Attacks, Threats, and Vulnerabilities
Kaspersky Details Iranian Domestic Cyber-Surveillance Operation (SecurityWeek) Kaspersky has issued a warning about ‘Ferocious Kitten’, an advanced threat actor in Iran that’s been conducting domestic cyber-surveillance for the last six years.
Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents (CyberScoop) For the last six years, hackers have stalked Iranian dissidents with spying tools that mimic the software those dissidents use to protect their communications, security firm Kaspersky said Wednesday.
Ferocious Kitten: 6 years of covert surveillance in Iran (Securelist) Ferocious Kitten is an APT group that since at least 2015 has been targeting Persian-speaking individuals who appear to be based in Iran.
Airline and bank websites go down in another major internet failure (CNN) Southwest Airlines, United Airlines, banks and trading platforms suffered brief website outages after a key piece of internet infrastructure failed, sparking the second major interruption of the past 10 days.
The First Step: Initial Access Leads to Ransomware (Proofpoint) Preventing ransomware today largely has shifted from a direct email threat to an indirect threat where email is only part of the attack chain.
Researchers: Booming Cyber-Underground Market for Initial-Access Brokers (Threatpost) Ransomware gangs are increasingly buying their way into corporate networks, purchasing access from 'vendors' that have previously installed backdoors on targets.
Ransomware Operators' Strategies Evolve as Attacks Rise (Dark Reading) Security researchers find ransomware operators rely less on email and more on criminal groups for initial access into target networks.
Darkside operator involved in supply chain attack via CCTV vendor's website (The Record by Recorded Future) A cybercrime group that used to cooperate with the Darkside ransomware gang has breached the website of a CCTV camera vendor and inserted malware in a Windows application the company's customers were using to configure and control their security feeds.
Hackers linked to Colonial Pipeline assault reemerge with new tactics (The Washington Times) Cybercriminals linked to the ransomware group that hit major U.S. fuel supplier Colonial Pipeline have reemerged and changed their tactics, according to cybersecurity firm FireEye.
Deja Vu: What Do NotPetya and SolarWinds Have in Common? (Cybereason) Cybereason CEO Lior Div shares the experience of battling against NotPetya and the parallels that make the SolarWinds attack feel like deja vu...
Avaddon ransomware's exit sheds light on victim landscape (BleepingComputer) A new report analyzes the recently released Avaddon ransomware decryption keys to shed light on the types of victims targeted by the threat actors and potential revenue they generated throughout their operation.
Bit2check: Stolen Card Validation Service Illuminates A New Corner of the Skimming Ecosystem (RiskIQ) In much of our recent analysis of threat infrastructure, we've seen the digital credit card skimming ecosystem grow as we uncover more actors, tooling, services, and economies that comprise it. We also see distinct patterns emerge in the infrastructure used and shared by these entities.
Inside the Market for Cookies That Lets Hackers Pretend to Be You (Motherboard) A representative for the hackers who breached EA said they bought the cookie from a site called Genesis Market.
Attackers Take Advantage of New Google Doc Exploit (Avanan) Avanan researchers have uncovered an attack that takes advantage of an exploit in Google Docs
Vulnerabilities Allow Hackers to Disrupt, Hijack Schneider PowerLogic Devices (SecurityWeek) Vulnerabilities discovered in some older Schneider Electric PowerLogic gateways can allow hackers to remotely take control of devices or disrupt them.
Meat producer ransomware attack at JBS disrupts global production (Ohio News Time) Just weeks after the U.S. oil pipeline was closed in a similar incident, a ransomware attack on the world’s largest meat processing company disrupted production around the world. Pierre confirmed on Tuesday. She said the White House and the Department of Agriculture have been in contact with the company several times this week. JBS is …
Meat producer JBS shrinks business after cyber attack (Texas News Today) JBS SA JBSAY 2.87% Said it was hit by a cyberattack that disrupted the operations of the world’s largest meat processors in the United States and Australia. Brazil-based JBS said it is working to shut down affected systems and bring operations back online after identifying an intrusion on Sunday. The company is the largest beef …
Paying cyber criminals: Is it the right thing to do? (Insurance Business) Disclosure of ransom payments could be compounding an already significant problem
Travel and retail industries facing wave of credential stuffing attacks (ZDNet) Auth0 said that in the first 90 days of 2021, their platform detected breached passwords being used at an average of more than 26,600 per day.
