Let’s travel together.

Renewed Russian cyber reconnaissance, ransomware, and DDoS in the hybrid war. Fars reports cyberattack. Too common passwords.

Dateline Moscow and Kyiv: cyber operations in a winter war.

Ukraine at D+277: An artillery war, like the winter of 1917-1918. (CyberWire) Russia’s war against Ukraine settles into a phase of trenches and artillery, but Moscow continues to explore intimidation of civilians and disruption of energy supplies globally (and especially in Europe).

Russia-Ukraine war: List of key events, day 278 (Al Jazeera) As the Russia-Ukraine war enters its 278th day, we take a look at the main developments.

Russia-Ukraine war live: Ukraine says 329 children are missing since start of invasion while 12,034 have been deported to Russia (the Guardian) Unverified figures from Ukraine prosecutor general also says 440 children have been killed as a result of Russia’s invasion

Filthy troops fight in freezing mud – the WWI-like horror of Bakhmut’s trenches (The Telegraph) Photos shared by Ukrainian forces resemble the horrors of Passchendaele or other First World War battles from more than a century ago

Russia sends elite paratroopers to front line amid heavy losses (The Telegraph) Kremlin’s VDV forces are being redeployed to the Donbas after Russian troops withdrew from Kherson this month

Hardship and hope: Winter, missile storms show Kyiv’s mettle (AP NEWS) The play finishes. The actors take their bows. Then they let loose with wartime patriotic zeal. “Glory to Ukraine!” they shout. “Glory to the heroes!” the audience yells back, leaping to its feet.

Surgeons work by flashlight as Ukraine power grid battered (AP NEWS) Dr. Oleh Duda, a cancer surgeon at a hospital in Lviv, Ukraine, was in the middle of a complicated, dangerous surgery when he heard explosions nearby. Moments later, the lights went out.

Civilians escape Kherson after Russian strikes on freed city (AP NEWS) Fleeing shelling, hundreds of civilians on Saturday streamed out of the southern Ukrainian city whose recapture they had celebrated just weeks earlier. The escape of hundreds from Kherson came as the country paid homage to the millions of Ukrainians who died in a Stalin-era famine — and sought to ensure that Russia’s war in Ukraine doesn’t deprive others worldwide of its vital food exports.

‘Soldiers without the uniforms’: Kherson couple recall anti-Russia resistance (the Guardian) A young couple who helped citizens and Kyiv’s army tell of torture and endurance during the Russian onslaught

Ukraine-Russia war latest: Warship carrying Kalibr missiles deployed to Black Sea as Russia ‘prepares fresh attacks’
(The Telegraph) A Russian warship capable of firing cruise missiles had recently deployed to the Black Sea with Kalibr-type missiles on board, according to the Ukrainian army.

Russia-Ukraine war live: ‘massive’ blackout reported in Moldova and Kyiv’s critical infrastructure hit after new Russian strikes (the Guardian) Moldova’s deputy PM says hit to Ukraine’s energy infrastructure has caused power outages; at least one dead in Kyiv after Russian rocket strikes

Russia-Ukraine war: shelling forces Kherson hospitals to evacuate as UN warns millions plunged into hardship – as it happened (the Guardian) Governor of Kherson says attacks on hospitals means patients evacuated for their own safety

Bombed, not beaten: Ukraine’s capital flips to survival mode (AP NEWS) Residents of Ukraine’s bombed capital clutched empty bottles in search of water and crowded into cafés for power and warmth Thursday, switching defiantly into survival mode after new Russian missile strikes a day earlier plunged the city and much of the country into the dark.

Nobel Peace Laureate Calls For Weapons To Free Ukraine (AFP via Barron’s) In an unusual move for a Nobel Peace laureate, the head of one of this year’s prizewinning organisations on Monday called for weapons to help Ukraine defend itself and stop the atrocities.

How Ukraine’s drone navy is outsmarting Russia’s superior Black Sea forces (The Telegraph) New technologies are changing the balance of power and penetrating what should have been impregnable counter measures

Russian strikes risked ‘nuclear catastrophe’, says Ukraine energy chief; Moscow says 50 PoWs freed – as it happened (the Guardian) Head of Ukrainian nuclear power company says Zaporizhzhia nuclear power station on diesel generators on Wednesday; Kyiv releases Russian PoWs

New wave of deadly Russian air strikes leaves entire Kyiv region without power (The Telegraph) Fatal air strikes in Kyiv have left the entire region without power and cut the capital’s water supply, city officials said.

‘Catastophic’ winter in store for Ukraine, warns UN peacebuilding chief, following Russian strikes on critical infrastructure (UN News) Addressing the Security Council on Wednesday, Rosemary DiCarlo, the UN Under-Secretary-General for Political and Peacebuilding Affairs, warned of the devastation caused by Russia’s “relentless attacks” against civilians and critical infrastructure across Ukraine.

