Attacks, Threats, and Vulnerabilities
Lumen Black Lotus Labs issues important report on suspected Pakistani threat actor targeting victims in South and Central Asia (Lumen Newsroom) Actor's capabilities appear to be growing with execution of new, custom-developed framework
Cyberattack on Polish government officials linked to Russian hackers (TheHill) A recent string of cyberattacks targeted at thousands of Polish email users, including government officials, have been linked by the Polish intelligence services to a Russian hacking group.
Polish intelligence agencies link cyberattack to Russia (Washington Post) Poland’s government says it has evidence linking a recent cyber attack on thousands of email and social media accounts of politicians, public figures and other Poles to Russia’s secret services
Ransomware Gang Cl0p Announces New Victim After Police Bust (Motherboard) The hacking group has resurfaced online on its official dark web site, suggesting the arrests may not have hit it too hard.
Wormable DarkRadiation Ransomware Targets Linux and Docker Instances (The Hacker News) Wormable DarkRadiation Ransomware Targets Linux and Docker Instances | Read latest news headlines on latest news and technical coverage on cybersecurity, infosec and hacking.
Don't Close: Scamming Closing Notifications with Credential Harvesting (Avanan) Avanan researchers have uncovered an attack that leverages closing documents to send credential harvesting pages.
Cybercriminals shop around for schemes targeting retail (Intel471.com) Intel 471 has observed criminals going after large retail and hospitality companies in a number of ways.
NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws (The Hacker News) A total of 26 high-severity vulnerabilities affect NVIDIA Jetson chipsets.
Lexmark Printers Open to Arbitrary Code-Execution Zero Day (Threatpost) “No remedy available as of June 21, 2021," according to the researcher who discovered the easy-to-exploit, no-user-action-required bug.
Malicious PyPI packages hijack dev devices to mine cryptocurrency (BleepingComputer) This week, multiple malicious packages were caught in the PyPI repository for Python projects that turned developers' workstations into cryptomining machines.
Research Shows Many Security Products Fail to Detect Android Malware Variants (SecurityWeek) A group of academic researchers has created a tool that can be used to clone Android malware and test the resilience of these new variants against anti-malware detection.
The computer virus that robs but the rich: Nefilim ransomware (Market Research Telecast) On the subject of cyberattacks and hacking, it is clear that no one is safe, and anyone can have their computer, mobile phone, etc. hacked, without having anything to do with whether they are rich ... Read more
Mysterious ransomware payment traced to a sensual massage site (BleepingComputer) A ransomware targeting an Israeli company has led researchers to track a portion of a ransom payment to a website promoting sensual massages.
Analyzing SonicWall’s Unsuccessful Fix for CVE-2020-5135 (The State of Security) A discussion of some aspects of the SonicWall vulnerabilities found and some general thoughts about vulnerability handling and disclosure.
Researcher Claims Apple Downplayed Severity of iCloud Account Takeover Vulnerability (SecurityWeek) A security researcher claims he discovered a critical vulnerability in Apple’s password reset feature that could have been used to take over any iCloud account, but Apple has downplayed the impact of the flaw.
Hiding in plain sight: how secrets (mis)management is the next big cybersecurity threat (1Password Blog) With the recent launch of 1Password Secrets Automation, we were eager to learn more about current habits and feelings related to secrets management – good, bad, and everything in between – to help illustrate the problem and the risks involved. We surveyed 500 businesses on the topic, and today we’re excited to share our findings in a new report.
Most Developers Never Update Third-Party Libraries in Their Software: Report (SecurityWeek) Most developers never update third-party libraries after including them in their software, a new report from application security company Veracode reveals.
Over 700 Councils Reported Data Breaches in 2020 (Infosecurity Magazine) Redscan study claims 40% of UK councils spent no money on security training
Judson ISD continues investigation into suspected cyber-attack on schools' system (WOAI) Judson ISD says their investigation into a suspected ransomware attack continues. The school district confirmed they had fallen victim to the suspected attack on Friday. On Tuesday, the district updated that they are continuing to work with local, state and federal law enforcement to solve the issue. The school district shared the following statement: We are still in the investigative process of determining the scope and nature of the attack on our systems.
