Dateline Moscow, Kyiv: Cyber gangs and a global cyber war.

Ukraine at D+141: Imprecision, gangs, and global cyber war. (The CyberWire) Indiscriminate Russian fire draws continuing international condemnation, but such fire may represent the only level of precision available to Russian fire support and strike systems. Trickbot is described as a criminal organization that works in close cooperation with the FSB. And Ukraine’s SSSCIP describes its approach to what it characterizes as a cyber world war.

Russia-Ukraine war: List of key events, day 142 (Al Jazeera) As the Russia-Ukraine war enters its 142nd day, we take a look at the main developments.

Ukraine’s new US rockets are causing fresh problems for Russia (CNN) There’s a new and potentially very significant factor in the Ukrainian conflict: the Ukrainians’ ability to use recently supplied Western systems to hit Russian command posts, logistical hubs and ammunition dumps a long way beyond the front lines.

Ukraine condemns Russia strike that killed 23 in ‘ordinary, peaceful’ city (Reuters) Russian missiles struck the Ukrainian city of Vinnytsia far behind the frontlines on Thursday in an attack which Ukrainian officials called a war crime and said had killed at least 23 people, including three children.

Russia-Ukraine war live: children among the dead as rescuers search for dozens missing in Vinnytsia attack (the Guardian) At least 23 people confirmed dead in Russian missile attack

Russia-Ukraine crisis live updates | Ukrainian rescue teams hunt for survivors in Vinnytsia (The Hindu) Here are the latest developments from the ongoing Russia-Ukraine conflict on July 15

Ukrainian city cleans up and grieves after Russian missile attack (Reuters) By Sergiy Voloshyn and Valentyn Ogirenko

G20: Canada claims Russian delegation are personally responsible for ‘war crimes’ in Ukraine (the Guardian) Minister’s accusation comes day after US Treasury secretary says Putin government officials ‘have no place’ at talks

US, Canada Condemn Russia’s War on Ukraine at Indonesia G20 Talks (VOA) Finance ministers accuse Russian officials of complicity in atrocities committed during the war

Russian officials at G20 accused of war crimes after missile strike on Vinnytsia (ABC) US and Canadian officials tell Russian officials at the G20 summit they share responsibility for civilian deaths in Ukraine, as Volodymyr Zelenskyy warns the death toll from a Russian strike on the city of Vinnytsia could rise. 

British aid worker held by Russian-backed Ukraine separatists reported dead (the Guardian) Paul Urey, who was captured and accused of being a mercenary, has died, Donetsk official says

Fiona Hill: Putin’s Running Out of Time (Foreign Policy) A top Russia advisor to three U.S. presidents explains why the world shouldn’t fall for Moscow’s narrative that it can wait out the West in…

Inside The Russian Cybergang Thought To Be Attacking Ukraine—The Trickbot Leaks (Forbes) Exclusive: Months of detailed analysis by threat intelligence specialists has resulted in a rare glimpse inside the Russian cybergang with Ukraine in the crosshairs.

Who is Trickbot? (Cyjax) Since the start of the Russia-Ukraine conflict, Russian based cybercrime groups have been placed into a difficult position. With many groups being comprised of a variety of different nationalities, the various members need to make decisions on allegiance. Leading the charge was the Conti ransomware group who decided on 25 February 2022 to make a … Continued

Who is Trickbot? (Cyjax) Analysis of the Trickbot Leaks

NATO and the European Union work together to counter cyber threats (NATO) Following the NATO Summit in Madrid last month, senior officials from NATO and the European Union (EU) met today (14 July 2022) to take stock of recent developments in the cyber threat landscape and explore further areas of engagement on cyber defence.

The Man at the Center of the New Cyber World War (POLITICO) Yurii Shchyhol’s job is to protect Ukraine against ongoing Russia cyberattacks. But the war he’s fighting is global, he says — and he has some advice for the rest of us.

