Dateline Miami, Washington, and Moscow: Kaseya ransomware incident.
Update Regarding VSA Security Incident (Kaseya) As posted in the previous update we released the patch to VSA On-Premises customers and began deploying to our VSA SaaS Infrastructure prior to the 4:00 PM target. The restoration of services is now complete, with 100% of our SaaS customers live as of 3:30 AM US EDT. Our support teams continue to work with VSA On-Premises customers who have requested assistance with the patch.
Kaseya fixes VSA, and the US calls for Russian action against REvil. (The CyberWire) Kaseya has completed fixing VSA's on-premises and SaaS versions. And President Biden is optimistic his Friday phone call with President Putin will bring the Russians on board for cooperation against ransomware.
Kaseya patches VSA vulnerabilities used in REvil ransomware attack (BleepingComputer) Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers.
Kaseya ransomware attack: What we know now (ZDNet) Here is everything we know so far. ZDNet will update this primer as we learn more.
Tech company estimates recovery for 90 percent of clients by Monday night after massive cyber attack (TheHill) A client of the Miami-based technology firm at the center of major ransomware attack predicted that 90 percent of its own clients would be able to conduct business by the end of the day on Monday.
Biden presses Putin to act on ransomware attacks, hints at retaliation (Reuters) U.S. President Joe Biden increased pressure on Russian President Vladimir Putin on Friday to move against ransomware groups operating in Russia, warning the United States is prepared to respond if cyberhacks are not stopped.
Joe Biden re-re-demande à la Russie d'aider à l'arrestation des cybercriminels (Cyberguerre) La Maison Blanche a pour la troisième fois demandé à la Russie de collaborer à l'arrestation des cybercriminels qui multiplient les attaques d'ampleur. Mais cette fois, la déclaration prend des allures d'ultimatum.
Biden Urges Putin to Give up Russian Ransomware Gangsters, Threatens Unspecified 'Consequences' (Defense One) The President is talking tougher on Russian criminal cyber gangs, but still isn’t naming specific penalties.
Biden Warns Putin to Act Against Ransomware Groups, or U.S. Will Strike Back (New York Times) Mr. Biden’s phone call appeared to be a pointed ultimatum to stop the hackers, who have attacked computer networks in the United States with relative impunity.
Biden tells Putin the U.S. will take ‘any necessary action’ after latest ransomware attack, White House says (Washington Post) In a call between the two leaders Friday, President Biden warned Russian President Vladimir Putin that the United States would hold Moscow responsible for cyberattacks originating from Russia even if they cannot be directly linked to the Kremlin.
Biden asks Putin to crack down on Russian-based ransomware gangs (BleepingComputer) President Biden asked Russian President Putin during a phone call today to take action against ransomware groups operating within Russia's borders behind the ongoing wave of attacks impacting the United States and other countries worldwide.
Biden raises ransomware topic during Putin phone call (The Record by Recorded Future) Following a series of impactful ransomware attacks that hit companies like Colonial Pipeline, JBS Foods America, and Kaseya, causing widespread havoc across the US, President Joe Biden raised the topic of ransomware attacks carried out by gangs of Russian criminals during a phone call today with Russian President Vladimir Putin.
Biden warns Putin during call that 'we expect him to act' on Russian ransomware attacks (CNN) President Joe Biden urged Russian President Vladimir Putin to take action to disrupt criminal ransomware groups in Russia on a call Friday morning -- their first publicized discussion since a summit in Geneva last month -- but the Kremlin says American agencies have not made any formal appeals in the last month regarding recent cyberattacks.
Biden has to do more than threaten Putin to get Russia to call off its cyberdogs (New York Post) While the Biden administration has called out Russia and Vladimir Putin for cyber attacks, they’ve still been an issue in the US. The Post writes Biden needs to quit talking tough.
Ransomware Landscape: Notorious REvil Is Only One Operator (GovInfoSecurity) As the Biden administration attempts to force Russia to crack down on its domestic cybercriminals, one challenge will be the sheer diversity of attack code being
Former FBI Special Agent: ‘Russia has a very firm grip on our cyberspace’ (MSNBC.com) In an hour-long phone call yesterday, President Biden put Vladimir Putin on notice, warning the Russian leader that the United States will respond to any more cyber or ransomware attacks by Russian-based hackers. However, former FBI special agent and distinguished fellow at the Foreign Policy Research Institute Clint Watts tells Ali Velshi “They are in no way scared of violating our cyber sovereignty.”
