Dateline Moscow and Kyiv: The war of attrition moves into Donetsk.

Ukraine at D+132: Preparing for more attrition in the Donbas (The CyberWire) Russian forces seek to reconstitute themselves as they move to the next phase of their said-to-be-original but actually recently restricted war plan: conquest of the Donbas. Other nations look for lesson in Russia’s hybrid war, and cybercriminals exploit suffering in a phishing campaign directed against Ukrainians.

Russia-Ukraine war: List of key events, day 133 (Al Jazeera) As the Russia-Ukraine war enters its 133rd day, we take a look at the main developments.

Russia’s offensive gains pace in Donetsk; focus shifts to Slovyansk (Washington Post) After sweeping through Luhansk, Russian forces are now gaining ground in the neighboring Donetsk region. Both are part of the prized industrial Donbas heartland of eastern Ukraine that Moscow is seeking to control. Donetsk’s regional governor is urging the area’s 350,000 residents to evacuate as Russia intensifies its bombardment campaign, telling reporters Tuesday: “The destiny of the whole country will be decided by the Donetsk region.”

Ukrainian Governor Urges Evacuation of 350,000 Residents (Military.com) The governor’s call for residents to leave appeared to represent one of the biggest suggested evacuations of the war.

High cost of Russian gains in Ukraine may limit new advance (Army Times) Putin has declared victory in the eastern Ukraine region of Luhansk, but the high cost of Russian gains may limit a new advance.

Russia-Ukraine war: Kremlin spies appointed to run occupied city of Kherson (The Telegraph) An official from Russia’s powerful FSB security services took over the government of the Moscow-occupied Kherson region in southern Ukraine, Kremlin-installed authorities have said.

Russia-Ukraine war: Russia forced to leave troops behind after suffering huge losses (The Telegraph) Russia has sustained significant losses after capturing the twin cities of Severodonetsk and Lysychansk, with the death and injury toll of troops so high they are being left behind, the regional governor of Luhansk said.

Introducing the West’s new weapon working overtime to tilt war in Kyiv’s favour (The Telegraph) The Himars rocket launchers have struck at the heart of Russia’s invasion since being brought into battle last month

Russian Army Turns Ukraine’s Largest Nuclear Plant Into a Military Base (WSJ) The new infusion of weaponry effectively shields the Zaporizhzhia station from a counterattack by Ukrainian forces, and amounts to something the carefully regulated atomic-energy industry has never seen before: the slow-motion transformation of a nuclear power station into a military garrison.

Russian parliament passes first vote on war economy measures (Reuters) The Russian government will be able to compel businesses to supply the military with goods and make their employees work overtime under two laws to support Moscow’s war in Ukraine that were approved in an initial vote in parliament on Tuesday.

Russian prisoners offered £2,800 and freedom if they serve in Ukraine – and come back alive (The Telegraph) The recruitment drive comes amid reports Russia will face shortage of troops if it does not declare a mass mobilisation

Putin’s War Was Never About NATO (Foreign Policy) Russia makes its own choices—however bad they are.

The West Needs a Cure for Cold War Fever (Foreign Policy) Yes, a new cold war is upon us. It’s time to stop talking about it and start trying to win it.

Shallow optimism will be the death knell for Ukraine (The Telegraph) Pessimism is a counsel of despair, but underestimating the scale of the challenge will lead the West to disillusioning defeat

How to win Ukraine’s long war (The Economist) After doing well early in the war, Ukraine is losing ground. What next?

Russia’s Top War Crimes Against Ukraine (ClearanceJobs) Not all war crimes are equal. Russia’s worst war crimes against Ukraine need to be documented and remembered.

How volunteers can help defeat great powers (Army Times) “It was clear from the onset and confirmed throughout our visit that volunteers played a critical role in the defense of Kyiv, yet their role has not been systematically studied.”