Russian cyber threat to Canada worse than previously reported: CSE (National Post) The agency warned Russia is also ‘in the process of developing cyber capabilities against targets’ in the E.U. and NATO, including Canada

EU Privacy Regulators Are Scrutinizing Data Flows to Russia (Wall Street Journal) Regulators are monitoring legal changes in Russia and how they could affect any data being moved through from the EU, according to the European Data Protection Board, the umbrella group of authorities from the bloc.

Disinformation is being used in the Ukrainian war more than in any other conflict so far – Google (Baltic Times) RIGA – More than in any other conflict so far, disinformation is being used as a weapon in the war in Ukraine, which requires a lot of effort by…

Russia jails opposition figure for criticizing its military (ABC News) A court in Russia has ruled to remand a prominent opposition politician in custody pending an investigation and trial over his public criticism of Russia’s military actions in Ukraine

The Gorinov Case Sets New Benchmark in the Kremlin’s War against Dissent (Wilson Center) On July 8, 2022, a Moscow court handed down its first prison sentence to an antiwar dissenter. It jailed Alexei Gorinov, a Moscow municipal councilor, for an astonishing seven years for speaking out against Russia’s invasion of Ukraine at a local council meeting.

Europe’s Tiny Steps Won’t Solve Its Energy Emergency (Foreign Policy) The bad policies that created the crisis are still in place.

Attacks, Threats, and Vulnerabilities

North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware (Microsoft Security) A group of actors originating from North Korea that Microsoft Threat Intelligence Center (MSTIC) tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name for its campaigns and has successfully compromised small businesses in multiple countries as early as September 2021.

Microsoft links Holy Ghost ransomware operation to North Korean hackers (BleepingComputer) For more than a year, North Korean hackers have been running a ransomware operation called HolyGhost, attacking small businesses in various countries.

Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media (Proofpoint) Those involved in media make for appealing targets given the unique access, information, and insights they can provide on topics of state-designated import. Proofpoint researchers have observed APT actors since early 2021 regularly targeting and posing as journalists and media organizations to advance their state-aligned collection requirements and initiatives.

Chinese hackers targeted U.S. political reporters just ahead of Jan. 6 attack, researchers say (CyberScoop) The previously unreported campaigns represent one of several ongoing nation-state attempts to hack journalists, the researchers said.

Journalists Emerge as Favored Attack Target for APTs (Threatpost) Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them.

A New Attack Can Unmask Anonymous Users on Any Major Browser (Wired) Researchers have found a way to use the web’s basic functions to identify who visits a site—without the user detecting the hack.

PayPal-themed phishing kit allows complete identity theft (Help Net Security) By misusing the PayPal logo and general design, the phishing kit is aimed at collecting info that can be used to steal the victims’ identity.

PayPal phishing kit added to hacked WordPress sites for full ID theft (BleepingComputer) A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos.

Apple ID Phishing Scams: Code / Password Reset Email & Fake Security Alert Text (Trend Micro News) How do Apple ID Password / Code Reset Email Scams Work? How to Protect Yourself?

Stealthy OpenDocument Malware Deployed Against Latin American Hotels (HP Wolf Security) Don’t let cyber threats get the best of you. Read our post, Stealthy OpenDocument Malware Deployed Against Latin American Hotels, to learn more about cyber threats and cyber security.

BlackCat Ransomware Group Deploys Brute Ratel Pen Testing Kit (Infosecurity Magazine) The BlackCat ransomware group has deployed a new binary to help with its intrusion efforts

Videogame maker Bandai Namco confirms cyber attack (ComputerWeekly.com) Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack.

Bandai Namco finally confirms massive cyber attack as ransomware outfit claims responsibility (IT PRO) AlphV/BlackCat claims “data is coming soon” to its deep web blog in a suspected double-extortion ransomware attack

Canadian airlines suffer delays and cancellations due to Zayo outage (The Record by Recorded Future) Several flights across Western Canada have been canceled or delayed due to an internet outage affecting the air navigation service provider NAV Canada. 

Twitter is back after a major outage (The Verge) Twitter is not accessible on web or mobile right now.

Data breaches explained: Types, examples, and impact (CSO Online) A data breach is a security incident in which a malicious actor breaks through security measures to illicitly access data.  The costs and consequences for the companies and individuals can be significant and long-lasting.

