Dateline Moscow, Kyiv, and Berlin: kinetic and cyber phases of Russia’s hybrid war.

Ukraine at D+139: Hacktivism as morale-builder. (The CyberWire) Ukraine steps up its own artillery war against Russian command, logistical, and air defense organizations. Hacktivism as a morale-building exercise. Germany plans to shore up its defenses against possible Russian cyberattacks.

Russia-Ukraine war: List of key events, day 140 (Al Jazeera) As the Russia-Ukraine war enters its 140th day, we take a look at the main developments.

Ukraine claims arms depot attack in occupied Kherson with Himars rockets (BBC News) Kyiv hails another strike by the Himars system, but Russian-backed officials say civilians were involved.

Himars rocket strike kills Russian major general and up to a dozen officers (The Telegraph) Separate attack on arms depot sends huge mushroom cloud into the air, as Western weapons inflict another blow to Moscow’s supply chain

Ukrainian strike on Russian-held town attributed to US-supplied missile (the Guardian) Several people reportedly killed in strike – possibly from Himars system – on ammunition store in Nova Kakhovka

Bakhmut bombarded in wake of Ukraine attack on Russian air defences (the Guardian) Heavy shelling thought to be reprisal for Ukraine attack or preamble to renewed offensive on Donetsk cities

Donetsk town of Chasiv Yar reels from deadly Russian rocket strike (the Guardian) Residents say they have nowhere to go nor the means to leave as frontline encroaches on civilians

Putin raids prisons for soldiers after massive losses in Ukraine (The Telegraph) Kremlin also recruiting heavily from poorest parts of Russia, say Western officials

Belarus launches military drills on border with Ukraine, tests troop readiness (Fox News) Belarus on Tuesday announced it had launched military drills along its shared border with Belarus to test troop readiness and communication abilities.

Russia Seems to Be Running Low on Drones (Defense One) The Russian military wrote the book on tactical drones in 2014. Now its leaders are begging foreign partners and regional officials to help replace downed UAVs.

Ukraine Is Now an EU Member Candidate. What’s Next? (Wilson Center) In the throes of an ongoing war with Russia, Ukraine was awarded EU candidate status. Ukrainians’ European dream is now much closer to reality. What does that mean for the future of Ukraine and a united Europe? In your opinion, what are the next steps for Kyiv and Brussels over the next two to three years? Four experts answer our questions.

The Red Mirror: How Putin Used National Trauma to Legitimize His Rule (Wilson Center) The gap between the West and Russia in terms of how the two sides perceive what is happening in Russia has been growing since 2006. In February of that year Vladislav Surkov used the term “sovereign democracy” (суверенная демократия) in a speech before members of the governing United Russia party to suggest that Russia’s democracy was special but still a democracy, present and future, even as the Freedom House rankings of democracy in Russia indicated otherwise. Russia was ranked “unfree” in 2004 for the first time and stayed so ever since.

Ukraine’s cyber army hits Russian cinemas (CyberNews) Several major Russian cinema chains were hit over the weekend, disrupting services and annoying moviegoers all over the country.

DDoS attacks surge in popularity in Ukraine — but are they more than a cheap thrill? (The Record by Recorded Future) This past weekend, Russia’s major cinema chains were dragged into the war in Ukraine when, over a period of a few hours, their websites suffered a series of distributed denial-of-service (DDoS) attacks. Across the country, at least 80 cinemas, including Kinomax, Mori Cinema, Luxor and Almaz, were unable to sell tickets online. 

Germany bolsters defenses against Russian cyber threats (Deutsche Welle) Berlin is upping its cybersecurity defenses to counter the threat of Russian online attacks. Experts warn Germany is vulnerable to sabotage attempts and efforts to sow disinformation as war rages in Ukraine.

Opinion | The Ukraine War Is About to Enter a Dangerous New Phase (New York Times) NATO is making one bet and Russia another.

Turkey to host four-way Russia, Ukraine and UN talks over grain (Al Jazeera) The meeting with Turkish officials comes as food prices soar around the world due to Russia’s invasion of Ukraine.

US, allies aim to cap Russian oil prices to hinder invasion (AP NEWS) With thousands of sanctions already imposed on Russia to flatten its economy, the U.S.

Attacks, Threats, and Vulnerabilities

Hackers posing as Merkel target ECB’s Lagarde – German source (Reuters) Unidentified hackers attempted to trick European Central Bank President Christine Lagarde into letting them open a messaging app account in her name by posing as former German chancellor Angela Merkel, a German source said on Tuesday.