NATO signs accession protocols for Finland and Sweden as Ukraine faces shelling in east (Washington Post) Members of the NATO military alliance took a major step Tuesday in their bid to welcome Sweden and Finland to the fold. Delegations gathered in Brussels to sign “accession protocols,” after which NATO members must ratify the two Nordic countries’ accession to complete their formal joining of the bloc.

Keeping Phones Running in Wartime Pushes Kyivstar to the Limit (Bloomberg) Employees killed and displaced, infrastructure seized by force and relentless cyberattacks are only a few of the challenges that Ukraine’s largest mobile phone operator is struggling to overcome as the country tries to fight off Russia’s invasion.

How a nonprofit group has become the biggest repository for hacked Russian data (NPR.org) The war in Ukraine inspired hackers to steal reams of sensitive data from inside Russia. A transparency group wants to publicize that information without actively participating in the conflict.

Ukrainian police takes down phishing gang behind payments scam (ZDNet) Gang may have defrauded 5,000 people with promises of EU support.

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict (Security Affairs) The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks. The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks. The crooks created more than 400 phishing sites for obtaining the banking data of […]

The Ukraine war could provide a cyberwarfare manual for Chinese generals eyeing Taiwan (CyberScoop) China’s certainly watching Russia’s missteps in cyberspace, as well as the U.S. response.

Some Russians won’t halt war protests, despite arrest fears (AP NEWS) Ever since Russia invaded Ukraine, Anastasia has started her day by composing an anti-war message and posting it on the wall at the entrance of her apartment block in the industrial city of Perm in the Ural Mountains.

Switzerland resists Ukrainian plan to seize frozen Russian assets (the Guardian) President says violating property rights would set dangerous precedent and needed legal justification

Russian oligarchs’ human rights at risk if seized assets sold to rebuild Ukraine, Swiss president says (The Telegraph) Ignazio Cassis says plans by UK, EU and Canada to confiscate assets of Russians targeted by Western sanctions would set dangerous precedent

Turkey seizes Russian ship carrying ‘stolen’ Ukrainian grain (the Guardian) Kremlin denies owning the cargo despite boasting of the ‘first ship’ to leave occupied territory

Finland seizes hundreds of Russian freight cars as EU sanctions bite (Reuters) Finland has seized nearly a thousand freight cars belonging to Russian companies as a result of European Union sanctions, according to Finnish state-owned rail operator VR and a letter from Russia’s rail monopoly seen by Reuters.

Group-IB announces regional diversification of business (PR Newswire) Group-IB, one of the global leaders in cybersecurity, has completed the first step in a series of actions aimed at separating its Russia and…

How War in Ukraine Roiled Russia’s ‘Coolest Company’ (New York Times) The decline of Yandex, the Russian version of Google, is emblematic of the economic and cultural troubles spawned by the invasion.

Russian Corruption Is an Urgent Security Threat (Foreign Policy) Western agencies need funding and power to tackle the Kremlin’s influence.

Attacks, Threats, and Vulnerabilities

North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (CISA) CISA, the Federal Bureau of Investigation (FBI), and the Department of the Treasury (Treasury) have released a joint Cybersecurity Advisory (CSA), North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector, to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organizations. 

Latest Cyberattack Against Iran Part of Ongoing Campaign (Threatpost) Iran’s steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country’s rail system.

Iranian Fars News Agency claims cyberattack on a company involved in the construction of Tel Aviv metro (Security Affairs) Iran’s Fars News Agency reported that a massive cyberattack hit operating systems and servers of the Tel Aviv Metro. Iran’s Fars News Agency reported on Monday that operating systems and servers of the Tel Aviv Metro were hit by a massive cyberattack. The rail system is still under construction and according to The Jerusalem Post, […]

Database stolen from Shanghai Police for sale on the darkweb (Register) Appears to have leaked from a cloud thanks to sloppy coding

In a big potential breach, a hacker offers to sell a Chinese police database. (New York Times) For about $200,000, an unidentified person or group is offering what is described as data on a billion Chinese citizens. A sampling seemed to show the data to be genuine.