Report: CVS Health Exposed Search Records Online (Website Planet) On March 21st, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected
CVS accidentally exposed a database containing 1 billion data points, including searches for medications and COVID-19 vaccines (Business Insider) CVS said in a statement to Forbes "an unnamed third party was responsible for controlling the information."
CVS Accidentally Leaks 1 Billion Website Records—Including Covid-19 Vaccine Searches (Forbes) CVS blamed an unnamed third-party for disclosure of the information and says no personal data was made public, despite email addresses appearing in the unsecured database.
University of Massachusetts Lowell cancels classes after possible 'cybersecurity incident' (NBC News) The university reported the breach on Tuesday and canceled all in-person and online classes as well as business operations.
Amazon Scams up 7X Leading up to Prime Day (Bolster Blog) The biggest retail event of the year has been confirmed with Amazon’s announcement of their 2021 Prime Day of June 21 and 22. Typically held in the summer, the event was moved to October last year due to supply chain and delivery disruptions because of the pandemic.
Cybercriminals go after Amazon Prime Day Shoppers (Check Point Software) Highlights In the last 30 days, over 2300 new domains were registered about Amazon, a 10% increase from the previous Amazon Prime Day, where the majority
Amazon Scams up 7X Leading up to Prime Day (Bolster Blog) Bolster Research has found that Amazon scammers have increased their activity with a 7X increase leading up to Prime Day.
Data Breach: Hundreds of Thousands of Customers’ Personal Information Exposed (WizCase) WizCase’s security team, led by Ata Hakçıl, has found a major breach in popular online retailer Cosmolog Kozmetik’s database. This breach exposed users’ names, email addresses, physical addresses, phone numbers, order details, and more. Hundreds of thousands of users were compromised in the breach. There was no need for a password or login credentials ...
Gateley suffers loss of client data in cyber-attack (Legal Futures) Client data has been stolen from Gateley in a cyber-attack, the listed law firm has revealed. But only a "very small amount" was taken.
Gateley suffers data breach following 'cyber security incident' (The Global Legal Post) Firm says some client data was exposed but adds that the impact was limited
A new problem for Peloton owners: Hacks (CNN) Peloton users are being warned of a new security threat relating to the touchscreen on their Bike+ that could potentially be controlled by hackers.
Vulnerability in Peloton bikes example of a more widespread security issue (SC Media) Many Android device OEMs may have offerings with similar flaws, any of which could provide an avenue in to networks.
What happened at the Taishan Unit 1 nuclear plant in China? (Control Global) This blog is about the Chinese approach to critical infrastructure as there are no Evolutionary Pressurized Water Reactors (EPRs) in the US. As a caveat, I have not seen the as-built design information of Taishan nor do I have a copy of the Chinese nuclear plant safety regulations.
Hello From The Bother Side: Tech Support Vishing Attacks (Armorblox) This blog highlights two vishing (voice phishing) attacks impersonating Geek Squad and Norton. The emails attempted to steal credit card details by including phone numbers to call for processing returns to fake subscriptions.
Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority (Register) Spreadsheet breaks down spend on staving off future badness
Security Patches, Mitigations, and Software Updates
Google Rolls out E2EE For Android Messages App (SecurityWeek) Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited.
Microsoft Defender ATP now warns of jailbroken iPhones, iPads (BleepingComputer) Microsoft has added support for detecting jailbroken iOS devices to Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus.
Microsoft adds to its Android and iOS security tools (ZDNet) Microsoft is also bringing jailbreak detection for managed and unmanaged iOS devices.