Software Flaw Opened the Door to a Global Cyber Attack (GovTech) A previously unknown flaw in IT management code was exploited to push ransomware around the world to servers that used the software and were connected to the Internet, according to researchers.
Kaseya Failed to Address Security Before Hack, Ex-Employees Say (Bloomberg) Ransomware attack hit as many as 1,500 businesses this month. Workers say Kaseya ignored warnings about key vulnerabilities.
Hackers Behind Huge Ransomware Attack Demand $70 Million: How It Happened (IndiaTimes) More than a thousand businesses across at least 17 countries have been affected in a massive ransomware attack centered on US information technology management firm Kaseya.
Kaseya ransomware attack: How to protect your business by asking a simple question (FOX 2) An expert says companies doing the right thing will welcome questions
Kaseya Ransomware Hit Casts Wide Net Of Potential Liability (Law360) A cyberattack on software vendor Kaseya that led to a widespread ransomware spree may also cast a wide net of liability, with regulators and potential plaintiffs likely to question whether Kaseya took reasonable steps to prevent the attack and if victims appropriately vetted their vendors.
Kaseya ransomware attack underlines vendor accountability (SearchITChannel) The Kaseya ransomware attack calls into question how MSP vendors should answer for security incidents involving their products; more IT channel news.
The anatomy of a ransomware attack (Washington Post) Inside the hacks that lock down computer systems and damage businesses.
Attacks, Threats, and Vulnerabilities
Iran’s Rail Network Hit by Possible Cyber Attack, State TV Says (Bloomberg) A potential cyber attack on Iran’s state railway company created “unprecedented chaos” at stations across the country and led to cancellations and delays on hundreds of lines, state TV reported.
“Cyber disruption” stops websites of the Iranian ministry (Federal News Network) Websites of Iran’s transport and urbanization ministry have gone out of service after a “cyber disruption” in computer systems of its staff…
‘Cyber-attack’ hits Iran’s transport ministry and railways (the Guardian) Message boards in train stations show cancellations though rail operator denies disruptions
Cyber-attack disrupts Iran's national railway system (The Record by Recorded Future) Train services were canceled or delayed in Iran after a cyberattack crippled the national railway company's computer systems on Friday morning.
Ukraine says Russian hackers hit its Navy website (Reuters) Ukraine's defence ministry said that hackers linked to the Russian authorities on Friday attacked the website of the Ukrainian Naval Forces and published fake reports about the international Sea Breeze-2021 military drills.
FBI warns cryptocurrency owners, exchanges of ongoing attacks (BleepingComputer) The Federal Bureau of Investigation (FBI) warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses.
Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files (The Hacker News) While it's a norm for phishing campaigns that distribute weaponized Microsoft Office documents to prompt victims to enable macros in order to trigger the infection chain directly, new findings indicate attackers are using non-malicious documents to disable security warnings prior to executing macro code to infect victims' computers.
Magecart Swiper Uses Unorthodox Concatenation (Sucuri Blog) MageCart is the name given to the roughly one dozen groups of cyber criminals targeting e-commerce websites with the goal of stealing credit card numbers and selling them on the black market. They remain an
Pushing Your Way In - Black Hills Information Security (Black Hills Information Security) David Fletcher // Over the past several years, attackers have gained significant traction in targeted environments by using various forms of password guessing. This situation was reflected in the 2020 Verizon DBIR under top threat action varieties. Use of stolen credentials sits right behind phishing as the second most utilized threat action in disclosed breaches. Malware variants […]
Crackonosh - The Hidden Crypto Mining Malware (Minerva Labs) A novel malware by the name Crackonosh. This computer virus spreads through cracked software, specifically through illicit video game copies.
UK food supply chain vulnerable to cyber-attack, expert warns (the Guardian) ‘Complacent reliance’ on overseas produce and computer ordering has put supply at risk
Insurer CNA Starts Notifying Customers of Ransomware Attack (SecurityWeek) Commercial insurer CNA has started notifying customers that threat actors did access some personal data during a ransomware attack in March.
