to conduct operations. There’s speculation that the incident was a ransomware attack, but, as ZDNet notes, the company won’t confirm that.
Dragos has released its 2021 ICS Cybersecurity Year in Review. It identifies new threat activity groups with a probable focus on ICS targets, and it also comments on the continuing expansion of the attack surface industrial organizations present. One problem the report outlines is a widespread lack of visibility organizations have into their own systems: “86% of organizations report limited-to-no visibility of ICS environments.”
IBM also sees a growing threat to industrial firms, specifically to those involved in manufacturing. They’re particularly vulnerable to supply chain attacks, and they’ve recently been receiving unwelcome attention from ransomware gangs.
China gets into the unmasking game, as it runs a story in the state-controlled Global Times alleging that an “elite hacker group” at the US NSA has been monitoring targets in forty-five countries for the past decade.
CISA yesterday released three industrial control system advisories, for GE Proficy CIMPLICITY-IPM, GE Proficy CIMPLICITY-Cleartext, and WIN-911 2021.
Today's issue includes events affecting Belarus, China, Croatia, Estonia, the European Union, Georgia, Israel, Lithuania, NATO/OTAN, the Netherlands, Poland, Romania, Russia, Ukraine, the United Nations, the United Kingdom, and the United States.
Screen for compromised passwords continuously with a free account. Enzoic for Active Directory can check and secure business employee accounts by eliminating unsafe passwords while also helping you easily adopt NIST password requirements.
Get better cybersecurity, better user experience, save time and reduce admin costs.
Sanctions and cyber conflict, and their market implications. (The CyberWire) Not much more diplomacy for now, as Mr. Putin formulates his last territorial demands in Europe.
Ukraine warns of cyberattacks on banks and state agencies (Reuters) Ukrainian authorities said they had seen online warnings that hackers were preparing to launch major attacks on government agencies, banks and the defence sector on Tuesday.
EU to mobilize cyber team to help Ukraine fight Russian cyberattacks (POLITICO) European civilian-military officials will help Kyiv fend off Russian hackers.
European Union cyber defense team deploys to aid Ukraine (C4ISRNet) On Feb. 22, officials were still assessing a Ukrainian defense scenario in which the team would operate, including “on-site and remote support,” a defense official at the Lithuanian Embassy in Washington told Defense News.
Companies Must Prepare for More Russian Cyber Activity, Experts Warn (Wall Street Journal) As the U.S. imposes sanctions on Russia for its actions in Ukraine, ‘there could be blowback here,’ said Rep. Jim Langevin at the WSJ CIO Network Summit.
Cyber ‘spillover’ from Ukraine looms in the Baltics (POLITICO) The region should be paid ‘careful attention’ when it comes to potential attacks, says MEP Bart Groothuis.
Britain warns of cyberattacks as Russia-Ukraine crisis escalates (Reuters) Britain warned of potential cyberattacks with "international consequences" on Tuesday after Russian President Vladimir Puitin ordered troops to two breakaway regions in eastern Ukraine.
Homeland Security Department warns of potential Russian cyber threats to U.S. organizations (Axios) The warning mentioned possible cyberattacks targeting big banks and power grids.
Homeland Security Secretary Alejandro Mayorkas on the threat of Russian cyberattacks (PBS NewsHour) With President Biden's announcement Tuesday that new sanctions are being imposed on Russia, concerns are growing that Moscow could retaliate, including with potential cyberattack against the United States. Secretary of Homeland Security Alejandro Mayorkas joins Amna Nawaz to discuss the threat from Russia, the Biden administration's shift in immigration policy, and a rise in violence in the U.S.
The Ukraine Cyber Crisis: We Should Prepare but not Panic (The Cipher Brief) Cyber experts are urging calm preparation for cyber threats connected to Russia's actions in Ukraine. Read more in The Cipher Brief.
Are we ready for war in the infosphere? (Lawfire) How can the U.S. and rule-of-law democracies counter increasingly sophisticated and weaponized disinformation?  How should they wage “information warfare” during period of putative peac…
Ukraine to impose state of emergency but no martial law yet (Reuters) Ukraine will introduce a nationwide state of emergency in which special restrictions will apply in order to keep the country calm and protect its economy amid fears of a Russian invasion,
Biden, Putin signal bigger confrontation ahead over Ukraine (AP NEWS) The East-West faceoff over Ukraine escalated dramatically Tuesday, with Russian lawmakers authorizing President Vladimir Putin to use military force outside his country and U.S. President Joe Biden and European leaders responding by slapping sanctions on Russian oligarchs and banks.
West unveils sanctions with more ready if Russia carries out full-scale Ukraine invasion (Reuters) Western nations on Tuesday punished Russia with new sanctions for ordering troops into separatist regions of eastern Ukraine and threatened to go further if Moscow launched an all-out invasion of its neighbour.
