Attacks, Threats, and Vulnerabilities
Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector (SecurityWeek) Microsoft's threat hunters have caught Iranian threat actors breaking into IT services shops in India and Israel and stealing credentials for downstream software supply chain attacks.
Iran is 'leapfrogging our defenses' in a cyber war 'my gut is we lose': Hacking expert Kevin Mandia (CNBC) Kevin Mandia says Iran has upped its hacking game and is "has gotten good at leapfrogging" U.S. cybersecurity in an asymmetric war the U.S. is poised to lose.
FBI warns of APT group exploiting FatPipe VPN zero-day since May (BleepingComputer) The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products to breach targets' networks.
FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months (Threatpost) The bureau's flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets' networks.
Malicious packages in PyPI use stealthy exfiltration methods (JFrog) Software supply chain security threat: automated scanning of Python packages in the PyPI repository uncovered stealthy malware and more. Find out about our latest findings.
Malicious Python packages caught stealing Discord tokens, installing shells (The Record by Recorded Future) The operators of the Python Package Index (PyPI) have removed this week 11 Python libraries from their portal for various malicious behaviors, including the collection and theft of user data, passwords, and Discord access tokens and the installation of remote access shells for remote access to infected systems.
New ETW Attacks Can Allow Hackers to 'Blind' Security Products (SecurityWeek) Researchers show how attackers could disable EDR security solutions that rely on ETW for visibility.
DNI identifies Chinese transformers as cyber vulnerable risks yet DOE and industry ignore the threat (Control Global) The Office of the US Director of National Intelligence (DNI)’s National Intelligence Council in their National Intelligence Estimate, Climate Change and International Responses Increasing Challenges to US National Security Through 2040 NIC-NIE-2021-10030-A. On page 6, DNI states: “Deployment of utility-scale solar and wind technologies in remote areas is likely to require ultra-high-voltage transmission lines to move the power to cities. China is the world’s leading supplier of advanced grid components for ultra-high-voltage systems, such as transformers, circuit breakers, and inverters, which we assess creates cyber vulnerability risks.”
New Ransomware Group Retools Attacks On the Fly (Decipher) A recently uncovered attack by a new ransomware group shows how cybercriminals will switch up their tactics on a whim.
Conti gang has made at least $25.5 million since July 2021 (The Record by Recorded Future) The operators of the Conti ransomware have earned at least $25.5 million from attacks and subsequent ransoms carried out since July 2021, Swiss security firm Prodaft said in a report today.
[Conti] Ransomware Group In-Depth Analysis (PRODAFT) PRODAFT, Proactive Defense Against Future Threats, is a pioneer cyber security and cyber intelligence company providing innovative products and proactive solutions to commercial customers and government institutions as well as setting global standards with its extensive knowledge.
Deep Instinct BrandVoice: What Happens When AI Falls Into The Wrong Hands? (Forbes) Artificial intelligence (AI) is one of the most discussed technology fields today – and for good reason.
Are cybercriminals actively recruiting your employees to attack you with ransomware? (SC Media) A new survey suggests adversaries may be attempting this tactic more than you'd think. But even if it's still an uncommon strategy, companies shouldn't be caught unaware.
Buggy software in off-brand smart home devices is a hacker’s playground (Washington Post) Software in connected devices has little oversight. As more objects come online, that problem will snowball.
Cyber Defenders Should Prepare for Holiday Ransomware Attacks (SecurityWeek) High days and holidays are prime time for ransomware. This should come as no surprise to anyone – but many companies remain surprisingly unaware or at least unprepared.
California Pizza Kitchen Data Breach Exposes Personal Information: Murphy Law Firm Investigates Victims' Legal Claims (EIN) Murphy Law Firm Investigates on Behalf of the More than 103,000 Individuals whose Confidential Information was Exposed to Cybercriminals
California Pizza Kitchen spills over 100,000 employee Social Security numbers (TechCrunch) The U.S. pizza chain notified state authorities two months after the data breach.
Amazon's Dark Secret: It Has Failed to Protect Your Data (Wired) Voyeurs. Sabotaged accounts. Backdoor schemes. For years, the retail giant has handled your information less carefully than it handles your packages.
