and in some cases proactively paying hackers through bug bounty programs, for example. But the CFAA remains a sticking point. “Computer security research is a key driver of improved …
Ukraine at D+41: Russia reconstitutes maneuver forces; expect fire and cyber. (The CyberWire) Infantry and armor withdraw from the north of Ukraine, but Russian artillery continues its reduction of such Ukrainian cities as are within range. Cyber operations continue, and Ukraine is apparently getting some help from abroad (at least some defensive help).
Live Updates: U.N. Security Council to Meet as Evidence of War Crimes Mounts (New York Times) China and Russia are unlikely to support any measures that France, the U.S. and Britain propose. European leaders sought to impose more sanctions, but were divided on whether to ban Russian natural gas.
When It Comes to U.N. Diplomacy, Not All Abstentions Are Equal (World Politics Review) Abstentions at the U.N. may seem like a way to avoid hard choices on tough crises. But U.N. diplomacy is rarely that simple. In recent weeks, U.N. members from China to Burkina Faso have abstained on votes in U.N. forums on the war in Ukraine, or just not voted on them. What do such ambiguous votes and nonvotes mean?
Russia-Ukraine war: what we know on day 42 of the Russian invasion (the Guardian) Donetsk governor says Russian artillery has killed civilians at aid point, while Russian governor claims border guards were fired at
Russia’s invasion of Ukraine: List of key events on Day 42 (Al Jazeera) As the Russia-Ukraine war enters its 42nd day, here is a look at the main developments.
Russian military ‘weeks’ from being ready for new push as war takes its toll (The Telegraph) ‘Significant movement’ of troops away from Kyiv to regroup, rearm and resupply as Nato appeals to allies for weapons to reinforce Ukraine
Russia’s failure to take down Kyiv was a defeat for the ages (AP NEWS) Kyiv was a Russian defeat for the ages. The fight started poorly for the invaders and went downhill from there. When President Vladimir Putin launched his war on Feb. 24 after months of buildup on Ukraine’s borders, he sent hundreds of helicopter-borne commandos — the best of the best of Russia’s “spetsnaz” special forces…
The U.S. National Security Agency (NSA) released comprehensive network security guidance on March 3, on the same day that the Cybersecurity and Infrastructure Security Agency (CISA) released its longest-ever list of exploited vulnerabilities.
With organizations around the world on heightened alert in the wake of Russia’s unprovoked war against Ukraine, government agencies have stepped up efforts too. The U.S. Senate has also been active, passing the “Strengthening America Cybersecurity Act,” which requires critical infrastructure owners to report cyber attacks within 72 hours and ransomware payments within 24. The legislation must still be approved by the House.
The 95 vulnerabilities added to CISA’s Known Exploited Vulnerabilities Catalog (sort by date) are by far the most yet, growing the list to 478.
Among the latest additions are:
CISA urges organizations to prioritize fixes identified in the Catalog, a priority also included in the recent Shields Up guidance outlining steps to take to prepare for any Russian cyberattacks that might occur as a fallout from the war.
Also read: Top Vulnerability Management Tools for 2022
SANS Institute officials have been active lately with network security advice in response to the war in Ukraine, and some of that advice has sparked considerable interest among cybersecurity pros.
The NSA’s 58-page Network Infrastructure Security Guidance (PDF) is more of a catalog of network security best practices, based on principles of zero trust and segmentation, following up on brief January guidance (PDF) on segmentation that discussed the Purdue Enterprise Reference Architecture (image below).
The new guidance is significantly more comprehensive and in-depth, addressing network architecture, maintenance, authentication, routing, ports, remote logging,…
On October 21, 2021, the Bureau of Industry and Security (BIS) published an interim final rule (IFR) to implement significant new controls regarding certain cybersecurity items. The rule contains new and updated Export Control Classification Numbers (ECCNs) and new License Exception Authorized Cybersecurity Exports (ACE). On November 12, 2021, BIS issued Frequently Asked Questions (FAQs) to provide guidance on the IFR and License Exception ACE.
On October 21, 2021, the Bureau of Industry Security (BIS) published an Interim Final Rule (IFR) to implement controls on certain “cybersecurity items” that can be used for malicious cyber activities. Most notably, the IFR defines “cybersecurity items” to include the new and updated Export Control Classification Numbers (ECCNs) and creates a new License Exception Authorized Cybersecurity Exports (ACE). This IFR follows BIS’s original proposal to implement the addition of cybersecurity items to the Wassenaar Arrangement (WA) in 2015. However, the 2015 proposed rule received substantial industry scrutiny, including concerns that the rule was overly broad, would impose a heavy burden on licensing for legitimate transactions, and could cripple legitimate cybersecurity research. In response to those and other concerns, BIS suspended implementation of the 2015 proposed rule and, instead, renegotiated changes to the WA control lists in 2017, intending to define more precisely the scope of the cybersecurity controls. BIS released the October 2021 IFR to implement the 2017 WA decisions. Public comments on the IFR are due December 6, 2021, and the IFR is set to go into effect on January 19, 2022.
On November 12, 2021, BIS issued Frequently Asked Questions (FAQs) that provide guidance on this IFR.
New Export Control Classification Numbers
“Cybersecurity items” are defined to include the new and updated ECCNs referenced below and certain related ECCNs in Categories 4 and 5.
Category 4 includes two new ECCNs related to “intrusion software”: