The US National Cybersecurity Strategy. Red-teaming critical infrastructure. Cryptojacking. Updates on the hybrid war.


Ukraine at D+371: General Mud. (CyberWire) Mud impedes operations, as no major changes in the lines are reported. Hacktivism continues, and Russia bans some messaging apps.

Russia-Ukraine war at a glance: what we know on day 372 of the invasion (the Guardian) Ukraine hangs on to Bakhmut as at least three killed in missile strike on Zaporizhzhia; German chancellor cautions China against arming Russia

Putin’s army stuck in mud like Hitler’s in 1941 (The Telegraph) Russia has been relying on rapid advancement which the recent change of weather has made more difficult

Russia claims it repelled ‘massive’ Crimea drone attack (The Telegraph) Russia’s defence ministry on Wednesday claimed it had thwarted what it described as a massive Ukrainian drone attack on Crimea.

Russia Says Ukrainian Saboteurs Launch Cross-Border Attack ( Russian officials say Ukrainian saboteurs have crossed into western Russia and attacked villages there, as the war extends into its second year.

Russia’s Invasion of Ukraine: One Year Later (Foreign Affairs) A Conversation With Dara Massicot, Liana Fix, and Michael Kimmage

One year in, finding a path forward for a Ukrainian victory (Breaking Defense) One volunteer ferrying supplies and vehicles into the city of Bakhmut told Breaking Defense the Russian forces attacking act “like a zombie army.”

Russia-Ukraine war live: Blinken tells Lavrov US will support Kyiv for as long as it takes during meeting in margins of G20 summit (the Guardian) US secretary of state speaks to Russian foreign minister in what is believed to be their first one-on-one conversation since invasion of Ukraine

The Limits of the No-Limits Partnership (Foreign Affairs) China and Russia can’t be split, but they can be thwarted.

Putin’s Oligarchs Fall in Line (Puck) The shock and disgust that many Russian elites felt at the beginning of the war—at the notion that Putin had just single-handedly made a disastrous decision that would destroy their own country—has abated. “The universal position is to trust their commander in chief.”

Russia bans foreign messaging apps (Computing) The Russian internet watchdog, Roskomnadzor, has banned several foreign messaging applications from being used in government and state agencies.

U.S. Consulate hacked by “Putin supporters” (Newsweek) The account was hijacked to share posts comparing Ukraine to Nazi Germany.

The Satellite Hack Everyone Is Finally Talking About (Bloomberg) As Putin began his invasion of Ukraine, a network used throughout Europe—and by the Ukrainian military—faced an unprecedented cyberattack that doubled as an industrywide wake-up call.

When Ukraine goes dark (Washington Post) One Kyiv apartment building coping with power outages shows the day-to-day toll of war in Ukraine away from the front line.

Ukraine’s Startups Kept Innovating Through 1 Year of War (WIRED) Founders and coders have shipped updates through blackouts and from bomb shelters. “There’s no way out except to fight for the future,” one worker says.

The tech workers exiled from Europe’s last dictatorship (Rest of World) Ruthless political repression has decimated Belarus’ once-thriving tech scene.

Kherson torture centres were planned by Russian state, say lawyers (the Guardian) Investigators say sites set up during occupation of Ukrainian city were part of ‘calculated plan to terrorise’ locals

Attacks, Threats, and Vulnerabilities

US Marshals Service target of ‘major’ cyber-attack (BBC News) The security breach at the federal law enforcement agency was categorised as a “major incident”.

Ransomware attack on US Marshals compromises sensitive information (the Guardian) Federal agency best known for tracking down fugitives suffered security breach on 17 February

BlackLotus UEFI bootkit: Myth confirmed (WeLiveSecurity) ESET researchers are the first to publish an analysis of BlackLotus, the first in-the-wild UEFI bootkit capable of bypassing UEFI Secure Boot.

Approov Mobile Threat Lab Finds 92% of Popular Fintech Apps Immediately Expose Valuable, Exploitable Secrets (Business Wire) Inadequate Protection of API Keys at Runtime Places Consumer Data and Treasure at Sharp Risk. Stolen API Keys Can be Used to Steal Personal and Financial Data.

Redis Miner Leverages Command Line File Hosting Service (Cado Security | Cloud Investigation) Cado Labs researchers recently discovered a novel cryptojacking campaign targeting insecure deployments of Redis.

Security Defects in TPM 2.0 Spec Raise Alarm (SecurityWeek) Security defects in the Trusted Platform Module (TPM) 2.0 reference library specification expose devices to code execution attacks.

