Greeley, Colorado (and elsewhere): the JBS ransomware incident.
Russian Cybercriminal Group Was Behind Meat Plant Attack, F.B.I. Says (New York Times) Meat processing plants operated by JBS, which handles a fifth of the cattle and hog slaughter in the U.S., were coming back online on Wednesday but were not all at full capacity, union officials said.
FBI: JBS ransomware attack was carried out by REvil (The Record by Recorded Future) The US Federal Bureau of Investigation on Wednesday confirmed reports that the well-known cybercriminal group REvil (also known as Sodinokibi) is behind the ongoing ransomware attack targeting JBS, the world’s largest meatpacking company.
FBI: REvil cybergang behind the JBS ransomware attack (BleepingComputer) The Federal Bureau of Investigations has officially stated that the REvil operation, aka Sodinokibi, is behind the ransomware attack targeting JBS, the world's largest meat producer.
Russia-Linked Group Behind JBS Attack Revels in ‘Audaciousness’ (Bloomberg) Revil recruits talent online and promises profits for partners. Companies with cyber-insurance ‘tastiest morsels’ for hackers.
JBS meat plants reopen as White House blames Russia-linked group over hack (Reuters) JBS SA (JBSS3.SA) employees started returning to U.S. meat plants on Wednesday, a day after the company's beef operations stopped following a ransomware attack, disrupting meat production in North America and Australia.
Ransomware attack on world’s biggest meat supplier JBS ‘came from Russia’ (The Daily Swig) Company points finger after cyber-attack on US and Australian offices
Biden will discuss recent cyber attack on meat producer with Putin in Geneva (CNN) The White House says President Joe Biden will address the recent ransomware attack on a meat producer and the increased threat of cyber attacks while meeting with Russian President Vladimir Putin later this month in Geneva.
Why the ransomware crisis suddenly feels so relentless (MIT Technology Review) Just weeks after a major American oil pipeline was struck by hackers, a cyberattack hit the world’s largest meat supplier. What next? Will these criminals target hospitals and schools? Will they start going after US cities, governments—and even the military? In fact, all of these have been hit by ransomware already. While the onslaught we’ve…
Darktrace comments on cyber attack on world's largest meat processor - JBS (Cambridge Network) In light of the world's largest meat processing company, JBS, being targeted by a sophisticated cyber-attack, Dave Masson, Director of Enterprise Security at Darktrace, discusses how ransomware continues to be a national security threat.
A ransomware attack hits another massive, crucial industry: Meat (Vox) JBS Foods, the world’s largest meat producer, is going back online after a brief partial shutdown.
Ransomware Disrupts Meat Plants in Latest Attack on Critical U.S. Business (New York Times) All of JBS’s beef plants in the U.S. were shuttered on Tuesday, and many of its pork and poultry plants were affected, according to a union and Facebook posts meant for employees.
US meatpacking plants get back on stream after crippling cyber-attack (the Guardian) Experts warn ‘no one is out of bounds’ after ransomware attack halts production at JBS, which supplies more than fifth of US beef
JBS, world’s biggest meat supplier, says its systems are coming back online after cyberattack shut down plants in U.S. (Washington Post) The breach is the latest targeting a crucial supply chain and comes three weeks after the Colonial Pipeline hack disrupted fuel operations in the U.S.
Largest Meat Producer Getting Back Online After Cyberattack (SecurityWeek) JBS, the world’s largest meat processing company, has resumed most production after a ransomware attack caused disruptions, but experts say the vulnerabilities exposed by this attack and others are far from resolved.
Shifts canceled at Greeley plant after JBS cyberattack (Greeley Tribune) A cyberattack on JBS USA this weekend is impacting workers in Greeley, according to a UFCW Local 7 spokesperson. North American and Australian JBS plants experienced an “organized” cybersecurity at…
Ransomware Hits Food Supply Giant JBS—and Underscores a Dire Threat (Wired) Hackers targeting JBS USA have disrupted meat processing facilities around the world, just one month after the Colonial Pipeline attack caused fuel distribution havoc.