Wolfe Eye Clinic reveals cyber attack (Times Republican) Wolfe Eye Clinic announced Tuesday it will notify approximately 500,000 patients that their personal information may have been inappropriately accessed as a part of a cyber-related incident. On Feb. 8, Wolfe Eye Clinic was the target of a deliberate cyberattack involving an unauthorized third-party attempting to gain entry to the company’s computer network and then […]
Security Patches, Mitigations, and Software Updates
Zephyr RTOS fixes Bluetooth bugs that may lead to code execution (BleepingComputer) The Zephyr real-time operating system (RTOS) for embedded devices received an update earlier this month that fixes multiple vulnerabilities that can cause a denial-of-service (DoS) condition and potentially lead to remote code execution.
Advantech WebAccess HMI Designer (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Advantech
Equipment: WebAccess HMI Designer
Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Write, Improper Restriction of Operation Within the Bounds of a Memory Buffer
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in memory corruption and code execution.
CODESYS V2 web server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: CODESYS, GmbH
Equipment: CODESYS V2 web server
Vulnerabilities: Stack-based Buffer Overflow, Improper Access Control, Buffer Copy without Checking Size of Input, Improperly Implemented Security Check, Out-of-bounds Write, Out-of-bounds Read
2.
CODESYS Control V2 communication (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: CODESYS, GmbH
Equipment: CODESYS V2 Runtime Toolkit, CODESYS PLCWinNT
Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Improper Input Validation
2.
CODESYS Control V2 Linux SysFile library (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: CODESYS, GmbH
Equipment: CODESYS V2 Runtime Toolkit
Vulnerability: OS Command Injection
Trends
Much of Malware Found by Industrial Firms on USB Drives in 2020 Targeted OT (SecurityWeek) Much of the malware discovered last year by industrial organizations on USB drives was capable of causing disruption to ICS, Honeywell reported.
Lack of budget and cloud security skills are top obstacles keeping organizations from protecting data in the cloud, according to Netwrix study (Netwrix) Half of CISOs say their organization’s desire for growth and rapid digitalization is detrimental to data security in the cloud.
DDoS Attacks Against Financial Institutes Resurge in June 2021 (Radware Blog) Over the last month, there has been a wave of attacks targeting specifically financial institutes all around the globe.
Chertoff on the Safety of Cyberspace (Bloomberg) Michael Chertoff, Former Secretary, United States Department of Homeland Security; Co-Founder and Executive Chairman, Chertoff Group speaks with Bloomberg’s Carol Massar at the Qatar Economic Forum, powered by Bloomberg, about the next generation of cyberspace, and its vulnerabilities.
Ermetic Reports Nearly 100% of Companies Experienced a Cloud Data Breach in Past 18 Months (Ermetic) A research study conducted by IDC found that 98% of the companies surveyed experienced at least one cloud data breach in the past 18 months.
Deep Instinct Unveils First Annual Voice of SecOps Report (BusinessWire) Deep Instinct, the first company to apply end-to-end deep learning based on the only purpose-built deep learning framework for cybersecurity, today la
Australians Lost 3x More to Scammers via Bank Transactions than Bitcoin Payments in 2020 (Analytics Insight) Bitcoin usage in Australia is drastically growing over the past few years. However, despite the spike in cryptocurrency circulation, scammers targeting bank transaction is 3.7 times higher than bitcoin payments.
Video Game Industry Faced Highest Growth in Cyberattacks during Pandemic (PR Newswire) Akamai Technologies, Inc. (NASDAQ: AKAM), the world's most trusted solution for protecting and delivering digital experiences, today released...
Spiceworks Ziff Davis Study Identifies Conflicting Views Among Key Stakeholders in the Buying Collective as Cloud Adoption Rises (Spiceworks Ziff Davis) Six to eight stakeholders are involved throughout the technology buying process on average with unique needs and preferences to consider, based on Spiceworks Ziff Davis Research.