Putin’s ‘energy weapon’ will kill more in Europe this winter than have died in Ukraine war (The Telegraph) New analysis concludes current cost of energy will likely lead to an extra 147,000 deaths if there is a typical winter

After Russian retreat, Ukrainian military plans next move (AP NEWS) KHERSON, Ukraine (AP) — The Ukrainian sniper adjusted his scope and fired a.50-caliber bullet at a Russian soldier across the Dnieper River. Earlier, another Ukrainian used a drone to scan for Russian troops.

Russia firing ageing cruise missiles because stocks are depleted, MoD suggests (the Guardian) Intelligence update said missiles from 1980s stripped of nuclear warheads ‘unlikely to achieve reliable effects’

Russia firing empty nuclear shells at Ukraine (The Telegraph) Britain’s military intelligence says Moscow is likely using the ancient weapons in the hope of diverting Ukrainian air defences

Russia Is Running Low on Ammo (Foreign Policy) The United States is wondering if Russia has enough artillery to keep up its war in Ukraine.

Vladimir Putin’s plot to freeze Ukraine into submission looks destined to fail (The Telegraph) It may well spark another exodus of refugees, but the West has shown an amazing capacity to absorb them

Russian generals ‘systematically planned and ordered sexual violence’, says war crimes investigator (The Telegraph) Wayne Jordash, an international criminal lawyer, said sexual violence ‘maybe even more frequent’ in territories occupied for longer periods

Belarusian Foreign Minister Vladimir Makei dies ‘suddenly,’ state says (Washington Post) Belarusian Foreign Minister Vladimir Makei has died, the Foreign Ministry said Saturday, providing scant detail.

Russians fleeing Vladimir Putin say they are not welcome in Latvia (The Telegraph) At the start of the invasion of Ukraine thousands of Russians left their home country and crossed into the former Soviet Baltic states

Russians Fleeing Putin Prepare For Life In Serbian Exile (AFP via Barron’s) A group of Russian children clamour cheerfully in a Belgrade apartment, proudly shouting out the new Serbian words they’ve just learned to their teacher.

Czech army leader calls for ‘biggest rearmament of the army in the country’s history’ (Breaking Defense) Major General Karel Řehka, Chief of the General Staff of the Czech Republic Army, said Russia’s invasion of Ukraine has showed the criticality of urgent modernization, starting with five key priorities.

U.S. and NATO Scramble to Arm Ukraine and Refill Their Own Arsenals (New York Times) The West thought an artillery and tank war in Europe would never happen again and shrank weapons stockpiles. It was wrong.

Exclusive: U.S. weighs sending 100-mile strike weapon to Ukraine (Reuters) The Pentagon is considering a Boeing proposal to supply Ukraine with cheap, small precision bombs fitted onto abundantly available rockets, allowing Kyiv to strike far behind Russian lines as the West struggles to meet demand for more arms.

US to send anti-drone machine guns, air defense ammunition to Ukraine (Military Times) The Pentagon is seeking to give Ukraine what it needs to defend against Russian drones targeting the embattled country’s energy infrastructure.

Biden’s Price of Peace (Puck) Strategic differences between the Pentagon and the White House over the war in Ukraine illuminate the paradox of its endgame: How do you negotiate a peace that neither side can afford to win?

Pressure builds to step up weapons tracking in Ukraine (Washington Post) Legislation would require greater scrutiny of the $20 billion in military aid President Biden has sent Ukraine, and it has bipartisan support

Work together to fight Russian aggression, Estonian President Alar Karis tells students during U of T visit (University of Toronto News) Estonian President Alar Karis warned against Russian aggression and called on the world to mobilize in support of Ukraine at a sold-out event at the University of Toronto’s Munk School of Global

Ukraine-Russia war: Angela Merkel ‘didn’t have the political strength’ for pre-invasion talks with Putin (The Telegraph) Former German Chancellor Angela Merkel said she had aimed to convene European talks with Vladimir Putin the year before his invasion of Ukraine but in the end did not see any possibility of influencing the Russian president at the end of her term.

UK increases Ukrainian military support, delivers first helicopter (Breaking Defense) The latest equipment approval arrives after UK Prime Minister Rishi Sunak announced a £50 million ($60 million) support package to Ukraine during a recent visit to Kyiv.

Putin Tells Russian Mothers He Shares ‘Pain’ Of Soldier Deaths (Barron’s) Russian President Vladimir Putin on Friday told a group of mothers whose sons are fighting in Ukraine that he shares the pain of those who have lost loved ones in the conflict.