Insurance giant CNA reports data breach after ransomware attack (BleepingComputer) CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March.
What insureds need to know to prevent cyberattacks (PropertyCasualty360) Knowing the nature of ransomware attacks and how to prevent them can help businesses withstand 2021's surge in hacks.
Don’t Let These Four Cyberthreats Keep Your Travel Business On The Ground (PerimeterX) There are four primary cyberthreats to travel and hospitality companies’ web and mobile applications. Know what to watch out for.
Mint Mobile hit by a data breach after numbers ported, data accessed (BleepingComputer) Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers' account information and ported phone numbers to another carrier.
Mint Mobile data breach allowed attacker to port phone numbers (AppleInsider) Carrier Mint Mobile has revealed it was the victim of a data breach, one which allowed a number of customer phone numbers to be ported out to another carrier, along with possible access to subscriber data.
Cyberattack at Bank of Oak Ridge, customer data exposed (wfmynews2.com) After the data breach, Bank of Oak Ridge notified federal authorities and immediately launched an investigation with outside assistance, a bank spokesperson said.
Add Morgan Stanley to List of Accellion FTA Hack Victims (BankInfoSecurity) Investment banking giant Morgan Stanley is the latest company to report a data breach tied to zero-day attacks on Accellion's legacy File Transfer Appliance - yet
Fallout From Hack of City Law Department Could Linger for Months (New York Times) One department official was reassigned, and lawyers still lack remote access to case files, leading to delays with lawsuits.
Joplin city phone service restored (Joplin Globe) Telephone service has been restored to city of Joplin offices and departments after being disrupted in an early Wednesday cybersecurity intrusion.
Systems Restored After NSW Cyber Attack (Epoch Times) New South Wales (NSW) Department of Education IT systems are coming back online two days after they were ...
Massena school servers back to normal after cyber attack (NNY360) The Massena Central School District’s servers are nearly 100% back online following a June 22 cyber security attack on the system.
This ransomware attack was stopped at the last minute.Here's how they found it (Texas News Today) A ransomware gang has installed remote desktop software on more than 100 machines on the network. The plan to encrypt the network failed the last moment a cybersecurity expert was called into the company after suspicious software was found on the network. Criminal efforts to lay the groundwork for ransomware attacks have led to the …
Patient Info Exposed in Health Clinic Cyberattack Data Breach (Health IT Security) An Iowa-based health clinic is the latest victim of a cyberattack.
Amazon restores service after global outage (ETCIO) It was the second broad disruption since late June when users experienced a brief outage on Amazon platforms including Alexa and Prime Video before se..
Security Patches, Mitigations, and Software Updates
Kaseya And PrintNightmare Vulnerabilities (Avast) For those who don’t have dedicated security teams, it can be both confusing and overwhelming to understand what to do about the ongoing PrintNightmare and Kaseya vulnerabilities. In this post, we offer clear steps to help keep yourself and your businesses as safe as possible.
Microsoft Clarifies Its 'PrintNightmare' Patch Advice (Redmondmag) Microsoft on Thursday issued 'clarified guidance' for organizations addressing a zero-day Windows printer spooler vulnerability dubbed 'PrintNightmare.'
An Office Phone Flaw Can’t Be Fixed by Cisco Alone (Wired) The company released a patch this week, but security researchers say the root of the problem is beyond its control—and symptomatic of a larger issue.
Windows 11 to Receive One Feature Update Ever Year, Microsoft Confirms (NDTV Gadgets 360) Microsoft will continue to roll out regular monthly quality updates to provide security updates and bug fixes.
Trends
84% of Organizations Experienced Phishing & Ransomware Type Threats in the Past 12 Months (PR Newswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, published new research revealing that half of US organizations...
Wales and London Worst Hit by Cybercrime According to New Study (Business News Wales) Findings from an academic study between Avast, a global leader in digital security and privacy, and the research division of the Centre for Crime, Justice
iTWire - 'Investment scams are disproportionately impacting Australians': Proofpoint (ITWire) Security provider Proofpoint notes the massive growth in scams reported in the latest Scamwatch report, drawing attention to the fact that Australian losses to scammers reached 80% of 2020's total in just six months. As previously reported, the ACCC has said that scammers have stolen more than $...