Marketplace
Anjuna Closes $30 Million Series B Funding to Bring Total Investment to Over $42 Million (PR Newswire) Anjuna, the Confidential Cloud platform provider, today announced the successful closing of its Series B financing, with an investment of $30...
LookingGlass Cyber Announces Acquisition of AlphaWave (GlobeNewswire News Room) Deal Expands Existing LookingGlass Attack Surface Management Capabilities...
Next-Generation Cloud Security Platform Lightspin raises $16M A Round (Lightspin) Lightspin, the next-generation cloud security platform, announced today that it has raised $16 million Series A funding in a round led by Dell Technologies Capital
FYEO Launches Publicly, Acquires Threat Intelligence Firm Intelliagg, Forms Advisory Board (News Direct) Identity Access Management Platform Incubated by BTblock Launches First Product Offering
Core BTS Acquires Aptera Software Inc. (PR Newswire) Core BTS, an award-winning IT and managed services provider, today announced the acquisition of Aptera Software, a Fort Wayne, Indiana-based...
Transmit Security Raises $543 Million in Series A Funding to Rid the World of Passwords (BusinessWire) Transmit Security Raises $543 Million in Series A Funding to Rid the World of Passwords
Passwordless Authentication Firm Transmit Security Raises $543 Million (SecurityWeek) Identity solutions provider Transmit Security has raised $543 million in a Series A funding round, at a pre-money valuation of $2.2 billion.
Transmit Security Becomes Cyber’s Latest Unicorn After $543M Series A (Crunchbase News) Israel-based Transmit Security hit a pre-money valuation of $2.3 billion after raising a $543 million Series A
Cybersecurity firm Integrity360 acquired by August Equity (CRN) Former Air IT and SecureData boss Ian Brown installed as chairman of Dublin-based specialist
SentinelOne Seeks to Raise Up to $928 Million in IPO (SecurityWeek) Endpoint security company SentinelOne has set the terms of its IPO, looking to raise up to $928 million and aiming for a valuation of over $7 billion.
Hewlett Packard (HPE) Scoops Up Determined AI, Boosts HPC Offerings (Nasdaq) Hewlett Packard Enterprise HPE recently announced the acquisition of software provider — Determined AI — for an undisclosed amount.
Launching partnership with Italian CDP for new Cyber program (Startup Wise Guys) Startup Wise Guys announing partnership with Cassa Depositi e Prestiti (CDP) launching a new cyber accelerator program run out of Cosenza, Italy with a total three-year budget of over 5M eur.
SecZetta Begins 2021 on a High Note: Reports Record-breaking Revenue Growth in Q1 (BusinessWire) SecZetta Adds New Customers and Partners in Q1 as Organizations’ Need for Third-Party Identity Risk Management Solutions Continues to Grow
Intel restructures to create new units for software and graphics (Computing) Creating new business units will boost innovation in critical business areas
Israeli military vs. NSO: The battle for talent is getting dark (haaretz.com) Army intelligence units attract brilliant young people who get tempting offers from the private sector even during their service. To keep them in the system, the defense establishment needs creative solutions
Cyber insurance market faces a reckoning as losses pile up (The Record by Recorded Future) Cyber insurers reported a spike in losses in 2020 as companies across a wide range of industries were hit by costly cyberattacks and ransomware incidents.
Cobalt Iron Honored by CIOReview As One of ‘20 Most Promising IBM Solution Providers’ for 2021 (Cobalt Iron) The CIOReview listing recognizes Cobalt Iron’s Compass® enterprise SaaS backup platform as a powerful extension of IBM’s Spectrum Protect.