Gitpod remote code execution 0-day vulnerability via WebSockets (Snyk) In this post, we present the first findings from our current research into Cloud Development Environments (CDEs) — which allowed a full account takeover through visiting a link, exploiting a commonly misunderstood vulnerability (WebSocket Hijacking), and leveraging a practical SameSite cookie bypass.

Cyber Threats Unveiled: SSH Scanning and XorDDos Propagation (Avertium) This report discusses the apparently automated approach used by a threat actor to identify vulnerable hosts, install the XorDDoS bot, & launch DDoS attacks

Introducing The Top 10 Open Source Software (OSS) Risks (Endor Labs) The Endor Labs Station 9 research team teamed up with over 20 CISOs and CTOs to identify the top 10 security and operational risks introduced through reliance on open source code.

LastPass CEO acknowledges mistakes, takes ‘full responsibility’ for recent breach failures (Axios) Attackers gained access to millions of users’ password vaults and other sensitive information in two breaches.

Dish Network Shares Hit 14-Year Low After Cyber Attack Caused Major Outage (Forbes) Dish Network’s website and customer services systems went black in a major outage that started last week.

Retailer WH Smith reports cyberattack, says employee data compromised (The Record from Recorded Future News) U.K.-based retailer WH Smith told regulators that a cyberattack exposed data of current and former employees.

Washington state public bus system confirms ransomware attack (The Record from Recorded Future News) Pierce Transit, which serves the Tacoma area, said a ransomware attack disrupted systems and necessitated some temporary workarounds.

How Cambodia-based scammers made an estimated $3 million in ‘pig butchering’ scheme (The Record from Recorded Future News) Last October, Sean Gallagher received an unexpected text message from a young Malaysian woman calling herself Harley.

The VulnCheck 2022 Exploited Vulnerability Report – A Year Long Review of the CISA KEV Catalog – Blog – VulnCheck (VulnCheck) A review of the vulnerabilities added to the CISA KEV Catalog in 2022. VulnCheck examines which vulnerabilities were added in 2022, who exploited them, and how long it took to add them to the Catalog.

2023 Global Threat Report (CrowdStrike) The latest edition of the CrowdStrike Global Threat Report comes at an important time for protectors around the world.

Americans lost nearly $4 billion to investment scams in 2022 (Atlas VPN) Over the past few years, investment scams have become increasingly sophisticated and widespread, taking advantage of the rise of digital technologies.

How Shock Sites Shaped the Internet (Vice) We owe the cultural evolution of the internet to the likes of ‘Two Girls, One Cup,’ ‘Goatse,’ and ‘Tubgirl.’

BlackFog Global Ransomware Report (BlackFog) A total of 40 ransomware attacks were publicly reported in February, a 21% increase on January. Government was the most heavily targeted sector, closely follow by healthcare. Several large organizations made headlines including, ION, Five Guys and Dole Foods, while we closed out the month with an attack on the US Marshals.


Virtru Joins NIST NCCoE Data-Centric Security and Classification Consortium (GlobeNewswire News Room) Joint effort with NIST, Google, Adobe, JPMorgan Chase & Co., and other global tech innovators aims to advance data-centric security at scale…

Deep Instinct Included in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP) (PR Newswire) Deep Instinct, the first company to develop a purpose-built, AI-based deep learning (DL) framework for cybersecurity, announced their inclusion…

CRN Names Versa Networks One of 20 Coolest Network Security Companies of 2023 (Business Wire) Also Featured on CRN’s 2023 Security 100 List, Versa Uniquely Equips and Offers Accredited Training for Channel Partners to Deliver the Leading Unified SASE Solution to Customers

DomainTools Expands Executive Team, Appoints Chad Bacher as Chief Product Officer (DomainTools) DomainTools, the global leader for Internet Intelligence, today announced the expansion of its C-suite leadership team with the appointment of Chad Bacher as Chief Product Officer (CPO.) As CPO, Bacher is responsible for DomainTools’ product vision, strategy, and execution and oversees the Company’s Product, Engineering, Architecture and Research teams. […]

Products, Services, and Solutions

Dashlane Passkey Support Coming to Android (Dashlane) Google released the first Android 14 developer preview, which contains changes that enable third-party apps to manage passkeys.

InfoTech partners with AU10TIX to securely, rapidly verify bankers’ identities (ITWeb) The addition of AU10TIX to InfoTech’s solutions portfolio addresses the need for automated solutions to support fraud prevention, risk management and POPIA compliance.

