Update on Ukraine. ASIO will help private sector. CISA issues ICS advisories; adds to catolog of exploited vulnerabilities. – The CyberWire

How do you know if an email is malicious? How can you check if a file is a ransomware load or an Excel file? Worse, threat actors specifically craft files to look benign to automated scans. In fact, threat actors like dark web criminals have been using automation to attack companies for decades now. 
Join Recorded Future on Tuesday, February 22 to find out how intelligence supercharges automation success. Register here

The CyberWire is pleased to announce that Relativity is kicking off its second season of Security Sandbox with the CyberWire Podcast Network. Hosted by Amanda Fennell, Relativity’s Chief Security Officer and Chief Information Officer (CSO & CIO), Security Sandbox is a series of creatively-driven conversations about what it takes to solve complex data problems, securely. The podcast explores new ideas and approaches tied to improving an organization’s cybersecurity posture, while having a little fun in the process. Check out the latest episode.
There are no publicly known major cyberattacks in progress, but disinformation and influence operations continue. Russian media have seized upon a Buzzfeed story published earlier this week that described possible contingency plans for moving the US embassy from Kyiv to a location in Western Ukraine should an invasion and an attendant refugee crisis render Kyiv untenable. Those stories are being represented as a form of Anglo-American attempt to stoke fear and exacerbate the crisis. Such opportunistic amplification has become a staple of Russian disinformation, with Facebook in particular seeing tendentious posts that have their origin in distorted interpretations of Western governments’ statements and media reports.
Diplomacy continues between the Russian side and Ukraine (including Ukraine’s international sympathizers) and it’s likely to be protracted. In the meantime Russian cyber operations have not, insofar as is publicly known, resumed on any large scale. Russian exercises continue, both in Belarus and in the Black Sea. Ukraine has protested the Russian Black Sea operations as amounting to an incipient blockade; Russia calls them exercises.
The US Senate Foreign Relations Committee has been much concerned with the design and implementation of a sanctions regime the US could quickly apply as retaliation for further Russian aggression against Ukraine. POLITICO reports that the Committee’s thinking is running toward developing sanctions that could be imposed well-short of a kinetic war. Major cyberattacks could, members of the Committee are saying, trigger severe sanctions against Russia.
The CyberWire’s continuing coverage of the unfolding crisis in Ukraine may be found here.
CRN reports that the Australian Security Intelligence Organization (ASIO) Director-General says his organization will take a more active (“proactive”) role in responding to threats to the private sector. ASIO is expected to make vigorous use of authorities it received under the Security Legislation Amendment (Critical Infrastructure) Bill.
CISA yesterday released eighteen industrial control system advisories. The products affected include: Siemens SIMATIC Industrial Products, Siemens SIMATIC WinCC and PCS, Siemens Simcenter Femap, SINEMA Remote Connect Server, SICAM TOOLBOX II, Siemens Spectrum Power 4, Siemens Solid Edge, JT2Go, and Teamcenter Visualization, Siemens COMOS Web (Update A), Siemens Healthineers syngo fastView (Update A), Siemens SIMATIC WinCC (Update A), Siemens LOGO! CMR and SIMATIC RTU 3000 (Update A), Siemens Industrial Products Intel CPUs (Update A), Siemens TCP/IP Stack Vulnerabilities–AMNESIA:33 in SENTRON PAC / 3VA Devices (Update C), Siemens SCALANCE & SIMATIC (Update F), Siemens Industrial Products SNMP (Update E), Siemens SCALANCE X Switches (Update A), Siemens SCALANCE X Switches (Update D), and Siemens PROFINET DCP (Update V).
CISA also added fifteen new entries to its Known Vulnerabilities Catalog. All US Federal Civilian Executive Branch Agencies (FCEB Agencies) are required to remediate each vulnerability by a specified date. Agencies have until August 10th of this year to address fourteen of them, but one, CVE-2021-36934, a Microsoft Windows SAM Local Privilege Escalation Vulnerability, requires more urgency, and must be mitigated by February 24th. Microsoft issued an update for CVE-2021-36934 last August, but cautions that full remediation also requires deletion of all shadow copies of system files.
Today's issue includes events affecting Australia, Belarus, France, Ireland, Israel, Russia, Slovenia, Ukraine, the United Kingdom, and the United States.
Several initiatives were launched last year by the White House to improve ICS cybersecurity through improved information sharing among private entities and the government. On Feb. 14 hear from government cybersecurity leaders from DOE, NSA, CISA, E-ISAC, and Dragos as they discuss the successful public-private partnership to protect our critical infrastructure.
Sanctions for the cyber phase of a hybrid war, amid protracted diplomacy. (The CyberWire) Diplomacy continues, but so do troop movements, and the US State Department tells Americans to leave Ukraine. Is there a failure to learn lessons from earlier cyber campaigns against Ukraine?