Putin “shares pain” of Russian soldiers’ mothers (Reuters Video) Sitting with the group of mothers around a table with tea, cakes and bowls of fresh berries, President Putin said Moscow shared the pain of those who had lost their sons. The mothers listened to Putin’s remarks, but their own comments to the president were not immediately shown in the recorded television clip.

Top Polish general: No need for Ukrainian forces to change tactics near border (Breaking Defense) “I do not expect any change in Ukrainian performance because they are fighting for their country,” said Gen. Rajmund Andrzejczak, chief of staff of the Polish armed forces. “I cannot imagine myself telling Ukrainians, ‘Change your position because it’s not sufficient for me.'”

Ukraine and Moldova suffer internet disruptions after Russian missile strikes (The Record by Recorded Future) Internet connectivity was disrupted in Ukraine and neighboring Moldova after dozens of Russian missiles hit Ukrainian cities on Wednesday, causing massive power outages across the country.

Russia labelled state sponsor of terrorism as missile strikes leave Ukraine without power (The Telegraph) Vladimir Putin accused of war crimes for trying to destroy energy infrastructure as winter looms

Russia’s Wagner Group sends bloodied sledgehammer to EU (The Telegraph) Video posted to Telegram shows suited lawyer carrying a violin case into a bare room and placing it on a table

Putin’s Chef Sends ‘Bloody’ Sledgehammer to EU Parliament (OCCRP) A sledgehammer smeared with fake blood, packed in a violin case – that was Russian tycoon Yevgeny Prigozhin’s macabre message to the European Parliament after EU legislators demanded that his notorious mercenary group be placed on the EU’s terrorist list.

Killnet Group Claims Responsibility for European Parliament Cyber Attack (Digit) The European Parliament was struck by a cyber-attack on Wednesday, with the Russian-backed Killnet Group claiming responsibility.

European Parliament hit by ‘sophisticated’ cyberattack (Deutsche Welle) European Parliament President Roberta Metsola said the attack was claimed by a pro-Kremlin group. It came after lawmakers voted to name Russia a “state sponsor” of terror.

European Parliament website suffers ‘sophisticated’ cyber attack after Russia terrorism vote (Computing) ‘Pro-Russia’ hackers claimed responsibility for the attack, according to officials

Hackers Temporarily Take Down European Parliament Website (Wall Street Journal) Attack came hours after EU lawmakers passed a resolution calling Russia a state sponsor of terrorism.

European Parliament website hit by cyberattack after Russian terrorism vote (POLITICO) One official blamed pro-Russian hacking group Killnet for the DDoS attack.

Russian hackers targeting Dutch gas terminal: report (NL Times) Hackers are doing “exploratory research” into the systems of the Dutch LNG terminals, trying to find ways into the systems, cyber security company Dragos told RTL Z. According to the FBI and other investigators, the hacker groups are affiliated with Russia.

Russian Hackers Target Dutch LNG Terminal (Yahoo Finance) Russian hackers appear to be targeting the digital systems of an LNG terminal in Rotterdam, the latest in a string of threats from Russia to Europe’s energy industry

New ransomware attacks in Ukraine linked to Russian Sandworm hackers (BleepingComputer) New ransomware attacks targeting organizations in Ukraine first detected this Monday have been linked to the notorious Russian military threat group known as Sandworm.

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations (The Hacker News) Researchers warn of new “RansomBoggs” ransomware attacks targeting organizations in Ukraine and linked to the Russia-based Sandworm hacking group.

‘They grab their lunches and sit alone’: Russians shunned at global cyber confabs (POLITICO) The frosty situation gives the world even less visibility into Russian cyber operations at a time when it is launching repeated digital strikes in Ukraine.

EU To Seek Means To Punish Russia Sanctions Busters (AFP via Barron’s) The European Union on Monday gave itself legal authority to take action against anyone who helps Russia avoid its sanctions, the EU presidency said Monday.

How Greek Companies and Ghost Ships Are Helping Russia (Foreign Policy) Vessels from Greece and phantom fleets of unregistered ships have allowed Moscow to evade sanctions and export its oil—but it’s about to get more difficult.

Western sanctions catch up with Russia’s wartime economy (Washington Post) When Russian President Vladimir Putin launched last month a new council for coordinating supplies for the Russian army, he seemed to recognize the scale of the economic problems facing the country, and his sense of urgency was palpable.

Russian shipyard and Defence Ministry tangle over ship price in court (Defense News) A Russian shipyard producing Karakurt-class ships for the country’s Navy is facing the prospect of bankruptcy due to litigation.

Snake Island defenders freed in prisoner swap with Russia
(The Telegraph) Some of the Snake Island soldiers who famously stared down death by telling a Russian warship to "go f— Yourself’ have been freed in a prisoner swap.