Trends
2021 Network Security Report (Trustwave) There’s been no shortage of malicious attacks and bad actors the past year – and no signs of the threat landscape slowing down. Trustwave compiled a report of popular network attack methods and suggested mitigation tactics for organizations to prepare their defenses. Read our 2021 Network Security Report for an overview of the prevalent threats over the last several months and proactive security measures you should take.
IBM Security report: Pandemic digital habits causing security risks for businesses - Intelligent CIO Middle East (Intelligent CIO Middle East) IBM Security has announced the results of a global survey examining consumers’ digital behaviours during the pandemic, as well as their long-term impact on cybersecurity. With society becoming increasingly accustomed to digital-first interactions, the study found that preferences for convenience often outweighed security and privacy concerns among individuals – leading to poor choices around passwords […]
Public Infrastructure Cyberattacks May Pose Broad Financial Risk (Fitch Ratings) The recent Colonial Pipeline cyberattack illustrates the broader financial effects that can result from attacks on critical public infrastructure.
Cyberattack volume grew in 78% of businesses globally, remote working main catalyst (Atlas VPN) Data presented by the Atlas VPN team reveals that, on average, cyberattacks on enterprises due to the shift to remote work increased by 78% in the last 12 months. Even though social media platforms are flooded with news of companies proudly presenting the fact that they are permanently shifting to a remote-work environment, they usually do not mention the fact that the pivot has created major issues for their security.
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report (Intsights) The energy, utilities, and industrials vertical has long been a significant target for criminals and state-sponsored threat actors.
Marketplace
Ransomware claims are roiling an entire segment of the insurance industry (Washington Post) Cyber insurance carriers are raising premiums and limiting coverage in the face of severe ransomware attacks, just as organizations are clamoring for more protection
Pcysys Rebrands as Pentera; Unveils RansomwareReady Automated Attack Module (Pentera) Pentera Emulates Latest Ransomware Strains Inside the Network to Expose the Vulnerabilities and Pathways Exploited to Reach Critical Assets and Disrupt Business
Acquired by Long Island cybersecurity company CodeDx (Florida News Times) Long Island cybersecurity startup CodeDx Inc. has been acquired by a Silicon Valley supplier of tools for manufacturing computer chips. Synopsys Inc, an S & P 500 company with a market capitalization of $ 40 billion. The terms of the acquisition by the company have not been disclosed. Jason Schmidt, general manager of Synopsys’ Software …
Industrial Security Firm Claroty Raises $140M Round, Last Before IPO (CRN) Rockwell Automation, Siemens, Schneider, and LG are some of the strategic investors in Claroty.
ErrorCerberus Sentinel announces acquisition of Ground Control IT (GlobeNewswire) U.S. cybersecurity services firm expands service offerings
On a growth tear, DuckDuckGo reveals it picked up $100M in secondary investment last year (TechCrunch) Privacy tech continues cooking on gas. To wit: Non-tracking search engine DuckDuckGo has just revealed that it beefed up its balance sheet at the back end of last year with $100 million+ in “mainly secondary investment” — from a mix of existing and new investors. Its blog post nam…
Vade Announces Unified Threat Detection and Incident Response for MSPs Amid Corporate Rebrand (Vade Secure) New integrated feature of Vade for M365 streamlines managed security for MSPs at no additional cost.
Cloud-Skilled Cyber Professionals Needed to Secure Organizations Globally (PR Newswire) Cloud security is critically important for organizations across the globe as adoption of cloud infrastructure continues to grow at a rapid clip....
DISA Awards Endace Contract for Global Packet Capture and Network History (BusinessWire) US Defense Information Systems Agency (DISA) awards Endace contract to provide the agency with always-on packet capture and full history search
Sonrai Security Recognized in Gartner 2021 Cool in Cloud Security Posture Management (Sonrai Security) We are excited to share that we are a 2021 Gartner Cool Vendor | Read our press release to learn more about our cloud security platform
Akamai Technologies Breaks Out to the Upside (RealMoney) Bullish signals abound for shares of the provider of content delivery network services.