Ukraine rejects Russian pressure in talks, Moscow says zero progress (Reuters) Ukraine said on Friday it would not yield to pressure from Moscow to negotiate with Russian-backed separatist leaders, after the latest four-nation talks ended with no breakthrough on ending eight years of fighting.
Russia's top diplomat mocks 'deaf' Liz Truss at testy joint appearance in Moscow (The Telegraph) Sergey Lavrov attempted to throw Ms Truss off balance as she became the first foreign secretary to visit Moscow in more than four years
Russia could again invade Ukraine during Olympics, Blinken says (Military Times) "We continue to see very troubling signs of Russian escalation, including new forces arriving at the Ukrainian border,” Secretary of State Antony Blinken said in Canberra, Australia.
Netherlands advises Dutch citizens to leave Ukraine -BNR News Radio (Reuters) The Dutch government has advised Dutch citizens to leave Ukraine as soon as possible due to the security situation, the Dutch radio broadcaster BNR said on Friday, citing the Dutch ambassador in Ukraine.
Global Supply Chains Brace for Russia-Ukraine Conflict – Four Major Risks (Global Trade Magazine) A Russian invasion of Ukraine has the potential to cause extensive and debilitating disruption across global supply chains, resulting in…
European banks told to step up cyberattack defenses amid Russia-Ukraine crisis (CNBC) Banks across the euro zone are being told to increase their cyber defenses with the region's regulator saying the issue should be a top priority for the sector.
Is Ukraine ready for future cyberattacks? Don’t hold your breath, experts say (Euromaidan Press) During the online campaign #FRD (F*ck Responsible Disclosure) of 2018-2020, a group of cybersecurity experts of the Ukrainian Cyber Alliance (UCA) published around 120 reports on critical vulnerabilities in the cyber defense of Ukrainian government agencies. However, the state organs were not pleased. Their reactions ranged from denying the existence of vulnerabilities and downplaying their…
On Ukraine, senators put cyberattacks top-of-list for sanctions (POLITICO) Efforts to push back against Russian cyber aggression toward Ukraine are becoming more serious, with senators looking at sanctioning Russia and providing more cybersecurity assistance.
Aid to Ukraine Might Not Make it Ahead of Potential Invasion as Congress Is Gridlocked ( Negotiations on aid to Ukraine have stalled over a partisan impasse on sanctions, including what to do about the Nord Stream 2 natural gas pipeline.
Monsieur Fixit (Foreign Affairs) The perils of Macron’s shuttle diplomacy.
Russia's top diplomat mocks 'deaf' Liz Truss at testy joint appearance in Moscow (The Telegraph) Sergey Lavrov attempted to throw Ms Truss off balance as she became the first foreign secretary to visit Moscow in more than four years
UK defense secretary in Moscow amid Ukraine tensions (AP NEWS) Britain's defense secretary visited Moscow Friday for talks on easing tensions amid massive Russian war games near Ukraine. Ben Wallace's trip comes a day after British Foreign Secretary Liz Truss held talks in Moscow, urging Russia to pull back over 100,000 troops amassed near Ukraine and warning that attacking its neighbor would “have massive consequences and carry severe costs.”
How to Make a Deal With Putin (Foreign Affairs) Only a comprehensive pact can avoid war.
Black Sea blockade: Ukraine accuses Russia of major maritime escalation (Atlantic Council) While the world watches Ukraine's land borders with Russia and Belarus for signs of Putin's threatened full-scale invasion, Moscow may be in the process of opening a maritime front with a Black Sea blockade.
Russian Black Sea Exercises Raise Specter of Naval Blockade (Foreign Policy) Blocking Ukraine’s ports for an extended period could “suffocate” the country’s economy, experts say.
Russian troops bolster deployments near Ukraine, new satellite images show (Military Times) Satellite images released Thursday show new military deployments in Crimea, Belarus, and western Russia near Ukraine.
Pictured: Russia and Belarus hold major war games in 'violent gesture' to Europe (The Telegraph) Some 30,000 Russian combat troops plus weapons and military equipment have been deployed for the 10-day war games
Russia-Ukraine explained: How big is the risk of invasion and what could happen next? (The Telegraph) Russian troops have massed by the tens of thousands on Ukraine border. So, why might Russia invade Ukraine and how did it reach this point?
Russia Crisis Military Assessment: What would a ground offensive against Ukraine look like? Watch the skies. (Atlantic Council) Our military experts analyze the greatest defense and security challenges facing the United States and its allies and partners.
Nine probable Russian routes into Ukraine in full-scale invasion, U.S. intel says (NBC News) The two most extensive invasion scenarios would involve a simultaneous attack from multiple sides, according to a U.S. military and intelligence assessment.
Russian Hybrid Threats Report: Belarus threatens to arm firefighters as military exercises kick off (Atlantic Council) The Council's Digital Forensic Research Lab tracks the latest Russian troop movements and Kremlin-pushed narratives around NATO, Germany, and more.