European Central Bank head targeted in hacking attempt (AP NEWS) The European Central Bank said Tuesday that its president, Christine Lagarde, was targeted in a hacking attempt but no information was compromised. The attempt took place “recently,” the Frankfurt-based central bank for the 19 countries that use the euro said in an emailed response to a query about a report by Business Insider.

Cyberangriff auf Spitzenpolitiker: Hacker nutzten Merkels Handynummer, um das Whatsapp-Konto von Lagarde zu knacken (Business Insider) Unbekannte haben die Identität von mehreren deutschen Spitzenpolitikern geklaut, um Messengerdienst-Accounts zu übernehmen – mit perfider Masche.

PerimeterX Discovers New Silent Validation Carding Bot (PerimeterX) Bot mitigation and identity security should be top priorities for digital businesses when securing their websites against cyberattacks like carding and ATO.

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud (Microsoft Security Blog) A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA).

Exploiting Authentication in AWS IAM Authenticator for Kubernetes (Lightspin) This blog post explains three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.

Ongoing phishing campaign can hack you even when you’re protected with MFA (Ars Technica) Campaign that steals email has targeted at least 10,000 organizations since October.

The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures (Akamai) Akamai researchers have discovered evidence of an attacker parasitizing benign WordPress sites to execute a comprehensive PayPal phishing scam.

Speculative calculations open a backdoor to information theft (ETH Zurich) ETH Zurich researchers have discovered a serious security vulnerability in computer hardware. The vulnerability, called

CSC’s Research Uncovers Suspicious Domain Registration Surge Amid Baby Formula Supply Chain Crisis (CSC) CSC, a leader in the electronic document recording (eRecording) industry, is pleased to announce the addition of 45 new counties in 16 states to its growing network in the first quarter of 2022.

Rise in Qakbot Attacks Traced to Evolving Threat Techniques (Zscaler) Qakbot leverages ZIP archive file having embedded files such as Microsoft Office files, LNK, Powershell, and more.

Election officials fear copycat attacks as ‘insider threats’ loom (POLITICO) Attempted election security breaches aided by local officials are on the rise.

Fraud in the Time of COVID (DomainTools) In the early days of the Covid-19 pandemic, a Nigerian threat actor attempted to impersonate medical institutions in the US. In this blog, we’ll walk through the tactics

New Wine, Old Bottle: Abused QuickBooks Site Sends Phone Scam Emails (INKY) INKY data analysts recently detected a new variant of the tried-and-true phone scam. This time, the perps abused QuickBooks, an accounting software package used primarily by small business and midmarket customers who lack in-house expertise in finance and accounting. QuickBooks is a core offering of Intuit, which fields a range of digital financial products.

The nonstop scam economy is costing us more than just money (Washington Post) Relentless waves of sophisticated phone and online scams are impacting people’s mental health

Play it safe: 5 reasons not to download pirated games (WeLiveSecurity) Downloading and playing pirated games is all fun and games until you get hacked – and this is just one risk of downloading cracked games.

More than $4.7M stolen in Uniswap fake token phishing attack (Cointelegraph) A phishing campaign targeting Uniswap v3 liquidity providers has seen at least $4.7 million stolen by attackers. The attack was initially thought of by some as a result of an exploit.

Millions in cryptocurrency stolen in phishing attacks on Uniswap users (The Record by Recorded Future) A phishing attack on users of the Uniswap decentralized exchange has caused millions in losses, according to Binance’s CEO.

IT giant restores systems after ‘malware attack’ crippled operations (The Record by Recorded Future) A New Jersey-based IT giant fully restored its systems following a wide-ranging July 4 incident that they called a “coordinated and professional malware attack.”

Dox of US Supreme Court Justices (Cybersixgill) On June 30, an actor uploaded the following “dox” of the five conservative justices on the US Supreme Court.

Morton’s and others brace as activists offer cash for SCOTUS sightings (Washington Post) In a city where the hottest new restaurants feature globe-trotting flavors, creative cocktails and menus that change with the seasons, the Washington location of Morton’s the Steakhouse feels like a relic

CISA Adds One Known Exploited Vulnerability to Catalog (CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.

Security Patches, Mitigations, and Software Updates

VMware patches vCenter Server flaw disclosed in November (BleepingComputer) Eight months after disclosing a high-severity privilege escalation flaw in vCenter Server’s IWA (Integrated Windows Authentication) mechanism, VMware has finally released a patch for one of the affected versions.