NSO is having a bad year – and it's showing (Haaretz) NSO, which is eyeing an IPO, saw its credit rating downgraded recently after suffering a serious coronavirus crunch
'Strong office culture' carried CyberArk through Covid (Boston Business Journal) CyberArk is more than two decades old, but failing to stay up on the industry’s latest changes isn’t an option for a cybersecurity company no matter its age.
Palantir CEO has a simple reason company’s stock draws Reddit crowd: ‘We respect the intelligence and the rigor of what is typically called individual investors’ (MarketWatch) Palantir CEO Alex Karp says the the company respects the retail crowd, which has been mostly bullish on its stock, just as much as it appreciates...
78 Innovators and Products Named 2021 Fortress Cyber Security Award Winners (MDJOnline.com) The Business Intelligence Group today announced the winners of the 2021 Fortress Cyber Security Awards. The business award program sought to identify and reward
KnowBe4’s CEO Stu Sjouwerman Named a Glassdoor Top CEO in 2021 (GlobeNewswire) KnowBe4 (NASDAQ: KNBE), the provider of the world’s largest security awareness training and simulated phishing platform, today announced that CEO Stu Sjouwerman has won a Glassdoor Employees’ Choice Award honoring the Top CEOs in 2021.
Iron Bow Technologies Appoints Elliott Williams as VP of Strategic Alliances (Executive Gov) Iron Bow Technologies announced in June that Elliott Williams has joined the company’s executive lea
SailPoint Announces Appointment of Sudhakar Ramakrishna to Board of Directors (Yahoo Finance) SailPoint today announced the appointment of Sudhakar Ramakrishna to the SailPoint Board of Directors.
ForgeRock Appoints David Burden As Chief Information Officer (The Daily News) ForgeRock®, a global digital identity leader, today announced the appointment of David Burden as the company’s Chief Information Officer (CIO).
Products, Services, and Solutions
Vulcan Cyber Introduces Risk Prioritization Based on Business Asset Security Posture (Vulcan Cyber) Use Vulcan Cyber for risk prioritization and asset health scoring to help your IT security teams drive remediation outcomes.
Spirion Expands Product Portfolio to Address Sensitive Data Protection (PRWeb) Spirion, a pioneer in data protection and compliance, today announced the expansion of its flagship Sensitive Data Platform portfolio with new Software-
Akamai Enables Organizations To Fight Fraud And Reduce Friction At The Edge With Account Protector (Akamai) New solution uses Akamai insight combined with behavioral analytics to shield users from account takeover
Italian Banking Institution Creval Deploys Pluribus for Multi-site Data Center Network Modernization (Pluribus Networks) One of Italy’s largest financial institutions deploys Pluribus Adaptive Cloud Fabric™ solution powered by the Netvisor® ONE OS to automate network operations and enable a highly resilient, active-active data center architecture
Sequitur Labs Announces EmPOWER SaaS Platform for Secure Lifecycle Management of IoT Devices (BusinessWire) Sequitur Labs Announces EmPOWER SaaS Platform for Secure Lifecycle Management of IoT Devices
Avanan Launches Global Channel Partner Program to Extend Cloud Email and Collaboration Security Worldwide (Avanan) Avanan Launches its Global Channel Partner Program to Extend Cloud Email and Collaboration Security Worldwide
Cowbell Cyber Extends Partner Program to Managed Security Service Providers (MSSP) (Cowbell Cyber) A first-of-its-kind program closes gap between cyber insurance and MSSP services.
Avanan Launches Global Channel Partner Program to Extend Cloud Email and Collaboration Security Worldwide (Avanan) Avanan, the leader in cloud email and collaboration security, announced today the formal launch of the company’s Global Channel Partner Program. The program is led by Michael Lyons, Vice President of Global Channels, who is focused on global growth of the entire channel ecosystem.