‘They Are No Longer Our Brothers’ (Foreign Policy) On the front lines of Ukraine’s frozen conflict, soldiers fight cold and boredom—but worry little about a Russian invasion.
Russian parliament may delay vote on recognizing eastern Ukraine (Reuters) Russia's lower house of parliament may seek guidance from the government on whether to call for the recognition of two breakaway Ukrainian regions as independent, its speaker said on Friday, implying that the step could be delayed.
EXPLAINER: Putin’s Ukraine strategy mixes threats, diplomacy (AP NEWS) With Russia carrying out a massive military buildup near Ukraine and the West roundly rejecting Moscow’s security demands, a window for diplomacy in the crisis appears to be closing. But even as Moscow continues to bolster its forces and holds sweeping war games, President Vladimir Putin is keeping the window open for more negotiations in a calculated game of brinkmanship intended to persuade Washington and its allies to accept Russia's demands.
The Putin Doctrine (Foreign Affairs) A move on Ukraine has always been part of the plan.
Soviet Reunion: Belarus, Ukraine and Vladimir Putin’s dreams of empire (Atlantic Council) Ukraine and Belarus are the first targets in Putin's quest to revive the old empire. While the world watches Russia's brinkmanship against Ukraine, Moscow is swiftly and quietly completing the takeover of Belarus.
How Russia has revived NATO (The Economist) Ukraine has forced America and its allies to bond. But the country’s future is still uncertain
Why NATO will endure well beyond today’s crises (Atlantic Council) Russian President Vladimir Putin, in his efforts to destroy the liberal international order, has shaken the foundations of NATO. But this is a time for reinvigoration.
Engagement Reframed #2: Seize the opportunity to rethink European security (Atlantic Council) What is the opportunity? The ongoing crisis over Ukraine poses an extraordinary challenge for US and NATO policymakers. In recent months, Russia has
Ukraine crisis: American B-52 'Stratofortress' bombers land in UK (The Telegraph) A UK defence source said that such deployments were not unusual but that the timing was striking
American military aircraft on the move in Europe amid ongoing Ukraine crisis (Stars and Stripes) The U.S. Air Force is sending eight F-15 Eagle fighter jets to Poland to bolster NATO defenses amid ongoing fears of a new Russian invasion of Ukraine.
Florida National Guard unit preps Ukraine’s ‘tough and skilled hombres’ for Russian attack (McClatchy) In far west Ukraine near the border with Poland, at an Allied training center, there is a watering hole known as the “Swamp” — a small piece of home for roughly 150 members of the Florida Army National Guard who are gearing the Ukrainian military to protect itself.
University Project Cataloged 1,100 Ransomware Attacks on Critical Infrastructure (SecurityWeek) The Temple University project that tracks ransomware attacks on critical infrastructure has documented more than 1,100 incidents to date.
Several Malware Families Using Pay-Per-Install Service to Expand Their Targets (The Hacker News) Malware families are making use of PrivateLoader's pay-per-install service in order to expand their victim list.
FritzFrog botnet returns to attack healthcare, education, government sectors (ZDNet) The botnet managed to strike at least 500 government and enterprise SSH servers in eight months.
FritzFrog botnet grows 10x, hits healthcare, edu, and govt systems (BleepingComputer) The FritzFrog botnet that's been active for more than two years has resurfaced with an alarming infection rate, growing ten times in just a month of hitting healthcare, education, and government systems with an exposed SSH server.
FritzFrog P2P Botnet Attacking Healthcare, Education and Government Sectors (The Hacker News) A new campaign by FritzFrog peer-to-peer Golang-based botnet attacking in the healthcare, education, and government sectors.
Former Employees Admit to Using Continued Account Access to Harm Previous Employers (Beyond Identity) An exploration into the relationship between former employees' continued digital access, the offboarding process, and company security.
Critical RCE Flaws in 'PHP Everywhere' Plugin Affect Thousands of WordPress Sites (The Hacker News) WordPress plugin PHP Everywhere contains several critical RCE vulnerabilities that affect more than 30,000 websites worldwide.
National Cybersecurity Alliance and PCI Security Standards Council Issue Joint Bulletin on Ransomware Attack (PCI Security Standards Council) Two Industry-Leading Organizations Join Forces to Highlight Ransomware Threat
The Threat of Ransomware Attacks (PCI Security Standards Council) How the spike in ransomware attacks presents an urgent threat to the business community. On the blog, we cover basic questions with Lisa Plaggemier, Executive Director National Cybersecurity Alliance and PCI SSC Executive Director, Lance Johnson about this growing challenge to businesses across the U.S. and how to better protect yourself from this dangerous threat.
Cyber-attack disrupts Slovenia's top TV station (The Record by Recorded Future) A cyber-attack has disrupted the operations of Pop TV, Slovenia's most popular TV channel, in an incident this week believed to be an extortion attempt.
