Dateline Moscow, Kyiv, and the Hague: War crimes in a stalled war.

Ukraine at D+140: Discriminate and indiscriminate war. (The CyberWire) Russian tactics remain indiscriminate, and there’s a growing international consensus that Moscow views this as a feature, not a bug. Ukraine’s SSSCIP looks at the evolution of the cyber phases of Russia’s war (and it believes the Russian hacktivists are GRU front groups. Smartphones are changing targeting (and not in a good way for smartphone users).

Russia-Ukraine war update: what we know on day 141 of the invasion (the Guardian) Turkey announces deal with Ukraine, Russia and UN aimed at resuming grain exports; Missile strikes hit Vinnytsia and Mikolaiv

Russia-Ukraine war latest: Zelenskiy says 20 people killed in ‘act of Russian terror’ in Vinnytsia (the Guardian) Ukrainian president condemns attack on “ordinary, peaceful” city; Ukraine says grain deal ‘definitely closer’ after talks in Turkey

Russia-Ukraine war: List of key events, day 141 (Al Jazeera) As the Russia-Ukraine war enters its 141st day, we take a look at the main developments.

Ukraine cuts N Korea ties over recognition of separatist regions (Al Jazeera) Kyiv severs relations after Pyongyang recognises independence of Donetsk and Luhansk People’s Republics in Ukraine.

Analysis: Two exhausted armies are battling for eastern Ukraine. Can either of them make a decisive move? (CNN) When Vladimir Putin refocused his war in Ukraine on the country’s east three months ago, he did so bruised by the failures of his initial lunge towards Kyiv and desperate for a face-saving success.

Putin weaponizes Russian passports in his genocidal war against Ukraine (Atlantic Council) Vladimir Putin’s decision to expand fast-track Russian passport distribution to the whole of Ukraine is a clear signal that his imperial appetite is not limited to the Ukrainian regions currently under Kremlin control.

Russia is using rape as a weapon of war in Ukraine. Here’s what can be done about it. (USA Today) How to create a permanent, independent and international body to investigate and prosecute rape and sexual violence as war crimes.

U.S. calls on Russia to halt forced deportations of Ukrainians, citing war crimes (CNBC) The Kremlin has previously denied all claims that its forces target and kill civilians.

Nations discuss coordinating Ukraine war crimes probes (AP NEWS) The International Criminal Court’s chief prosecutor called Thursday for an “overarching strategy” to coordinate efforts to bring perpetrators of war crimes in Ukraine to justice.

Russia’s War Against Ukraine Has Turned Into Terrorism (The Atlantic) The Russian military isn’t just bombing civilians. It’s also targeting the laws and values that protect human rights.

Iranian envoy responds to US claim it’s selling drones to Russia (Defense News) Earlier in the war, Iran was criticized in the West for not condemning Russia’s Feb. 24 invasion of Ukraine.

Ukraine’s Cyber Agency Reports Q2 Cyber-Attack Surge (Infosecurity Magazine) The volume of cyber-attacks targeting the country has risen substantially over the second quarter of the year

To Vilify Ukraine, The Kremlin Resorts to Antisemitism (United States Department of State) One of the Kremlin’s most common disinformation narratives to justify its devastating war against the people of Ukraine is the lie that Russia is pursuing the “denazification” of Ukraine. Russian President Vladimir Putin has referred to Ukraine’s democratically elected government as a “gang of drug addicts and neo-Nazis,” while Russian state media and propagandists have […]

Polish minister wants Russian ambassadors kicked off social media to fight disinformation (POLITICO) Russian ambassadors’ social media accounts are ‘propaganda officers of an aggressive regime,’ says Janusz Cieszyński.

The weaponizing of smartphone location data on the battlefield (Help Net Security) How each side collects the adversary’s smartphone location data and shields their own can mean the difference between victory and defeat.

Increase support for Ukraine, or NATO may have to fight (The Hill) President Biden summed up the results of discussions concerning support for Ukraine at the late June NATO summit this way: “We are going to stick with Ukraine, and all of the Alliance is going to s…

Ukraine needs more international support (Atlantic Council) As the war in Ukraine becomes severely protracted, the international community by advancing Ukraine’s proposed roadmap to end the war and clarifying its economic policies in response to Russian aggression.

Building a better Ukraine: Rule of law is essential for post-war prosperity (Atlantic Council) Few would argue that the rule of law is essential for Ukraine’s post-war prosperity. However, previous efforts to implement judicial reforms have fallen short. What is required to make sure next time is different?