Amazon's former head of information security said the company's customer data protection was a mess: 'It was all put together with tape and bubblegum' (Business Insider) Amazon's mission to "delight the customer" came "at the expense of everything else," former information security VP Gary Gagnon told Wired.
Scam phone call prompts police warning (3FM) The Office of Cyber Security and Information Assurance is warning of scam phone calls.
‘My bank account was in a shambles’: The ordeal of an identity theft victim (WeLiveSecurity) A victim of identity theft tells us how criminals used his identity to commit fraud and what it took to put his life back in order.
Cyber Threats to Veterans in 2021: Spam and Scams Exploit Support for Veterans (Recorded Future) Veterans and their charitable donors have become the targets of many types of financial scam operations in recent years.
Security Patches, Mitigations, and Software Updates
Microsoft Informs Users of High-Severity Vulnerability in Azure AD (SecurityWeek) Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD).
FPSA005: CSRF Add Admin Exploit (FatPipe Networks) A vulnerability in the web management interface of FatPipe software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device by adding a user with Administrator privileges.
Philips IntelliBridge EC 40 and EC 80 Hub (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Low attack complexity
Vendor: Philips
Equipment: IntelliBridge EC 40 and EC 80 Hub
Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow an attacker unauthorized access to the IntelliBridge EC40 and80 Hub.
Philips Patient Information Center iX (PIC iX) and Efficia CM Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable from adjacent network/low attack complexity
Vendor: Philips
Equipment: Patient Information Center iX (PIC iX) and Efficia CM Series
Vulnerabilities: Improper Input Validation, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Cryptographic Algorithm
2.
Trane Symbio (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Low attack complexity
Vendor: Trane
Equipment: Symbio 700 and Symbio 800 controllers
Vulnerability: Code Injection
2. UPDATE INFORMATION
The updated advisory is a follow-up to the original advisory titled ICSA-21-266-01 Trane Symbio that was published on September 23, 2021, to the ICS webpage on us-cert.cisa.gov.
Philips Patient Monitoring Devices (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.8
ATTENTION: Low skill level to exploit
Vendor: Philips
Equipment: Patient Information Center iX (PICiX); PerformanceBridge Focal Point; IntelliVue Patient Monitors MX100, MX400-MX850, and MP2-MP90; and IntelliVue X2, and X3
Vulnerabilities: Improper Neutralization of Formula Elements in a CSV File, Cross-site Scripting, Improper Authentication, Improper Check for Certificate Revocation, Improper Handling of Length Parameter Inconsistency, Improper Validation of Syntactic Correctness of Input, Improper Input Validation, Exposure of Resource to Wrong Sphere
Mitsubishi Electric Factory Automation Engineering Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: Mitsubishi Electric, Factory Automation Engineering products
Vulnerability: Unquoted Search Path or Element
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, modify information, and cause a denial-of-service condition.
VISAM Automation Base (VBASE) (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.0
ATTENTION: Exploitable remotely/low skill level to exploit.
Vendor: VISAM
Equipment: VBASE
Vulnerabilities: Relative Path Traversal, Incorrect Default Permissions, Inadequate Encryption Strength, Insecure Storage of Sensitive Information, Stack-based Buffer Overflow
Trends
Digital Exposure Report Finds Widespread Cyber Vulnerabilities for Top 20 Fortune Global 500 Financial Services Companies (PR Newswire) Today, Constella Intelligence ("Constella"), a leader in Digital Risk Protection and Identity Threat Intelligence, released their Financial...
Study Reveals 70% of Security and IT Pros Find Security Hygiene and Posture Management Increasingly Challenging Over the Past Two Years (PR Newswire) JupiterOne, the cybersecurity industry's leading cyber asset management and governance solutions provider, today announced the findings of a...
Cryptographers are not happy with how you’re using the word ‘crypto’ (the Guardian) Los Angeles’s renamed Crypto.com Arena is good news for cryptocurrency fanatics but strikes a blow against the word’s original meaning
'Crypto' Means Cryptocurrency. We Lost the War, and It's OK (Vice) For years, people have insisted that 'crypto' means 'cryptography,' but cryptocurrency won.