Vodafone Portugal struggles to restore service following cyberattack (Ars Technica) Ambulance and emergency services are among those suffering from “deliberate” hack.
Spammers Play Cupid with Your Heart and Wallet on Valentine’s (Hot for Security) As Feb. 14 draws near, scammers are out in full force, love-bombing millions of inboxes with bogus Valentine’s Day ads, promotions and online dating requests.
Pembroke Pines still restoring access to some computer systems after cyber-attack (WPLG) The city of Pembroke Pines sent out an update Wednesday on a cyber-attack investigation.
CISA Adds 15 Known Exploited Vulnerabilities to Catalog (CISA) CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.
Siemens SIMATIC Industrial Products (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siemens SIMATIC Industrial Products Vulnerabilities: Operation on a Resource after Expiration or Release, Missing Release of Memory after Effective Lifetime 2.
Siemens SIMATIC WinCC and PCS (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC and PCS Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Externally-Accessible File or Directory 2.
Siemens Simcenter Femap (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write, Access of Resource Using Incompatible Type, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer Overflow 2.
SINEMA Remote Connect Server (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use a specially crafted link to steal login credentials.
SICAM TOOLBOX II (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM TOOLBOX II Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access through an exploitable access control.
Siemens Spectrum Power 4 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Spectrum Power 4 Vulnerability: Cross-site scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the confidentiality and integrity of the affected product.
Siemens Solid Edge, JT2Go, and Teamcenter Visualization (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Read 2.
Siemens COMOS Web (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: COMOS Vulnerabilities: Basic XSS, Relative Path Traversal, SQL Injection, Cross-site Request Forgery 2.
Siemens Healthineers syngo fastView (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Healthineers, a subsidiary of Siemens Equipment: syngo fastView
Siemens SIMATIC WinCC (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC Vulnerabilities: Path Traversal, Insertion of Sensitive Information into Log File 2.
Siemens LOGO! CMR and SIMATIC RTU 3000 (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: LOGO! CMR, SIMATIC RTU 3000 Vulnerability: Use of Insufficiently Random Values 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-257-13 Siemens LOGO! CMR and SIMATIC RTU 3000 that was published September 14, 2021, on the ICS webpage on
Siemens Industrial Products Intel CPUs (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC, SINUMERIK Vulnerabilities: Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-222-05 Siemens Industrial Products Intel CPU that was published August 10, 2021, to the ICS webpage on
Siemens TCP/IP Stack Vulnerabilities–AMNESIA:33 in SENTRON PAC / 3VA Devices (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC3220, SENTRON PAC4200 Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2.
Siemens SCALANCE & SIMATIC (Update F) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE, SIMATIC Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-105-07 Siemens SCALANCE & SIMATIC (Update E) that was published September 14, 2021, to the ICS webpage on 
Siemens Industrial Products SNMP (Update E) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Various SCALANCE, SIMATIC, SIPLUS products Vulnerabilities: Data Processing Errors, NULL Pointer Dereference 2.
Siemens SCALANCE X Switches (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Missing Authentication for Critical Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-014-03 Siemens SCALANCE X Switches that was published January 14, 2020, to the ICS webpage on
Siemens SCALANCE X Switches (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Insufficient Resource Pool 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-225-03 Siemens SCALANCE X Switches (Update C) that was published September 14, 2021, to the ICS webpage on
Siemens PROFINET DCP (Update V) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP) Vulnerabilities: Uncontrolled Resource Consumption 2.
Identity is the New Battleground (Cyber SIgnals) Identity is the new battleground, but most are unprotected against attacks
It Started With a Click… Huge Rise in Romance Scams for Second Year Running (Tessian) Scammers target those looking for love with a range of scams and tricks to extract money. Here's how to stay protected when looking for that special someone
ZeroFox Releases 2022 Forecast Report Anticipating Increases in Ransomware, Third-Party Compromises and Malware-as-a-Service (ZeroFox) Press Release February 10, 2022 ZeroFox Releases 2022 Forecast Report Anticipating Increases in Ransomware, Third-Party Compromises and Malware-as-a-Service | ZeroFox
New API Research Shows 62% Growth in ATOs Targeting Login APIs (Cequence) APIs are the Developer Tool of Choice and #1 Target for Malicious Use Today, everything is an app. A Tesla isn’t really a car – it’s a four-wheeled app. Every one of the 142B+ device app downloads including your money management or a favorite shopping or fitness app are all built on application programming interfaces […]
APIs: Developer Tool of Choice. #1 Target for Malicious Use (Cequence) Today, software is eating the world and APIs ARE TAKING THE BIGGEST BYTE. Modern cars, every mobile app we use, our favorite shopping site, and our nance management all rely on APIs to deliver an engaging user experience. For these same reasons, threat attackers love APIs. So much so that Gartner predicts that by 2022, API attacks will become the most-frequent attack vector, causing data breaches for enterprise web applications.