FireEye CEO says ransomware 'intolerable situation' amid JBS Foods breach (NASDAQ:FEYE) (SeekingAlpha) FireEye <<FEYE>>CEO Kevin Mandia says ransomware has become an "intolerable situation" as attackers increasingly target public companies more likely to pay a ransom...
FireEye CEO Kevin Mandia On Ransomware: Businesses Must ‘Try To Reduce The Blast Radius’ Of Attacks (Forbes) One of the world’s top cybersecurity experts said even well-defended companies are getting “sucker punched” by ransomware and called on governments to take concerted action against the cybercriminals behind it.
JBS Cyberattack Shines A Spotlight On The Biggest Risk To Big Meat: Consolidation (Forbes) The ransomware attack on the world’s largest meat packer has serious implications because of the Brazilian giant’s control of the market.
Agribusiness Remains a Target for Hackers (The National Law Review) Agribusiness may not be an industry that the public at large often associates with data breaches and hacking.&nbsp;That perception is likely to change after&nbsp;news broke&nbsp;over the Memorial Day
First gas, now meat: Latest cybersecurity attack shows criminals are expanding their scope (TechRepublic) Russian hacking group REvil is behind the ransomware attack on meat processing company JBS Foods, according to the FBI.
Colonial Pipeline led to a cyber order. Will JBS lead to more? (SC Media) The string of incidents leaves many questioning how government and industry can better tackle security gaps across critical infrastructure.
Rise in Ransomware Requires Strong Government Response, Executives Say (Wall Street Journal) “Pharmaceuticals, hospitals, healthcare, public companies, organizations that don’t have the talent and skills to defend themselves—they’re getting sucker punched,” Kevin Mandia said during the WSJ Pro Cybersecurity Executive Forum.
Attacks, Threats, and Vulnerabilities
Chinese APT group targets Southeast Asian government with previously unknown backdoor (Check Point Software) Check Point Research (CPR) warns of a new cyber espionage weapon being used by a Chinese threat group, after it identified and blocked an ongoing
Backdoor malware found on the Myanmar president's website, again (The Record by Recorded Future) A cyber-espionage hacking group is believed to have hacked the website of the Myanmar president's office and planted a backdoor trojan inside a localized Myanmar font package available for download on the site's front page.
Japanese Government Agencies Suffered Cyber Attack Exposing Proprietary Data (CPO Magazine) Several Japanese government agencies reportedly suffered data breaches originating from Fujitsu’s “ProjectWEB” information sharing tool.
Ransomware Attack Hits Nantucket, Martha's Vineyard Ferry Service (SecurityWeek) Martha’s Vineyard and Nantucket Steamship Authority has been the target of a ransomware attack that could cause delays
Ransomware attack disrupts Massachusetts ferries (The Record by Recorded Future) A ransomware attack has caused delays and disruptions at Steamship Authority, the largest ferry service in Massachusetts, and has disrupted ferry transports between mainland US and the Martha's Vineyard and Nantucket islands.
Impact of Ransomware Attack on Mass. Steamship Authority Expected to Continue Thursday (NBC Boston) A ransomware attack on the Steamship Authority of Massachusetts hampered operations Wednesday morning. The largest ferry service to the islands of Martha’s Vineyard and Nantucket, the Steamship Authority issued a statement warning that traveling customers may be delayed as a result.
MTA Reports Cyber Hack In April, But No Disruption Or Data Loss (Gothamist) The breach, first reported by the New York Times, reportedly stemmed from China and affected multiple government and finance organizations.
Deep Dive into BlackCocaine Ransomware (Cyble) On May 30, 2021, Nucleus Software, an India-based IT company in the Banking and Financial Services sector, noted a breach on its servers. The company has reported this incident to the Bombay Stock Exchange (BSE) and the National Stock Exchange of India (NSEI).
Ransomware Scourge Continues as Essential Services Are Hit (Wall Street Journal) The trend is part of a global criminal pivot from stealing data to hobbling operations via ransomware, where companies are hit with demands for million-dollar payments to regain control of their operating systems.
Waikato DHB data breach likely 'seven ... eight figure' cryptocurrency ransom - expert (RNZ) The ransom demand for Waikato DHB's hacked data would likely be in the millions or even tens of millions of dollars, and only payable by cryptocurrency, a cyber-security expert says.
The Villages hospital crippled by ransomware attack (Villages-News) UF Health-The Villages Hospital has been forced to operate by pen and paper thanks to a ransomware attack which has shut down the computer system.
Lead cyber crime garda issues advice to public struck by data leak from HSE ransomware attack (TheJournal.ie) The data of 520 patients has appeared online since the cyber attack.
FUJIFILM shuts down network after suspected ransomware attack (BleepingComputer) FujiFilm is investigating a ransomware attack and has shut down portions of its network to prevent the attack's spread.
Unauthorized access to Fujifilm servers (Fujifilm [Croatia]) FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence.
'Nothing is safe': Five times ransomware attackers have impacted our lives (Cape Cod Times) With a ransomware attack impacting ferry services between Cape Cod and the islands, we look at five high-profile cyberattacks.
Top cybersecurity official warns of more ransomware attacks (Fox News) Top cybersecurity officials warned Wednesday that the U.S. can expect to see more ransomware attacks as the nation reels from recent hits on U.S interests including meat supply and fuel.
Window of Exposure Wide Open for Utilities’ Apps (Security Boulevard) With all the talk about the ongoing menace of ransomware, it’s easy to overlook application-specific attacks. But new research from WhiteHat Security shows that there might just be a greater likelihood of the latter.
Lightspin Research Team Discovers Cross-Account Attack Path Leveraging Dangerous S3 Bucket Permissions on AWS (PR Newswire) Lightspin, a pioneer in contextual cloud security that simplifies and prioritizes cloud security for cloud and Kubernetes environments,...
This is how attackers bypass Microsoft's AMSI anti-malware scanning protection (ZDNet) Researchers outline common tactics for circumventing the security software.
Cisco Discloses Details of macOS SMB Vulnerabilities (SecurityWeek) Cisco has disclosed the details of several recently patched vulnerabilities in the SMB server implementation used by macOS.
Whole New Ballgame: GameStop's URL Leveraged for Phishing Attacks (Avanan) GameStop's URL has been leveraged for phishing attacks through the service Movable Ink.
More than 11,000 people’s personal information released in APD data leak (Alaska Public Media) Since 2019, 11,402 people have had their birth dates and driver’s license numbers published accidentally, due to a glitch in the Anchorage Police Department records system, the department announced Wednesday.
Huawei USB LTE dongles are vulnerable to privilege escalation attacks (BleepingComputer) This week, a Trustwave security researcher disclosed a privilege escalation flaw in Huawei's USB LTE dongles.
An Old School Hack Threatens Two-Factor Authentication (No Jitter) Two-factor authentication has significantly increased security for online consumer transactions, but a highly targeted attack can spell millions in losses.
Breached companies facing higher interest rates and steeper collateral requirements (ZDNet) A study found that companies dealing with data breaches later faced increased scrutiny from banks.
Ransomware Insurance Coverage Disappearing, Not Enough for Robust Cybe (PRWeb) A NYC area cybersecurity expert alerts readers to disappearing ransomware insurance coverage in a new article on the eMazzanti Technologies website. The inform
17 cyber insurance application questions you'll need to answer (CSO Online) Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.
Poor threat intelligence drags down performance at major enterprises, Cybersixgill survey finds (PR Newswire) More than 90 percent of CISOs rely on outdated, report-based threat intelligence that is often too old to inform decisions, according to...
DDoS attack report finds attack volumes up dramatically (Security Brief) The DDoS attack report analyses attack activity by industries, attack vectors, DDoS attacks on applications and on-premise versus cloud.
Has the shift to remote working increased cybersecurity threats? (Legal Futures) The abrupt shift to remote working has underlined significant cybersecurity threats for employers and employees alike.
Cyber Attacks Has Cost UK Businesses £87 Billion Since 2015 (Digital Information World) A recent study shows that cyber crime in the UK has doubled in the last five years, costing businesses over £87 billion.
Private equity money keeps pouring into tech, as Cloudera becomes latest multibillion-dollar buyout (CNBC) Cloudera said Tuesday that it's being acquired by private equity firms in a deal valued at about $5.3 billion.
FireEye to sell products unit to Symphony-led group for $1.2B (TechCrunch) The all-cash deal is expected to close by the fourth quarter.
FireEye is selling its security products business for $1.2B (CyberScoop) FireEye is selling its security products services to a consortium led by private equity firm Symphony Technology Group for $1.2 billion, the company announced on Wednesday. The long-time cybersecurity giant is best known recently for its role in alerting U.S. authorities in December to the breach of network software company SolarWinds.
Security-Hungry STG Adds FireEye Products Acquisition to McAfee, RSA (Channel Futures) FireEye is selling is products business, including the FireEye name, to a consortium led by Symphony Technology Group (STG) in a $1.2 billion all-cash deal.
FireEye is selling its products business and name for $1.2 billion (CNBC) FireEye is selling its products business and the FireEye name to a consortium led by private-equity firm Symphony Technology Group for $1.2 billion.
FireEye to Separate from Mandiant Solutions (GovInfoSecurity) FireEye announced on Wednesday the sale of its product line and name to Symphony Technology Group, a private equity group based in Palo Alto, California, for $1.2
Microsoft Buys ReFirm Labs to Expand IoT Firmware Security Push (SecurityWeek) Microsoft snaps an early-stage startup ReFirm Labs that helps businesses pinpoint and fix weak links in firmware powering smart devices like light bulbs and connected printers.
Microsoft acquires firmware analysis company ReFirm (SC Media) Microsoft announced it had acquired ReFirm Labs Wednesday in a bid to bolster its Azure edge security offerings.
Howard County cyber company ReFirm Labs acquired by Microsoft (Baltimore Business Journal) ReFirm Labs specializes in helping to detect security vulnerabilities in firmware, or the "brain" behind Internet of Things (IOT) devices.
Apax-backed Coalfire acquires Denim Group (PE Hub) Coalfire, which is backed by Apax Partners, has acquired San Antonio, Texas-based Denim Group, a provider of advanced application security solutions.
Wipro Sells Stake In Denim Group For $22.4 Million (Moneycontrol) In March 2018, Wipro acquired a 33.33 per cent stake in Denim Group Ltd and Denim Group Management, LLC, an independent application security firm, for a consideration of $8.83 million.
Accenture Federal To Acquire Analytics Company Novetta (Defense Daily) Accenture Federal Services on Tuesday said it has agreed to acquire Novetta, adding work in the national security sector boosting its capabilities in advan
Proofpoint’s Leaders Eligible For $154.6M In Payouts In Thoma Bravo Deal (CRN) Proofpoint’s top executives and directors could earn as much as a combined $154.6 million in stock, option, and severance payments in the proposed acquisition by Thoma Bravo goes through.
Tech Startup Raising Capital via Equity Crowdfunding to Launch Next Gen Social Network (PR Newswire) These days all the biggest social media platforms leave little to be desired due in no small part to rampant agenda-driven censorship,...
Securitas' Board of Directors has resolved to purchase own shares (PR Newswire) The Board of Directors of Securitas AB (publ) ("Securitas") has resolved, pursuant to the authorization granted by the Annual General Meeting...
Cyberseek Indiana resource launches to promote jobs in growing cybersecurity industry (WBIW) As cybersecurity threats and attacks continue to increase, the State of Indiana is introducing the Cyberseek Indiana online resource to promote and support job growth in the emerging industry of cybersecurity
State Introduces Cyberseek Initiative (Inside Indiana Business) The state of Indiana has introduced an online resource to promote and support job growth in the cybersecurity sector with Cyberseek Indiana. The Indiana Department of Workforce Development is partneri
Darktrace: What we learned from building a £2.5bn UK success story (CityAM) There were just a handful of us clustered around a Bloomberg screen waiting for the moment that Darktrace would finally
Splunk stock falls after reporting wider than expected Q1 losses (SeekingAlpha) Splunk (SPLK) shares drop 3% after hours following mixed first quarter results and an in=line revenue forecast
Meme Stocks Surge as Major Indexes Edge Higher (Wall Street Journal) The S&P 500 closed slightly higher while a narrow group of stocks popular with individual investors stole the spotlight.