Orca Named 2021 Gartner Cool Vendor for CSPM (Orca Security) Gartner has recognized and validated Orca’s cloud security approach by naming us a 2021 Cool Vendor in CSPM
Foresite Expands Senior Leadership Team with Addition of Mark Behan (Foresite) Overland Park KS, June 22, 2021 – Foresite, a SaaS cybersecurity solutions and MSSP, today announced that Mark Behan has been named Senior Vice President of Operations. In this role he will oversee and implement changes to the Foresite operating model and actively lead the transition to a product led growth organization. Behan will report […]
Platform9 Appoints Diane Bryant, Former Intel and Google Cloud Executive, as Independent Board of Director (BusinessWire) Platform9, the leader in open-source private, edge, and hybrid cloud-native technologies and the first to offer enterprises a complete SaaS management
Christopher Krebs Joins SentinelOne Advisory Board (BusinessWire) SentinelOne, an autonomous cybersecurity platform company, today announced that Christopher Krebs has joined the company’s Advisory Board as the inaug
Kimberly Alexy Joins Netskope Board of Directors (PR Newswire) Netskope, the SASE leader, today announced the appointment of Kimberly Alexy to the Netskope Board of Directors. Alexy will support the next...
Products, Services, and Solutions
ATT&CK Workbench: A tool for extending ATT&CK (Medium) Written by Isabel Tuson and Jon Baker.
MITRE Adds D3FEND Countermeasures to ATT&CK Framework (SecurityWeek) The NSA is funding the development of D3FEND, an experimental project aimed at offering a catalog of defensive cybersecurity techniques.
Aqua Trivy Chosen as the New Default Container Scanner for GitLab (Aqua) BOSTON – June 22, 2021 – Aqua Security, the pure-play cloud native security leader, today announces that Aqua Trivy is now the default open source container scanner for GitLab Container Scanning functionality. Customers can now automatically scan the GitLab CI pipeline container artifacts for OS package vulnerabilities. This change will take place as part of GitLab’s 14.0 release and […]
Block third-party trackers and ads with Tracker Blocker (Atlas VPN) The internet can be a great source of entertainment where you can get the latest news, play fun games and watch captivating videos. If only it weren't for these pesky third-party trackers that follow your every move online to collect data about you and later bombard you with annoying ads. Meet Tracker Blocker — Atlas VPN's newest security feature that gives you an even safer, cleaner, faster, and ad-free internet experience.
Axiad Announces Technology Partnership with Ping Identity to Provide Seamless Integration of PKI for Users, Machines, and Digital Transactions (GlobeNewswire) Partnership allows customers to extend their IAM infrastructure to add certificate-based identities
Horizon3.ai Launches Certified Partner Program for Automated Penetration Testing-as-a-Service (Horizon3.ai) Liberman Networks joins the program as the first NodeZero Certified Partner
New OpenVPX blade server provides advanced security and data center-class processing (GlobeNewswire) Next-generation edge processing technology enables advanced AI applications, autonomous platforms and smarter missions
SASE Firm Cato Networks Revamps Managed Detection and Response Solution (SecurityWeek) Cato Networks released an updated version of its managed detection and response solution – MDR 2.0 – built on its Secure Access Service Edge (SASE) platform.
ThycoticCentrify Strengthens Just-In-Time Privilege Elevation for Vulnerable Workstations (PR Newswire) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders...
StrikeForce Technologies Launches Version 2.1 of its Secure Video Conferencing Solution with 5-Layers of Meeting Protection for Businesses of All Sizes (GlobeNewswire News Room) SafeVchat 2.1 was developed with cybersecurity as a core tenet to keep meeting participants safe and confidential information secure for businesses and...
Constella Intelligence Launches Constella Connect Partner Program to Help MXPs Protect Clients' Digital Assets, Mitigate Breach Exposure Risks on the Dark Web (PR Newswire) Constella Intelligence ("Constella"), a global Digital Risk Protection leader, announced today the Constella Connect Partner Program (CCPP) for...
One Identity Continues Delivering on its Next-Generation PAM Vision, with New Zero Trust Safeguard Solutions for Secure Remote Access, Endpoint Privilege Management and DevOps (GlobeNewswire News Room) Safeguard Secure Remote Access provides a frictionless method for employees and contractors to securely access systems with privileged accounts from...
The Cato MDR Service Becomes First with Immediate Time to Value (PR Newswire) Cato Networks, provider of the world's first SASE platform, introduced Cato MDR 2.0, the first managed detection and response (MDR) service to...