10 Cyber Attacks in 2021 Cost $600M With 40,000 Businesses Put at Risk (Insurance Journal) In just 10 cyber incidents last year, over $600 million in cash was stolen or taken as ransom, tens of millions of citizen records stolen, 40,000
2021 Fraud Report (Money) As a result of the pandemic, we’ve seen an evolution in fraud attacks over the past two years, as criminals explore new and sophisticated ways to target potential victims. Our personal finance experts have dug into the latest police figures to reveal the full impact of fraud and cybercrime in 2021.
Cybersecurity in a Changed World: 2022 Cybersecurity and the Rising Role of MSPs (Digital Defense) The harsh realities of 2020 and 2021 have forced businesses across sectors to accept vast amounts of change in a short amount of time. Face-to-face operations are no longer the norm and technology-driven strategies are essential for survival.
Anexinet and Veristor Merge to Create One of the Largest Full-Service Technology Solution Providers (Veristor) Merger Doubles the Companies’ Geographic Reach, Customer Base, and Solution Delivery Teams PHILADELPHIA and ATLANTA – February 10, 2022 – Anexinet Corporation, a Mill Point Capital LLC portfolio company, and Veristor Systems Inc. announced today that they are merging. The unified company will offer full-lifecycle expertise across the complete technology landscape and deliver the superior technical
Titaniam Secures $6 Million in Seed Funding as Customer Demand Soars (PR Newswire) Titaniam, Inc., a data protection and privacy company, today announced that it has closed a $6 million seed funding round led by Refinery…
API protection platform Salt Security raises $140M (VentureBeat) Salt Security, an API vulnerability and protection platform, has raised $140 million in a series D round of funding.
Salt Security Joins Growing Herd Of Cyber-Corns (Crunchbase News) API security company Salt Security on Thursday announced a $140 million Series D round led by Alphabet’s CapitalG, earning the company a $1.4 billion valuation and minting it as cybersecurity’s latest unicorn.
Allure Security raises $6.8 million seed round in fight against digital fraud (Channel Life) Allure Security has raised a $6.8 million seed round as the company progresses in a $76 billion battle against digital fraud.
Microsoft considers deal for cybersecurity heavy hitter Mandiant (Seattle Times) Microsoft is in talks to acquire cybersecurity research and incident response company Mandiant, according to people familiar with the discussions, a deal that would bolster efforts to protect customers from hacks and breaches.
Darktrace signs million-dollar deal with leading global electronics corporation (Cambridge Network) Darktrace, a global leader in cyber security AI, announces that a multinational electronics corporation has signed a million-dollar deal with Darktrace to ensure its business is protected from sophisticated and fast-moving cyber-attacks.
Cyberstarts Hits 300% Yearly Returns for Backers Such as Sequoia (Bloomberg) Israeli VC bet on early-stage cyber security startups. Cyberstarts’s returns come amid investment surge for VCs.
Satori Sweeps the Prestigious Cybersecurity Excellence Awards, Winning in Four Categories (GlobeNewswire News Room) DataSecOps platform recognized as best product in data governance, data security, identity and access management, and secure access categories…
Google awarded $8.7 million to security researchers in 2021 (The Record by Recorded Future) In the yearly review of its vulnerability rewards program (VRP), Google said on Thursday that it awarded more than $8.7 million to security researchers in the form of bug bounties for thousands of vulnerabilities reported in Google products.
Largest ever intake and a new cyber programme for Thales in the UK shows its commitment to apprenticeships (FE News) Largest ever intake and a new cyber programme for Thales in the UK shows its commitment to apprenticeships
LogRhythm Partners with Pareto to Support Greater Cybersecurity Insight and Expertise in the UK (LogRhythm) LogRhythm has partnered with the world’s largest assessment, placement and training provider, Pareto…
5 ways to attract top cybersecurity talent in a tight labor market (TechCrunch) At a time when ransomware attacks, data breaches and supply chain intrusions are skyrocketing amid a labor shortage, what is a company supposed to do?
DEF CON bans social engineering expert Chris Hadnagy (SearchSecurity) DEF CON announced Thursday that Chris Hadnagy of the Social Engineering Village had been banned for reports of unspecified misconduct at the conference.
Cape Privacy Hires Alan Wong as Head of Finance and Operations (GlobeNewswire News Room) Industry Veteran Will Be a Critical Driver Toward Profitability as Company Grows…
Former NSW Premier Gladys Berejiklian joins Optus (CRN Australia) Will become head of enterprise, business and institutional.
Deep Instinct Welcomes Two New Cybersecurity Experts to Executive Leadership Team (Yahoo) Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today announced the addition of two recognized security experts to its executive leadership team. Yariv Fishman joins as Vice President of Product, and Ofir Arkin joins as Vice President of Research & Development (R&D) to help the company further develop its technology roadmap for 2022 and beyond.
