Dateline Moscow and Kyiv: A shift in momentum during an operational pause.

Ukraine at D+155: A shift in momentum? (The CyberWire) Russia’s difficulties filling its depleted ranks (down nearly 50%, the US Intelligence Community is said to have told Congress) and its inability to advance (during what looks more like exhaustion and neutralization than it does operational pause) appear to have given Ukraine an opportunity to take back the initiative in the North, East, and, especially, the South. A look at hacktivism in the Ukrainian interest.

Russia-Ukraine war: List of key events, day 156 (Al Jazeera) As the Russia-Ukraine war enters its 156th day, we take a look at the main developments.

Russia-Ukraine war latest: what we know on day 156 of the invasion (the Guardian) Ukraine steps up campaign to retake Russian-controlled regions in south; Kyiv accuses Russia of a war crime over the deaths of more than 40 prisoners of war

Ukraine steps up counteroffensive against Russian forces (Al Jazeera) Ukrainian officials say campaign to retake parts of Kherson, Zaporizhia oblasts has begun, urging civilians to leave.

Russia-Ukraine war: Zelenskiy says grain exports ready to start; Kyiv and Moscow both launch investigations into PoW deaths – live (the Guardian) Ukraine’s president says Black Sea ports ready to export grain; Kyiv calls on world leaders to condemn Russia over attack that led to death of 40 PoWs

Ukraine could be turning the tide of war again as Russian advances stall (Washington Post) Russian advances in Ukraine have slowed almost to a standstill as newly delivered Western weapons help Ukrainian forces reclaim much of the advantage they had lost in recent months, opening a window of opportunity to turn the tide of the war in their favor again.

Ukraine war: Russian Kalibr cruise missiles strike military base near Kyiv (The Telegraph) Russian forces have struck a military base north of the capital Kyiv, Ukraine has said in a rare admission of a successful attack by Moscow on its military infrastructure.

Northern Ukraine Comes Under Burst of Russian Attacks Far From Front Lines (Wall Street Journal) Missiles and rockets rained down on northern Ukraine, marking the first time in weeks that the Kyiv region, far from the fighting in the country’s east and south, has been hit.

Ukraine war: West’s modern weapons halt Russia’s advance in Donbas (BBC News) Ukrainian soldiers credit the arrival of modern Western weapons for a sharp fall in Russia’s attacks.

‘Half of Russian troops’ sent into Ukraine have been killed or injured (The Telegraph) According to US intelligence, casualties have rocketed to more than 75,000 – a loss equivalent to almost the entire British Army

Russia, Ukraine trade blame for deadly attack on POW prison (AP NEWS) Russia and Ukraine accused each other Friday of shelling a prison in a separatist region of eastern Ukraine, an attack that reportedly killed dozens of Ukrainian prisoners of war who were captured after the fall of a key southern city in May.

The Kremlin’s Plans to Annex Southeastern Ukraine Go into Effect (Wilson Center) After five months of all-out war, the Kremlin appears to have refined its plans for the future of the temporarily occupied territories in southeastern Ukraine.

Climbing the escalation ladder in Ukraine: A menu of options for the West (Atlantic Council) Our experts have assembled a list of possible policy responses the West ought to consider if Russia escalates its war against Ukraine.

Cascading Impacts of the War in Ukraine: Mental, Maternal, and Newborn Health (New Security Beat) This article was originally published as part of the summer 2022 issue of the Wilson Quarterly: Ripples of War.Ukraine and its people will feel the effects of the Russian invasion for years to […]

Long Read: Russian Youth against War (Wilson Center) Young Russians strongly oppose the war in Ukraine. It is increasingly clear to them that the war is stealing their future and was started only to keep Vladimir Putin, his friends, and their heirs in power for as long as possible.

WSJ News Exclusive | New Group to Promote Open-Source Intelligence, Seen as Vital in Ukraine War (Wall Street Journal) A group of ex-U.S. national security officials has formed a professional association to promote the tradecraft of ‘open-source’ intelligence, the analysis of publicly available data that has helped Western powers understand and track Russia’s war on Ukraine.

Why Russia’s War in Ukraine Is a Genocide (Foreign Affairs) It’s not just a land grab, but a bid to expunge a nation.

Putin believed his own propaganda and fatally underestimated Ukraine (Atlantic Council) Russian President Vladimir Putin likes to pose as an unrivalled expert on Ukrainian history and identity politics. However, it is now apparent that his understanding of Ukraine has been hopelessly distorted by the wishful thinking of his own propaganda. When the Russian dictator gave the order to invade Ukraine five months ago, he seems to have genuinely believed his army would be met with cakes and flowers by a grateful population. Instead, he has plunged Russia into a disastrous war and turned his country’s closest neighbour into an implacable enemy.