Marketplace
Cybersecurity M&A Roundup: 14 Deals Announced July 1-8, 2021 (SecurityWeek) More than a dozen cybersecurity acquisitions were announced in the first week of July 2021.
Microsoft Is Said to Be Buying Cybersecurity Company RiskIQ (Bloomberg) Software giant said to pay more than $500 million in cash for the San Francisco company
Aqua Security Acquires tfsec (Aqua) The immediate integration of tfsec, an open source scanner for Infrastrucure as Code, into Aqua Trivy, adds IaC security scanning capabilities.
CTRL-ALT-Delete? The internet industry’s D.C. powerhouse vanishes. (POLITICO) The Internet Association once brokered deals on tech legislation. But its role has shrunk amid the industry's divides and changes under a new CEO.
DHS Awards SecureLogix $1M to Secure NG9-1-1 Multimedia Content (American Security Today) The Department of Homeland Security (DHS), which was recognized in the 2020 ‘ASTORS’ Awards Program for ‘Excellence in Homeland Security’, Small Business Innovation Research (SBIR) Program recently awarded $997,526.67 to San Antonio, Texas-based small business SecureLogix to secure that data against increased cyber threats. Next Generation 911 (NG9-1-1) – What is it? Next Generation 9-1-1 (NG9-1-1) […]
Latest Hack Attack Boosts Cybersecurity Stocks’ Prospects. Here Are Some to Consider. (Barron's) Last weekend’s large-scale cyberattack on security software provider Kaseya exposed what some analysts say will be a growing and evolving threat, boosting their expectations for spending on cybersecurity to the benefit of stocks in the sector.
3 Top Cybersecurity Stocks to Buy in July (The Motley Fool) The escalating war over digital security makes these three stocks essential buys.
Why Innovation Makes Crowdstrike Worth Buying (The Motley Fool) By solving a major problem for businesses, Crowdstrike enjoys ongoing rapid growth that make it a strong investment moving forward.
IBM’s Acquisition Spree Continues With Plans To Buy DevOps Startup BoxBoat (CRN) IBM’s Acquisition Spree Continues With DevOps Startup BoxBoat
Alles auf Strom (Tagesspiegel) Der Siemens-Bereich konzentriert sich auf intelligente Gebäude und Energienetze und sieht ein riesiges Potenzial.
Aveshka, Inc. is awarded subcontract with the Data, Analytics, and Visualization Task Force of the Centers for Disease Control and Prevention (CDC) (PR Newswire) Aveshka, a trusted provider of data analytics capabilities and subject matter expertise in the public health realm, was recently awarded a...
John Hammes Promoted to Intelligent Waves Chief Strategy Officer (GovCon Wire) Looking for the latest GovCon News? Check out our story: Intelligent Waves Promotes R&D Exec John Hammes to Chief Strategy Officer. Click to read more!
Twitter names resident grievance officer, publishes 1st compliance report under IT rules (The Economic Times) The name of Vinay Prakash, the newly appointed resident grievance officer for Twitter India, appears along side Global Legal Policy Director Jeremy Kessel on the company's website.
Products, Services, and Solutions
Enable true private browsing with this decentralized VPN device (BleepingComputer) The Deeper Connect Nano gives you instant access to this kind of network, without any ongoing subscription fees. Right now, you can get it for just $299.
Adversa AI Red Team Invented Technology for Ethical Hacking of Facial Recognition Systems (Adversa AI | Trusted AI Security) Adversa AI, the leading Trusted AI Research startup, has demonstrated a new attack method on AI facial recognition applications. By making imperceptible changes in human faces, it makes an AI-driven facial recognition algorithm misrecognize persons. Compared to other similar approaches, this method is transferable across all AI models and at the same time, it’s much more accurate, stealth and resource-efficient.
Malwarebytes integrates with Datto to to streamline endpoint security for MSPs (Help Net Security) Malwarebytes announced that Malwarebytes OneView is now integrated with Datto RMM and Datto Autotask Professional Services Automation (PSA).