West hits back with sanctions for Russia's Ukraine actions (AP NEWS) Responding swiftly to Russian President Vladimir Putin’s order sending troops to separatist regions of Ukraine, world leaders hit back with non-military actions Tuesday in hopes of averting a full-blown war in Europe.
Nord Stream 2 Is Put on Hold as West Rebukes Putin Over Ukraine (Bloomberg) U.S., EU, U.K. press ahead with sanctions; gas prices advance. Western leaders denounce Russian move as tensions surge.
Boris Johnson launches 'first barrage' of sanctions against Russia (The Telegraph) Western governments are now weighing up their own response to Russian tanks and troops entering eastern Ukraine’s two separatist regions
Biden Ups Russia Sanctions, Calls Ukraine Invasion Underway (Bloomberg) He says Putin is setting up rationale to take more of Ukraine. Sanctions target sovereign debt abroad and country’s elites.
EXPLAINER: Deciding when to use 'invasion' label in Ukraine (AP NEWS) When Russian President Vladimir Putin authorized troops to cross Ukraine's border into regions controlled by Russian-backed separatists, the White House initially stopped short of calling it an invasion.
U.S. calls Russia’s actions an ‘invasion,’ readies new sanctions; Biden to speak (Washington Post) The White House on Tuesday called Russia’s deployment of troops into two pro-Russian separatist regions of Ukraine “the beginning of an invasion” as it prepared to announce new sanctions on Russia and President Biden planned remarks in the early afternoon.
How To Stop Putin’s Mad Dash To War (Forbes) Thought leaders weigh in on what will slow Russia’s aggression against Ukraine.
Sanctions won't stop Putin trying to take the whole of Ukraine (The Telegraph) A former top Pentagon official on why negotiations over Ukraine were never really the Russian president's end goal
Putin, Facing Sanction Threats, Has Been Saving for This Day (New York Times) Since paying the price for annexing Crimea in 2014, Russia has tried to make its economy sanctions-proof, hoarding currency to insulate the country.
Opinion | Putin Is Making a Historic Mistake (New York Times) Instead of paving Russia’s path to greatness, invading Ukraine will ensure Mr. Putin’s infamy.
Antony Blinken says Thursday meeting with Russian foreign minister now off (Newsweek) Blinken said after recent events have indicated Russia is beginning its invasion of Ukraine, it does not make sense to go forward with the meeting with Sergey Lavrov.
Joe Biden targets Vladimir Putin's inner circle but keeps 'mother of all sanctions' in reserve (The Telegraph) A US official warned that it was 'only the sharp edge of the pain' that can be inflicted on Russia
Donald Trump hails Vladimir Putin as a 'genius' over Russia's invasion of Ukraine (The Telegraph) Former US president claims Russia's incursion would never have happened if he was still in the White House
Biden, under fire at home, ramps up war of words as Putin's tanks roll (Newsweek) The president faced criticism from lawmakers for failing to call Moscow's aggression an "invasion" even as tanks were seen rolling into Donetsk on Monday night.
What the U.S. military is doing in response to Russian actions in Ukraine (Washington Post) The Pentagon detailed a new round of deployments to Eastern Europe on Tuesday in response to Russia’s latest actions against Ukraine, sending fighter jets, attack helicopters and infantry troops as it bolsters security in the region.
Ukraine prepares state of emergency; Kremlin warns U.S. of ‘consequences’ for sanctions (Washington Post) Ukraine announced plans Wednesday to declare a state of emergency, as the nation prepared to defend itself from an expected Russian invasion.
Russia just ordered troops into Ukraine again. What happens next? (Atlantic Council) As the fast-moving situation on the ground develops, our experts weigh in on what this moment means for a world that could soon be forever altered.
Images show new deployment of military vehicles in Belarus -Maxar (Reuters) Satellite images show a new deployment of more than 100 military vehicles and dozens of troop tents in southern Belarus near the Ukraine border, a private U.S. company said on Tuesday.
FDD | Russia-Georgia 2008: a Blueprint for Russia-Ukraine 2022? (FDD) Analysis, Insight | February 21, 2022 | The Olympics were about to start in Beijing. Thousands of miles to the west, Russia was wrapping up a big military exercise in a border region. Across the border, women and children were evacuated from…
As the West condemns Russia over Ukraine, Beijing strikes a different tone (CNN) China's envoy to the United Nations on Monday called for "all parties" to exercise restraint and avoid "fueling tensions" in Ukraine, but stopped short of condemning the Kremlin's recognition of independence for two pro-Moscow regions in the east of the country.
China says US creating ‘fear and panic’ over Russia’s attack on Ukraine (Military Times) Chinese Foreign Ministry spokesperson Hua Chunying said the U.S. was fueling tensions by providing defensive weapons to Ukraine.
China says Taiwan is 'not Ukraine' as island raises alert level (Reuters) Taiwan is "not Ukraine" and has always been an inalienable part of China, China's foreign ministry said on Wednesday, as Taiwan President Tsai Ing-wen called for the island to beef up vigilance.