Microsoft Releases July 2022 Security Updates (CISA) Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s July 2022 Security Update and Deployment Information and apply the necessary updates.

Microsoft Patch Tuesday: 84 Windows Vulns, Including Already-Exploited Zero-Day (SecurityWeek) Microsoft issues an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system.

Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047) (Help Net Security) Microsoft has fixed 84 CVEs in various products, including an actively exploited zero-day (CVE-2022-22047) in Windows CSRSS.

Microsoft July 2022 Patch Tuesday fixes exploited zero-day, 84 flaws (BleepingComputer) Today is Microsoft’s July 2022 Patch Tuesday, and with it comes fixes for one actively exploited zero-day vulnerability and a total of 84 flaws.

CISA orders agencies to patch new Windows zero-day used in attacks (BleepingComputer) CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild.

SAP Releases July 2022 Security Updates (CISA) SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review SAP Security Patch Day – July 2022 and apply the necessary updates.

Schneider Electric Easergy P5 and P3 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Easergy P5 and P3 Vulnerabilities: Use of Hard-coded Credentials, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay.

Dahua ASI7213X-T1 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dahua Equipment: DHI-ASI7213X-T1 Vulnerabilities: Improper Input Validation, Unrestricted Upload of File with Dangerous Type, Authentication Bypass by Capture-replay, Generation of Error Message Containing Sensitive Information 2.

The state of industrial security in 2022 (Barracuda Networks) Insecure remote access, lack of network segmentation, and insufficient automation are leaving organizations open to attacks.

The State of Database monitoring in Financial Services (Redgate) Financial Services insights from the 2021 State of Database Monitoring survey

RTF Year Two: New Map; New Data: Same Mission (Institute for Security and Technology) It’s hard to believe over a year has passed since the founding of IST’s Ransomware Task Force and launch of the inaugural “Combating Ransomware” report, which provides a comprehensive framework for action.

New Cloud Security Alliance Survey Finds 67% of Organizations (CSA) Confidential Computing in use by 27% of respondents, and 55% have plans to deploy it to lock down data and workloads

KnowBe4’s Annual Benchmarking Report Finds One in Three Untrained Employees Will Click on a Phishing Link (KnowBe4) KnowBe4’s Annual Benchmarking Report Finds One in Three Untrained Employees Will Click on a Phishing Link

Decade Retrospective: The State of Vulnerabilities (Trustwave) Trustwave team believed this was a suitable time to take a minute and review some of the watershed moments that had a major impact on cybersecurity between 2011 and 2021.

#1 cybersecurity challenge is inadequate identification of key risks (Skybox Security) 40% of chief security officers say their organizations are not well prepared for today’s rapidly evolving threat landscape

Marketplace

Booz Allen unveils $100M venture capital fund to back tech startups (Defense News) Booz Allen hopes to fund four to six emerging firms each year with its new venture capital fund, and reinvest money raised from those investments in future companies.

Privitar Announces Kormoon Acquisition, Extending Data Privacy and Provisioning Capabilities To Drive Automation of Data Compliance Requirements at Scale (Business Wire) Privitar acquires Kormoon, extending data privacy and provisioning capabilities to drive automation of data compliance requirements at scale

Scale Computing Raises $55M in New Funding (Business Wire) Scale Computing raises $55M in new funding, led by funds managed by Morgan Stanley Expansion Capital.

Startup Founded by Former Meta Crypto Execs Seeks $2 Billion Valuation (The Information) Mysten Labs—a startup founded by former Meta Platforms employees that is building a new blockchain for decentralized applications including gaming and social media networks—is in talks with investors about raising a Series B round of at least $200 million led by FTX Ventures, according to two …

Google to Slow Hiring for Rest of This Year (Wall Street Journal) Chief Executive Sundar Pichai tells employees in memo to be “more entrepreneurial” as search giant becomes the latest tech company to either pull back on new hires or trim staff.

Microsoft confirms layoffs ahead of earnings (CRN Australia) Said “small number of employees” were let go in “strategic alignment”.

Pindrop Welcomes Talkdesk’s Kieran King as Chief Customer Officer (Business Wire) Pindrop, a global leader in voice technology, today announced the appointment of Kieran King to the role of Chief Customer Officer. King’s 25-plus yea

CentralSquare Names Steve Cover Chief Technology Officer (Business Wire) CentralSquare Technologies, an industry leader in public sector technology, announced the appointment of Steve Cover as Chief Technology Officer. Cove

Space cybersecurity firm SpiderOak adds retired general Pawlikowski to its advisory board (SpaceNews) Space cybersecurity firm SpiderOak on July 12 announced the appointment of former DoD and military officials to its advisory board.