Phone, email and Social Security numbers may have been stolen from Mooresville schools (The Reporter Times) The school system reported a disruption and a ransomware group has claimed it hacked into and stole student data.

Security Patches, Mitigations, and Software Updates

July Patch Tuesday 2022: Updates and Analysis (CrowdStrike) The CrowdStrike Falcon Spotlight team analyzes July’s vulnerabilities, and offers insights into vulnerabilities and patches affecting Microsoft products so far this year.

Juniper Networks Releases Security Updates for Multiple Products (CISA) Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates. 

Siemens SCALANCE X Switch Devices (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X Switch Devices Vulnerabilities: Use of Insufficiently Random Values, Classic Buffer Overflow 2.

Siemens SICAM GridEdge (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM GridEdge Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION The SICAM GridEdge software contains an improper access control vulnerability, which could allow persons with local access to the host system to inject an SSH key.

Siemens SIMATIC MV500 Devices (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC MV500 Devices Vulnerabilities: Insufficient Session Expiration, Missing Authentication for Critical Function 2.

Siemens Simcenter Femap (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerability: Out-of-bounds Write 2. RISK EVALUATION If a user is tricked into opening a malicious file with the affected application, then this vulnerability could allow remote code execution.

Siemens RUGGEDCOM ROX (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative privileges to gain root access.

Siemens Mendix Excel Importer (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Excel Importer Module Vulnerability: XML Entity Expansion 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the availability of the affected component.

Siemens Datalogics File Parsing Vulnerability (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerability: Heap-based buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash a system or potentially lead to arbitrary code execution if a user opens a malicious PDF file.

Siemens PADS Standard/Plus Viewer (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: PADS Standard/Plus Viewer Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2.

Simcenter Femap and Parasolid (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap and Parasolid Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code execution in the context of the current process of the application through an out-of-bounds read.

Siemens Mendix Applications (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Applications Vulnerability: Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious user to leak sensitive information if the Workflow visual language of Mendix is used.

Open Design Alliance Drawings SDK (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Open Design Alliance Equipment: Drawings SDK Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a user to open a malicious DWG file that could lead to the application crashing or to an arbitrary code execution.

Siemens SRCS VPN Feature in SIMATIC CP Devices (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP Devices Vulnerabilities: Heap-based Buffer Overflow, Command Injection, Code Injection 2.

Siemens Mendix (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to change the user’s password bypassing password validations within a Mendix application.

Siemens CPC80 Firmware of SICAM A8000 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: CPC80 Firmware of SICAM A8000 Vulnerability: Missing Release of Resource after Effective Lifetime 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution.

Siemens SIMATIC eaSie Core Package (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC eaSie Vulnerabilities: Improper Input Validation, Missing Authentication for Critical Function 2.

Siemens EN100 Ethernet Module (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the affected application leading to a denial-of-service condition.

Siemens Opcenter Quality (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Opcenter Quality Vulnerability: Incorrect Implementation of Authentication Algorithm. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated access to the application or cause denial of service condition for existing users.

Siemens RUGGEDCOM ROS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROS Vulnerability: Improper Control of Generation of Code 2. RISK EVALUATION Successful exploitation of this vulnerability could cause malicious behavior through legitimate user accounts accessing certain web resources on affected devices.

Siemens Industrial Products Intel CPUs (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC, SINUMERIK Vulnerabilities: Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-222-05 Siemens Industrial Products Intel CPU that was published August 10, 2021, to the ICS webpage on www.cisa.gov/uscert.

Siemens SIMATIC Industrial Products (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siemens SIMATIC Industrial Products Vulnerabilities: Operation on a Resource after Expiration or Release, Missing Release of Memory after Effective Lifetime 2.

Siemens SCALANCE X (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE X Vulnerability: Expected Behavior Violation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-085-01 Siemens SCALANCE X (Update C) that was published October 14, 2021, to the ICS webpage on us-cert.gov.

Siemens TIA Administrator (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATICS PCS neo (Admin Console), SINTEPLAN, TIA Portal Vulnerability: Uncontrolled Resource Consumption 2.