Quantum Xchange Strengthens Priseda's National Private Network for Resiliency with Advanced Quantum Security (PR Newswire) Quantum Xchange, a leading provider of quantum-safe solutions, partnered with Priseda, the private and secure data company, to bring its...
GlobalDots and CloudFlare partner to offer companies full-stack securit | | PR system (ReBlonde) This new joint operation formalizes CloudFlare’s recognition of GlobalDots’s solutions in multiple as-a-service domains, such as Managed Cloud Services, DevOps services, and Network Operation Center (NOC)
New Research Study Reveals Urgent Need for Modern Security Solutions Amid Rapid Transition to API- and Cloud-Centric Applications (Fastly) Fastly’s edge cloud platform helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences.
Greek Ministry of Education Protects 65,000 Distance Learners with Check Point ZoneAlarm (Check Point Software) By Amit Sharon, Head of Global Customer Community & Market Intelligence, Check Point Software Technologies The COVID pandemic forced the Greek
ThreatQuotient Advances Industry Threat Intelligence Sharing With Stronger Data Curation Capabilities (BusinessWire) ThreatQuotient releases ThreatQ Data Exchange simplifying bidirectional sharing of intelligence data within the ThreatQ platform.
NVIDIA, Palo Alto Networks Boost Cyber Defenses with DPU Acceleration (The Official NVIDIA Blog) Cybercrime cost the American public more than $4 billion in reported losses over the course of 2020, according to the FBI. To stay ahead of emerging threats, Palo Alto Networks, a global cybersecurity leader, has developed the first virtual next-generation firewall (NGFW) designed to be accelerated by NVIDIA’s BlueField data processing unit (DPU).
Technologies, Techniques, and Standards
NIST Delivers Two Key Publications to Enhance Software Supply Chain Security Called for by Executive Order (NIST) NIST today fulfilled two of its assignments to enhance the security of the software supply chain called for by a May 12, 2021, Presidential Executive Order on Improving the Nation’s Cybersecurity (14028).
Understanding and stopping 5 popular cybersecurity exploitation techniques (Help Net Security) Effectively cybersecurity exploitation techniques requires deep system knowledge and constant monitoring of all applications.
We Got the Phone the FBI Secretly Sold to Criminals (Motherboard) 'Anom’ phones used in an FBI honeypot are mysteriously showing up on the secondary market. We bought one.
How to Make Your Web Searches More Secure and Private (Wired) What you look for online is up to you—just make sure no one else is taking a peek.
What You Need to Know About Ransomware Insurance (InformationWeek) Ransomware can bring business operations to an instant halt. Ransomware insurance can limit the immediate and long-term financial damage.
Ransomware: This new ransom tracker reveals how much bitcoin gangs have been paid (ZDNet) The new Ransomwhere site crowdsources bitcoin payments to wallets associated with ransomware gangs.
Ransomwhere project wants to create a database of past ransomware payments (The Record by Recorded Future) A new website launched this week wants to create a crowdfunded, free, and open database of past ransomware payments in the hopes of expanding visibility into the broader picture of the ransomware ecosystem.
This crowdsourced payments tracker wants to solve the ransomware visibility problem (TechCrunch) A new crowdsourced payments tracker website aims to provide greater visibility into ransomware attacks.
New Website Aims To Shine A Light On Where Ransomware Payments Go (Forbes) To stem the rising tide of ransomware attacks, a new site wants to shed some much-needed light on where hundreds of millions of dollars in payments from victims are going.
Security is Security: CIOs Must Unify the Physical and Virtual (CIO) When it comes to securing physical spaces and virtual networks, it’s increasingly important for the CIO to play a leading role.
Fortinet exec offers key takeaways for managing hybrid workplace threats and modernizing government security (SiliconANGLE) Fortinet exec offers key takeaways for managing hybrid workplace threats and modernizing government security - SiliconANGLE
Security concerns continue to hinder IoT deployments in the US (Smart Energy International) The study includes responses from 500 UK and US senior executives, finds s decrease in companies' investments in IoT due to the pandemic.
NYC opens cyber operations center (GCN) The nation’s first city-based cybersecurity operations center will be staffed with 282 public- and private-sector partners who will be sharing intelligence on potential cyber threats.