Contrast Security Expands Executive Team with Senior Vice President of Corporate Development and Strategic Alliances (Yahoo Finance) Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announced the appointment of Ben Goodman, who will serve as the company’s Senior Vice President of Corporate Development and Strategic Alliances.

LogRhythm Announces Strategic Expansion of Executive Leadership Team (LogRhythm) LogRhythm, the company helping busy and lean security operation teams defend against cyberthreats, has appointed three new members to the executive leadership team. LogRhythm welcomes David Rizzo as the chief technology officer and David Kluzak as chief revenue officer, and promoted Andrew Hollister to chief information security officer.

Products, Services, and Solutions

Palo Alto Networks and HCL Technologies Announce Expanded Relationship to Secure Digital and Cloud Transformation for Global Customers (Palo Alto Networks) Offering next-generation cybersecurity solutions that bring Zero Trust to enterprise customers

Salt Security Joins AWS ISV Accelerate Program (PR Newswire) Salt Security, the leading API security company, today announced that it has been accepted as part of the Amazon Web Services (AWS) Independent…

GroupSense Announces New Managed Service Provider Partnership with Provelocity (PR Newswire) GroupSense, a digital risk protection company, today announced a new Managed Service Provider (MSP) partnership with Provelocity. The…

AvePoint Strengthens Security and Streamlines IT Operations for the Modern Workplace (GlobeNewswire News Room) Company’s latest cloud platform release addresses growing demand for multi-SaaS solutions helping make businesses more productive, compliant and secure…

Verint Launches Innovative Next-Generation Partner Program (Business Wire) Verint Launches Innovative Next-Generation Partner Program

Concentric launches new data privacy and cybersecurity solution Eclipse (CSO Online) Private risk consultancy firm says its new solution is designed to protect individuals, families, and teams from digital risks as cybercrime continues to plague organizations across the globe.

Deloitte Launches Zero Trust Access, a New Managed Security Service (Dark Reading) To help organizations adopt zero trust more quickly and efficiently, Deloitte is launching a new managed service – Zero Trust Access— that offers a cloud-native approach to securing communications between users, on any device, and enterprise applications, wherever they may reside

Security Compass Releases New SD Elements Capabilities to Enable a Developer-Centric Approach to Software Threat Modeling (Business Wire) Security Compass today announced the release of SD Elements 2022.2.

Scale Your Threat Modeling Program with New SD Elements Capabilities (Security Compass) Building secure software necessitates a holistic approach to security, which includes bringing “secure by design” principles to life. The industry recognizes the benefits of performing […]

SecurityBridge’s SAP Platform Helps Schneider Electric Secure Their Cr (PRWeb) SAP security provider SecurityBridge—now operating in the U.S.—today announced Schneider Electric has selected the company’s SAP Security platform.

DoControl Launches Open Authorization (OAuth) Applications Governance and Remediation Capabilities (PR Newswire) DoControl, the automated Software as a Service (SaaS) security company, today announced the launch of its OAuth governance and remediation…

NINJIO Partner Program Enables Solution Providers to Deliver Cybersecurity Behavior Change (NINJIO) High-growth security awareness training and behavior modification company offers channel partners the best opportunities to keep their clients safe from cyberattacks.

Technologies, Techniques, and Standards

Three mistakes public sector organizations make moving to the cloud (FedScoop) Lessons public sector agencies can learn from commercial firms on pitfalls to avoid in optimizing cloud migrations.

CSA announces the launch of their Zero Trust Advancement Center and how it can help play a role in protecting IoT, IIoT and ICS systems, Podcast (Telecom Reseller) Daniele Catteddu, Chief Technology Officer with Cloud Security Alliance speaks to Don Witt of the Channel Daily News, a TR publication about the history of the CSA and what they have accomplished over the years and recently with the launch of the Zero Trust Advancement Center. The goal of the ZTAC is provide best practices, recommendations, training and education and awareness on Zero Trust.

Testing resiliency against malicious package attacks: a double-edged sword? (JFrog) The JFrog Security research team continuously monitors popular open-source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. At times, we notice trends that are worth analyzing and learning from. Recently, we’ve noticed a …

Design and Innovation

The Race Is On to Fight a Cyber Threat That Doesn’t Exist (Washington Post) The cybersecurity community was set alight last week by the announcement of new cryptographic algorithms designed to protect our digital futures. Now the race is on to roll out software and hardware that will secure computers against a threat that still only exists in theory.