The man who has Putin’s ear — and may want his job (Washington Post) Russian security chief Nikolai Patrushev is one of the Russian president’s few close advisers

Russia holding 400 passenger jets hostage in global sanctions fight (Washington Post) The country’s airlines are refusing to return the planes they’d leased from foreign companies; the planes are worth billions

Attacks, Threats, and Vulnerabilities

New Lilith ransomware emerges with extortion site, lists first victim (BleepingComputer) A new ransomware operation has been launched under the name ‘Lilith,’ and it has already posted its first victim on a data leak site created to support double-extortion attacks.

New Ransomware Groups on the Rise (Cyble) Cyble analyzes new ransomware families spotted in the wild led by notable examples such as LILITH, RedAlert, and 0Mega.

New Android malware on Google Play installed 3 million times (BleepingComputer) A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times.

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware (The Hacker News) Researchers have uncovered new variants of the ChromeLoader information-stealing malware, highlighting its evolving features.

ChromeLoader: New Stubborn Malware Campaign (Unit 42) A malicious browser extension is the payload of the ChromeLoader malware family, serving as adware and an infostealer, leaking users’ search queries.

Facebook 2FA scammers return – this time in just 21 minutes (Naked Security) Last time they arrived 28 minutes after lighting up their fake domain… this time it was just 21 minutes

HavanaCrypt Ransomware Masquerades as a Fake Google Update (Infosecurity Magazine) Researchers at Trend Micro have uncovered stealthy ransomware named ‘HavanaCrypt,’ which presents itself as a Google Software Update

MaliBot Android malware spreading fast, says Check Point (ComputerWeekly.com) The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point.

‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomware (the Guardian) The number of ransomware attacks on US healthcare organizations increased 94% from 2021 to 2022, according to one report

Ransomware Landscape Evolves in a Post-Conti World (Decipher) The release of LockBit 3.0 is making waves in a ransomware ecosystem that has been reshaped due to Conti shutting down its operations.

Ransomware Activity Resurges in Q2 (Infosecurity Magazine) Ransomware activity rose by 21% compared to Q1 2022, according to a new report

Honda Admits Hackers Could Unlock Car Doors, Start Engines (SecurityWeek) “Rolling-PWN attack” targets Remote Keyless System on Honda vehicles that allows them to open the car doors and start the engine.

Honda redesigning latest vehicles to address key fob vulnerabilities (The Record by Recorded Future) Honda said it is addressing a spate of vulnerabilities in its newly designed models after researchers found bugs affecting key fob systems.

Will Hackers Bring Down Airplanes One Day? (Aviation International News) Airline reticence over cyber-security suggests the threat has become increasingly serious.

Vulnerabilities allowing permanent infections affect 70 Lenovo laptop models (Ars Technica) UEFI updates often require manual installation. Are you patched?

New UEFI firmware flaws impact over 70 Lenovo laptop models (BleepingComputer) The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations.

Bandai Namco confirms cyberattack after ransomware group threatens leak (The Record by Recorded Future) Japanese video game giant Bandai Namco confirmed on Wednesday that it suffered from a wide-ranging cyberattack that may have exposed customer information. 

Disneyland Account Takeover Highlights Lax Security for Social Media Accounts (CPO Magazine) A hack of Disneyland’s social media in the early hours of July 7 appeared to be a vulgar prank and was quickly scrubbed from the internet, but the brazen account takeover demonstrated that even the world’s most prominent companies continue to have gaps in areas of cyber operations that are considered “less essential.”

Colorado Springs Utilities experiences data breach, customer data compromised (KRDO) Colorado Springs Utilities is warning customers about a data breach that happened in June, affecting customer information. On July 6, Colorado Springs Utilities was notified that customer data stored by one of the company’s subcontractors was accessed by an unauthorized party. According to Springs Utilities, this happened on June 15,

Afni, Inc. Announces Data Breach (JD Supra) Recently, Afni, Inc. filed official notice of a data breach that impacted the sensitive information of certain individuals. According to the Afni, the…

Security Patches, Mitigations, and Software Updates

ICS Patch Tuesday: Siemens, Schneider Electric Address 59 Vulnerabilities (SecurityWeek) Siemens and Schneider Electric have released their Patch Tuesday updates for July 2022 with a total of two dozen advisories describing 59 vulnerabilities.