Nearly one billion people in China had their personal data leaked, and it’s been online for more than a year (CNN) A massive online database apparently containing the personal information of up to one billion Chinese citizens was left unsecured and publicly accessible for more than a year — until an anonymous user in a hacker forum offered to sell the data and brought it to wider attention last week.

China data breach likely to fuel identity fraud, smishing attacks (ZDNet) Businesses in China should brace themselves for a potential wave of smishing attacks and identity theft, after hackers claiming to have the personal data of 1 billion residents in the country put the information up for sale online.

China Tries to Censor What Could Be Biggest Data Hack in History (Gizmodo) A hacker reportedly stole an enormous trove of personal information from a Shanghai police database and announced they will sell citizens’ info for just $200K.

Here are four big questions about the massive Shanghai police leak (Washington Post) We’re still learning the details of the China police leak. Here are some key questions.

Shanghai Data Breach Exposes Dangers of China’s Trove (Bloomberg) Alleged breach exposes potential data and security lapses. Purported police data hack has transfixed China tech circles.

“CuteBoi” Detected Preparing a Large-Scale Crypto Mining Campaign on NPM Users (Checkmarx.com) Checkmarx SCS team detected over 1200 npm packages released to the registry by over a thousand different user accounts. This was done using automation which includes the ability to pass NPM 2FA challenge. This cluster of packages seems to be a part of an attacker experimenting at this point.

New malware detected on Google Play, 100.000+ users affected (Pradeo) Joker is a malware that silently exfiltrates data and subscribes users to unwanted premium subscription. The malware was found in 24 apps on Google Play.

As New Clues Emerges, Experts Wonder: Is REvil Back? (The Hacker News) The notorious REvil ransomware gang, linked to the infamous JBS and Kaseya, has resurfaced three months after the arrest of its members in Russia.

When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors (Unit 42) Pentest and adversary emulation tool Brute Ratel C4 is effective at defeating modern detection capabilities – and malicious actors have begun to adopt it.

Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web (The Hacker News) Researchers have described the various measures ransomware actors have taken to disguise their true identities online.

Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms (The Hacker News) Researchers have uncovered a new widespread campaign distributing malicious NPM packages designed to steal sensitive data from web forms.

IconBurst: NPM software supply chain attack grabs data from apps, websites (ReversingLabs) ReversingLabs researchers uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.

PennyWise malware on YouTube targets cryptocurrency wallets and browsers (TechRepublic) Learn more about how this stealer malware operates and how to protect yourself from it now.

EXCLUSIVE: Marriott hacked again? Yes. Here’s what we know. (Data Breaches) On June 28, DataBreaches received a message from an unrecognized sender. The subject was: “Breach of Marriott hotels! Very Important!”

Marriott confirms latest data breach, possibly exposing information on hotel guests, employees (CyberScoop) The international hotel chain says criminal hackers tricked an employee into giving up access to a computer.

Vendor’s Ransomware Attack Hits Over 600 Healthcare Clients (Gov Info Security) A ransomware attack on an accounts receivables management firm has affected hundreds of healthcare clients – including dental practices, physician groups and

Experts: California Lacked Safeguards for Gun Owner Info (SecurityWeek) Cybersecurity experts say the California Department of Justice apparently failed to follow basic security procedures on its website, exposing the personal information of potentially hundreds of thousands of gun owners.

Nearly $9 million stolen from DeFi platform Crema Finance (The Record by Recorded Future) Decentralized finance platform Crema Finance announced that it was hacked on July 2 and had about $8.8 million stolen during the attack. 

Louisiana unemployment website back online after attempted malware attack (WAFB) People in Louisiana can again file unemployment claims through the Louisiana Workforce Commission’s HiRE site.

The Cedar Rapids School District Was Hit By A Cyberattack (98.1 KHAK) The weekend attack has canceled all district summer activities for the week.