Putin Escalation Leaves China’s Xi With Difficult Balancing Act (Bloomberg) Beijing looks to avoid setting precedent that could backfire. ‘China will have to walk a fine line in this crisis’.
China’s Ukraine Crisis (Foreign Affairs) What Xi gains—and loses—from backing Putin.
The probable role of electronic warfare (EW) and cyber attacks in potential future Russia-Ukraine conflict (Military-Aerospace Electronics) Should a conflict between Ukraine and the separatists escalate into war, it likely will start with artillery fire, EW, and cyber attacks.
How electronic warfare could factor into the Russia-Ukraine crisis (Popular Science) Russia might use electronic warfare as a tool against Ukraine if it invades. Here's what to know about this type of military technology.
Russian Hybrid Threats Report: Despite debunking of false flags, Putin recognizes breakaway republics (Atlantic Council) The Council's open-source researchers break down how the Kremlin is seeking to justify incursions in Ukraine, and where the troops are moving.
Why are Donetsk and Luhansk in Ukraine’s Donbas region a flash point for Putin? (Washington Post) The Donbas region in eastern Ukraine has been a flash point in the escalating crisis between Russia and Ukraine, which hinges on land borders and strategic influence.
Russia Is Reenacting Its Georgia Playbook in Ukraine (Foreign Policy) False claims of military withdrawal followed by recognition of breakaway regions is a tried and tested Kremlin strategy.
Why Vladimir Putin is obsessed with Ukraine (The Telegraph) The current crisis has pushed Europe to the brink of war. No matter how it ends, Mr Putin will be back for Ukraine
Opinion: Surprising cracks, if small ones, appear in Kremlin support for Putin on Ukraine (Washington Post) President Vladimir Putin presented a theatrical justification for war with Ukraine on Monday, but initial Russian military actions along the border were limited — and there seemed to be a few small cracks in Kremlin support for Putin’s obsession with regaining Russian dominion in Kyiv.
The U.S. Is Learning to Win the Information War Against Putin (Bloomberg) Biden’s willingness to publicly release sensitive intelligence on Russia and Ukraine is savvy, but not without risks.
Strengthening Belarus identity could complicate Putin’s soft annexation (Atlantic Council) A strengthening sense of national identity in Belarus poses potential challenges for Russian President Vladimir Putin as he seeks to complete what many see as the unofficial annexation of the neighboring country.
Putin Calls Ukrainian Statehood a Fiction. History Suggests Otherwise. (New York Times) In a speech, President Vladimir V. Putin bent Ukraine’s complex history into his own version that served as a justification for his cleaving off more of its territory.
NATO must seize the current strategic opportunity in the Black Sea (Atlantic Council) The Ukraine crisis has underlined the need for NATO to develop a coherent Black Sea Strategy that will allow the alliance to counter the growing regional threat posed by Vladimir Putin's resurgent Russia.
India’s Faltering Nonalignment (Foreign Affairs) The Ukraine crisis should force New Delhi to rethink its Russia policy.
Ukraine crisis live: Russian defence minister and military chiefs among those to face EU sanctions (the Guardian) Sanctions expected to be announced later on Wednesday would go further than US and UK sanctions
Russian Stocks, Ruble Rebound as Sanctions Seen Muted So Far (Bloomberg) Local bonds buck the bounce as possible debt penalties linger. Markets were hammered after Putin recognized breakaway regions.
Ukraine Crisis Ripples Through World Markets From Stocks to Gold (Bloomberg) Russian stocks drop as much as 19% in two trading sessions. Nearly one trillion dollars could be wiped from equities.
Not Just Oil: Threat Of War Fuels Surging Aluminum, Gold Prices As Experts Warn Inflation ‘Shock’ Could Tank Stocks (Forbes) Rising geopolitical tensions are "further amplifying" commodities prices across the board, JPMorgan analysts said as oil prices soared toward $100.
Russia warns gas prices will double after Nord Stream 2 blocked  (The Telegraph) Russia has warned European gas prices will more than double after Germany slammed the brakes on the Nord Stream 2 pipeline.
Vladimir Putin controls the supply chain of western technology, so who is bluffing? (The Telegraph) Russia has the power to hobble key industries in the US and Europe by restricting supplies of metals
25 Malicious Packages Discovered in npm Repository (JFrog) JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. Find out more >
Another set of malicious npm packages caught stealing Discord tokens, environment variables (The Record by Recorded Future) DevOps security firm JFrog said today that it found and helped remove 25 malicious JavaScript libraries from the official npm package repository.
Vulnerable Microsoft SQL Servers targeted with Cobalt Strike (BleepingComputer) Threat analysts have observed a new wave of attacks installing Cobalt Strike beacons on vulnerable Microsoft SQL Servers, leading to deeper infiltration and subsequent malware infections.
Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike (The Hacker News) Hackers are exploiting unpatched vulnerabilities in Microsoft SQL servers that are exposed to the internet to backdoor them using the Cobalt Strike.