Adobe Patch Tuesday: Critical Flaws in Acrobat, Reader, Photoshop (SecurityWeek) Adobe rolls out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented security vulnerabilities.

DLL Hijacking Flaw Fixed in Microsoft Azure Site Recovery (SecurityWeek) Microsoft’s Patch Tuesday rollout this month included fixes for multiple high-severity vulnerabilities in Azure Site Recovery.

Infiltrate, Exploit, Manipulate: Why the Subversive Nature of Cyber Conflict Explains Both Its Strategic Promise and Its Limitations (Lawfare) Cyber operations are not novel, nor is their impact revolutionary. They are instruments of subversion that promise great gains in theory but are constrained in practice by a crippling operational trilemma that limits strategic value.

Consulting firms jump on the Zero Trust bandwagon (CSO Online) Deloitte’s new Zero Trust Access service and HCL’s collaboration with Palo Alto Networks mark a sustained trend towards offering Zero Trust security services for clients.

Cyber Threats Within Digital Ecosystems May Be an Enterprise Blind Spot, Reveals New Study from TCS (TCS) Tata Consultancy Services’ Risk and Cybersecurity Study among 600 Cyber Executives Highlights the Most Pressing Cybersecurity Issues Facing Large Companies across Europe and North America.

New research reveals 93% of organizations surveyed have had failed IIoT/OT security projects; highlights top challenges in implementation of industrial security (PR Newswire) Barracuda Networks Inc. (Barracuda), a trusted partner and leading provider of cloud-enabled security solutions, today released key findings…

Marketplace

How War Impacts Cyber Insurance (Threatpost) Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.

Bishop Fox Secures $75 Million in Growth Funding from Carrick Capital Partners (GlobeNewswire News Room) Offensive security leader continues to defy market and economic trends with record growth and recognized innovation…

Lightspeed raises $7.1B across four funds and forms new crypto fund with Blockchain Ventures vet (Fortune) The new funding is a vote of confidence for the firm as valuations sink and one of the firm’s star investors steps back.

Blockchain Security Startup BlockSec Raises $8 Million (SecurityWeek) Blockchain security startup BlockSec has raised $8 million in a seed funding round co-led by Vitalbridge Capital and Matrix Partners

Forescout Completes its Acquisition of Cysiv to Deliver Automated True Threat Response (Business Wire) Forescout Technologies, the global leader in automated cybersecurity, today announced that it has completed its acquisition of Cysiv, a cybersecurity

WithSecure creates a new unit to improve cyber resilience for enterprises (Help Net Security) WithSecure announces the creation of the new WithIntel unit to protect organizations from emerging threats and the damages that they cause.

Army awards Lockheed next phase of critical cyber, EW and intel platform (FedScoop) The Army has awarded Lockheed Martin a $58.8 million contract for the next phase of an effort to pave the way for the first brigade-organic cyber, electronic warfare and signals intelligence platform to be delivered to soldiers. The Terrestrial Layer System-Brigade Combat Team (TLS-BCT) is a Stryker-mounted system that will provide indications and warning, force […]

ADF Veterans Reskilling for Cybersecurity Roles (Australian Cyber Security Magazine) SANS Institute has announced the inaugural class of graduates from its Veteran Cyber Academy. SANS held a graduation ceremony at The Australian War Memorial in Canberra on 16 June, where the first cohort of students graduated.

BreachQuest Gains Momentum, Named Approved Vendor By Top Cyber Insurance Providers (PR Newswire) BreachQuest, the company modernizing incident response, announced today that over the past year of operations it has been added to the panel of…

Axis Shortlisted for 2022 SaaS Award for Security Innovation (Axis Security) Atmos Secure Service Edge Platform Nominated for Best Security Innovation in a SaaS Product SAN MATEO, CA, July 14, 2022 – Axis announced today that its Atmos Secure Service Edge platform has been shortlisted in the 2022 SaaS Awards program in the security innovation category.   Now in its seventh year of celebrating software innovation, the…

Incode Technologies Announces Expansion of Its Development Center in Serbia (Business Wire) Incode Technologies, an industry-leader in identity verification and authentication for global enterprises, announced the expansion of its Serbian dev

Contrast Security Expands Executive Team with Senior Vice President of Corporate Development and Strategic Alliances (Yahoo Finance) Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announced the appointment of Ben Goodman, who will serve as the company’s Senior Vice President of Corporate Development and Strategic Alliances.