US Constitutional Church Leaves Ministers’ Data Unsecured (Website Planet) American Marriage Ministries (AMM) exposed PII and sensitive data belonging to marriage officiants and married couples. Company name and locati

Security Patches, Mitigations, and Software Updates

Google Releases Security Update for Chrome (CISA) Google has released Chrome version 103.0.5060.114 for Windows. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.  CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update.

Emergency Chrome 103 Update Patches Actively Exploited Vulnerability (SecurityWeek) Google has released an emergency update for Chrome 103 to patch an actively exploited zero-day vulnerability tracked as CVE-2022-2294.

Google races out patch for this high-severity Chrome browser zero-day (ZDNet) Google pushes out a fix for Chrome due to a flaw affecting its WebRTC stack in the browser that is under attack.

Microsoft quietly fixes ShadowCoerce Windows NTLM Relay bug (BleepingComputer) Microsoft has confirmed it fixed a previously disclosed ‘ShadowCoerce’ vulnerability as part of the June 2022 updates that enabled attackers to target Windows servers in NTLM relay attacks.

CISA: Here’s how to apply this key Windows patch without breaking certificate authentication (ZDNet) CISA now urges agencies to apply a patch that broke logins for users connecting to Windows servers that handle authentication.

Report: Internet shutdowns already cost more than $10 billion in 2022 (The Record by Recorded Future) Internet shutdowns not only infringe on human rights — they come at an economic cost.

Marketplace

Highflying Cyber Firms Cut Staff After Raising Hundreds of Millions of Dollars (Wall Street Journal) Security startups hunker down and stockpile cash as they prepare for a bear market.

Q2 VC Funding Globally Falls Significantly As Startup Investors Pull Back (Crunchbase News) Global VC funding slowed dramatically in Q2 2022 as investors shied away from later-stage funding bets.

IBM acquires Databand to bolster its data observability stack (TechCrunch) IBM has acquired Databand, a provider of data observability products, to build on its existing product offerings in the category.

Oxford Quantum Circuits snaps up $47M Series A for ‘QaaS’ (TechCrunch) U.K.-based Oxford Quantum Circuits is announcing £38 million ($47 million) in funding to fuel the growth of its own contribution to quantum computing

Thrive acquires Winter Haven-based DSM information technology firm (The Ledger) Tech entrepreneurs along Polk County’s Silicon Ridge are not surprised by the recent acquisition of Lakeland’s DSM Technology Consultants by a bigger fish in the pond of managed service providers.

Pinnacle Wealth Planning Services Inc. Buys New Position in Qualys, Inc. (NASDAQ:QLYS) (Defense World) Pinnacle Wealth Planning Services Inc. purchased a new position in shares of Qualys, Inc. (NASDAQ:QLYS – Get Rating) during the first quarter, according to its most recent disclosure with the SEC. The institutional investor purchased 1,685 shares of the software maker’s stock, valued at approximately $240,000. Other hedge funds have also recently bought and sold […]

Pentagon: We’ll pay you if you can find a way to hack us (Register) DoD puts money behind bug bounty program after reward-free pilot

New York-based cybersecurity firm eyes more clients in Philippines (Philippine Star) New York-based BlueVoyant is talking with more potential clients in the Philippines to build rock-solid cyber defenses amid rising threats and attacks as more Filipinos embrace digitalization.

ZeroEyes Receives Top Rating from Cyber Security Risk Firm BreachBits (PR Newswire) ZeroEyes, Inc., creators of the only A.I.-based video analytics platform that holds the US Department of Homeland Security SAFETY Act…

Cato Networks opens second PoP in Copenhagen to boost security capabilities across the region (Help Net Security) Cato Networks announced the opening of its Copenhagen point of presence (PoP), the twentieth Cato PoP in EMEA and second in the Nordics.