US' Offensive Security to help boost CHT Security's cyber defences (Intelligence Online) Taiwanese cybersecurity company CHT Security has inked a partnership to receive training from Offensive Security, as Taiwan comes increasingly under attack from Beijing.
Druva Launches Industry’s First MSP Program with the Simplicity, Security, and Scale of a SaaS Platform (BusinessWire) Druva Inc., the leader in Cloud Data Protection and Management, today announced the launch of its new Managed Service Provider (MSP) program. Part of
Sepio Systems Expands Partnership with Merlin Ventures to Deploy HAC-1 Solution to US Federal and Global Commercial Customers (PR Newswire) Sepio Systems, the leader in zero trust Hardware Access Control (HAC), announced today that the company will be expanding its partnership with...
Brave’s nontracking search engine is now in beta (TechCrunch) Pro-privacy browser Brave, which has been testing its own brand search engine for several months — operating a waitlist where brave (ha!) early adopters could kick the tyres of an upstart alternative in internet search — has now launched the tool, Brave Search, in global beta. Users int…
Brave Search beta now available in Brave browser, offering users the first independent privacy search/browser alternative to big tech (Brave Browser) Starting today, users have a new independent option for search which gives them unmatched privacy. Brave Search is built on top of a completely independent index, and doesn’t track users, their searches, or their clicks.
SlashNext Enhances Listing on Palo Alto Networks Cortex XSOAR Marketplace (PR Newswire) SlashNext, a leading provider of real-time anti-phishing and incident response solutions, today announced that it has expanded the SlashNext...
Roush Fenway and Acronis extend partnership; Acronis welcomes Visual Edge IT (Acronis) For information about Acronis and Acronis' products or to schedule an interview, please send an email or get through to Acronis' representative, using media contacts.
reevert and Splashtop® Partnership Brings Unique Security Combination for Defense Against Ransomware (PR Newswire) reevert, an intelligent hybrid data backup and storage solution, today announced its partnership with Splashtop®, a leader in next-generation...
Egnyte Again Named No. 1 for Data Security Software in G2 Summer 2021 Grid© Report (Egnyte) Egnyte, the unified content security, compliance, and collaboration solution for multicloud businesses, today announced it has again been named as the top-rated “Data Security Software” company in G2’s Summer 2021 Grid Report. Egnyte was also rated as a “Leader” in three other categories: Cloud Content Collaboration, Data Governance and Encryption Key Management.
Citadel SSDs (DIGISTOR) Powered by CipherDrive™, Citadel FIPS-certified self-encrypting SSDs are the only low-cost SSDs to integrate pre-tested multi-factor authentication, pre-boot authentication (PBA), and hardware encryption.
Technologies, Techniques, and Standards
US Cyber Command leads competition in effort to strengthen nation's cybersecurity (TheHill) Cyber professionals from the U.S. and multiple other countries are in the midst of an annual competition led by U.S.
Does Your Cyberattack Plan Include a Crisis Communications Strategy? 5 Tips to Get Started (Dark Reading) Don't overlook crisis communications in your cybersecurity incident response planning.
SMB Research 2021 (ConnectWise) In this year’s The State of SMB Cybersecurity, Vanson Borne surveyed 100’s of SMB’s to understand how 2020 has changed their priorities for 2021.
SOC burnout is real: 3 preventative steps every CISO must take (Help Net Security) CISOs that empower their teams and choose vendors who are focused on removing distractions, are effectively addressing SOC burnout.
Global Surge in Ransomware Attacks: To pay or not to pay is not the only question (Check Point Software) Guide for enterprises on how to prevent and deal with ransomware attacks Check Point Research (CPR) recently revealed that the average weekly number of
The vexing technological challenge of fighting ransomware (Deccan Herald) 115 milliseconds. As quick as a blink, that’s the amount of time a new technology — developed by researchers from Australia’s national science agency and a university in South Korea — takes to detect that ransomware has detonated on a computer and block it from causing further damage.