Siemens VxWorks-based Industrial Products (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Wind River VxWorks-based Industrial Products Vulnerability: Heap-based Buffer Overflow 2.

Siemens PROFINET Stack Integrated on Interniche Stack (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: PROFINET Stack Integrated on Interniche Stack Vulnerability: Uncontrolled Resource Consumption 2.

Siemens Industrial Products with OPC UA (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET PC, SITOP Manager, TeleControl Server Basic Vulnerability: Null Pointer Dereference 2.

Siemens Mendix (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-104-07 Siemens Mendix (Update A) that was published June 16, 2022, on the ICS webpage on cisa.gov/ics.

Siemens OpenSSL Affected Industrial Products (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Multiple industrial products Vulnerability: Infinite Loop 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products that was published June 16, 2022, on the ICS webpage on cisa.gov/ics.

Siemens SIMATIC WinCC (Update E) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC Vulnerabilities: Path Traversal, Insertion of Sensitive Information into Log File 2.

Siemens Industrial PCs and CNC devices (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Industrial PCs and CNC devices Vulnerabilities: Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, Improper Privilege Management 2.

Siemens Industrial Products (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: OPC Foundation Local Discovery Server of several industrial products Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2.

The ‘Shamanification’ of the Tech CEO (Wired) From fruit-only diets to dopamine fasting, Silicon Valley founders flaunt self-deprivation like a misguided pursuit of wellness. But there’s more to it.

Marketplace

Bishop Fox Secures $75 Million in Growth Funding from Carrick Capital Partners (GlobeNewswire News Room) Offensive security leader continues to defy market and economic trends with record growth and recognized innovation…

Crosslake Technologies Announces Acquisition of Cybersecurity Advisory Firm VantagePoint (Business Wire) Crosslake Technologies, a top tech advisor to private equity firms, made its third acquisition with the purchase of cybersecurity advisor VantagePoint

Upstart blockchain unicorn Aptos Labs is already facing a $1 billion ownership fight (Silicon Valley Business Journal) Aptos Labs is only eight months old, but it’s already worth $1 billion — and its CEO is facing a $1 billion lawsuit related to its founding.

How to land a cybersecurity job with the federal government (Fortune) Senior homeland security officials recently estimated that the federal government had 1,500-plus open cybersecurity roles.

Dataminr Appoints Dave DeWalt as Chair of its New Corporate Market Advisory Board and Forges Strategic Partnership with NightDragon (PR Newswire) Dataminr, the world’s leading real-time information discovery platform, today announced a new strategic advisory partnership with NightDragon,…

Red Canary Appoints New CFO as Company Continues to Grow at 3x the Pace of Overall MDR Market (PR Newswire) Red Canary, the Managed Detection & Response trailblazer, today announced the appointment of John Ritchie as its Chief Financial Officer. With…

DIGISTOR® Adds Cybersecurity Technology Specialist as Director of Applications Engineering (DIGISTOR) Ben Warner will liaise with customers to counsel and prioritize Data at Rest security solutions

Products, Services, and Solutions

Bolster, Inc. Launches Four New Digital Risk Protection Capabilities (PR Newswire) Bolster, Inc., the automated digital risk protection company, announced today the addition of four new platform modules: social media, app…

Horizen Launches No-Code Tokenization Platform, TokenMint, on Mainnet (BusinessWire) Horizen, a privacy-focused zero-knowledge network of blockchains powered by the largest node system, announced the mainnet launch of its no-code token

External Attack Surface Management Tool SCOUT Increases Visibility into Organizations’ Expanding Attack Surfaces Automated, Continuous Monitoring (PR Newswire) Arctonyx, a cybersecurity products company operating in the greater Washington, D.C. area, announced the official launch of SCOUT, an External…

SOC Prime Delivers New Smoking Guns Sigma Rules List (Business Wire) SOC Prime, the provider of the world’s largest and most advanced threat detection marketplace, today announced the availability of Smoking Guns Sigma