SparkCognition Names Lord Browne of Madingley Chairman of Board of Directors (PR Newswire) SparkCognition, a global leader in artificial intelligence (AI) software solutions for business, is pleased to announce, as part of its growth…
BigID Announces New Board Member Alongside Recent Strategic Technology Investments from Splunk, ServiceNow, and HPE (PR Newswire) BigID, the leading data intelligence platform that enables organizations to know their enterprise data and take action for privacy, security,…
KnowBe4 Promotes Dan Duckworth to VP of Global Diversity & Engagement (WFMZ) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it has promoted Dan Duckworth to
Relativity's Security Sandbox podcast joins the CyberWire Network. (The CyberWire) The CyberWire announced today that global legal and compliance technology company, Relativity, will kick off its second season of its popular new podcast, Security Sandbox, by joining the rapidly growing CyberWire Podcast Network.
Certero Achieves Oracle Fusion Middleware Verification (Certero) Certero, an innovator in unified IT Hardware, Software, SaaS and Cloud Asset Management solutions and member of Oracle Partner Network (OPN), today announced that they have been verified as a third-party tool vendor for Oracle Fusion Middleware.
Dynatrace launches DevSecOps partner integrations for context-aware adaptive automation (Dynatrace news) Dynatrace has launched its DevSecOps Automation Partner Program, enabling alliance and solution partners to extend the DevSecOps capabilities
Dynatrace Application Security detects and blocks attacks automatically in real-time (Dynatrace news) Dynatrace has enhanced its Application Security Module to provide real-time, automatic attack detection and blocking.
IBM upgrades FlashSystem to tackle ransomware (SearchStorage) Combining its FlashSystem and Cyber Vault storage products, IBM debuted an offering that focuses on ransomware recovery.
Traceable AI Offers Free Solution To Stop Log4j Attacks (PR Newswire) Traceable AI, leader in API security, today announced that its free API security solution, released in August 2021, can be used to find and…
Orca Security Provides Industry’s Most Comprehensive Agentless Cloud Security Platform with Expanded CIEM Capabilities and Multi-Cloud Security Score (Business Wire) Orca Security, the cloud security innovation leader, today announced new product capabilities that further simplify cloud security and compliance oper
Tigera Tightens Container Security, Goes Beyond Detecting Threats with Industry’s Most Comprehensive Active Cloud-Native Application Security with Zero Trust (Tigera) Harnessing machine learning, Calico Cloud detects known and unknown threats, reduces attack surface, and actively mitigates risks in cloud-native applications
SentinelOne Announces Zscaler Integration, Simplifying XDR and Zero Trust Adoption (SentinelOne) Strategic alliance enables joint customers to benefit from market leading Mandiant Advantage and Singularity XDR
ElcomSoft Brings Repeatable, Forensically Sound checkm8 Extraction to iPhone 8, iPhone X and Apple Watch Series 3 (PR Newswire) ElcomSoft Co. Ltd. rolls out an update to iOS Forensic Toolkit for Mac, the company's mobile forensic tool for extracting data from a range of…
Cellebrite kit can't unlock iPhones – but the company can, at $4k each (9to5Mac) 9to5Mac has learned that the Cellebrite kit sold to customers can't unlock iPhones – but the company can and will if customers send …
The CISO’s Playbook: Stay Ahead of Friday Breach Effects (SecurityScorecard) While ransomware attacks spike on holidays and weekends, the most common day to discover a breach is Friday. This phenomenon poses challenges for every organization, its workforce, partners, customers, and society in general
The 2022 State of Password Security Federal Government Edition PUBLIC (BitWarden) The State of Password Security A report and assessment of security advice from U.S. Federal Agencies SUMMARY PRESENTATION
Moxa MXview Network Management System Vulnerabilities Patched (Claroty) Claroty Team82 discloses five Moxa MXview network management system vulnerabilities that have been patched by Moxa.
#BeCyberSmart: Tips to protect your heart and wallet (Newsroom | TikTok) We're always enamored with the creativity of our global community, and TikTok is buzzing with feelings this Valentine's Day. With over 640 billio
Why the C-suite should focus on understanding cybersecurity and investing appropriately (Help Net Security) persistently low IT/C-suite engagement may imperil investments and expose organizations to increased cyber risk.
How to have a smooth digital breakup (Avast) No one ever wants to plan for a breakup — but let’s be real: Breakups happen. And these days, as we spend so much time online, an IRL breakup needs to be accompanied by a digital breakup. 
US Army improving how it tests its tactical network (C4ISRNet) The Army conducted a technical test of the next iteration of its tactical network, applying lessons from the first go around.