Companies Stress-Test Systems By Emulating Successful Cyberattacks (Wall Street Journal) Companies say they are investing in digital defenses to combat hackers, as lawmakers express concerns that the private sector is lagging behind on cybersecurity.
Ignorance is Bliss… for Hackers (Bitglass) Assuming your Microsoft infrastructure can be completely secured using Microsoft tools is what hackers dream of. Don't get caught relying totally on Microsoft to secure your infrastructure.
Shame culture is the biggest roadblock to increasing security posture] (Help Net Security) In a shame culture, individuals’ worth is determined by what their community says it is. Social exclusion makes people think they are wrong.
Edge computing plays profound role in modern commerce, national security (SiliconANGLE) A popular saying goes: The only constant to life is change. As modern technological concepts like cloud networking and hybrid cloud computing approach maturity, other related fields like edge computing are making a march to prominence.
4 Habits of Highly Effective Security Operators (CTOvision.com) For many of us, a habit is all too often construed as an undesirable behavior that we are trying to disrupt. Smoking cigarettes, biting your fingernails, drinking too many Diet Cokes — these are the types of behaviors that often leap to mind when someone is asked to consider their own personal habits. However, just
Keeping your vote safe and secure: A story from inside the 2020 election (Microsoft n the Issues) The concept of the dark web has become a trope in TV shows and movies, with villains conducting their business in the shadowy corners of the internet.
[eBook] Penetration Testing: A Buyer's Guide | Synopsys (Synopsys) Data breaches continue to plague organizations—whether they’re targeted attacks from outside or malicious insiders.
Design and Innovation
The paradox of post-quantum crypto preparedness (Help Net Security) Preparing for post-quantum crypto is a paradox: we don’t know for sure when a large quantum computer will become available.
MDA Sees EW, Cyber For Future Missile Defense - Breaking Defense (Breaking Defense) "The future will be a mix of kinetic and non-kinetic. It will be a mix of hard kill and soft kill, because of where the threat is going to. The threat will drive us to do something different," says Vice Adm. Jon Hill, who heads the Missile Defense Agency.
Biden is worried about cybersecurity. Japan says watch cartoons (ZDNet) It's hard to make people care about cybersecurity. A Japanese company, however, has a suggestion.
How crypto rebels saved global internet privacy from the US government three decades ago (Scroll.in) In the early 1990s, the National Security Agency had tried to undermine the advent of encryption by recommending a backdoor for decoding information.
Legislation, Policy, and Regulation
Russian security chief says Moscow will cooperate with U.S. against hackers (Reuters) Russia will work with the United States to locate cyber criminals, the head of the FSB security service said on Wednesday, a week after the countries' leaders agreed to step up cooperation in certain areas.
EU plans to launch bloc-wide cyber task force (IT PRO) The proposed Joint Cyber Unit is set to be unveiled on Wednesday and will likely to operate out of Brussels
EU, US launch initiative against ransomware (POLITICO) Ransomware attacks have surged in recent years.
A major international data flow problem just got resolved. But another row is already brewing (ZDNet) The EU has just green-lighted the free flow of personal data with the UK. But if the country now changes its data laws, it could bring an end to the agreement.
EU Data Watchdogs Want Ban on AI Facial Recognition (SecurityWeek) The EU's data protection agencies on Monday called for an outright ban on using artificial intelligence to identify people in public places, pointing to the "extremely high" risks to privacy.
Amid big hacks, U.S. spy agency touts collaboration center with private industry (Reuters) The U.S. National Security Agency, in a rare move, on Tuesday showcased a new office aimed at greater collaboration with U.S. private sector defense, technology and telecommunications companies.
The Cybersecurity 202: The NSA wants to collaborate with industry in a major institutional shift (Washington Post) The National Security Agency, which once did its work almost entirely in the shadows, is evolving into a far more public institution that’s eager to cooperate with parts of the private sector.
Garland: More "depth" needed to protect against cyberattacks (Washington Post) Attorney General Merrick Garland said Tuesday that private industry needs better safeguards to avoid calamitous consequences in the event of cyberattacks like the ones that have targeted American infrastructure and corporations.