Hackers distribute Cobalt Strike to unpatched MS-SQL server instances (Computing) Most attacks were likely conducted by the same threat actor, the researchers believe
Gaming, Banking Trojans Dominate Mobile Malware Scene (Threatpost) The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say.
OKCPD: Rape victims’ personal information possibly leaked in former contractor data breach (KFOR) The Oklahoma City Police Department says personal information of sexual assault victims from rape kit investigations may have been leaked through a data breach involving a former contractor.
Behind the stalkerware network spilling the private phone data of hundreds of thousands (TechCrunch) A fleet of spyware apps share the same security flaw.
Expeditors International Shuts Down Computer Systems After Cyberattack (Wall Street Journal) The logistics giant hasn’t said when it will fully restore operations, raising fears of further stress on already fragile global supply chains.
Expeditors battles to recover systems after possible 'ransomware' cyber-attack (The Loadstar) A whole army of “recovery” companies will have descended on Expeditors as it battled to recover from a targeted cyber attack on Sunday. Expeditors, which has endeavoured to keep the market updated, said yesterday its network was operating, using its global business continuity plan. “Our employees continue to leverage back-up procedures and alternative solutions to support our customers and stakeholders,” it said. “Cybersecurity and information technology experts and partners are focused on remediation …
Cyberattack Hits Global Operations of Logistics Giant Expeditors International (SecurityWeek) A cyberattack that may have involved ransomware has resulted in disruption to the global operations of logistics giant Expeditors International.
Billion-dollar logistics giant Expeditors struggling to recover from cyberattack (ZDNet) The Seattle-based company announced the attack on Sunday but would not say if it was a ransomware incident.
Expeditors’ operations hit following cyber attack (Air Cargo News) Global operations at Expeditors are facing disruption after the US forwarder became the latest supply chain firm to suffer a cyber attack.
Cyberattackers Cook Up Employee Personal Data Heist for Meyer (Threatpost) The Conti gang breached the cookware giant's network, prepping thousands of employees’ personal data for consumption by cybercrooks.
Founder for 'Adopt a Trucker' campaign has emails leaked by hacker (The Daily Dot) A hacker has leaked emails from the inbox of Chris Garrah, the founder of the pro-Freedom Convoy fundraiser Adopt a Trucker.'
Self-described “cyber-terrorist” takes credit for illegal GiveSendGo data breach (TNC) Canadian hacker Aubrey Cottle has claimed responsibility for the illegal GiveSendGo data breach on Sunday that exposed the private information of thousands of people who donated to the Freedom Convoy fundraiser. 
Facebook Scammers Are Shilling Fake Cryptocurrency Using Big Tech’s Biggest Names (The Markup) Facebook ads have popped up to advertise nonexistent Amazon, Tesla, and even Facebook cryptocurrencies
Hackers Sell Backdoors Into A $2 Billion Nonprofit, A Californian Hospital, And Michigan Government (Forbes) Cybercriminals are charging anything from $500 to $7,000 for access to organizations’ computers and morals appear to have gone out the window, as Doctors Without Borders and a U.S. hospital are targeted.
Officials warn of new phishing scam to get bank information (WPXI) Scammers are changing the way they try to steal your banking information.
Crypto Scammers’ New Target: Dating Apps (New York Times) “Everything was a lie,” said one woman lured into a recent scam.
Swedish Camera Firm Axis Reports Outage After IT ‘Attack’ (Bloomberg) Axis said it is ‘gradually’ bringing systems back online. Body-worn cameras used by police apparently unaffected.
Slack is back online after an outage cut many users off (The Verge) It’s not just you — Slack is having problems.
GE Proficy CIMPLICITY-IPM (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Improper Privilege Management  2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve both code execution and local privilege escalation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Proficy CIMPLICITY, an HMI and SCADA platform, are affected:
GE Proficy CIMPLICITY-Cleartext (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to capture a connection session, resulting in disclosure of sensitive information.
WIN-911 2021 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the installed directory and achieve code execution in the application’s context and permissions.
UpdraftPlus issues security patch to fix problem (Enterprise Times) UpdraftPlus, a backup plug-in for WordPress, has issued an urgent security patch for its product. Researcher Marc-Alexandre Montpas of Automattic first discovered the vulnerability during an audit of UpdraftPlus. Montpas reported the vulnerability on February 15. It was patched within two days.
Dragos Industrial Cybersecurity “Year in Review” Reports Rise in Threat Groups, Vulnerabilities, and Ransomware as ICS/OT Systems Digitally Transform (Business Wire) Dragos, Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, today released its fi
2021 ICS Cybersecurity Year in Review (Dragos) Stay ahead of activity groups targeting ICS/OT with the expert analysis in Dragos's 2021 ICS Cybersecurity Year in Review.
ProtonVPN’s Digital Freedom Index (ProtonVPN Blog) The ability to access the internet varies greatly from country to country. We look at where people have the most and least digital freedom.