Attacks, Threats, and Vulnerabilities

Cyberattack Hits Iran’s Fars News Agency (RadioFreeEurope/RadioLiberty) Hackers have disrupted the work of Iran’s Fars news agency, one of the main sources of news disseminated by the state during protests over the death of a young woman in police custody in September.

Iran’s Fars news agency is hit by cyberattacks, blames Israel (Times of Israel) Fars says its website disrupted by a ‘complex hacking and cyberattack operation,’ claims it is regularly targeted by hackers, including from Israel

Sec firm MDSec slams Proofpoint for post on pen-testing framework (iTWire) European security firm MDSec has taken exception to the release of a blog post by another security outfit, Proofpoint, about its penetration testing framework Nighthawk, accusing the latter of making "unsubstantiated and speculative projections" about the framework. Nighthawk is an advanced…

Nighthawk: With Great Power Comes Great Responsibility – MDSec (MDSec) Recently, Proofpoint released a blog post entitled “Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice”. In this post, Proofpoint outlined a campaign used by a legitimate red…

All You Need to Know About Emotet in 2022 (The Hacker News) For 6 months, the infamous Emotet botnet has shown almost no activity, and now it’s distributing malicious spam.

Scammers, bots dominate threat landscape ahead of Black Friday and Cyber Monday (The Record by Recorded Future) As Black Friday and Cyber Monday approach, cybersecurity experts and the U.S. government are warning consumers to beware of scams.

WhatsApp data leak: 500 million user records for sale (Cybernews) Someone is allegedly selling up-to-date mobile phone numbers of nearly 500 million WhatsApp users. A data sample investigated by Cybernews likely confirms this to be true.

500 million WhatsApp users’ phone numbers for sale online – allegedly (Computing) Around 500 million people’s WhatsApp data has been leaked and is up for sale online, in what could be one of the most serious modern data breaches.

WhatsApp denies data breach, says user data is safe (Deccan Herald) Messaging platform WhatsApp on Monday denied reports that data and phone numbers of several WhatsApp users was leaked and being sold on the dark web. Last weekend, news platform CyberNews allegedly found a trove of a digital dataset of around 500 million WhatsApp users ‘on sale’ with a different pricing structure based on the users’ origin on the darknet. The dataset for the US (3.2 crore users) was reportedly being sold for $7,000, for the UK (1.1 crore users), they had priced $2,500, and Germany (around 60 lakh users) for $2,000.

Bahamut cybermercenary group targets Android users with fake VPN apps (WeLiveSecurity) ESET researchers uncover an active campaign where the Bahamut APT targets Android users via trojanized versions of two legitimate VPN apps.

Android users in Middle East, South Asia targeted with spyware posing as fake VPN apps (The Record by Recorded Future) Android users in the Middle East and South Asia are being targeted by an APT group with spyware posing as fake VPN websites.

Vulnerable SDK components lead to supply chain risks in IoT and OT environments (Microsoft Security) Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices.

Microsoft attributes alleged Chinese attack on Indian power grid to ‘Boa’ IoT vulnerability (The Record by Recorded Future) Microsoft data showed more than 1 million internet-exposed Boa server components around the world over the span of a week.

Microsoft Unearths Over 1M Outdated But Still In-Use Boa Web Servers (Spiceworks) Microsoft said Chinese cyberattacks on Indian electrical grids involved the use of outdated Boa servers and highlighted that millions of organizations are at risk.

Microsoft Warns of Boa Web Server Risks After Hackers Target It in Power Grid Attacks (SecurityWeek) Microsoft has warned organizations about the risks associated with Boa, a discontinued web server, after hackers exploited it in attacks aimed at a power grid.

Russian cybergangs stole over 50 million passwords this year (BleepingComputer) At least 34 distinct Russian-speaking cybercrime groups using info-stealing malware like Raccoon and Redline have collectively stolen 50,350,000 account passwords from over 896,000 individual infections from January to July 2022.

Russian cybercrime groups stole passwords across 111 countries (IT World Canada) According to Group IB, at least 34 distinct Russian-speaking cybercrime groups targeting Amazon, PayPal, and Steam with info-stealing malware under the stealer-as-a-service model like Raccoon and Redline have collectively stolen 50,350,000 account passwords.

Hackers breach energy orgs via bugs in discontinued web server (BleepingComputer) Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.

Backdoored Chrome extension installed by 200,000 Roblox players (BleepingComputer) Chrome browser extension ‘SearchBlox’ installed by more than 200,000 users has been discovered to contain a backdoor that can steal your Roblox credentials as well as your assets on Rolimons, a Roblox trading platform.