Orbital Insight Wins Department of Defense Contract to Develop Technology to Identify Intentional GNSS Disruptions (PR Newswire) Orbital Insight, the leader in geospatial intelligence, today announced that it has been awarded a contract from the U.S. Department of Defense…
Nakasone emphasizes growing partnerships between CYBERCOM and academia (U.S. Cyber Command) On February 10, 2022, U.S. Army Gen. Paul M. Nakasone, commander of U.S. Cyber Command, director of the National Security Agency, and chief of the Central Security Service hosted a virtual welcome
UCSC selected to join US CYBERCOM Academic Engagement Network (UC Santa Cruz News) UCSC will join the inaugural class of the U.S. Cyber Command’s (CYBERCOM) Academic Engagement Network (AEN), a group of 84 colleges and universities selected to help strengthen the country’s cybersecurity operations.
SANS Institute Launches First-Ever Nationwide Cybersecurity Education Scholarship for HBCU Students and Alumni (PR Newswire) SANS Institute (SANS), the global leader in cyber security training and certifications, announced that applications are now open for the SANS +…
What is social engineering? This prof is training the new workforce in cybersecurity's nontechnical side – ( Why this liberal arts professor hosts competition events for students of all majors: "Cybersecurity is for everyone, and we all have to do our part to develop holistic and effective solutions that cater to an ever-changing threat landscape."
North Korea Knows How Important Its Cyberattacks Are (Foreign Policy) Pyongyang’s tradition of guerrilla warfare keeps its “all-purpose sword” sharp.
Head spy flags more ‘proactive approach’ to cyber threats against companies (CRN Australia) Thousands of aussies targeted by spies, including on Tinder and Hinge.
White House 100-Day Cybersecurity Plan for Water Utilities Calls for New Monitoring Tech and Reporting Requirements (CPO Magazine) Following earlier executive orders aimed at shoring up other aspects of critical infrastructure, the White House has issued a 100-day cybersecurity plan for United States water utilities.
US Federal Cyber Plan Could Help Mitigate Water Utility Cyber Risk (Fitch Ratings) Fitch Ratings-Austin/New York-10 February 2022: Recent steps taken by the US federal government to bolster cyber resiliency across the water sector are an important start in mitigating rising cyber risks for publicly-owned utility systems, Fitch Ratings says.
DHS Cybersecurity Review Board: First Priorities Surface (MSSP Alert) Department of Homeland Security (DHS) Cyber Safety Review Board (CSRB): Who's included and what's the mission? Initial answers surface.
New Bill Would Force Critical Infrastructure Operators to Report Cyberattacks Within 72 Hours (Top Class Actions) Legislation that would require operators of critical infrastructure to report cybersecurity episodes within 72 hours has been reintroduced in the senate.
Massachusetts Legislature Advances Data-Privacy Bill (Wall Street Journal) New rules would require data brokers to register and allow individuals to sue for data breaches.
Former NYC cyber chief Geoff Brown looks back at time with city (StateScoop) Geoff Brown, who served as the city's CISO from 2016 through 2021, is now a vice president at cybersecurity firm Recorded Future.
Russia Cracks Down on 4 Dark Web Marketplaces for Stolen Credit Cards (The Hacker News) Russia cracks down on 4 dark web marketplaces ⁠— Ferum Shop, Sky-Fraud, Trump's Dumps, and UAS ⁠— specialized in the sale of stolen credit cards.
Emily O’Reilly opens inquiry into European Commission policing of GDPR in Ireland (The Irish Times) EU ombudsman acts after complaint from the Irish Council for Civil Liberties
Google Analytics Risks French Ban Over U.S. Data Spy Fears (Bloomberg) CNIL rules Google Analytics EU-U.S. data transfers unsafe. Decision follows landmark 2020 EU court ruling on data flows.
Meta and Chime sue Nigerians behind Facebook, Instagram phishing (BleepingComputer) Meta (formerly known as Facebook) has filed a joint lawsuit with Chime, a financial technology and digital banking company, against two Nigerian individuals who allegedly used Instagram and Facebook accounts to impersonate Chime and target its users in phishing attacks.
Texas Woman Charged with Operating Warranty Fraud Scheme Targeting Cisco Systems (US Attorney for the Eastern District of Pennsylvania) The Defendant Also Allegedly Engaged in PPP Fraud Worth Over $100,000
For a complete running list of events, please visit the Event Tracker.
U.S. Cyber Command Legal Conference (Virtual, Mar 10, 2022) This event is unclassified and open to academics, students, attorneys, paralegals, operators, and anyone else interested in military cyberspace operations. The program is planned to include opening remarks from the USCYBERCOM Commander, General Paul Nakasone (US Army), keynote remarks by Professor Lucas Kello (Oxford University), a fireside chat with Dr. Michael Sulmeyer (DOD) and Dr. Adam Segal (Columbia University), Meet the Cyber Press with moderator Mari Dugas (USCYBERCOM Staff Judge Advocate Office) and panelists Ellen Nakashima (Washington Post), Kim Zetter (author of Zero Day) and Dustin Volz (Wall Street Journal), information warfare perspectives on the US, China and Russia with moderator Captain Maggie Smith (Army Cyber Institute) and panelists Dr. Stephen Cambone (Texas A&M University), Lieutenant General Robert Schmidle (US Marine Corps, Ret.), and Dr. Jacquelyn Schneider (Stanford University), a fireside chat with USCYBERCOM Deputy Commander Lieutenant General Charles Moore (US Air Force) and Commander Peter Pascucci (US Navy), and closing remarks by USCYBERCOM Staff Judge Advocate Colonel Peter Hayden (US Army).