Marketplace
Insurers cut cyber cover as ransomware losses surge (Computing) Insurance firms are worried about profits as ransomware gangs become more sophisticated
GBG Announces It Has Agreed to Acquire Acuant (IDology) GBG announces it has agreed to acquire Acuant, bringing together two leaders in the global digital identity market with combined revenue of c.£265 million. Strategic acquisition creates global leader, transforming digital identity and fraud prevention.
Unisys Acquires Unified Endpoint Management Expert Mobinergy™ to Expand its End-User Experience Solutions (PR Newswire) Unisys Corporation (NYSE: UIS), a global IT solutions company, today announced it has acquired Mobinergy™, which specializes in Unified...
Socure Ranked as the Fastest-Growing Identity Verification Company in North America on the 2021 Deloitte Technology Fast 500™ (Businesswire) Socure, the leading provider of digital identity verification and fraud solutions, today announced it is the fastest-growing identity verification ven
Growing At 200%, Cybereason Wins Against SentinelOne And CrowdStrike (Forbes) At 70%, CrowdStrike is growing too slowly for analysts as SentinelOne soars at 101% and privately-held Cybereason says it's expanding twice as fast
Cisco emerging tech VP plans for API security, observability (SearchITOperations) Cisco's head of incubation projects sets the company's sights on application networking, including API security, observability and edge computing.
Palo Alto Networks raises outlook as security demand grows (SeekingAlpha) Palo Alto Networks (PANW) shares dipped 1% in after-hours trading, Thursday, even as the security software company raised its full-year revenue outlook.
SINGAPORE : US-based cyber firm Infra plants flag in Singapore (Intelligence Online) After obtaining finance from SingTel and the National University of Singapore, the US hacking firm Infra has opened an outpost on recently sanctioned vulnerabilities broker Coseinc.
Invicti Security Appoints Michael George as CEO (PR Newswire) Invicti Security™ today announced technology leader Michael George has joined the company as CEO to lead the company's next chapter of growth...
Onfido Appoints Sue Barsamian and Bill Losch to Board of Directors (Onfido) Identity and security experts with decades of experience scaling companies including Okta, Auth0, Symantec and NortonLifeLock join Onfido to support company’s hypergrowth journey
Blumira Bolsters Security Team with 4 New Industry Veterans to Support Rapid Growth (Blumira) Blumira announced a series of additions to its leadership bench to support its rapid growth trajectory. These new appointments come on the heels of a $10.3 million Series A round of financing and a period of explosive growth.
Former IBM Exec Sam Gordy Joins BigBear.ai as COO, President of Federal Division (GovCon Wire) Looking for the latest GovCon News? Check out our story: BigBear.ai names former IBM exec Sam Gordy as COO, president of federal division. Click to read more!
Cyber Defense Labs promotes Michael Spotts to COO (Help Net Security) Cyber Defense Labs is promoting Michael Spotts from CTO and VP of cyber managed security services to serve as Cyber Defense Labs' COO.
Products, Services, and Solutions
Versa Networks Supports Make in India Initiative with Jabil (Cyber Media) Versa Networks and Jabil plans to work in accordance with Make in India initiative launched by the Prime Minister in September 2014
Protegrity Data Protection Platform and Cloud Protect for Snowflake Now Available in the Microsoft Azure Marketplace (Protegrity) Protegrity, a global leader in data security, today announced the availability of the Protegrity Data Protection Platform and Cloud Protect for Snowflake in the Microsoft Azure Marketplace, an online store providing applications and services for use on Microsoft Azure. Protegrity customers can now take advantage of the scalability, high availability, and security of Azure, with streamlined deployment and management.