WatchGuard’s XDR Solution, ThreatSync, Simplifies Cybersecurity for Incident Responders (WatchGuard Technologies) ThreatSync enables a comprehensive and simple-to-use XDR solution as part of WatchGuard’s Unified Security Platform, accelerating cross-product detections and faster responses to threats from a single pane of glass

New Fortinet releases provide better protection for operational technology environments – SiliconANGLE (SiliconANGLE) Cybersecurity firm Fortinet Inc. today announced enhanced products and services for operational technology environments as an expansion of the its Security Fabric for OT.

Sumsub introduces Travel Rule solution for crypto businesses (PR Newswire) Sumsub, a global tech company that provides customizable KYC, KYB, AML and transaction monitoring solutions, has launched a Travel Rule…

Viasat Launches Cybersecurity Service Using Classified Threat Intelligence to Help Protect U.S. Businesses and Critical Infrastructure (PR Newswire) Viasat Inc. (NASDAQ: VSAT), a global communications company, today announced the launch of its Trusted Cybersecurity Services (TCS) solution, a…

PC Magazine Selects Data443’s Ransomware Recovery Manager as One of the Best Ransomware Protections for 2023 (GlobeNewswire News Room) Data443 Risk Mitigation, Inc. (“Data443”) (OTCPK: ATDS), a data…

Technologies, Techniques, and Standards

CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and filter function, and a cart functionality that lets users export results to commonly used formats.

Cyber training expands to local leaders (GCN) The National Cybersecurity Center will offer the training every two years, and push local governments to take advantage of free resources and information-sharing.

Research and Development

SoftBank Corp. and SandboxAQ Jointly Verify Hybrid Mode Quantum-safe Technology (HPC) SoftBank Corp. (“SoftBank”) has announced that it completed a demonstration of combined classical encryption algorithms, represented by elliptic curve cryptography (ECC), with Post Quantum Cryptography (PQC) algorithms using a hybrid approach.

You Are Not a Parrot (Intelligencer) And a chatbot is not a human. And a linguist named Emily M. Bender is very worried what will happen when we forget this.

Legislation, Policy, and Regulation

National Cybersecurity Strategy (The White House) Digital technologies today touch nearly every aspect of American life.

FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy (The White House) Read the full strategy here Today, the Biden-Harris Administration released the National Cybersecurity Strategy to secure the full benefits of a safe and secure digital ecosystem for all Americans. In this decisive decade, the United States will reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security…

Biden administration releases new cybersecurity strategy (AP NEWS) The U.S. government plans to expand minimum cybersecurity requirements for critical sectors and to be faster and more aggressive in preventing cyberattacks before they can occur, including by using military, law enforcement and diplomatic tools, according to a Biden administration strategy document released Thursday.

White House pushes for mandatory regulations, more offensive cyber action under National Cyber Strategy (The Record from Recorded Future News) The White House unveiled its National Cybersecurity Strategy on Thursday, calling for more regulations and offensive cyber action.

Here’s why Biden’s new cyber strategy is notable (Washington Post) Five under-the-radar parts of Biden’s national security strategy

How the U.S. National Cyber Strategy Reaches Beyond Government Agencies (Wall Street Journal) The Biden administration released its long-awaited national cybersecurity strategy Thursday, setting out in broad terms how the U.S. government should approach cybercrime, its own defenses, and the private sector’s responsibility for security over the next several years.

Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity (Wall Street Journal) Markets have imposed “inadequate costs” on companies that build vulnerable technology, it says.

Why Biden Wants to Keep the Law That Allows NSA Mass Surveillance, and Republicans Want to Kill It (Slate Magazine) The Biden administration sent a letter to Congress urging reauthorization as “a top legislative priority.”

U.S. House panel approves bill giving Biden power to ban TikTok (Reuters) The U.S. House Foreign Affairs Committee voted on Wednesday along party lines to give President Joe Biden the power to ban Chinese-owned TikTok, in what would be the most far-reaching U.S. restriction on any social media app.

Why TikTok Is Being Banned on Gov’t Phones in US and Beyond (SecurityWeek) So how serious is the threat of using TikTok? And should TikTok users who don’t work for the government be worried about the app, too?

TikTok Isn’t the Only China-Backed App the White House Is Worried About (Bloomberg) Concerns go beyond TikTok, Commerce Secretary Raimondo says. Senators ‘thinking hard’ about right way to protect security.

Litigation, Investigation, and Law Enforcement

‘Havana syndrome’ not caused by energy weapon or foreign adversary, intelligence review finds (Washington Post) After a years-long assessment, five U.S. intelligence agencies conclude it is ‘very unlikely’ an enemy wielding a secret weapon was behind the mysterious ailment.

Latest news
Related news