ID.me’s Identity Gateway Achieves FedRAMP Moderate Authorization (ID.me) Identity verification platform used by VA, SSA and others, meets rigorous security requirements mandated for U.S. federal agencies
MSAB launches new rapid triage extraction solution for immediate actionable intel in the field (GlobeNewswire) MSAB announces the launch of Raven, an innovative solution for immediate digital evidence acquisition and analysis at scene level via smartphone app.
Epsco-Ra unveils the next-generation of shipboard cybersecurity (Hellenic Shipping News) Cyprus-based cybersecurity specialist Epsco-Ra Security Systems has developed a comprehensive and thorough cyber security solution that would protect shipping company networks way beyond the standards required by IMO. Epsco-Ra has unveiled its next-generation network monitoring, vulnerability detection and security management solution as cyber threats to shipping companies are compounding. Ra Endpoint Detection & Response (RaEDR) ...
Tego Cyber Inc. Announces Beta Test of Its Threat Intelligence Platform by Fortune 500 (Yahoo Finance) Beta test marks final step prior to commercializationDesigned for integration with SPLUNK® platform
Qualys VMDR Embedded in deepwatch's Advanced Managed Vulnerability Service (PR Newswire) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced a...
Behind the scenes of Verizon’s new SASE solution (CRN Australia) With APAC product and solutions director Helen Wong.
The crowdourced cyber security testing platform: the power of many (TechHQ) Using many pen-testers, directed by Synack, plus the company's automated scans creates the most effective large-scale (but manageable) results.
Technologies, Techniques, and Standards
The US Cyber Games Launch First-Ever US Cybersecurity Team (NIST) Many of you might know me as the director of the National Initiative for Cybersecurity Educatio
Colonial Pipeline Cyber Attack Highlights IT and OT Convergence (Channel Futures) The Colonial Pipeline cyber attack is another alarm bell for the industry, stressing the fact that protecting the physical world from cyber attacks requires a strong IT security practice and specific OT security measures.
Four ways to shut down cyberattacks following mergers and acquisitions (SC Media) During the original purchase of Yahoo by Verizon in 2017, when Yahoo disclosed two large-scale data breaches, Verizon lowered its initial offer by $350 million to offset some of the security risks they would have to take on. Today’s columnist, Dave Cronin of Capgemini North America, offers some tips on how companies can stay secure during the merger process.
Is an Attacker Living Off Your Land? (Dark Reading) Living-off-the-land attacks pose significant risks to organizations and, on top of that, are difficult to detect. Learn the basics about how these attacks operate and ways to limit their damage.
What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain (Dark Reading) Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.
Third-party Data Breaches: A Rising Threat (Kratikal Blogs) Third-party data breaches can have devastating consequences not only for the victim organization but also for everyone else involved...
Cisco’s Robbins says key to enterprise security starts with good hygiene (FierceTelecom) During a wide-ranging interview with the Washington Post, Robbins talked about rural broadband, cybersecurity, and the importance of public-private partnerships.
What An Ex-Black Hat Hacker Wishes All Entrepreneurs Knew About Digital Safety (Forbes) We store an endless amount of personal and professional information online. Without data protection and smart online strategies, you could be putting yourself and your business at risk. Here’s what you need to do to stay safe.
Design and Innovation
DuckDuckGo’s Quest to Prove Online Privacy Is Possible (Wired) The company best known for its search engine is launching a new set of tools aimed at creating an “easy button” for protecting your data online.
Biometrics: balancing security with convenience. (Fime Group) From a person’s face to their iris, voice or fingerprint, biometric solutions are giving us new ways to authenticate ourselves when using a device or making a payment. Research suggests that the global facial recognition market alone will be worth up to $13.87 billion by 2028, with other modes of authentication following a similar growth pattern.
Research and Development
Facebook, Michigan State Develop Deepfake Detection Technique (Wall Street Journal) A team of Facebook and Michigan State University computer scientists say they have developed a forensics technique to identify deepfake images and determine whether they are the work of a group linked to other maliciously doctored content.
MSU, Facebook develop research model to fight deepfakes (MSU Today) Detecting “deepfakes,” or when an existing image or video of a person is manipulated and replaced with someone else’s likeness, presents a massive cybersecurity challenge: What could happen when deepfakes are created with malicious intent?