De-Risking, Scaling & Mobilizing Your Enterprise & Customers — Safely (Virtual, Mar 15, 2022) The fastest-growing companies in the world leverage the power of mobile applications (apps) to advance revenue growth, enhance customer engagement and increase employee productivity. What share of your business transactions run through mobile apps? With over 70% of digital time spent in mobile apps, how confident are security teams that they are being protected? In this session, industry leaders will share their perspectives and lessons learned on: how security teams can be viewed as enablers to the business objectives as opposed to the proverbial roadblock to the mobile innovation process that harms enterprise productivity; viable models that help mitigate risk when developers race ahead and release insecure mobile apps which have the potential to produce unpredictable reputational and financial risk to the company brand; helping risk executives better understand their mobile risk profile and collaboration models that enhance partnerships with the business lines to successfully mobilize their enterprise and customer base; and best practices on how risk executives can partner with their business innovators to efficiently build security into their mobile processes at the speed and scale demanded by the business lines.
Building the NIST AI Risk Management Framework: Workshop #2 (Virtual, Mar 29 – 31, 2022) Roll up your sleeves and help NIST to develop the Artificial Intelligence (AI) Risk Management Framework (RMF) by taking part in a workshop March 29-31, 2022. The second in a series, this workshop is part of NIST’s efforts to foster an open, transparent, and collaborative process as it creates a Framework to manage risks to individuals, organizations, and society associated with AI. Building on community input to date, NIST will release a first draft of the Framework in advance of the event where AI experts and stakeholders across sectors will further advance the guidance document. The first two days will address all aspects of the AI RMF; day 3 will allow a deeper dive of issues related to mitigating harmful bias in AI.
Certified CMMC Professional (CCP) Exam Prep (Virtual, Feb 14 – 18, 2022) Edwards CMMC-AB approved CCP courses make you a valuable resource to a consultancy providing CMMC preparation/assessments or organization interested in having in-house CMMC trained resources. The release of CMMC 2.0 hasn’t changed what Edwards has to offer our CCP Exam Prep Course participants. The CMMC-AB has directed all LTPs to deliver CCP courses without modification, and will provide a free CMMC 2.0 “delta training” for all students before the exam becomes publicly available. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC Industry’s most respected consultants (Jacob Horne, Amira Armond, Chris Silvers, Sara Deaton, and Tony Buenger) along with Edwards’ internal SMEs (Joy Beland and Brian Hubbard) to deliver their action packed boot camps. Learn more and register now!
Acronis #CyberFit Summit World Tour 2021: Singapore (Singapore (and virtual), Feb 17 – 18, 2022) Discover how to maximize your potential by leaning into cyber protection opportunities. As the premier event series dedicated to enhancing your cyber protection business, we attract the top channel, cybersecurity, and industry experts from across the globe.
Ontic Summit 2022 – A Protective Intelligence Event (Austin, Texas, USA, Feb 22 – 23, 2022) Join us for three days in Austin to explore the latest strategies and technologies propelling protective intelligence forward. Learn from renowned speakers, industry leaders, and practitioners on the future of security, and network with your peers. Hear keynote sessions designed to bring a macro view on global security trends as well as breakout sessions featuring security leaders and practitioners sharing best practices and case studies. Discover new technology innovation in Ontic’s product showcase, and walk away with fresh perspectives and actionable insights to elevate your protective intelligence program.
Emerging Technologies, Existing Policies and Architectures (Columbia (or Virtual), Maryland, USA, Feb 23, 2022) This presentation will discuss current architectures and policies and how it's hard to match the speed of change. That the coalition of the willing can create change through sharing and leveraging the grassroots of organizations and drive-up consistencies in leveraging what you have to meet new constructs and open a discussion on what policies are required.
Insider Threat Program Development – Management Live Web Based Training Course / Certificate (Virtual, Mar 1 – 3, 2022) This affordable, comprehensive and extremely resourceful 1 day training course will ensure the Insider Threat Program (ITP) Manager, Facilities Security Officer, Insider Threat Analyst, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing or enhancing an ITP / Working Group. Our student satisfaction levels are in the exceptional range. Over 875+ individuals have attended this training course and received ITP Manager Certificates.


Leave a Reply

Your email address will not be published. Required fields are marked *