Professional stealers: opportunistic scammers targeting users of Steam, Roblox, and Amazon in 111 countries (Group-IB) Group-IB, one of the global leaders in cybersecurity, has identified 34 Russian-speaking groups that are distributing info-stealing malware under the stealer-as-a-service model.

Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches (Security Affairs) The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more than five million users. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […]

5.4 million Twitter users’ stolen data leaked online — more shared privately (BleepingComputer) Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher.

Twitter data breach far worse than initially reported (Computing) A Twitter data breach last year that exposed nearly 5.4 million phone numbers and email addresses was far worse than initially thought.

Holiday scam email season is here. Don’t fall for it. (Vox) Sorry, no one is actually going to give you a free Yeti cooler.

The growing army of ‘Grinch bots’ trying to steal Christmas (Fast Company) Retailers are fighting a constant battle against a growing army of bad bots trying to snatch up all the hot holiday gifts and toys.

‘Quiet quitting’ poses a cybersecurity risk that calls for a shift in workplace culture  (VentureBeat) Quiet quitting isn’t just a workplace phenomenon; it’s a cybersecurity risk that requires a shift in workplace culture to address.

IIROC-registered Canadian crypto exchange Coinsquare suffers data breach (Cointelegraph) On Nov. 19, Coinsquare had to temporarily shut down operations to investigate an unusual activity on its platform.

Cincinnati State College one of several schools added to ransomware leak sites on Thanksgiving (The Record by Recorded Future) Cincinnati State College was one of several small U.S. colleges added to the leak sites of ransomware groups over the Thanksgiving holiday.

Driver’s license numbers for nearly 500,000 people may have been exposed in Suffolk cyberattack (News 12 – Long Island) Suffolk County announced Wednesday that about 470,000 driver’s license numbers may have been accessed by those responsible for the cyberattack.

How a Cyberattack Plunged a Long Island County Into the 1990s (New York Times) Suffolk County officials had to return to the days of paper checks and faxes after an episode that exposed government weaknesses.

‘Cyber-incident’ knocks phone, email services offline at Durham District School Board (CityNews) The Durham District School Board says it is recovering from a cyber attack that took telephone and email services down and disabled online learning for the immediate future.

Legacy Health notifies Portland area patients that former employee stole their personal data (Oregon Live) Legacy Health said a former employee stole the personal information of patients at its Legacy Health Laboratory network in the Portland metro and southwest Washington areas.

Hackers steal ‘tens of thousands’ of euros from Carndonagh Traders Association (Donegal Live) Local businesses urged to improve cyber security

IKEA posted on ransomware gang’s leak site (Cybernews) Ransomware cartel Vice Society added data stolen from IKEA Morocco and IKEA Kuwait to the gang’s website.

GameStop Experiences a Data Breach, Customer Private Information Leaked Through Website (Appuals.com) Customers’ billing addresses and payment histories may have been exposed after a data breach at the retailer GameStop.

Most victims of cyber fraud are highly educated professionals, say police  (English.Mathrubhumi) Malayalis who give advertisements on the OLX website are being targeted by north Indian fraudsters. Numerous people have lost money through phone calls claiming an army officer’s two-wheeler is for sale. 

Five scams to look out for this winter as online fraud trebles since 2020 (Digital Journal) One common scam is for a malicious caller to pose as your bank or another company with whom you hold an account.

Holiday Scammers to Capitalize on FOMO and Workplace Complexity | Blog (Safeguard Cyber) Cyber Monday now outpaces Black Friday in terms of sales, and cybercriminals are fine-tuning their phishing lures to take advantage of distracted users.

Security Patches, Mitigations, and Software Updates

Google releases emergency Chrome fix for zero-day bug (Computing) The company is aware of an existing in-the-wild exploit for the vulnerability

New Windows Server updates cause domain controller freezes, restarts (BleepingComputer) Microsoft is investigating LSASS memory leaks (caused by Windows Server updates released during the November Patch Tuesday) that might lead to freezes and restarts on some domain controllers.

Windows 11 is getting a VPN status indicator in the taskbar (BleepingComputer) Windows 11 may soon show a system tray indicator notifying when your computer is connected to a VPN, allowing users wishing to browse anonymously to ensure they are connected.

Cybercriminals are increasingly using info-stealing malware to target victims (CSO Online) In the first seven months of this year, threat actors stole over 50 million passwords, 2 billion cookie files, details of 103,150 bank cards, and data from 113,204 crypto wallets. 

Ransomware activity rapidly increasing in transport, shipping sectors (Engineering News) Cybersecurity company Trellix says the cybercrime trends observed in South Africa are “pretty much” in line with what is happening on the global stage. “In the last 12 months, we have seen an uptick in activity from cybercrime actors targeting South Africans, and while the actors may be different, the attacks are the same in terms of global presence,” says Trellix South Africa country lead Carlo Bolzonello.