Elon Musk’s ‘Baby Shark’ Tweet Sends Shares Soaring (Bloomberg) Samsung Publishing Co., a shareholder in the producer of the “Baby Shark” viral YouTube song, rallied after Elon Musk tweeted about the kiddie pop jingle.
Cybereason Joins with MITRE Engenuity’s Center for Threat-Informed Defense (Security Boulevard) Cybereason is excited to announce that it is now a research sponsor of the Center for Threat-Informed Defense, allowing collaboration on applied research and development to improve cyber defenses at scale for the global security community.
CloudSphere Listed as a Representative Vendor in 2021 Gartner Market Guide for Cloud Management Tooling (BusinessWire) CloudSphere, which provides governance through application discovery, multi-cloud security and standards compliance in the cloud, today announced that
Mission Secure Named a JMP Securities "Elite 80" Cybersecurity Company for 2021 (PR Newswire) Mission Secure, the leading industrial control system (ICS) cybersecurity technology company, today is proud to announce it was named to the...
SecureLink Announces Appointment of Patrick Tickle as Chief Executive Officer To Accelerate Company's Position in Rapidly Growing Third-Party Security Market (GlobeNewswire) Robert Humphrey will also join new CEO, Patrick Tickle, as SecureLink's first Chief Marketing Officer to support company momentum and category leadership
Centraleyes Welcomes Co-Founder of Optiv, Dan Burns, to Its Board of Directors (GlobeNewswire) Dan Burns, co-founder and former CEO of Optiv, one the largest SSI’s in the world, brings over 25 years of experience to the Centraleyes's Board of Directors
Appgate Announces Three Executive Leadership Promotions (Yahoo) Jason Garbis Promoted to Newly Created Role of Chief Product Officer; Kurt Glazemakers Promoted to Chief Technology Officer; and Jeffrey Nord Promoted to Chief of Operations
Swimlane Announces Key Additions to Leadership Team (BusinessWire) New hires bring decades of experience to Swimlane, and will play a critical role in elevating the company’s brand and ensuring customer success.
Products, Services, and Solutions
Device Authority and Medigate Announce Partnership for Internet of Medical Things (IoMT) Security Solutions (Device Authority) Device Authority, a global leader in identity and access management (IAM) for the Internet of Things (IoT), and Medigate, an IoT device security and asset management company dedicated to healthcare, today announce their partnership for securing the Internet of Medical Things (IoMT). Whether to improve the cybersecurity of IoMT, or directly address other challenges, this partnership delivers Healthcare Delivery Organizations (HDOs) important new integrated capabilities.
Untangle Partners with Pulsia Technology to Distribute SMB Security Offerings in Spain, Mexico and France (Untangle) Untangle® Inc., a leader in comprehensive network security for small-to-medium businesses (SMBs) and distributed enterprises, today announced it has partnered with Pul
New partnership brings enterprise security to the decentralized web (SecurID.com) Janeiro Digital and RSA Security have entered into a partnership to provide security and trust to decentralized web applications.
Facebook to launch a ‘Researcher API’ for the academic community (TechCrunch) Facebook said it’s preparing to launch a new application programming interface (API) designed specifically for access by the research community. The API was announced during Facebook’s F8 developer conference today, and is meant to address issues that arose from changes made to Facebook…
Veriff Releases New Anti Money Laundering Compliance Product (News Powered by Cision) Veriff (https://www.veriff.com?utm_campaign=AML%2520Compliance%2520Product%25202021&
Bitdefender VPN Review: A No-Frills, Cheap VPN (Forbes Advisor) Bitdefender is one of the largest cybersecurity companies, offering services for both individuals and businesses alike. However, its virtual private network, or VPN, is mostly geared towards individuals.
