Monday, June 05, 2023

Ukrainian counteroffensive attempt failed – Russian MOD



55m ago

Russia claims Ukraine launched 'large-scale' offensive - but what evidence is there online?

By OSINT producer, Jack Taylor 

The Russian defence ministry has claimed that Ukraine launched a "large-scale" offensive in the south of the Donetsk region.

Ukraine is attempting an information blackout on any possible offensive but what evidence is there online? 

Sky News' data and forensics team has been monitoring videos posted to social media and various Russian war reporters that cover the conflict. 

Russian sources are reporting that Ukraine has launched attacks around specific settlements in Donetsk. 

Each point on this map is related to a specific location described in reporting. This area also matches where the Russian defence ministry has claimed the Ukrainian offensive is taking place. 

One post claimed that Ukrainian forces made gains into Novodonetsk, which is just behind the currently assessed front line in the south of Donetsk. 

These individual reports cannot be confirmed by Sky News. 

There is some visual evidence of fighting in the areas of South Donetsk from recent days that can be verified, though. 

This video was released today by the Russian defence ministry, claiming to show the destruction of Ukrainian equipment.  

Podcast: Has Ukraine’s counter offensive begun?

Reuters
600x1 podcast

Follow on AppleGoogle or Spotify. Listen on the Reuters app. Read the episode transcript.

Russia says it’s thwarted a major Ukrainian attack in the Donetsk region – is this the long-promised counter-offensive?

5 Jun, 2023 10:14
HomeRussia & FSU

Ukrainian counteroffensive attempt failed – Russian MOD

Kiev’s botched attack took place in the southern part of Donetsk Region, according to the ministry
Ukrainian counteroffensive attempt failed – Russian MOD
FILE PHOTO: A Russian serviceman stands in a trench at a position on a front line, as Russia's military operation in Ukraine continues. ©  Sputnik / Evgeny Biyatov











"Ukrainian forces attempted to mount a large-scale offensive in the southern part of the Donetsk People’s Republic, Russia's Defense Ministry claimed on Monday.

In a statement, the ministry said that on Sunday, Ukrainian troops attempted to attack Russian forces using six mechanized and two tank battalions. However, it added that as a result of the actions of the ‘East’ military grouping, as well as owing to air strikes and artillery fire near the settlements of Neskuchnoye and Novodarovka, both of which are some 100km west of Donetsk, the Ukrainian forces incurred “significant losses.”

As a result of the botched attack, in the last 24 hours Ukraine has lost up to 300 service members, 16 tanks, 26 armored and 14 ordinary vehicles, the statement read. “The enemy failed to accomplish its goals,” the ministry concluded.

Western weapons used in Ukrainian raid inside Russia – WaPo
Read more
 Western weapons used in Ukrainian raid inside Russia – WaPo

The ministry’s statement comes after earlier in the day it said that Ukraine had tried to break through Russian defenses in five sections of the front line in Donbass using its “strategic reserves,” but failed to do so. 

Ukrainian officials have for months promised to launch a counteroffensive, which initially was expected to happen in spring. Ukrainian President Vladimir Zelensky has on numerous occasions said that Kiev was “ready” for the push but “still needs a bit more time” in order to receive more Western weapons.

  • Ukraine’s General Staff provided no comment on the counteroffensive, saying only that there had been 29 combat clashes in the Donetsk and neighboring Lugansk Regions in the last 24 hours. 
  • Ukraine’s Centre for Strategic Communications also failed to address Moscow’s statement head-on, but accused Russia of attempting to “spread false information” in order to demoralize Ukrainians.


>

at No comments:

FREQUENT FLYER MILES FOR SECRETARY OF STATE Jetting to Jeddah: Blinken to visit Saudi Arabia to discuss ‘strategic cooperation’. . . Tops Priority for U.S. Security

at No comments:

SECURITY FLAWS: Fixing the Issues After-the-Fact

While the risks from these vulnerabilities is likely low, all GIGABYTE motherboard users are advised to install the latest firmware updates to benefit from the security fixes.

GIGABYTE releases new firmware to fix recently disclosed security flaws

By 
 
  • June 5, 2023
    •  
  • 11:09 AM
    •  
  • 0
Gigabyte B660M GAMING X DDR4
Gigabyte B660M GAMING X DDR4 Source: GIGABYTE.com

GIGABYTE has released firmware updates to fix security vulnerabilities in over 270 motherboards that could be exploited to install malware.

The firmware updates were released last Thursday in response to a report by hardware security company Eclypsium, who found flaws in a legitimate GIGABYTE feature used to install a software auto-update application in Windows.

Windows includes a feature called Windows Platform Binary Table (WPBT) that allows firmware developers to automatically extract an executable from the firmware image and execute it in the operating system.

"The WPBT allows vendors and OEMs to run an .exe program in the UEFI layer. Every time Windows boots, it looks at the UEFI, and runs the .exe. It's used to run programs that aren't included with the Windows media," explains Microsoft.

GIGABYTE motherboards use the WPBT feature to automatically install an auto-update application to '%SystemRoot%\system32\GigabyteUpdateService.exe' on new installations of Windows.

While enabled by default, this feature can be disabled in the BIOS settings under the Peripherals tab > APP Center Download & Install Configuration configuration option.