Long Read: Russian Youth against War (Wilson Center) Young Russians strongly oppose the war in Ukraine. It is increasingly clear to them that the war is stealing their future and was started only to keep Vladimir Putin, his friends, and their heirs in power for as long as possible.

The Paradoxes of Escalation in Ukraine (Foreign Affairs) Slowly but surely, Russia and the West are drawing their redlines.

Climbing the escalation ladder in Ukraine: A menu of options for the West (Atlantic Council) Our experts have assembled a list of possible policy responses the West ought to consider if Russia escalates its war against Ukraine.

Can Putin Survive? (Foreign Affairs) The lessons of the Soviet collapse.

Is Viktor Orban right about the Ukraine war? (The Telegraph) The Hungarian leader’s call for peace may make sense for Hungary now – but long-term it would cripple his country and the West

Putin ’embarrassed’ as hackers launch cyber war on Russian President over Ukraine invasion (Express.co.uk) HACKERS are targeting and “embarrassing” Vladimir Putin in a bid to crush the Russian cybersecurity regime as it continues to wage its illegal war on Ukraine.

Is Anonymous Rewriting the Rules of Cyberwarfare? Timeline of Their Attacks Against the Russian Government (Website Planet) Jeremiah Fowler, together with the Website Planet research team, took an in depth look at how the hacker collective has changed the landscape of what

Ukraine’s tech excellence is playing a vital role in the war against Russia (Atlantic Council) Russia’s invasion of Ukraine is now in its sixth month with no end in sight to what is already Europe’s largest conflict since WWII. In the months following the outbreak of hostilities on February 24, the courage of the Ukrainian nation has earned admiration around the world. Many international observers are encountering Ukraine for the first time and are learning that in addition to their remarkable resilience, Ukrainians are also extremely innovative with high levels of digital literacy.

Russia’s pulling the plug on space cooperation. Should the world be worried? (Atlantic Council) Our experts break down Moscow’s extraplanetary plans after it pulls out of the International Space Station.

Crops ‘Stored Everywhere’: Ukraine’s Harvest Piles Up (New York Times) Farmers who have lived under the risk of Russian missile attacks have their doubts about an international agreement to ease a blockade on grain shipments through the Black Sea.

Ukraine to double energy exports amid Russian gas cuts to Europe (Fox Business) Ukraine will double its energy exports to Europe as EU nations cope with an energy standoff with Russia amid an international gas crisis.

Russian economy ‘crippled at every level’ despite Putin’s propaganda (The Telegraph) Country in ‘dire straits’ as exodus of Western firms knocks out 40pc of GDP

Isolation complication? US finds it’s hard to shun Russia (AP NEWS) The Biden administration likes to say Russia has become isolated internationally because of its invasion of Ukraine . Yet Moscow’s top officials have hardly been cloistered in the Kremlin.

‘Merchant of Death’ offered up by US in exchange for jailed citizens held in Russia (The Telegraph) Viktor Bout has been in US custody for 10 years for running a major arms smuggling operation

Russia has slowed flows of gas to Europe to a trickle – and the energy crisis could drag on until 2025, Goldman Sachs says (Markets Insider) Natural gas prices finally eased Thursday but have soared 145% since the start of June – and the crisis could continue for years, strategists said.

If Putin is using gas prices to fight Europe, how can it fight back? (the Guardian) Analysis: in this massive hybrid war, Europe is preparing its defences before winter and hoping sanctions bite

Attacks, Threats, and Vulnerabilities

How Threat Actors Are Adapting to a Post-Macro World (Proofpoint) In response to Microsoft’s announcements that it would block macros by default in Microsoft Office applications, threat actors began adopting new tactics, techniques, and procedures (TTPs).

CISA Releases Log4Shell-Related MAR (CISA) From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings. Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:

MAR-10386789-1.v1 – Log4Shell (CISA) Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched, public-facing VMware Horizon and Unified Access Gateway (UAG) servers. From May through June 2022, CISA provided remote incident support at an organization where CISA observed suspected Log4Shell PowerShell downloads. During remote support, CISA confirmed the organization was compromised by malicious cyber actors who exploited Log4Shell in a VMware Horizon server that did not have patches or workarounds applied. CISA analyzed five malware samples obtained from the organization’s network: two malicious PowerShell files, two Extensible Markup Language (XML) files, and a 64-bit compiled Python Portable Executable (PE) file.

Threat Advisory: Hackers Are Selling Access to MSPs (Huntress) We’re currently monitoring a situation that entails a hacker selling access to an MSP with access to 50+ customers, totaling 1,000+ servers.

Experts warn of hacker claiming access to 50 U.S. companies through breached MSP (The Record by Recorded Future) Experts have raised alarms about a post on a hacker forum by someone claiming to have access to 50 different U.S. companies through an unknown managed service provider.

Exploit of Log4Shell Vulnerability Leads to Compromise of Major South American Vaccine Distributor (SecurityScorecard) Exploit of Log4Shell Vulnerability Leads to Compromise of Major South American Vaccine Distributor

Exploitation of Recent Confluence Vulnerability Underway (SecurityWeek) Security researchers are already seeing the recent Questions for Confluence hardcoded password vulnerability being exploited in attacks.

Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks (SecurityWeek) Vulnerabilities found in Moxa’s NPort devices could allow attackers to cause significant disruption, including in critical infrastructure organizations.

Nuki Smart Lock Vulnerabilities Allow Hackers to Open Doors (SecurityWeek) NCC Group security researchers have identified 11 vulnerabilities impacting Nuki smart lock products, including some that allow attackers to open doors.

Vulnerability in Dahua’s ONVIF Implementation Threatens IP Camera Security (Nozomi Networks) Nozomi Networks Labs publishes a vulnerability in Dahua’s ONVIF standard implementation, which can be abused to take over IP cameras.

Protestware on the rise: Why developers are sabotaging their own code (TechCrunch) A wave of software developers have self-sabotaged their code to protest big corporations to Russia’s war in Ukraine.

Italian Insurer’s Data Breach Uncovered Sensitive Staff Documents (Website Planet) Italian Insurer’s Data Breach Uncovered Sensitive Staff Documents Vittoria Assicurazioni’s open buckets exposed hundreds of thousands of files contai

Security Patches, Mitigations, and Software Updates

Google announces new Play Store policies around intrusive ads, impersonation and more (TechCrunch) Google announced new Play Store policies for developers on Wednesday that aim to address issues with intrusive ads, alarms, VPNs and impersonation of brands and other apps. The company said these policies will go into effect during different timeframes so developers have ample time to make changes …

Mitsubishi Electric Factory Automation Engineering Software (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2.

Mitsubishi Electric FA Engineering Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow
2. RISK EVALUATION Successful exploitation of these vulnerabilities may cause a denial-of-service condition.

Rockwell Products Impacted by Chromium Type Confusion (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low attack complexity/public exploits are available Vendor: Rockwell Automation Equipment: FactoryTalk Software, Enhanced HIM for PowerFlex, Connected Components Workbench Vulnerability: Type Confusion 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition.

2022 ForgeRock Consumer Identity Breach Report (ForgeRock) ForgeRock’s Consumer Identity Breach Report found that unauthorized access was the leading cause of breaches, accounting for 50% of all records compromised during 2021. To learn about the current threat landscape, download the report.

The State of Vulnerability Intelligence: 2022 Midyear Edition (Flashpoint) The State of Vulnerability Intelligence report empowers organizations to focus on what matters most, helping them to keep workloads manageable.

Software Supply Chain Risk (Coalfire) Coalfire, in conjunction with survey partner Cyber Risk Alliance, has developed our latest report to advance the cybersecurity community by researching and analyzing the risks currently facing the software supply chain.

Cyberattacks on satellites may only be getting more worrisome (Washington Post) Space is a burgeoning battleground for cyberattacks

It’s Not Just Loot Boxes: Predatory Monetization Is Everywhere (Wired) The UK recently declined to regulate prize draws as a form of gambling, but does it matter? The industry has moved on to more problematic ways to make money.

Marketplace

Cyber insurance is on the rise, and organizational security postures must follow suit (VentureBeat) When it comes to cyber insurance, much like other types of insurance, organizations should know what to look for — as well as what is expected of them. 

Cyber Insurance Price Hike Hits Local Governments Hard (Pew Trusts) Some rates have more than doubled, and many insurers require new security protections.

Cybersecurity Growth Investment Flat, M&A Activity Strong for 2022 (SecurityWeek) While global markets have suffered, sales of cybersecurity software have remained strong. VC investment in cybersecurity has adapted to the world economy rather than stalled.

Decentralized data platform Space and Time raises $10 million in seed round (The Block) Funds raised in the Framework Ventures-led round will be used to expand Space and Time’s engineering team and decentralized network.