Sberbank : Sber successfully combating cyberthreats at subsidiary banks (MarketScreener) Over the past few years, the number of cyberattacks on Sber's systems and services has grown exponentially. Over 100 cyberattacks on the bank's infrastructure and financial services and over... | July 12, 2021
Military Must Do More to Tackle Cyber Threats to 3D Printing, Watchdog Says (Military.com) Another key problem identified in the report is the ongoing failure to update computer operating systems.
Design and Innovation
TikTok introducing more automation to video removals (Axios) TikTok said it will also change the way it notifies users when they violate the Community Guidelines.
Academia
The Cybersecurity 202: Schools are another prime ransomware target (Washington Post) K-12 schools are getting hit with a barrage of ransomware attacks, worsening the damage to children’s education brought on by the pandemic and hurting their ability to return to some semblance of normalcy in the fall.
US Cyber Games Coaching Team and Top Athletes to Be Announced Friday, July 9, 2021 , at US Cyber Games Combine Kick-Off Event (PR Newswire) The inaugural US Cyber Games™ led by Katzcy in collaboration with the National Initiative for Cybersecurity Education (NICE) program at the...
Legislation, Policy, and Regulation
Reassessing RuNet: Russian internet isolation and implications for Russian cyber behavior (Atlantic Council) This issue brief examines recent “RuNet” developments and explores how they could elevate national security risks for the United States and Europe by changing the internet landscape in Russia and potentially shifting Russian cyber behavior.
European Privacy Regulators Take Aim at Firms’ Cybersecurity Failures (Wall Street Journal) Businesses are running afoul of the European Union’s privacy rules by failing to implement necessary security measures.
China drafts new cyber-security industry plan (Reuters) China's Ministry of Industry and Information Technology said on Monday it has issued a draft three-year action plan to develop the country's cyber-security industry, estimating the sector may be worth more than 250 billion yuan ($38.6 billion) by 2023.
China widens clampdown on overseas listings with pre-IPO review of firms with large user data (Reuters) China's cyberspace regulator said on Saturday any company with data for more than 1 million users must undergo a security review before listing its shares overseas, broadening a clampdown on its large "platform economy".
China Calls Additions to US Economic Blacklist 'Unreasonable Suppression' (Voice of America) China's Ministry of Commerce said Sunday it "resolutely opposes" the addition of 23 Chinese entities to a U.S. economic blacklist over issues including alleged human rights abuses and military ties.
In a statement citing a spokesperson, the Chinese commerce ministry said the inclusion of the Chinese entities was a "serious breach of international economic and trade rules" and an "unreasonable suppression" of Chinese companies.
The Chinese government "will take necessary measures to safeguard China's legitimate rights and interests," the statement said.
The U.S.
Readout of Secretary of Defense Lloyd Austin (U.S. DEPARTMENT OF DEFENSE) Secretary of Defense Lloyd J. Austin III met France Minister of the Armed Forces Florence Parly at the Pentagon to reaffirm the deep cooperation between our governments and militaries.
Interpol Calls For New Ransomware Mitigation Strategy (BankInfoSecurity) Interpol has announced that it will boost the role of country-specific National Central Bureaus to fight ransomware and other cybercrimes. The announcement from the
Europe Makes the Case to Ban Biometric Surveillance (Wired) Companies are racing to track everything about you. It could be a convenient way to reduce fraud—or seriously creepy and discriminatory.
U.S. Cyber Chief in Limbo During REVil Attacks Set to Start Work (Bloomberg Law) The White House plans to swear in the country’s first national cyber director Monday and the Senate expects to consider the nominee for director of the Cybersecurity and Infrastructure Security Agency, ending weeks-long delays on filling the Biden administration’s top cyber posts.
FACT SHEET: Executive Order on Promoting Competition in the American Economy (The White House) The economy is booming under President Biden’s leadership. The economy has gained more than three million jobs since the President took office—the most jobs created in the first five months of any presidency in modern history. Today, the President is building on this economic momentum by signing an Executive Order to promote competition in the…
Biden Targets Big Business in Sweeping Executive Order to Spur Competition (Wall Street Journal) Plan encourages federal agencies to adopt policies that push back against corporate consolidation and practices that the White House says stifle competition and lead to higher prices and fewer product choices.