IBM Report: Manufacturing Felt Brunt of Cyberattacks in 2021 as Supply Chain Woes Grew (IBM Newsroom) IBM Security released its annual X-Force Threat Intelligence Index unveiling how ransomware and vulnerability exploitations were able to "imprison" businesses in 2021 burdening global supply chains, with manufacturing as the most targeted industry.
Ransomware attacks rise almost 93% in 2021, according to NCC Group Annual Threat Monitor (Mynewsdesk) This builds upon a gradual but noticeable rise in ransomware attacks since the COVID-19 pandemic began, with ransomware accounting for 65.38% of all…
Study: Seventy-four Percent of IT Decision Makers Say New Extortion Tactics Make Ransomware a National Security Threat (Business Wire) Venafi® announces the findings of a global survey of IT decision makers on the use of double and triple extortion in ransomware attacks
Venafi Survey: Ransomware Evolves—Double and Triple Extortion Now Features in Over 80% of Ransom Demands (Venafi) A Venafi study shows that double- and triple-extortion ransomware is the new normal for cyber extortion and is evolving too fast for security controls to handle.
Q4 2021 Threat Landscape: Software Exploits Abound (Kroll) In Q4 2021, Kroll observed a 356% increase in common vulnerabilities and exposures (CVEs) or zero-day vulnerabilities being exploited for initial access by threat actors. Find out more in Kroll's Threat Landscape report.
Secure Software Summit Findings: Shifting Security Left a Work In Progress (ShiftLeft) Site Changing the world of software security
Authorization is the Emerging Priority in Identity and Access Management Strategies (IAM) for 2022, According to New Research Report from PlainID (PR Newswire) PlainID, The Authorization Company, a leading provider of authorization and policy-based access solutions, has today published the 2022 State…
IBM Security X-Force Threat Intelligence Index (IBM) Get the IBM Security X-Force Threat Intelligence Index for the most up-to-date reporting on the evolving cybersecurity landscape
Hyper-Growth Linked to Higher Hacking Risk (Infosecurity Magazine) Fast-growing companies more likely to have suffered ten or more cybersecurity breaches
Bitdefender Threat Debrief | February 2022 (Bitdefender) This month highlights how mobile banking as well as cryptocurrency are becoming increasingly popular to cyber-criminals. Learn what you can do to be prepared.
Hybrid Workforces Face Unique Phishing Challenges (Decipher) Phishing attacks have increased across the board over the past year as companies continue to grapple with unique remote and hybrid work environment challenges.
Energy sector the 'most attacked' in the UK, report (Computing) And the UK is among the three most targeted in countries in Europe
US financial industry ‘uniquely susceptible’ to supply chain threats (SC Magazine) Many businesses have “deprioritized cybersecurity over the past year amid the pandemic, according to a recent report by Kaspersky.
Enterprise IoT Security Firm Phosphorus Raises $38 Million (SecurityWeek) Nashville, TN-based IoT security firm Phosphorus Cybersecurity has raised $38 million in a Series A funding round led by SYN Ventures and MassMutual Ventures
MDR Vendor eSentire Banks $325M at 'Unicorn' Valuation (SecurityWeek) Warburg Pincus-backed eSentire is the latest entrant to the cybersecurity "unicorn" list.
CHEQ enters Unicorn club with $150 million Series C at $1 billion valuation (Ctech) The Israeli Go-to-Market Security startup helps organizations looking to secure their business from invalid traffic
Darktrace Buys Cybersprint for EUR47.5 Mln (MarketWatch) Darktrace PLC said Wednesday that it is buying attack surface management company Cybersprint B.V. for 47.5 million euros ($53.8 million) in…
Darktrace snaps up Dutch Cybersprint to drive preventative cyber attack approach (CityAM) Tech darling Darktrace announced that it has snapped up Cybersprint, an attack surface management company that provides continuous, real-time insights from an outside-in perspective to eliminate blind spots and detect risks, for €47.5m (£39.6m), valuing the transaction 12.5 times Cybersprint’s annual recurring revenue.
CyberPoint3 Acquires Advanced Cybersecurity Companies, Point 3 Security, Inc. and P3F LLC (GlobeNewswire News Room) Acquisition of elite cyber capabilities and technologies from US national security community allows Cyber Capital Partners to arm the critical…
Duo Of Cyber Companies Become Newest Minted Unicorns, Continuing Strong Start Of Year In Funding In Sector (Crunchbase News) Tuesday saw not one, but two new unicorns minted in the cybersecurity space as both eSentire and Beyond Security joined the herd.