DOYB Technical Solutions, Inc Specializes in Cyber Protection in Alpharetta and Atlanta, Georgia (Digital Journal) To prevent data loss and breaches, having proper cyber protection in Alpharetta and Atlanta, Georgia, is vitally important.This press release was

Norton Rose Fulbright adds data privacy and cybersecurity partner in New York (GlobeNewswire News Room) Global law firm Norton Rose Fulbright today announced that Daniel Pepper has joined its Information…

Netskope Announces Netskope Network Visionaries, An Elite Advisory Group Focused on Network Transformation (PR Newswire) Netskope, the leader in Security Service Edge (SSE) and Zero Trust, today announced the formation of Netskope Network Visionaries, a new…

Products, Services, and Solutions

QuSecure’s QuProtect Platform Supports Post-Quantum Cryptography Algorithms Selected by NIST Today for Standardization (Business Wire) QuSecure™, Inc., a leader in post-quantum cybersecurity (PQC), today announced its QuProtect™ PQC solution supports all of the post-quantum cryptograp

Revelstoke Expands Automated CASE Management Capabilities for SOAR (Revelstoke) Revelstoke CASE Management enables security analysts to create automated workflows to solve a multitude of cybersecurity challenges.

Leaseweb Adds Microsoft Azure to Its Hybrid Cloud Networking Capabilities (Leaseweb) Leaseweb Cloud Connect now enables fast, secure connections to top three public cloud providers from select Leaseweb data centers.

Technologies, Techniques, and Standards

Germany offers plan to tackle satellite cyberthreats (Register) Vendors get checklist on what to do when crooks inevitably turn up in space

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms (NIST) Federal agency reveals the first group of winners from its six-year competition.

Winners of NIST’s post-quantum cryptography competition announced (Computing) Four candidates selected to replace current asymmetric encryption and signing systems which are vulnerable to quantum computers will now be standardised and ratified

NIST unveils four algorithms that will underpin new ‘quantum-proof’ cryptography standards (SC magazine) Experts believe quantum computers capable of breaking classic public-key encryption are still years away from reality. For the federal government, however, the future is now and NIST is working to quickly enshrine the new algorithms into U.S. cryptography standards and clear the way for federal adoption.

NIST Identifies 4 Quantum-Resistant Encryption Algorithms (Nextgov.com) Federal researchers are one step closer to protecting U.S. data from quantum computing decryption capabilities.

Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats (CISA) The National Institute of Standards and Technology (NIST) has announced that a new post-quantum cryptographic standard will replace current public-key cryptography, which is vulnerable to quantum-based attacks.

Quantum-resistant encryption recommended for standardization (Register) NIST pushes on with CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, and SPHINCS+

PCI DSS 4.0 released, addresses emerging threats and technologies (Help Net Security) PCI DSS 4.0 is a global standard that provides a baseline of technical and operational requirements designed to protect account data.

The Urgent Need to Strengthen the Cyber Readiness of Small and Medium-Sized Businesses: A Global Perspective (Cyber Readiness Institute) The Cyber Readiness Institute has released a White Paper urging the Biden Administration to address specific cyber readiness challenges that small and medium-sized businesses face. The paper recommends the following: Create a national awareness campaign to promote cyber readiness for SMBs Create a cybersecurity resource center for SMBs within the federal government Offer tax credits […]

Smaller Companies Are Urged to Adopt Multifactor Authentication (Wall Street Journal) Too many small and medium-size businesses rely on usernames and passwords alone to secure their systems, leaving them vulnerable to cyberattacks that could otherwise be prevented, government officials and cybersecurity chiefs say.

API security grows more critical, even as organizations lack means to address the risk (SC Magazine) CyberRisk Alliance Business Intelligence study finds that too many businesses lack an API strategy — and most businesses need to get the security team more involved.

Why Browser Vulnerabilities Are a Serious Threat — and How to Minimize Your Risk (Dark Reading) As a result of browser market consolidation, adversaries can focus on uncovering vulnerabilities in just two main browser engines.

New Instagram Insurance Service Will Protect Your Account! (Tech Times) Here’s how it can protect your account from online threats.