Biden’s cyber warning to Russia may have to be backed by action (Roll Call) Biden told Putin to stop cyberattacks against U.S. critical infrastructure, but the White House may have to follow up with counterattacks.
Trudeau’s Party Passes Bill to Regulate Social Media, Streaming (Bloomberg) Move would prioritize Canadian content, echoing broadcast law. But critics say it threatens free speech on user-driven sites.
Tech Giants, Fearful of Proposals to Curb Them, Blitz Washington With Lobbying (ork New YTimes) Executives, lobbyists, and more than a dozen groups paid by Big Tech have tried to head off bipartisan support for six bills meant to undo the dominance of Amazon, Apple, Facebook and Google.
WSJ News Exclusive | Amazon’s Planned Purchase of MGM Faces FTC Scrutiny (Wall Street Journal) The antitrust review of the acquisition comes as Lina Khan, a frequent critic of the online giant, takes the helm at the commission.
US Needs to Defend Its Artificial Intelligence Better, Says Pentagon No. 2 (Defense One) AI safety is often overlooked in the private sector, but Deputy Secretary Kathleen Hicks wants the Defense Department to lead a cultural change.
Hicks Will Send AI/Data Experts To Combatant Commanders (Breaking Defense) Two types of expert teams will help the 11 Combatant Commands make better use of data for decision-making, the deputy Defense Secretary said.
U.S. Senate confirms Biden intel pick after Republicans cite Huawei link (Reuters) The U.S. Senate on Tuesday confirmed President Joe Biden's nominee Christopher Fonzone to be legal counsel at the Office of the Director of National Intelligence, after some Republicans balked at some legal work he had done for Chinese tech giant Huawei (HWT.UL).
Litigation, Investigation, and Law Enforcement
French Prosecutors Charge 4 Executives Over Libya, Egypt Cyber-Spying (SecurityWeek) Prosecutors have charged four executives at two French companies accused of aiding Libya's former strongman Moamer Kadhafi and Egyptian authorities to spy on opposition figures who were later detained and tortured, a rights group said Tuesday.
French spyware bosses indicted for their role in the torture of dissidents (MIT Technology Review) An investigation into the sale of surveillance technologies to Libya and Egypt has led to charges against leaders at one company.
U.S. seizes websites linked to Iranian government propaganda (Washington Post) The Justice Department moved Tuesday to seize more than 30 Web domains linked to Iranian state media, as American officials continued their efforts to counter what they say is Iranian propaganda and disinformation at a time of simmering tensions between the two countries.
Swedish court upholds ban on Huawei selling 5G network gear (Reuters) A Swedish court on Tuesday upheld a ban against Huawei (HWT.UL) selling 5G equipment in the country, dashing the Chinese company's hopes of staging a comeback in Europe and increasing the chances of potential retaliation by China against rival Ericsson (ERICb.ST).
In further blow to Huawei, Swedish court upholds 5G sales ban (South China Morning Post) The ruling is Huawei’s second loss on appeal after authorities in Stockholm barred the company from its network in October, citing national security.
Google’s Internet Ad Dominance Draws Fresh E.U. Antitrust Inquiry (New York Times) The bloc’s investigation, which takes aim at the heart of Google’s business model, is part of a push to regulate the world’s largest technology companies.
Social Media Mostly Immune In Terror Aid Suits, 9th Circ. Says (Law360) Families of victims of the Paris and San Bernardino, California, terror attacks can't sue Google, Twitter and Facebook for allegedly aiding terrorism by allowing ISIS to post terrorist videos, a split Ninth Circuit panel ruled Tuesday, while urging Congress to revisit a law shielding the platforms from liability.
SEC still digging into SolarWinds fallout, nudges undeclared victims (Register) US markets watchdog sniffs around potential insider trading, data violations relating to hack
Elliptic report shows SEC leads U.S. regulators in enforcement actions (The Block) Since bitcoin's creation in 2009, regulators have levied $2.5 billion in enforcement actions against various crypto projects.