The VPN mobile and desktop application is simple to use and is competitively priced. At $29.9
ThycoticCentrify Releases Enhancements to Secret Server and DevOps Secrets Vault to Strengthen Management of Enterprise Secrets (PRWire) Updates make it easier than ever for security, ITops and DevOps teams to secure and manage all types of privileged accounts
AT&T expands cybersecurity offering (Light Reading) AT&T* has expanded the AT&T USM Anywhere platform to offer an advisory service for new and existing customers. AT&T USM Anywhere Advisors are a team of cybersecurity experts that serve as trusted advisors on threat detection and response to complement in-house cybersecurity skills..
White Paper - Netwrix and Stealthbits Merger: Progress Update (Netwrix) In this white paper, you’ll learn about the first three Netwrix – Stealthbits committed product integrations.
How CrowdStrike Protects SRO America (Sportscar365) A look at CrowdStrike's cybersecurity systems that are helping protect SRO America...
Keeper Security to Provide Password Protection Platform Under Carahsoft's ITES-SW2 Contract (ExecutiveBiz) Carahsoft Technology has added Keeper Security as a provider of software, software maintenance and ancillary services under the former's information technology contract with the U.S. Army.
Alfi Resumes Roll-out of AI-Enabled Tablets in Value Cabs Operating in Belfast (Benzinga) Projected revenue of approximately $9 million annually if deployed in full fleet of 800 cabs.
Miami Beach, FL / June 2, 2021 — Alfi, Inc. (Nasdaq: ALF) (“Alfi...
Technologies, Techniques, and Standards
MoD plans to build Digital Backbone ecosystem | UKAuthority (UKAuthority) The Ministry of Defence (MoD) has highlighted the plan to build a Digital Backbone ecosystem as a prime element of its strategy for the next few years.
As cybersecurity evolves, so should your board (MIT Technology Review) But how many directors get lost in the technicalities of technology? The challenge for a chief information security officer (CISO) is talking to the board of directors in a way they can understand and support the company. It’s drilled into the heads of board directors and the C-suite by scary data-breach headlines, lawyers, lawsuits, and…
Cybersecurity: Why a culture of silence and driving mistakes underground is bad for everyone (ZDNet) Creating a cybersecurity culture in which employees are scared to come forward about potential cybersecurity mistakes just creates more problems in the long run - especially if cyber criminals have breached your network.
Law Firms Are Attracting More Cyberattacks – 4 Reasons Why and How to Fix Them (Legal Reader) Law have implemented new technologies to make remote work easier. However, these same solutions can result in an increased risk of cyberattacks.
Could The SASE Model Move the Needle on Healthcare Cybersecurity? (Health IT Security) The threat landscape is evolving faster than healthcare cybersecurity. AT&T Cybersecurity’s Rupesh Chokshi believes secure access service edge (SASE) might better support providers.
Getting trust right in a 'post-truth era' (ITWeb) IDC's Bruno Horta Soares outlined the current threat landscape during his keynote at the ITWeb Security Summit.
Design and Innovation
Processor Morphs Its Architecture to Make Hacking Really Hard (Dark Reading) Researchers create a processor that uses encryption to modify its memory architecture during runtime, making it very difficult for hackers to exploit memory-based vulnerabilities.
Aite Group Passwordless Matrix Report (Secret Double Octopus) In their first-of-a-kind report, the Aite Group offers IT and cybersecurity professionals an unprecedented view of the enterprise-facing passwordless market, exploring key trends in this booming market and discussing how technology has evolved to address even the largest, most intricate, and sensitive IT environments, enabling a truly passwordless future.
Singapore cybersecurity firm launches world's first AI-embedded solid-state drive (X-PHY® AI Embedded Cybersecure Products) SINGAPORE cybersecurity firm Flexxon on Monday launched the world's first solid-state drive (SSD) embedded with artificial intelligence (AI) data security.
IBM Awards $3M in Grants to Improve K-12 Cybersecurity (GovTech) The tech giant has awarded money to six school districts who will work with IBM Service Corps teams on training, assessments and protocols to protect against ransomware after a banner year for cyber attacks in 2020.