Phishing in troubled waters? Take cover in cyber liability, say experts (Business Standard) Protect family’s data, finances; consider floater cover as well

Design and Innovation

Some Worms Use Their Powers for Good (The Hacker News) Some biological worms are actually not welcome in most gardens. And some cyber worms, it seems, can use their powers for good …

Research and Development

Everything Blockchain Files Patent for EBI Blockchain Drive (Business Wire) Everything Blockchain Inc., (OTCMKTS: OBTX), a technology company that enables real-world use of blockchain to solve critical business issues, today a

Legislation, Policy, and Regulation

EU lawmakers pass landmark tech rules, but enforcement a worry (Reuters) EU lawmakers gave the thumbs up on Tuesday to landmark rules to rein in tech giants such as Alphabet unit Google, Amazon , Apple , Facebook and Microsoft , but enforcement could be hampered by regulators’ limited resources.

Singapore may introduce further cryptocurrency restrictions (ZDNet) Singapore government says it is exploring the possibility of implementing additional rules to safeguard consumer interests, pointing to potential restrictions on retail participation and cryptocurrency transactions.

UK signs its first data sharing deal post-Brexit, with South Korea (TechCrunch) Six years on from the referendum where the United Kingdom voted to leave the EU, and in the midst of an apparent government meltdown, the country is announcing its first international data sharing deal: It’s inked an agreement with South Korea, which will allow organizations in the U.K. to tr…

More UK calls for ban of CCTV makers Hikvision, Dahua (Register) UK wants to follow US move to stop sales from equipment manufacturers

US Wants Dutch Supplier to Stop Selling Chipmaking Gear to China (Bloomberg) The US is pushing the Netherlands to ban ASML Holding NV from selling to China mainstream technology essential in making a large chunk of the world’s chips, expanding its campaign to curb the country’s rise, according to people familiar with the matter.

Strategic Goal 2: Keep Our Country Safe (US Department of Justice) The Justice Department has no higher priority than keeping the American people safe.

Objective 2.4: Enhance Cybersecurity and Fight Cybercrime (US Department of Justice) Protecting our national security also requires countering cyber threats from foreign and domestic actors – whether nation states, terrorists, or criminals – who seek to conduct espionage, invade our privacy, attack our elections, steal our intellectual property, damage our financial and physical infrastructure, or extort ransom payments.

Cyber incident reporting law takes effect in Virginia (StateScoop) A new law gives all agencies and local governments 24 hours to report cybersecurity incidents to Virginia’s fusion center.

Litigation, Investigation, and Law Enforcement

UK signs deal to exchange police biometric data with US border officials, report (Computing) US Department of Homeland Security is interested in accessing “as much as possible” of citizens’ biometric data

Senate Intelligence Committee Calls On FTC To Investigate TikTok For ‘Deception’ (Forbes) The committee cited BuzzFeed News reporting that China-based employees at TikTok’s parent company, ByteDance, had repeatedly accessed sensitive US user data.

Twitter pursues judicial review of Indian orders to take down content (Reuters) Twitter on Tuesday asked an Indian court to overturn some government orders to remove content from the social media platform, a source familiar with the matter said, in a legal challenge which alleges abuse of power by officials.

Breach of Patients’ Data Leads to Heavy Sanctions in France (cyber/data/privacy insights) At the end of February 2021, the French Data Protection Authority (CNIL) found out via the media about a massive personal data breach involving health-related data of about 500,000 French patients. After more than a year of investigation, CNIL has published its decision (available in French only) im

Norton Fights Columbia’s Atty Award Bid After Patent Verdict (Law360) NortonLifeLock Inc. and Columbia University filed a flurry of responses and oppositions Friday after the university won $185 million in May over two anti-malware patents, with the cybersecurity company opposing Columbia’s motion for attorney fees and enhanced damages, and the university fighting Norton’s bid for a new trial, among other things.

Flagstar Faces Suit Over Breach Of 1.5M Customers’ Data (Law360) Flagstar Bank failed to put adequate data security measures in place after a 2020 hack at its software vendor, leading to another cyberattack in December that compromised more than 1.5 million customers’ Social Security numbers and other personal information, according to a putative class action filed in Michigan federal court.