IBM's first quantum computer outside of the US has just gone live (ZDNet) Big Blue has, for the first time, built a quantum computer that is not physically located in its US data centers. For the company, this is the start of global quantum expansion.
Legislation, Policy, and Regulation
Far apart at first summit, Biden and Putin agree to steps on cybersecurity, arms control (Reuters) U.S. President Joe Biden and Russian President Vladimir Putin agreed on Wednesday to begin cybersecurity and arms control talks at a summit that laid bare their deep discord on those issues, human rights and Ukraine.
Biden to Putin: Critical infrastructure should be "off-limits" (Computing) Putin denies protecting ransomware operatives in his country
Biden Vows Retaliation On Any Future Russian Hacks On Critical Infrastructure (Forbes) Russia has been blamed for sponsoring or tacitly allowing cyberattacks on U.S. companies, a charge Russian President Vladimir Putin vehemently denies.
Biden, Putin Discuss Prickly Issues During First Summit (Wall Street Journal) President Biden and Russian President Vladimir Putin sought to ease tensions, even as the Russian leader denied involvement in cyberattacks and Mr. Biden warned of unspecified consequences for any harm to dissident Alexei Navalny.
Rebecca Grant: Biden just gave Putin a big, fat cyber bombshell -- and China is watching (Fox News) For years, America’s cyber strategy was all about getting ready and keeping quiet. No longer.
Five takeaways from the Biden-Putin summit (TheHill) The last time President Biden met Russian President Vladimir Putin, he says he told the Russian leader he didn’t believe he had a soul.
Summit Over, Putin and Biden Cite Gains, but Tensions Are Clear (New York Times) President Putin denied Russian responsibility for a surge in cyberattacks, but President Biden hinted at U.S. retaliation if they did not cease.
Biden, Putin hold 'positive’ summit but divisions remain over human rights, cyberattacks, Ukraine (Washington Post) President Biden and Russian President Vladimir Putin emerged from their summit Wednesday with the Russian leader deeming it “constructive” and the U.S. president calling it “positive.” But back-to-back news conferences made clear that the two sides remain at odds over human rights, cyberattacks and Ukraine.
The Cybersecurity 202: Here are four cyber takeaways from the Biden-Putin summit (Washington Post) Expectations were set exceedingly low for President Biden making any progress on U.S.-Russia hacking tensions during his meeting yesterday with Vladimir Putin. And it seems Biden cleared that very low bar.
'Pure business' at Biden-Putin summit: No hugs, no brickbats (AP NEWS) President Joe Biden and Russian President Vladimir Putin concluded their summit on Wednesday with an agreement to return their nations' ambassadors to their posts in Washington and Moscow and a plan to begin work toward replacing the last remaining treaty between the two countries limiting nuclear weapons.
Biden, Putin hold 'positive’ summit but divisions remain over human rights, cyberattacks, Ukraine (Washington Post) President Biden and Russian President Vladimir Putin emerged from their summit Wednesday with the Russian leader deeming it “constructive” and the U.S. president calling it “positive.” But back-to-back news conferences made clear that the two sides remain at odds over human rights, cyberattacks and Ukraine.
Biden’s Worried About Ukraine’s China Fling (Foreign Policy) Beijing is snapping up Ukrainian defense firms. That bodes ill for the would-be NATO member.
Senators draft bill that would require many entities to report cyber breaches within 24 hours (CNN) US lawmakers are preparing legislation that would require a vast range of public and private entities to alert the government within 24 hours of a cybersecurity breach, following a wave of ransomware attacks that have threatened the nation's economic and national security.
Warner previews cyber breach notification bill -- Washington Technology (Washington Technology) The chairman of the Senate Select Committee on Intelligence said he will introduce legislation to mandate that companies notify the government to major cybersecurity breaches, a promise several lawmakers have made this year.