Contrast Security Unlocks the Power of Serverless Technology at AWS re:Inforce Conference (PR Newswire) Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announced its lineup of events…

Top 10 cyber security platforms (Technology Magazine) As cyber attacks become more complex, it has never been more crucial for businesses to invest in cyber. Here, we take a look at the top cyber platforms

Keysight Cyber Training Simulator Provides Universities a Realistic Turnkey Cyber Range (Yahoo) SANTA ROSA, Calif., July 14, 2022–Keysight Technologies, Inc. (NYSE: KEYS), a leading technology company that delivers advanced design and validation solutions to help accelerate innovation to connect and secure the world, has introduced Keysight Cyber Training Simulator (KCTS), a comprehensive, turnkey cyber range that simulates real-world traffic using the company’s BreakingPoint solution.

Hacket Cyber Lets You Partner With Hackers with the ALLYGN Partner Pro (PRWeb) Hacket Cyber, a leader in penetration testing and offensive security services, has announced today the debut of the ALLYGN partner program for technology rese

Technologies, Techniques, and Standards

NSA Publishes Guidance on Characterizing Threats, Risks to DoD Microelectronics (National Security Agency/Central Security Service) The National Security Agency’s (NSA) Joint Federation Assurance Center Hardware Assurance Lab published a report on “DoD Microelectronics: Levels of Assurance Definitions and Applications” today to

Design and Innovation

CyberArk Execs: 9 Bets on What’s Next in Identity Security (BankInfoSecurity) CyberArk has pushed beyond privileged access management to address broader identity use cases as the rise of machine identities creates new challenges. The company

Research and Development

Exploring Intelligent Ways to Redefine Defence Cybersecurity (Australian Cyber Security Magazine) Digital automation promises to accelerate productivity at a massive scale, but with networked digital infrastructure comes the risk of unexpected faults or malign activities due to undetected network vulnerabilities.

Academia

FAU Receives State Grant for Cybersecurity, IT Training (Florida Atlantic University) Florida Atlantic University was awarded more than $800,000 by the state of Florida to prepare students for jobs in the burgeoning fields of cybersecurity and information technology.

Legislation, Policy, and Regulation

China’s Surveillance State Hits Rare Resistance From Its Own Subjects (New York Times) Beijing’s swift move to censor news about one of the largest known data breaches shows keen awareness of how major security lapses can harm its credibility.

Britain’s Online Safety Bill set to be delayed (POLITICO) Boris Johnson’s exit throws content regulation law into doubt.

Biden’s cyber strategy expected to boost federal role in protecting critical systems from hackers (CyberScoop) The national cyber director’s office is leading the drafting of the document.

White House pushes for chips funding as Intel loses patience (The Verge) Congress has little time to approve $52 billion in chips funding

Langevin amendment to boost cyber defenses for critical infrastructure wins House approval (CyberScoop) The designated entities will be required to report how they manage cyber risk for critical assets.

Sen. Warner maneuvers to secure intelligence community backing of tech antitrust bill, sources say (CyberScoop) Critics say that in its quest to break up big tech, the legislation also opens the door to cyber and national security risks.

Simple Cyber Reporting Will Enable Better Governmentwide Response, Lawmaker Argues (Nextgov.com) Sen. Gary Peters discussed how streamlined reporting to CISA can clarify the cyber threat landscape to all U.S. networks.

Intel Agencies Embracing Social Media to Spread Message, Mission (MeriTalk) Federal intelligence agencies have grown increasingly comfortable with using social media tools to spread the word about their work, officials said this week.

NSA works to address ‘really concerning’ cyber threats (Government Matters) The National Security Agency (NSA) established a cybersecurity directorate in 2019 with the goal of protecting the Defense Department (DoD), national security systems and the defense industrial base from cyber attacks. NSA Director of Cybersecurity Rob Joyce oversees that directorate. There is a shared understanding around the world of the ‘really concerning’ cyber tactics China […]

Customer service at the National Security Agency (FCW) Steve Kelman finds a helping hand in the highly secretive spy shop.