Cybersecurity Nonprofits Form “Nonprofit Cyber” Coalition (Nonprofit Cyber) Cybersecurity Nonprofits Form “Nonprofit Cyber” Coalition Nonprofits that focus on action and tangible results to more effectively collaborate and coordinate to increase efficiency and impact globa…
Palantir Receives $34 Million Software Order For Army Intelligence Data Platform (Defense Daily) Palantir Technologies has received a $34 million software procurement order from the Army in support of the service’s battle command intelligence system,
AT&T Cybersecurity announces 2022 ‘Partner of the Year Awards’ winners (AT&T) We are thrilled to announce that Softcat is the AT&T Cybersecurity 2022 Global Partner of the Year for the second year in a row! Softcat aggressively grew their business and achieved truly impressive results in 2021.
BlackBerry Honored with SE Labs Enterprise Advanced Security Test Award (BlackBerry) BlackBerry Limited today announced the results from SE Labs’ Enterprise Advanced Security Test on BlackBerry® Protect and BlackBerry® Optics, the company’s AI-driven endpoint protection (EPP) and endpoint detection and response (EDR) products.
Tidal Cyber — Exciting News To Share (TIDAL) To mature cybersecurity culture away from simple compliance-driven-box-checking exercises to adversary behavior-oriented approaches will take time. To achieve that goal, it is essential for us to understand the range of needs that exist across target industry segments and enterprises of all sizes.
Colonial Pipeline Names Adam Tice Chief Information Security Officer (PR Newswire) Colonial Pipeline today announced that Adam Tice has joined the company as Chief Information Security Officer. In his new role, Tice will…
Colonial Pipeline hires former Equifax cyber executive as CISO (The Record by Recorded Future) Colonial Pipeline, the major oil infrastructure company that was forced to temporarily shut down operations last May due to a ransomware attack, announced on Tuesday that it appointed a new leader for its information and data security program.
Netskope Names Marilyn Miller Chief People Officer (PR Newswire) Netskope, the SASE leader, today announced the appointment of Marilyn Miller as its first Chief People Officer. Miller has global…
SynSaber Launches Palm-Sized Threat Sensor for OT Environments (SecurityWeek) SynSaber launches a palm-sized threat sensor designed to help organizations gain visibility and detect threats in their OT environments.
Sumo Logic Boosts Automation to Deliver Increased Collaboration, Shorter Investigation and Response Times for Modern Security Operations (GlobeNewswire News Room) Sumo Logic Introduces War Room and App Central Capabilities to Industry-Leading Cloud SOAR…
Medigate Selected by American Hospital Association as Preferred Cybersecurity Service Provider (PR Newswire) Medigate by Claroty, healthcare's leading clinical device data security and integration platform, today announced its selection by the American…
 Styra Pioneers Context-Rich Entitlements for Modern Application Authorization (Business Wire) Styra, Inc., the founders and maintainers of Open Policy Agent (OPA) and leader of cloud-native authorization, today announced Styra Declarative Autho
SecurityBridge Broadens U.S. Reach With New 1st Basis Group Partnership (GlobeNewswire News Room) U.S. SAP Managed Service Providers Continue to Embrace the World’s First and Only Seamlessly Integrated SAP Cybersecurity Technology for Their Customers…
NetSPI Launches New Attack Surface Management Platform (PR Newswire) NetSPI, the leader in enterprise penetration testing, today introduced Attack Surface Management to help secure the expanding, global attack…
Pentesting firm NetSPI expands into attack surface management (VentureBeat) NetSPI announced it's bringing together its enterprise pentesting service with external attack surface management (EASM).
Illumio Introduces Managed Service Provider Program to Empower MSPs to Protect Customers with Zero Trust Segmentation (Illumio) New Program Offers MSPs and MSSPs Specialized Capabilities to Defend Against Cyber Attacks Such as Ransomware and Capitalize Upon Surging Zero Trust Segmentation Market
Darktrace adds open investigations to Cyber AI Analyst platform (Help Net Security) Darktrace announced significant enhancements to its Cyber AI Analyst product as it now intelligently groups incidents.
U.S. Government agencies adopt Swimlane's security automation to improve cybersecurity effectiveness (Help Net Security) Swimlane announced that its cloud-scale, low-code security automation is being adopted by leading U.S. Government agencies.
Rubrik Expands Ransomware Recovery Warranty to Cover Cloud Solution Built on Microsoft (Rubrik) With Rubrik Cloud Vault, security teams now have the confidence their business can recover from cyber attacks.
Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM, to reimagine SIEM and SOC Analytics (Yahoo) A major challenge in cybersecurity today is our inability to leverage massive scales of data for our defense. To meet this challenge, Palo Alto Networks (NASDAQ: PANW) today announced Cortex® XSIAM: an AI-driven platform that can revolutionize the way data, analytics and automation are deployed by security organizations. Extended Security Intelligence & Automation Management (XSIAM) turns widespread infrastructure telemetry into an intelligent data foundation to fuel best-in-class artificial int
Veritas Redefines Cloud Data Protection with the Launch of Cloud Scale Technology (Yahoo Finance) Veritas Technologies, a leader in multi-cloud data management, today announced the latest version of NetBackup™ powered by Cloud Scale Technology, the next generation of NetBackup’s industry-leading architecture, which is the foundation for Autonomous Data Management and multi-cloud data protection at scale.