All warfare is cyber (Manila Bulletin) The Nation’s Leading Newspaper

Stop Before You Shop – Are Your Shopping Apps Sharing Access to Your Device? (Incogni Blog) In a recent consumer survey, 88% of respondents reported having at least one shopping app installed on their mobile device1. Given their popularity, you might

Guess the most common password. Hint: We just told you (Register) Also, Another red team tool at risk of turning to the darkside, and Meta catches the US military behaving badly

Kaspersky: $2,100 is the average price for access to corporate data on Dark web in the META region (ARAB TIMES – KUWAIT NEWS) This post has been read 3449 times! KUWAIT CITY, Nov 26: Sensitive data stolen from companies during cyberattacks often ends up on Dark web markets and forums. With the rise of the cybercrime as a service business model, Kaspersky researchers found that not only corporate data itself is for sale, but also the information necessary …

The emergence of zero trust consumers (Help Net Security) Consumers may be accepting the reality of ongoing cybersecurity threats in the same way that businesses are adopting zero trust.

Top 200 most common passwords of the year 2020 (NordPass) Here are the worst 200 passwords of 2020. The list details how many times a password has been exposed, used, and how much time it would take to crack it. We also compare the worst passwords of 2019 and 2020, highlighting how their positions have changed. The green arrows indicate a rise in the position while the red ones – a fall off. Check if your password is on the list and strengthen it if it is.

What’s next in cybersecurity (MIT Technology Review) “When it comes to really cutting off ransomware from the source, I think we took a step back.”


FRANCE : French security company Chiron builds on Ukraine operations to expand further abroad (Intelligence Online) Founded three years ago by a former French special forces sub-officer, Chiron, which employs about 20 former commandos and ex-police officers, is targeting the international market and growing closer

Check Point launches CyberUp program to support Israel’s growing network of cybersecurity start-ups (Help Net Security) Check Point’s CyberUp program supports cybersecurity start-ups by opening market opportunities and developing the cyber security ecosystem.

Utimaco Joins the Microsoft Intelligent Security Association (Fast Mode) Utimaco Expands Collaboration with Microsoft by joining the Microsoft Intelligent Security Association

Cisco lays off staff, cuts office space in $600M restructuring (SearchNetworking) A shake-up will affect about 5% of Cisco’s nearly 80,000-person workforce, or about 4,000 employees. Staff changes will include layoffs and reassignments.

Alexa, how did Amazon’s wrong call on voice assistants tee up a $10bn loss? (the Guardian) The tech giant’s flawed business model for its popular smart devices has cost the company a fortune and thousands of jobs

Twitter Exodus Hits Teams Tasked With Regulatory, Content Issues Globally (Wall Street Journal) Elon Musk’s effort to purge Twitter employees who don’t embrace his vision has led to a wave of departures among policy and safety-issue staffers around the globe.

Twitter will start manually verifying accounts next week. (The Verge) Blue check marks for people, gold for companies, and grey for governments.

Elon Musk Says Twitter Is Launching ‘Verified’ Service Next Week (Wall Street Journal) The social-media platform will manually authenticate accounts and use different colored check marks to designate government and company accounts, he said.

Elon Musk offers general amnesty to suspended Twitter accounts (the Guardian) Poll organised by new owner backed reopening accounts, leading to fears ‘superspreaders of hate’ will return to social media platform

‘Opening the gates of hell’: Musk says he will revive banned accounts (Washington Post) The Twitter chief says he will reinstate accounts suspended for threats, harassment and misinformation beginning next week

Adult Performers, Trump Supporters and Parodies: Who Is Paying for Twitter? (New York Times) Elon Musk made Twitter Blue, an existing subscription service, the backbone of his strategy to increase revenue. We looked at who has signed up for it.

George Hotz, PlayStation 3 hacker, hired by Elon Musk to fix Twitter search (mint) George Hotz, an American security hacker, is known for developing iOS jailbreaks, and the reverse engineering PlayStation 3.

The Lost Gospel of S.B.F. (Puck) New revelations illuminating the world-changing ambitions, aborted blueprints, utopian projects, and democracy-transforming money-bombs emanating from S.B.F., Inc., before the crypto billionaire’s house of cards came crashing down.

This FTX Unit May Help Customers Recover Some of Their Losses (The Information) The collapse of cryptocurrency exchange FTX has cost investors billions of dollars and dealt a stunning blow to venture capital firms. Now, creditors’ hopes to recover some of those losses rest in part on LedgerX, a lesser-known unit that offered cryptocurrency derivatives. LedgerX is one of the …

Products, Services, and Solutions

New infosec products of the week: November 25, 2022 (Help Net Security) The featured infosec products this week are from: Solvo, Sonrai Security, and Spring Labs.