Biden signs order to urge more scrutiny of big business (Silicon Valley Business Journal) The order reflects the Biden administration’s growing embrace of warnings by some economists that declining competition is hobbling the economy’s vitality, raising prices and reducing choices for consumers in key areas, while dampening pay and restricting freedom to change jobs for workers.
Biden signs order to crack down on Big Tech, boost competition 'across the board' (CNBC) The Biden administration's order argues that the biggest companies in the tech sector are wielding their power to box out smaller competitors.
Biden signs executive order targeting right to repair, ISPs, net neutrality, and more (The Verge) The agenda will push back on mergers and data collection.
Biden Wants the FCC to Fix Net Neutrality—but It Can't Yet (Wired) The FCC won't be able to do most of the things the president encouraged in his executive order until he nominates a fifth commissioner.
Sweeping Biden Order Aims To Attack Lack Of Competition (Law360) President Joe Biden on Friday issued an expansive executive order aimed at boosting competition across the U.S. economy and lowering prices for consumers and increasing pay for workers.
DHS Cyber Leaders Say Biden Cyber Order is a Long-Term Roadmap (Government CIO) Cyber vulnerabilities in federal agencies' supply chains aren't going away any time soon, and addressing them will take a consistent, concentrated effort.
The U.S. should treat cyberattacks as a national disaster (Dallas News) In recent weeks, the Biden administration has increasingly treated cybercrime as a national security issue. The topic headlined discussions at both the...
It’s Time for National Cyber-Incident Reporting Legislation (Bloomberg Law) The status quo of a mix of federal and state cyberattack reporting laws creates few incentives for the robust public-private pooling of information needed to confront the problem of rampant cyber-intrusions, Sidley Austin LLP partner Sujit Raman says. Recent large cyberattacks should be a wake-up call to Congress to pass federal legislation.
The U.S. Desperately Needs a Civilian Cybersecurity Corps (Nextgov.com) Here is how we maximize its scale and potential.
New York City’s new biometrics privacy law takes effect (TechCrunch) The law will give New Yorkers greater protections over how their biometric data is collected.
Connecticut Becomes Third State to Incentivize Cybersecurity Best Practices for Businesses (PR Newswire) Connecticut Governor, Ned Lamont signed HB 6607, "An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses" into law last...
Litigation, Investigation, and Law Enforcement
Rand Paul seeks investigation into Tucker Carlson’s NSA spying allegations (Yahoo) Sen. Rand Paul (R-Ky.) is requesting an investigation into allegations by Tucker Carlson that the National Security Agency was spying on him, Axios has learned.Why it matters: The senator sent a letter to Gen. Paul Nakasone of the National Security Agency, casting doubt on the NSA’s public denial of spying on Carlson and defending the Fox News host as a journalist who should be protected by the First Amendment.Get market news worthy of your time with Axios Markets. Subscribe for free.Between the
Investors Trusted Teenagers to Manage Crypto Investments. Now They Want Answers. (Wall Street Journal) The Cajee brothers have disappeared after claiming that hackers stole from their Africrypt investment firm, leaving South African investors scrambling to recoup their money.
A New System Is Helping Crack Down on Child Sex Abuse Images (Wired) There are 150 child sexual abuse laws around the world. Now, metadata is making it easier for countries to work together.
Where do all those cybercrime payments go? (Naked Security) Yes, the headline is a rhetorical question. But sometimes we get literal answers, and they’re well worth remembering.
Air India flyer seeks damages over data breach of 4.5 million passengers (Business Standard) An Air India flyer has sought damages from the airline after the recent leak of personal data of 4.5 million passengers including hers and her husband's.
ParkMobile Hit With Proposed Class Action Over Data Breach (Law360) The company that runs an app allowing customers to pay parking meters from their phones is facing a purported class action from consumers, accusing them of having lax online security that compromised customers' data during a hack in March.
Hacker Risks Jail to Out Middlebury College Employee for Alleged Child Porn (The Daily Beast) A hacker was scanning the internet for vulnerable machines and stumbled on a trove of child pornography. Now they’re walking away scot-free for turning in the Middlebury worker.