ThreatX Recognized as a Sample Vendor in the 2022 Gartner® Hype Cycle™ for Application Security (Business Wire) ThreatX today announced the company has been acknowledged twice as a Sample Vendor in the Gartner Hype Cycle for Application Security, 2022 report.

Axis Named Most Innovative Security Services Company at 2022 Golden Bridge Business and Innovation Awards (PR Newswire) Axis announced today that it has been named Most Innovative Security Services Company at the 2022 Golden Bridge Business and Innovation Awards…

Gartner Magic Quadrant PAM | Delinea Positioned as a Leader (Delinea) Download a complimentary copy of Gartner’s 2020 report on the PAM market and vendors to see why Delinea is recognized as a leader.

Axonius Appoints Tom Kennedy as Vice President of Axonius Federal Systems (Axonius) Axonius today announced it has appointed Tom Kennedy as its Vice President of Axonius Federal Systems LLC, the company’s government-focused subsidiary.

Products, Services, and Solutions

Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud (Business Wire) Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud

Everything Blockchain Inc. Launches EB Control (Business Wire) Everything Blockchain Inc., (OTCMKTS: OBTX), a technology company that enables real-world use of blockchain to solve critical business issues, today a

Technologies, Techniques, and Standards

Cyber grades bring down agencies’ scores in FITARA 14 (Federal News Network) The 14th version of the FITARA scorecard shows one agency increased their score, while eight earned lower scores, mostly due to cybersecurity shortcomings.

Legislation, Policy, and Regulation

EU to Open San Francisco Office Focused on Tech Regulation (Wall Street Journal) The European Commission is opening a San Francisco office, an effort to improve trans-Atlantic tech policy relations after years of tension between European regulators and U.S. tech firms.

Why Indonesia Has Embraced Huawei (Foreign Policy) If the U.S. wants to compete with China in developing countries, our research shows it needs to offer tangible assistance in response to real needs.

Victim of Private Spyware Warns It Can be Used Against US (SecurityWeek) Months after her father was lured back to Rwanda under false pretenses and jailed, Carine Kanimba discovered her own phone had been hacked using private spyware.

House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing (SecurityWeek) The House has passed two cybersecurity bills: the Energy Cybersecurity University Leadership Act and the RANSOMWARE Act.

House Passes Chips Act to Boost U.S. Semiconductor Production (Wall Street Journal) The $280 billion bill passed despite a late push by Republican leaders to block the legislation over a separate Democratic spending proposal.

CHIPS Act clears Congress, ensuring $52 billion boost to US foundries (The Verge) The vote was the long-awaited bill’s final hurdle before Biden.

Congressional Democrats Introduce Net Neutrality Bill (CNET) Senate and House Democrats introduce a bill to reinstate Obama-era net neutrality rules and to give the FCC authority over broadband networks.

Top White House cyber official says Congress should push for digital security mandates (The Record by Recorded Future) A senior White House official on Thursday said Congress could do more to set basic cybersecurity standards for critical infrastructure sectors to better protect them against digital threats.

Litigation, Investigation, and Law Enforcement

Police to share coding of AN0M app used in Operation Ironside arrests (ABC) Experts for alleged criminals charged in one of Australia’s biggest criminal sting operations will be given access to the coding of a messaging app built by the Australian Federal Police to catch those allegedly involved in organised crime.

Rewards for Justice – Reward Offer for Information on Russian Interference in U.S. Elections (United States Department of State) The U.S. Department of State’s Rewards for Justice (RFJ) program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information on foreign interference in U.S. elections. The reward offer seeks information leading to the identification or location of any foreign person, including a foreign entity, who knowingly engaged […]

Crackdown on BEC Schemes: 100 Arrested in Europe, Man Charged in US (SecurityWeek) Authorities in Europe announce the arrests of 100 individuals for invoice fraud as the US indicts a Florida man for role in BEC scheme.

U.S. Justice Department probing cyber breach of federal court records system (Reuters) The U.S. Justice Department is investigating a cyber breach involving the federal court records management system, the department’s top national security attorney told lawmakers on Thursday.

US DoJ probing ‘incredibly significant’ breach of federal records (Computing) The breach dates back to early 2020

Justice Department investigating data breach of federal court system (POLITICO) House Judiciary Committee Chair Jerrold Nadler described a “system security failure” of the U.S. Courts’ document management system.

France Closes ‘Cookies’ Case Against Facebook (SecurityWeek) French privacy regulators on Thursday closed a case against Facebook after determining the US tech giant had changed the way it collected user data to comply with the law.