NIST’s Post-Quantum Cryptography Work at a ‘Critical Point’ (SDxCentral) NIST revealed the first group of winners from its post-quantum cryptography competition and looks to expand and diversify the selections.

China’s Suspected IP Thieves Targeted by Twins’ Utah Startup (Bloomberg) Strider Technologies scours open-source data in China to identify technologies most at risk of being stolen — and the people who might be tempted to steal them. China’s government calls IP theft allegations ‘malicious slandering.’

Academia

Ransomware Attacks on Education Institutions Increase, Sophos Survey Shows (GlobeNewswire News Room) Education Sector Suffers Highest Data Encryption Rate and Longest Recovery Time…

Boise State University Partners With PlexTrac to Resource Its Cyberdome Project (GlobeNewswire News Room) PlexTrac Donates Its Platform for Students to Provide Cybersecurity Services to Rural Idaho Communities…

National Security Agency, Vanderbilt sign partnership to advance innovation, education on issues of modern conflict and emerging threats (Vanderbilt University) Vanderbilt University and the National Security Agency have signed an education partnership agreement to encourage and enhance the study of scientific discipline.

Legislation, Policy, and Regulation

India’s Tweaked Telecom Rules Seen Blocking China’s Huawei, ZTE (Asia Financial) India tweaked telecom licensing rules to make it harder for China’s vendors to sell to local operators ahead of a 5G auction later this year.

Need to set up cyber command (The Hans India) Addressing the national conference on ‘Cyber Safety and National Security’, the Home Minister Amit Shah mentioned that the government is fully alert to all kinds of cyber threats and upgrading its…

Biden Presses for Israeli-Arab Security Ties to Come Out From the Shadows (Wall Street Journal) President Biden’s four-day trip to Israel and Saudi Arabia could test the limits of how openly Arab countries are willing to embrace Israel.

The Online Safety Bill could lead to the biggest curtailment of free speech in modern history (The Telegraph) Internet regulation is necessary. But the unintended consequences of legislation returning to the Commons are potentially disastrous

Majority Want Limitations on Social Media Content (Infosecurity Magazine) The poll is published as the UK government moves forward with its Online Safety Bill

Brits say social media must do more to block harmful content (ComputerWeekly.com) UK citizens want social media companies to do more to prevent harmful content appearing on their platforms

House appropriators back more than $15 billion for cybersecurity (Roll Call) House appropriators approved more than $15.6 billion in the 12 spending bills to prevent “increasingly pervasive cyber-attacks.”

House poised for NDAA floor debate (Roll Call) The most consequential amendments on the defense policy bill may or may not be the ones that draw the most rhetorical heat.

Easterly and Inglis have led U.S. cybersecurity for one year. How’d they do? (Washington Post) Top U.S. cybersecurity officials get good reviews from lawmakers after a busy first year

Litigation, Investigation, and Law Enforcement

Amazon’s Ring gave a record amount of doorbell footage to the government in 2021 (TechCrunch) The doorbell maker said it turned over user content in response to about four out of ten demands it received.

Former elections manager arrested in Peters case (The Grand Junction Daily Sentinel) A third suspect has been arrested in connection to Mesa County Clerk Tina Peters and her so-far failed attempt to prove something was amiss with the 2020 presidential election.

FTC to Crack Down on Sites That Claim Your Data Is ‘Anonymized’ When It’s Not (PCMAG) ‘Companies that make false claims about anonymization can expect to hear from the FTC.’

TikTok pauses policy switch in Europe after privacy scrutiny (TechCrunch) Privacy experts had also questioned the appropriateness of TikTok using a legitimate interest ground to run behavioral advertising.

USPS regulator fires its chief data officer following felony arrest (Federal News Network) The Postal Service’s regulatory agency has fired its first chief data officer, in light of pending felony charges following his arrest in San Diego, California.

Twitter Sues Elon Musk to Enforce $44 Billion Merger (Wall Street Journal) Twitter sued Elon Musk over the billionaire’s attempt to walk away from his $44 billion takeover bid, seeking to force him to honor the terms of the deal.

Twitter Sues Musk After He Tries Backing Out of $44 Billion Deal (New York Times) The question of whether Elon Musk must buy Twitter, as he agreed to do in April, is headed to a court in Delaware.

The FBI Keeps Losing Desktop Computers (Vice) The FBI lost over 200 computers and other items such as night-vision scopes last year, according to internal records obtained by Motherboard.