FirstPoint Wins Coveted IoT Evolution Security Excellence Award (PRWeb) FirstPoint, a world leader in cellular IoT management and cybersecurity, has won the IoT Evolution Security Excellence Award. The annual award is granted

Nothing Phone (1) gets latest security update with some new features (Android Headlines) Nothing is rolling out a new software update to the Noting Phone (1), introducing the latest security patch to the device.

Noname Security appoints Nextgen as Philippines distributor (Channel Asia) Noname Security has appointed Nextgen as distribution partner in the Philippines, forming a key part of expansion plans across Asia Pacific.

Ensign InfoSecurity Partners Offensive Security to Boost Cybersecurity Training and Industry Ecosystem in Singapore (Taiwan News) Ensign InfoSecurity Partners Offensive Security to Boost Cybersecurity Training and Industry Ecosystem in Singapore  | 2022-11-28 11:30:00

ITPro Releases New Online IoT Pentesting Course (Business Wire) ITPro, ACI Learning’s platform for self-paced online IT training and certification platform, announces a new course, Intro to IoT Pentesting.

Technologies, Techniques, and Standards

Australia beefs up scrutiny of Medibank following data breach (ZDNET) Financial services regulator says it has “intensified” its supervision of Medibank following a data breach that impacted 9.7 million customers and believed to be the work of Russian hackers.

The one funding request CFOs find hardest to reject (Australian Financial Review) Leading companies are ramping up their cybersecurity budgets and trying to cut back on how much customer data they store to protect themselves from hacks, they say.

CISA Reminds Online Shoppers to Stay Vigilant to Cyber Threats This Holiday Season (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is committed to helping Americans stay safe online this holiday season. In the coming weeks, millions of Americans will be looking for the best deals on the internet. Meanwhile, cyber criminals will be hard at work looking to target online shoppers. 

Research Paper – The Myths of Training Cybersecurity Professionals (Cybrary) Cybersecurity training can improve an organization’s defenses, yet common myths make leadership hesitant to implement formal training platforms. New research dispels these myths, helping team leads make the case to prioritize training.

LastPass Reacts On UK’s Biggest Anti-Fraud Operation (Security Informed) Dan DeMichele, Vice President (VP), of Product Management for LastPass, said “The latest wave of cyberattacks is a powerful reminder of their increasing sophistication. But there has been a significant target shift – Cybercriminals aren’t just coming for governments, large-scale enterprises, and critical infrastructure, individuals and SMBs are on their radar too.”

Here is why you should have Cobalt Strike detection in place (CSO Online) Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams. Cobalt Strike is among the attack frameworks used by red teams and cyber specialists should be on the lookout for cybercriminals seeking to exploit it.

Design and Innovation

Groups urge CISA to develop simple mechanism for cyber incident reporting (Federal News Network) CISA is being urged to develop a simple, secure portal as part of a sweeping forthcoming program that requires cyber incident reporting.

Elon Musk wants encrypted messaging for Twitter. It might not be that simple. (CyberScoop) Experts are skeptical that Musk can execute while addressing the serious safety concerns that a move to encrypted messaging entails.

Research and Development

Blockchain technology puts paid to US energy data attacks (Technology Magazine) Researchers in the United States are employing blockchain technology to increase electric grid resilience and eliminate threats including data manipulation

DarkNet: Lighting up a secure grid communication network (Oak Ridge National Laboratory) How do you defend the world’s largest machine? This is the question scientists and engineers have faced as the power grid presents an increasingly attractive target for hackers bent on societal disruption.


200 Barbadians to be trained for cybersecurity sector (Loop Barbados) Over 200 Barbadians will soon get the opportunity to work in the area of cybersecurity with companies in Canada and across the rest of the world. Earlier this month, Prime Minister Mia Amor Mottley, upon her return from Rwanda, announced that 1,50

Santa Fe College is Getting Ethically HackedSanta Fe College is Getting Ethically Hacked (newSFeed) At face value, the term “ethical hacking”…

Legislation, Policy, and Regulation

Canada to boost defence, cyber security in Indo-Pacific policy, focus on ‘disruptive’ China (Reuters) Canada launched its long-awaited Indo-Pacific strategy on Sunday, outlining spending of C$2.3 billion ($1.7 billion) to boost military and cyber security in the region and vowed to deal with a “disruptive” China while working with it on climate change and trade.

Law to protect businesses, the public in cyberspace (VietNamNet News) Ensuring safety in cyberspace is the task of all agencies, units and people, Deputy Minister of Information and Communications Nguyen Huy Dung said.