School Cybersecurity: How Awareness Training Removes Attackers' Options (Security Intelligence) School cybersecurity involves programs, parents, teachers and kids. Awareness training and dedicated programs can help each group do their part.
Legislation, Policy, and Regulation
Cyber Diplomacy for Strategic Competition (American Foreign Service Association) Fresh thinking and new approaches are needed on diplomacy’s newest frontier.
Check Point chief: Cyber has changed all geopolitical rules (Jerusalem Post) Check Point CEO Gil Shwed at the Jerusalem Post-Khaleej Times Global Investment Forum in Dubai: Abraham Accords boosting Israel-UAE cyber deals.
The Cybersecurity 202: Biden intends to hammer Putin on ransomware attacks. But the strategy might not work (Washington Post) President Biden plans to take a hard line with Russian President Vladimir Putin during their upcoming summit over a rash of ransomware attacks that hit critical U.S. companies.
France expects explanations from US, Denmark over wiretapping scandal, Macron says (TASS) French President added that corresponding structures will hold discussion in this regard in order to reveal all circumstances
Navy Adm. Mike Gilday meets with Danish officials amid espionage crisis (Space War) Washington DC (UPI) Jun 2, 2021 - U.S. Chief of Naval Operations Adm. Mike Gilday met senior Danish navy leadership on Wednesday to discuss continued partnerships.
EU's revamped data transfer tools will have more safeguards (Computing) The EU's new data transfer tools are fully compliant with the GDPR and will allow citizens' data to be encrypted or pseudonymised
Karlin Lillington: Hard to see how EU-US data-exchange deal can be reliable data bridge (The Irish Times) Net Results: US security laws lax on surveillance and data gathering
The Dark Side Of PSD2: Fraudsters’ reaction to the EU regulation (Intsights) This report takes a deep dive into the dark web to surface fraudsters’ response to the new regulation. It highlights the incentives offered for merchants able to maintain low fraud rates under PSD2.
Biden to Amend Trump’s China Blacklist, Target Key Industries (Bloomberg) Treasury will create list of companies targeted with penalties. Order takes aim at China’s defense, surveillance tech sectors.
Lawmakers champion China deterrence fund, but not Biden’s version (Defense News) Fifteen House lawmakers are calling on appropriators to fully fund a $4.7 billion request for the Pacific Deterrence Initiative amid criticism President Joe Biden’s new defense budget submission has missed the mark.
Hackers are making Americans’ lives worse, at an awkward time for Biden (POLITICO) "Opportunistic" cyberattacks targeting the gasoline and meat supplies add to the burdens of an economy trying to reopen.
Critical Pipeline Cybersecurity Directive Released (JD Supra) In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security...
President Biden’s Cybersecurity Executive Order | JD Supra (JD Supra) As many of our readers are aware, President Joseph Biden issued an executive order on May 12 to improve the nation’s cybersecurity. While much of the...
Cybersecurity Executive Order Establishes Framework to Strengthen Cybersecurity Elements of Federal Government Contracts (JD Supra) The Situation: On May 12, 2021, President Biden issued an "Executive Order on Improving the Nation's Cybersecurity," which calls for "bold" and...
Contracting Community Welcomes Biden’s Budget Proposal (Government Executive) Groups see opportunities with the administration's cybersecurity, climate change and workforce innovation priorities.
Industry paper calls for liability protection, small business support in potential DOD threat hunting program (InsideDefense.com) The Intelligence and National Security Alliance says a proposed Defense Department cyber threat hunting program should include liability protections for defense industrial base companies and support to help small businesses participate.
CISA’s Hartman: IT Modernization for Better Cyber May Take Decades (MeriTalk) A senior official with the Cybersecurity and Infrastructure Security Agency (CISA) said today the Federal government’s process of modernizing its IT systems to achieve better cybersecurity may be a decades-long process.
Cybersecurity Group Hopes to Push 30 More National Priorities (Dark Reading) The Cyberspace Solarium Commission worked with legislators and the Trump administration to get 27 recommendations implemented in policy last year. It's aiming for 30 more in 2021.
