Ukraine Hit by Wiper, DDoS Attacks

US and UK warn of new Cyclops Blink device malware from Russia's Sandworm group, DOJ shutters so-called China Initiative that created harmful impression of ethnic Chinese, much more

My latest CSO column reports on NIST’s decision to update its Cybersecurity Framework, which mainly received favorable reviews but also a stern plea from the GAO to fix U.S. government agencies’ problems in adopting the CSF.

As Russia launches war against Ukraine, researchers from ESET and Symantec report that a new form of destructive malware, called HermeticWiper, that can delete or corrupt data on a targeted computer or network has been seen spreading in the country. The wiper attacks accompany a fresh round of DDoS attacks in Ukraine that have brought down government and banking websites for the second time this month.

"ESET telemetry shows that it was installed on hundreds of machines in the country," the Slovakia-based firm said on Twitter. It shared technical information about the malware and said preparations for the cyber attack could have begun almost two months ago. Vikram Thakur, technical director of the U.S.-based Symantec's threat intelligence team, said the company had i…