Online safety bill will criminalise ‘downblousing’ and ‘deepfake’ porn (the Guardian) Nonconsensual explicit images to be tackled in bill returning to parliament next month

UK bans Chinese surveillance cameras from ‘sensitive’ sites (CNN) Hikvision, a leading Chinese surveillance company, has denied suggestions that it poses a threat to Britain’s national security after the UK government banned the use of its camera systems at “sensitive” sites.

US Bans Huawei, ZTE Telecom Equipment on Data-Security Risk (Bloomberg) Federal Communications Commission cites security concerns. Dahua, Hikvision, Hytera also among companies named by agency.

US effectively bans imports of Chinese telecoms products (Register) Part bureaucratic box ticking, part crackdown that makes even Wi-Fi routers and smartphones off limits

FCC steps up campaign against Huawei and other Chinese tech companies (Washington Post) FCC brings out the banhammer for Huawei and other China-based companies

Review of NSA, Cyber Command leadership structure ends without official recommendation (The Record by Recorded Future) The Biden administration’s evaluation of the leadership structure ruling U.S. Cyber Command and the National Security Agency finished late last month and did not make a formal recommendation about whether or not to end the long-standing arrangement, three sources familiar with the review told The Record.

Senate committee stamps privacy breach penalties (CRN Australia) Would substantially increase penalties for large or repeated privacy breaches.

The US Congress Is Starting to Question This Whole Crypto Thing (WIRED) Think Washington lawmakers have what it takes to tackle the volatile world of cryptocurrencies? Neither do they.

NSW passes state-based mandatory data breach notification (CRN Australia) Will apply to state agencies and departments, statutory authorities, local councils and some universities.

Guadeloupe kickstarts continuity plan after wide-ranging cyberattack (The Record by Recorded Future) The French island of Guadeloupe is dealing with the aftereffects of a cyberattack, according to a notice on the government’s website.

Juan Arratia Becomes Executive Director of the CISA Chief of Contracting Office (Homeland Security Today) Prior to joining DHS, Arratia was the Senior Procurement Executive at the Office of Personnel Management.

Litigation, Investigation, and Law Enforcement

Gangs of cybercriminals are expanding across Africa, investigators say (the Guardian) Online scams such as banking and credit card fraud are the most prevalent cyberthreat, says Interpol

Census Bureau disputes Inspector General claim that hacking team gained unauthorized access (The Record by Recorded Future) The U.S. Census Bureau disputed a report from the Office of Inspector General (OIG) that found several cybersecurity lapses.

Operation across Africa identifies cyber-criminals and at-risk online infrastructure (Interpol) INTERPOL and AFRIPOL collaborate in joint action against cybercrime

Group-IB assists INTERPOL-led operation to combat cybercrime on the continent (News Ghana) Group-IB, one of the global leaders in cybersecurity, has contributed to the INTERPOL-led Africa Cyber Surge Operation (ACSO), an all-encompassing investigative, operational, and educational program created by INTERPOL in close collaboration with AFRIPOL, and INTERPOL’s private sector cybersecurity partners. During the four-month operation, Group-IB provided timely cyber threat intelligence to…

US Justice Department calls on Supreme Court to dismiss NSO Group’s immunity petition (Middle East Eye) ‘NSO plainly is not entitled to immunity here,’ US solicitor-general says in brief filed to country’s top court

Crypto exchanges enabled online child sex-abuse profiteer (Reuters) As websites selling horrific child-abuse images have proliferated on the

An international police operation dismantled the spoofing service iSpoof (Security Affairs) An international law enforcement operation has dismantled an online phone number spoofing service called iSpoof. An international law enforcement operation that was conducted by authorities in Europe, Australia, the United States, Ukraine, and Canada, with the support of Europol, has dismantled online phone number spoofing service called iSpoof. The iSpoof service allowed fraudsters to impersonate trusted corporations […]

FBI Joins Investigation Into Continental Cyberattack – Report (Silicon UK) The US FBI has reportedly joined the investigation into a recent cyberattack on German car tyre giant Continental

Why individual arrests will not shut down LockBit (Cybernews) Individual arrests of LockBit affiliates are unlikely to shake the foundation of the notorious ransomware cartel. Experts believe the group’s only vulnerability is its popularity.

US Navy fined for acts of software piracy (Task & Purpose) A federal claims court ruled that the Navy illegally copied a software onto thousands of computers. Now the Navy is on the hook for thousands of dollars.

Social Media Accounts Used for Business: You Can’t Take It With You? (Richmond Times-Dispatch) When an employee leaves for a new job or gets fired, who gets control over the social media accounts the employee used to promote that business? And can the employee

Comments are closed.