UAE enterprises must act now to avoid financial and reputational costs from cyber attacks (PR Newswire) Digital14, a UAE-based trusted advisor in digital transformation and cyber resilience, has revealed how UAE organisations are high-value...
US Army Apparently Rescinds IoT Device Ban (GovInfoSecurity) The U.S. Army has deleted from its website a directive requiring all remote workers to remove or turn off IoT devices, according to the security firm Bitdefender.
Litigation, Investigation, and Law Enforcement
US seizes domains used by APT29 in recent USAID phishing attacks (BleepingComputer) The US Department of Justice has seized two Internet domains used in recent phishing attacks impersonating the U.S. Agency for International Development (USAID) to distribute malware and gain access to internal networks.
Justice Department Seizes Two Domain Names Used in Spearphishing Campaign; John Demers Quoted (Executive Gov) The Department of Justice (DOJ) seized two domain names used in a spearphishing campaign on Friday i
Spear-phishing campaign linked to SolarWinds attackers halted following domain seizure (The Daily Swig) APT29 accused of compromising USAID email account
US court offers clarity on evaluating ‘future risk’ injuries in data breach class action litigation (The Daily Swig) Second Circuit opinion may have a sizeable impact on the US legal landscape, writes David Oberly
Nigerian National Arrested For Scheme To Conduct Cyber Intrusions To Steal Payroll Deposits (US Department of Justice) Hacking Campaign Resulted in the Compromise of At Least Approximately 5,500 Individual User Accounts and the Theft of Approximately $800,000
Judge dismisses charges against Apple security chief in gun-permit probe (Reuters) A court in California on Tuesday dismissed bribery charges against Apple Inc's (AAPL.O) security chief, writing that a key element of the case was "pure speculation" by prosecutors and unsupported by evidence.
Broker Isn't Covered For $60M TCPA Ruling, 11th Circ. Says (Law360) The Eleventh Circuit has ruled that Liberty Mutual isn't required to pay a $60.4 million Telephone Consumer Protection Act judgment stemming from a marketing campaign that pelted customer cellphones with repeated texts, leaving a Florida insurance brokerage on the hook.
3rd Circ. Skeptical Of TV Anchor's IP Claim Against Big Tech (Law360) A Third Circuit panel on Wednesday appeared skeptical of a Pennsylvania-based journalist's bid to revive an intellectual property claim based on the unauthorized use of her photo on websites like Facebook and Reddit, questioning which type of intellectual or creative work went into crafting her image.
LabMD Asks NY Court To Revive Suit Against Witness Atty (Law360) A cancer screening lab that was put out of business by a Federal Trade Commission lawsuit and its CEO on Wednesday asked a New York appeals court to revive a lawsuit against Bryan Cave Leighton Paisner LLP and a former attorney for the firm, saying a lower court mischaracterized their claims.
Teen Crashes Florida School District’s Network (Infosecurity Magazine) High school hacker facing felony charges after knocking 145 schools offline
DJI Drones Cleared by Department of Defense Audit (DRONELIFE) DJI Government Edition drones were cleared for use by a US Department of Defense audit, which stated that “The DJI Government Edition versions that were tested, show no malicious code or intent
Ex-Rep. Owes Daily Mail Atty Fees From Revenge Porn Suit (Law360) A California judge on Wednesday ordered former U.S. Rep. Katie Hill to pay the Daily Mail nearly $105,000 in attorney fees and costs after the British newspaper beat claims that it violated the state's anti-revenge porn law by distributing the former lawmaker's nude photos.
Pa. Fertility Center Hit With Data Breach Class Action (Law360) A Philadelphia-area fertility treatment practice has been hit with a proposed class action in Pennsylvania state court over a data breach last year that purportedly affected the personal information of more than 37,000 patients and placed them at increased risk of identity theft and fraud.
IBM Files Lawsuit Alleging Finjan Breached 2017 Patent Agreement (Bloomberg Law) IBM accused a Finjan Holdings unit of breaching a confidential patent assignment and support agreement the companies entered in 2017, according to documentsfiled Friday in federal court in Wilmington, Delaware.