Lawmakers Re-Introduce Bill That Would Ban Facial-Recognition Technology (Wall Street Journal) The bill, which only has Democratic support, would bar federal agencies from using the technology without approval from Congress.
Apple Warns EU Law 'Risks Destroying iPhone Security' (SecurityWeek) The EU's proposed new rules to rein in tech giants risk undermining the security of the iPhone, Apple chief Tim Cook warned
As vaccine passports morph into digital IDs, privacy advocates want to know that user data is protected (CyberScoop) Tech companies and global organizations have championed health passes, sometimes known as vaccine passports, as a means to securely reopen businesses and borders as COVID-19 cases drop and vaccination rates rise.
Senate panel unanimously advances key Biden cyber nominees (TheHill) The Senate Homeland Security and Governmental Affairs Committee on Wednesday unanimously approved two of President Biden's nominees to serve in the nation's top cybersecurity positions.
Microsoft’s Legal Head: U.S. must Stop Secret Gag Orders (Security Boulevard) Brad Smith, Microsoft president and CLO, says law enforcement’s bad habit has to be broken: Secretly subpoenaing data from cloud providers—blocking them from telling customers—is undemocratic, and hurts international relationships, he argues.
Explainer: With Chinese cyberspace authority's crackdown on fan clubs, understanding the power of 'fan economy' (Firstpost) Beyond the surface, which looks to be occupied by starstruck teens, lies a whole industry — often referred to as the 'fan economy'.
Litigation, Investigation, and Law Enforcement
Clop ransomware suspects busted in Ukraine, money and motors seized (Naked Security) Victims in South Korea and the USA, suspects busted in Ukraine.
Ukraine arrests Clop ransomware gang members, seizes servers (BleepingComputer) Ukrainian law enforcement arrested cybercriminals associated with the Clop ransomware gang and shut down infrastructure used in attacks targeting victims worldwide since at least 2019.
Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks (The Hacker News) A cybercriminal gang responsible for Clop ransomware attacks has been arrested by Ukrainian officials.
Luxury cars and $100 bills: Police bust ransomware gang in Ukraine (NBC News) Police in Ukraine <a href="https://www.npu.gov.ua/news/kiberzlochini/kiberpolicziya-vikrila-xakerske-ugrupovannya-u-rozpovsyudzhenni-virusu-shifruvalnika-ta-na
Ukrainian police arrest Clop ransomware members, seize server infrastructure (The Record by Recorded Future) Multiple suspects believed to be linked to the Clop ransomware cartel have been detained in Ukraine this week after a joint operation from law enforcement agencies from Ukraine, South Korea, and the US.
South Korean police arrest computer repairmen who made and distributed ransomware (The Record by Recorded Future) South Korean authorities have filed charges today against nine employees of a local computer repair company for creating and installing ransomware on their customers' computers.
Ten-year hactivist fugitive Commander X arrested in Mexico (Ars Technica) "We do not forgive. We do not forget." But neither do the feds.
Two men convicted of helping create ransomware attacks (AP NEWS) Two men from Estonia have been convicted of federal cybercrime charges involving ransomware and other attacks on computer systems around the globe. Oleg Koshkin, 41, was convicted Tuesday by a jury in U.S.
War on cybercrime demands global campaign: Kaspersky CEO (Nikkei Asia) Russian security expert warns of Chinese-speaking hackers' attacks on Japan
MyPillow CEO Says He's ‘Not a Cyber Guy,’ Claims Election Was Hacked Anyway (Vice) Mike Lindell is organizing a “cyber forensic election symposium.” Experts say it’s a “farce.”
Opinion | Who has the power to determine what should be government secret? (MSNBC) NSA whistle-blower Reality Winner’s release from prison feels like a good time to examine the government’s approach to information leaks.
Two San Jose Men, 4 Others Accused of Illegal Insider Trading with Infinera and Fortinet (San Jose Inside) The enforcement actions by the Securities and Exchange Commission and the Justice Department involved a high school biology teacher, a gambling debt, a group of friends, WhatsApp messages and two Silicon Valley tech companies.