Eliminating Crypto Headaches: 1Password and Phantom Join Forces to Make Crypto Security Human-Centric (PR Newswire) Lost and stolen cryptocurrency can cost investors millions of dollars, and unlike a credit or bank card, losing access to your digital wallet…
Thales Accelerates Digital Transformation of Payment Ecosystem in the Cloud (Business Wire) Thales today announced its payShield 10K technology is helping to deliver Microsoft Azure Payment Hardware Security Module (HSM), a new service that p
Zerto offers new Get Out of Ransomware Jail offer for 2022 (SecurityBrief Asia) Organisations are increasingly aware that its no longer a matter of if but when they will be targeted by a ransomware attack.
How Cyble helps companies identify dark web data leaks (VentureBeat) Cyble uses AI and machine learning to analyze the dark and surface webs in real-time and to identify if an enterprise's login credentials are exposed online. To date, it says it has scanned over 200 billion dark web records, 50 billion threat indicators, and 400 million digital assets. 
GitHub Opens Up Security Advisory Database (Decipher) GitHub is opening is security Advisory Database to contributions to the community, allowing new research and improvements to help secure the software supply chain.
Singtel’s Paragon platform to ease edge computing deployments (ComputerWeekly) Singtel’s new software platform is touted to make it easier for enterprises to deploy edge computing applications on its multi-access edge computing platform.
Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM, to reimagine SIEM and SOC Analytics (PR Newswire) A major challenge in cybersecurity today is our inability to leverage massive scales of data for our defense. To meet this challenge, Palo Alto…
Carahsoft to Offer Data Protection Software Tanium to Government Customers; President Craig Abod Quoted (Executive Gov) In response to the ramping up of cybersecurity threats in recent times, Carahsoft has teamed with Tanium, a platform that aids in visibility and endpoint management.
Verizon protects over 80 million customers from more than 20 billion unwanted calls (TelecomTV) – NEW YORK – No one wants to be bothered with annoying robocalls which is why Verizon continues to lead the industry forward with technologies to protect our …
Forward Networks Delivers Hybrid Multi-Cloud Visibility and Monitoring in a Single Pane of Glass (PR Newswire) Forward Networks, the only company offering visibility and intent capabilities across the entire network estate, including on-premises,…
Satori Releases Data Access Controller Manager for Virtual Private Cloud, Becomes First to Provide Secure Data Access Across Every Cloud-Based Deployment Environment (GlobeNewswire News Room) With new features, Satori provides advanced access controls, custom classification and zero down-time updates across multiple data centers and cloud…
U.S. Army and Other Leading U.S. Government Agencies Take Proactive Stance Against Cyberattacks with AttackIQ (Business Wire) AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced that leading U.S. Government legislative, exe
KnowBe4 and Kontra Partner to Educate Application Developers on Best Practices for Improved Application Security (KnowBe4) KnowBe4 and Kontra Partner to Educate Application Developers on Best Practices for Improved Application Security
Rubrik Expands Ransomware Recovery Warranty to Cover Cloud Solution Built on Microsoft (Rubrik) With Rubrik Cloud Vault, security teams now have the confidence their business can recover from cyber attacks.
How Viable is Zero Trust for OT/IoT Networks? Is it a Journey or a Destination? (Nozomi Networks) With the U.S. government’s move toward a Zero Trust Architecture, here’s what critical infrastructure organizations need to consider for their OT/IoT networks.
Guide to Cyber Threat Intelligence: Elements of an Effective Threat Intel and Cyber Risk Remediation Program (Flashpoint) Threat intelligence serves as your organization’s first line of defense against threat actors and security risks that may be targeting your data,
Automating Incident Response (Radware Blog) The classic approach, though, revolves around combining SOAR and IRP to automate routine operations and speed up incident response.
10 Breakthrough Technologies 2022 (MIT Technology Review) This list represents a glimpse into our collective future.
The US Copyright Office says an AI can’t copyright its art (The Verge) No human authorship means no copyright protection.
Why in the year of our lord 2022 am I still getting robocalls??? (Vox) They made a Covid-19 vaccine in less than a year, but I still get robocalls.
Georgia students to participate in CyberStart America, compete for cash prizes (Johnson City Press) Georgia high school students will participate in CyberStart America, an innovative, online cybersecurity talent search and competition sponsored by the National Cyber Scholarship Foundation and the SANS Institute,
Russia Finalizes Draft of Digital Currency Laws (GovInfoSecurity) The use of digital currency as legal tender continues to be prohibited in Russia, according to the Russian Ministry of Finance's draft of digital currency law, even
Israel appoints new cyber czar – here are the challenges he faces (Haaretz) Gaby Portnoy will take over Israel’s cyber authority. Does his background in both military intelligence and the private sector put him in a good place to defend Israeli cyberspace?