Task force to combat scams targeting troops, veterans pitched by House lawmakers (Stars and Stripes) A joint task force to combat consumer fraud targeting service members and veterans was introduced by House lawmakers as an amendment to the National Defense Authorization Act.

Litigation, Investigation, and Law Enforcement

Amazon handed Ring footage to police without user consent (AP NEWS) Amazon has provided Ring doorbell footage to law enforcement 11 times this year without the user’s permission, a revelation that’s bound to raise more privacy and civil liberty concerns about its video-sharing agreements with police departments across the country.

Amazon finally admits giving cops Ring doorbell data without user consent (Ars Technica) Amazon Ring gave police data without user consent 11 times so far in 2022.

Amazon’s Ring has provided doorbell footage to police without owners’ consent 11 times so far this year (CNN) Amazon’s smart-doorbell company, Ring, has provided surveillance footage to law enforcement without a warrant or the consent of doorbell-owners 11 times this year alone, according to a letter Amazon (AMZN) sent to Congress earlier this month.

Today I learned Amazon has a form so police can get my data without permission or a warrant (The Verge) If police convince Amazon it’s an emergency, they get access

Amazon gave Ring videos to police without owners’ permission (POLITICO) The revelation highlights the many ways that police can get footage from Ring doorbells, and how often it happens without consent.

Amazon Admits Giving Ring Camera Footage to Police Without a Warrant or Consent (The Intercept) In response to recent questions from Sen. Ed Markey, Amazon stated that it has provided police with user footage 11 times this year alone.

Log4j Software Flaw ‘Endemic,’ New Cyber Safety Panel Says (SecurityWeek) The Log4j vulnerability is an “endemic” problem that will pose security risks for potentially a decade or more, according to a new cybersecurity panel created by President Joe Biden.

Log4j software flaw ‘endemic,’ new cyber safety panel says (Washington Post) A computer vulnerability discovered last year in a ubiquitous piece of software is an “endemic” problem that will pose security risks for potentially a decade or more, according to a new cybersecurity panel created by President Joe Biden.

DHS warns: Expect Log4j risks for ‘a decade or longer’ (Register) Great, another thing that’s gone endemic

Biden administration warns Log4J cyber flaw will linger for possibly ‘decade or longer’ (The Washington Times) The Biden administration is warning that a widespread cyber vulnerability discovered last year will linger for several years — perhaps more than a decade.

TikTok Use by Military Poses Security Risk, US Regulator Testifies (Bloomberg) FCC member Carr says location data may flow to Beijing. TikTok ‘pervasive’ on personal devices, Carr tells House panel.

DOJ Poised to Rebuff Google Concessions, Clearing the Way for Antitrust Suit (Bloomberg) Justice Department is expected to file Google suit in weeks. Google has proposed spinning off part of its ad network.

Lawyers Suing Social Media Giants Turn to Products Liability Theories (New York Law Journal) A trending approach is gaining momentum as more and more plaintiffs allege that social media companies seek to addict their users.

Shields Health Sued Over Data Breach That Affected 2 Million (Bloomberg Law) Shields Health Care Group Inc. faces a proposed class action over a data breach that impacted 2 million people and more than 50 of the provider’s health care facilities.

Southwest Health data breach reported to FBI (Monroe Times) Southwest Health notified its patients last week that a data breach Jan. 11 may have released personal medical information.

Police monitor other cybersex dens after rescue of minors (Yahoo) THE Women and Children’s Protection Center (WCPC) Visayas Field Unit is monitoring other cybersex dens in Cebu City after eight minors, including a four-month-old baby, allegedly hired to do obscene acts, were rescued from a house in Barangay Luz Wednesday afternoon, July 13, 2022.Police Major Niño Lawrence Ibo, officer-in-charge of WCPC, said they were alarmed by the recent abuse of the underage girls whose nude photos have been uploaded to the social media for their customers, mostly foreigner

US urges speed in Booz Allen antitrust case as NSA intel contract nears (C4ISRNet) U.S. attorneys argue a speedier clip is necessary to preserve competition on a National Security Agency contract dubbed Optimal Decision, which deals with signals intelligence and simulation services.