However, Eclypsium discovered various security flaws in this process that attackers could potentially exploit to deliver malware in man-in-the-middle (MiTM) attacks.

Eclypsium found that when the firmware drops and executes the GIGABYTEUpdateService.exe, the executable will connect to one of three GIGABYTE URLs to download and install the latest version of the auto-update software.

The problem is that two of the URLs used to download the software utilize non-secure HTTP connections, which can be hijacked in MiTM attacks to install malware instead.

Furthermore, the researchers found that GIGABYTE did not perform any signature verification for downloaded files, which could prevent malicious or tampered files from being installed.

In response, GIGABYTE has now released firmware updates for Intel 400/500/600/700 and AMD 400/500/600 series motherboards to fix these issues.

"To fortify system security, GIGABYTE has implemented stricter security checks during the operating system boot process. These measures are designed to detect and prevent any possible malicious activities, providing users with enhanced protection:

1. Signature Verification: GIGABYTE has bolstered the validation process for files downloaded from remote servers. This enhanced verification ensures the integrity and legitimacy of the contents, thwarting any attempts by attackers to insert malicious code.

2. Privilege Access Limitations: GIGABYTE has enabled standard cryptographic verification of remote server certificates. This guarantees that files are exclusively downloaded from servers with valid and trusted certificates, ensuring an added layer of protection." 

- GIGABYTE.

While the risks from these vulnerabilities is likely low, all GIGABYTE motherboard users are advised to install the latest firmware updates to benefit from the security fixes.

Furthermore, if you wish to remove the GIGABYTE auto-update application, you should first turn off the 'APP Center Download & Install Configuration' setting in the BIOS and then uninstall the software in Windows."

Related Articles:

Cybercrime gang pre-infects millions of Android devices with malware

Kingston's SSD firmware has Coldplay lyrics hidden within it

at No comments:

Hacking Spree Hits British Airways As Experts Warn of Extortion

 

Russian hackers raid British Airways and BBC in cyber attack

Personal details of staff stolen following payroll provider hack

; and 

Tens of thousands of British Airways, BBC and Boots staff may have had their personal details stolen following a suspected Russia-linked cyber attack, The Telegraph can disclose....

5m ago

Hacking Spree Hits British Airways As Experts Warn of Extortion

William TurtonBloomberg News

(Bloomberg) -- British Airways and the government of Nova Scotia are among the earliest known victims of an ongoing hacking campaign that cybersecurity experts warned could ensnare thousands of victims in the coming weeks. 

British Airways on Monday told its staff of roughly 35,000 people that their personal information may have been included in a breach at the company’s payroll provider. In that incident, attackers exploited the same software vulnerability that resulted in compromises affecting government systems in Nova Scotia, where officials are investigating a theft of personal data. 

The hackers exploited a vulnerability in the secure file transfer product, MOVEit, developed by Progress Software Corp., the company said in an advisory. MOVEit is used by thousands of companies, including payroll providers, health-care firms, and information technology providers. The vulnerability allowed hackers to steal files that companies had uploaded to MOVEit, according to Progress. 

Progress released a patch for its systems last week.

“When we discovered the vulnerability, we promptly launched an investigation, alerted MOVEit customers about the issue and provided immediate mitigation steps,” MOVEit spokesperson John Eddy said in a statement.

Potentially thousands of companies could be vulnerable to hackers, according to Allan Liska, senior intelligence analyst at Recorded Future Inc. Publicly available data sources show there are thousands of vulnerable MOVEit servers that could have been affected by the software flaw that made such hacks possible, Liska said. The criminal hackers are expected to begin contacting companies and demanding payment in cryptocurrency in exchange for not uploading the company’s stolen data online, he said.

The flaw was the subject of numerous security alerts in recent days, including warnings from the US Department of Homeland Security, Microsoft Corp. and Mandiant, a subsidiary of Alphabet Inc.’s Google Cloud. Microsoft said a criminal hacker group that engages in ransomware and extortion is responsible for the MOVEit hack. The same hackers who breached MOVEit were also responsible for previous hacks of two other secure file transfer products developed by Accellion Inc. and Fortra Inc., Liska said.

“We’re expecting the extortion communications to start anytime within the next four weeks or so,” said Charles Carmakal, chief technology officer at Mandiant. “There is a lot of data that the threat actor has to sort through. When the extortion starts, it will probably carry on for a few months.” 

Carmakal said the earliest observed exploitation of MOVEit occurred on May 27. 

--With assistance from Margi Murphy.

Hacking Spree Hits British Airways As Experts Warn of Extortion

  • A flaw in the MOVEit software rendered thousands vulnerable
  • Warnings from DHS, Microsoft suggest widespread issues
A British Airways aircraft at Heathrow Airport in London.
A British Airways aircraft at Heathrow Airport in London.Photographer: Ben Stansall/AFP/Getty Images

British Airways and the government of Nova Scotia are among the earliest known victims of an ongoing hacking campaign that cybersecurity experts warned could ensnare thousands of victims in the coming weeks. 

British Airways on Monday told its staff of roughly 35,000 people that their personal information may have been included in a breach at the company’s payroll provider. In that incident, attackers exploited the same software vulnerability that resulted in compromises affecting government systems in Nova Scotia, where

at No comments:
Subscribe to: Comments (Atom)