DOD Announces New Version of Cyber Resilient Weapon Systems Guidance Online Portal (Executive Gov) The Department of Defense has completed updating its online repository of guidance and knowledge for developing weapons that are secure against malicious cyber activities.
New York Sets Cyber Command Center to Coordinate State Security (Bloomberg Law) New York Gov. Kathy Hochul is establishing a cybersecurity command center to coordinate state efforts to anticipate potential hacking threats and respond to incidents.
Governor Hochul Announces Formation of Joint Security Operations Center to Oversee Cybersecurity Across the State (New York State) Governor Hochul announced the creation of a Joint Security Operations Center in Brooklyn that will serve as the nerve center for joint local, state and federal cyber efforts, including data collection, response efforts and information sharing.
Exclusive: Austrian Programmer And Ex Crypto CEO Likely Stole $11 Billion Of Ether (Forbes) Who hacked The DAO in 2016, diverting 3.6 million ether? We identify the apparent hacker — he denies it — by following a complicated trail of crypto transactions and using a previously undisclosed privacy-cracking forensics tool.
Israeli Probe Finds Police Spied on Citizen With Pegasus (SecurityWeek) An Israeli government probe into allegations of police spying on citizens using Pegasus malware on Monday said police successfully infected the phone of one individual subject to a court order.
Police bust phishing group that used 40 sites to steal credit cards (BleepingComputer) The Ukrainian cyberpolice have arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top up sites.
'I'm a gentleman, not a monster': Tinder Swindler Simon Leviev speaks out (The Telegraph) The convicted romance fraudster shot to notoriety following a Netflix documentary
Durham probe will inform court of public opinion, but not much more | Opinion (Newsweek) Durham's duty is to scrutinize the activities surrounding the birth and life of five years of drumbeats designed to denigrate Trump as a tool of the Russians.
For a complete running list of events, please visit the Event Tracker.
SINET – Silicon Valley 2022 (Mountain View, California, USA, Mar 24, 2022) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.
Security Training and Awareness Conference (Scottsdale, Arizona, USA, Apr 12 – 13, 2022) Elevate your cybersecurity training and awareness programs and learn from the experts at our Regional Conference in Scottsdale, AZ. Swap your pajamas for business casual and join the National Cybersecurity Alliance for the first in-person conference for cybersecurity training and awareness professionals since 2019!
Ontic Summit 2022 – A Protective Intelligence Event (Austin, Texas, USA, Feb 22 – 23, 2022) Join us for three days in Austin to explore the latest strategies and technologies propelling protective intelligence forward. Learn from renowned speakers, industry leaders, and practitioners on the future of security, and network with your peers. Hear keynote sessions designed to bring a macro view on global security trends as well as breakout sessions featuring security leaders and practitioners sharing best practices and case studies. Discover new technology innovation in Ontic’s product showcase, and walk away with fresh perspectives and actionable insights to elevate your protective intelligence program.
Emerging Technologies, Existing Policies and Architectures (Columbia (or Virtual), Maryland, USA, Feb 23, 2022) This presentation will discuss current architectures and policies and how it's hard to match the speed of change. That the coalition of the willing can create change through sharing and leveraging the grassroots of organizations and drive-up consistencies in leveraging what you have to meet new constructs and open a discussion on what policies are required.
Cisco’s Talos Incident Response 2021 Year-in-Review (Virtual, USA, Feb 24, 2022) Join Cyber Threat Alliance Chief Analytic Officer Neil Jenkins and Cisco Talos’ Head of Strategic Analysis Dave Liebenberg as they explore the top threats, initial vectors and major security incidents the Cisco Talos Incident Response handled in 2021, as well as provide insight into what they believe will shape the threat landscape in 2022 and beyond.
CTA Webinar – Talos Incident Response Year-in-Review for 2021 (Virtual, Feb 24, 2022) Join Neil Jenkins, Chief Analytic Officer @CTA, and Dave Liebenberg, Head of Strategic Analysis @Cisco Talos, as they discuss the Talos Incident Response Year-in-Review for 2021. This talk will explore the top threats, initial vectors, and major security incidents that Cisco Talos Incident Response (CTIR) dealt with in 2021. In addition, it provides some insight into what CTIR believes will shape the threat landscape in 2022 and beyond.
Insider Threat Program Development – Management Live Web Based Training Course / Certificate (Virtual, Mar 1 – 3, 2022) This affordable, comprehensive and extremely resourceful 1 day training course will ensure the Insider Threat Program (ITP) Manager, Facilities Security Officer, Insider Threat Analyst, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing or enhancing an ITP / Working Group. Our student satisfaction levels are in the exceptional range. Over 875+ individuals have attended this training course and received ITP Manager Certificates.


Share on facebook
Share on twitter
Share on linkedin
Share on pinterest

Leave a Comment


It’s easy: all we need is your email & your eternal love. But we’ll settle for your email.