Zimperium Names General Joseph F. Dunford, Jr., Former Chairman of the Joint Chiefs of Staff, to Its Board of Directors (Business Wire) Zimperium today announced the appointment of former Chairman of the Joint Chiefs of Staff, Joseph Dunford, to its board of directors.

Praetorian Announces Appointment of Alexander Pagoulatos as Vice President of Product (Yahoo) AUSTIN, Texas, July 13, 2022–Praetorian, a leading offensive security company, today announces the appointment of renowned industry leader Alexander Pagoulatos to the position of vice president of Product.

Products, Services, and Solutions

ExtraHop Extends XDR Partnership with CrowdStrike, Introduces Native Push-Button Response for Precision Threat Quarantine (Business Wire) ExtraHop extends XDR partnership with CrowdStrike, introduces native push-button response for precision threat quarantine

CyberArk Launches Secrets Hub for AWS Secrets Manager (Business Wire) CyberArk Impact 2022–CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced CyberArk Secrets Hub, a new Software-as-a-Servic

CyberArk Advances Identity Security Market with Unmatched Cybersecurity Innovation (Business Wire) CyberArk Impact 2022 – CyberArk (NASDAQ: CYBR), the global leader in Identity Security, is making several announcements today at the CyberArk Impact 2

Kudelski IoT Secure IP increases hardware security for semiconductor manufacturers (Help Net Security) Kudelski IoT launched its Secure IP portfolio, empowering hardware security for semiconductor manufacturers.

Cellebrite, Chainalysis Team Up Against Crypto Crime (GovTech) Even as cryptocurrency investors deal with recent losses in value, public-sector interest in crypto continues to grow. That means more opportunities for fraud and more need for protections, the companies say.

CyberArk Advances Identity Security Market with Unmatched Cybersecurity Innovation (Business Wire) CyberArk Impact 2022 – CyberArk (NASDAQ: CYBR), the global leader in Identity Security, is making several announcements today at the CyberArk Impact 2

Radware Delivers Cloud DDoS Protection for ESDS Software Solution Limited (GlobeNewswire News Room) Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today…

Core Security by HelpSystems Introduces New Ransomware Simulator (PRWeb) Core Security by HelpSystems, a leading provider of cyber threat solutions, today announced the addition of ransomware simulation to its penetration testing solu

TX-RAMP Authorizes the Lookout Security Platform for Level 2 Certification (PR Newswire) Lookout, Inc., a leader in endpoint and cloud security solutions, today announced it has been authorized to operate the Lookout Security…

Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project (PR Newswire) Scribe Security, a leading software supply chain security solutions provider, announced today the release of Scribe Integrity, a code integrity…

Technologies, Techniques, and Standards

The Cyber Resilience Index: Advancing Organizational Cyber Resilience (World Economic Forum) This White Paper explains why many organizations lack cyber resilience and offers a blueprint to build a more sustainable, inclusive and resilient digital environment for everyone.

Mergers and acquisitions are a strong zero-trust use case (Register) Bypasses an arduous integration process with right security footing from the start

Report: Financial Institutions Overly Complacent About Current Authentication Methods (Dark Reading) New research report finds most financial organizations have experienced a breach due to an authentication weakness, yet only a third took action

Design and Innovation

Microsoft Releases Open Source Toolkit for Generating SBOMs (SecurityWeek) Microsoft has open-sourced its internal toolkit for generating SBOMs (software bill of materials) based on the SPDX specification.

Apple, Google and Microsoft have big plans to kill the password. Here’s what it means for you (ABC) Some of the world’s largest tech companies are collaborating to kill off the password — and the start of the transition is happening sooner than you may think.

Research and Development

The US military wants to understand the most important software on Earth (MIT Technology Review) Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted

Academia

ASU launches global security and competitive statecraft graduate certificate (ASU News) Thanks to ASU’s new, forward-thinking graduate certificate in global security and competitive statecraft, security-related professionals can stay ahead of developing trends and have a stronger grasp on contemporary problems in the global strategic environment.

Legislation, Policy, and Regulation

The U.S. Is Writing a New Digital Doctrine (The Information) In its infancy, the commercial web was thought to be a much-needed competitor against the incumbent players in the telecommunications market—or rather it could be, but only if it could steer clear of strangling regulations. So the U.S. created a governance system with minimal state control, …

National Security Memorandum on The President’s Intelligence Priorities (The White House) The collection and analysis of timely and accurate intelligence is essential to our national security, foreign policy, law enforcement, and defense, and is critical to protecting and advancing the United States’ vital interests. Global challenges posed by nation states and transnational threats alike demand the Intelligence Community (IC) use its resources in a coordinated manner that aligns with and is responsive to the President’s overall priorities and direction.

Cyber Safety Review Board Closes the Book on SolarWinds While Reporting on Log4j  (Nextgov.com) Legislation seeking to amend the annual National Defense Authorization Act wants the Government Accountability Office to investigate.

Dems stress national security as computer chips bill stalls (AP NEWS) The Biden administration and congressional Democrats are warning of dire ramifications for the economy and for national security if Congress fails to pass a bill by the end of July that is designed to boost semiconductor manufacturing in the United States.

Litigation, Investigation, and Law Enforcement

DHS Cyber Safety Review Board found no evidence China knew of Log4j before disclosure (CyberScoop) The report suggests that even though risk still remains for unpatched organizations, a government-wide response helped drive mediation.

Panel finds notorious Log4j internet bug did not lead to any “significant” attacks on critical infrastructure (CBS News) To date, “exploitation of Log4j occurred at lower levels than many experts predicted, given the severity of the vulnerability,” a report from the panel determined.

Cyber Safety Review Board’s first report gives CISA thumbs up for Log4j response (Federal News Network) The board’s inaugural report offers more suggestions for how agencies could improve software security and transparency.

First Cyber Safety Review Board report finds Log4j has become an ‘endemic vulnerability’ (The Record by Recorded Future) The flaw uncovered late last year in the widely-used Log4j software has not been used to exploit critical infrastructure or launch “significant” digital attacks but will remain a danger for many years to come, the independent body charged with investigating the global incident said Thursday.

Statement Of U.S. Attorney Damian Williams On The Espionage Conviction Of Ex-CIA Programmer Joshua Adam Schulte (US Department of Justice) Joshua Adam Schulte was a CIA programmer with access to some of the country’s most valuable intelligence-gathering cyber tools used to battle terrorist organizations and other malign influences around the globe.

Ex-C.I.A. Engineer Convicted in Biggest Theft Ever of Agency Secrets (New York Times) The top federal prosecutor in Manhattan said Joshua Schulte had engaged in “one of the most brazen and damaging acts of espionage in American history.”

Former CIA Staffer Convicted For Massive Data Breach To WikiLeaks (Forbes) Prosecutors said the 33-year-old who helped the CIA design shadowy hacking tools was responsible for “one of the most brazen and damaging acts of espionage in American history.”

Israel’s NSO Group said to lobby unsuccessfully for removal from US blacklist (Times of Israel) Lawyers and PR firms hired by embattled spyware company reportedly approached senators and members of Congress and are urging discussion of issue in Lapid-Biden meeting this week

Pegasus Spyware Maker NSO Is Conducting a Lobbying Campaign to Get Off U.S. Blacklist (ProPublica) The cybersecurity firm has invested heavily in top lobbyists and law firms in an effort to lift restrictions on doing business in America. NSO is hoping the Israeli prime minister will raise the issue with Joe Biden when the two meet this week.

European Police Aim to Keep Young Hackers From Slipping Into Cybercrime (Wall Street Journal) Teenagers and children, some as young as 8, can acquire simple skills of criminal hacking, police say. COPS, a Dutch group to steer young people away from cybercrime, is being replicated in Finland, Denmark and elsewhere.

Clearview AI hit with another €20M ban order in Europe (TechCrunch) Athens-based data protection authority has fined Clearview AI €20M and banned it from collecting and processing the personal data of people living in Greece.

Gaming firm Razer sues IT vendor for nearly S$10m in losses over leak of customers’ data (TODAY) Gaming hardware maker Razer has sued a vendor over a cybersecurity breach that led to confidential data of its customers and sales being leaked to the public.

Elephant Insurance Sued Over Breach That Affected 2.7 Million (Bloomberg Law) Elephant Insurance Co. was hit by a proposed class action over a data breach of its servers which compromised the personally identifiable information of over 2.7 million consumers.

Amazon Proposes Settlement of EU Antitrust Charges on Seller Data (Wall Street Journal) The online retailer has proposed concessions to settle two antitrust cases against it in the European Union, a fresh sign of changing strategy from big tech companies after the bloc passed a strict new digital-competition law.