Cybereason Launches its Predictive Ransomware Protection Solution: Enterprise-Grade Prevention to End Ransomware Attacks (Cybereason) Cybereason Launches its Predictive Ransomware Protection Solution: Enterprise-Grade Prevention to End Ransomware Attacks
SOC Prime Delivers One-Click Threat Hunting Capabilities with Quick Hunt Module (Businesswire) SOC Prime, the world’s largest threat detection marketplace, today announced the availability of Quick Hunt, a cutting-edge module powered by SOC Prim
Falcon Wins Best EDR Solution by SE Labs for Second Consecutive Year (CrowdStrike) CrowdStrike today announced Falcon® was named winner of the Best Endpoint Detection and Response Product for the second year in a row in SE Labs' 2021 Annual Report.
PerimeterX Introduces Credential Intelligence to Block Online Activities that Use Stolen Usernames and Passwords (PerimeterX) New Solution Acts as an “Early Warning System” That Stops the Viability and Proliferation of Credential Stuffing Attacks
Armis and Nuvolo Strengthen Healthcare Partnership, Improving Data Interoperability (Armis) Strategic partnership further secures the patient journey by strengthening data sharing and use cases to improve efficiency for Biomed/Clinical Engineering and Information Security teams
Corporate Password Manager Passwork Is Available With a 50% Discount as Part of Black Friday (Newswire) Corporate password manager Passwork is running a Black Friday promotion. Companies of all sizes can buy the software with a huge 50% discount fro ...
Hoxhunt and Cyber Intelligence House Announce Partnership to Connect Cyber Threat Exposure With Employee Cyber Awareness (Businesswire) Hoxhunt, a premium enterprise cybersecurity awareness training platform, and Cyber Intelligence House, a leading provider of cyber intelligence, today
Plurilock Security says Aurora Systems subsidiary inks reseller agreement with BeyondTrust; adds Boast platform's fintech expertise (Proactiveinvestors NA) As a trusted vendor for several state, local, and federal government agencies, Aurora offers IT and cybersecurity support services, including...
Obscure Technologies is Illumio's primary African distributor - IT-Online (IT-Online) Cybersecurity specialist Obscure Technologies has been named a primary distributor in Africa for Illumio, which offers Zero Trust segmentation. Obscure Technologies is a company comprised of cyber security experts specialising in brokering best of breed security solutions into the African market. Illumio prevents lateral movement, effectively stopping the spread of ransomware, viruses, and cybercriminals by […]
XDR Provider Cynet Adds SaaS Security Posture Management (SSPM), Centr (PRWeb) Cynet, the provider of the world’s first autonomous breach protection platform, today announced the integration of SaaS security posture management (SSPM) and cen
New infosec products of the week: November 19, 2021 (Help Net Security) The featured infosec products this week are from: 1Password, Fortanix, Jetico, Palo Alto Networks, Saviynt, StorONE, Viavi Solutions and WatchGuard.
Technologies, Techniques, and Standards
NSA, CISA call on 5G cloud operators to cryptographically isolate network containers (FedScoop) The National Security Agency and the Cybersecurity Infrastructure and Security Agency have called on operators of 5G cloud networks to cryptographically isolate critical containers. In new guidance published Thursday, the security agencies said operators should focus on protecting data, including through the use of hardware techniques like Trusted Execution Environments. A Trusted Execution Environment (TEE) […]
CISA, NSA Publish 5G Cloud Cyber-Threat Mitigation Guidance (Meritalk) The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) said today they published new guidance to mitigate cyber threats within 5G cloud infrastructure.
Potential Threat Vectors to 5G Infrastructure (CISA | NSA |ODNI) The fifth-generation (5G) of wireless technology represents a complete transformation of telecommunication networks, introducing a vast array of new connections, capabilities, and services
Security Guidance for 5G Cloud Infrastructures Part I: Prevent and Detect Lateral Movement (CISA | NSA) The Enduring Security Framework (ESF) hosted a 5G study group comprised of government and industry experts over the course of eight weeks during the summer of 2020 to explore potential threat vectors and vulnerabilities inherent to 5G infrastructures. At the conclusion of the study the group recommended a three-pronged approach to explore this threat space...
Security Guidance for 5G Cloud Infrastructures Part II: Securely Isolate Network Resources (CISA | NSA) The Enduring Security Framework (ESF) hosted a 5G study group comprised of government and industry experts over the course of eight weeks during the summer of 2020 to explore potential threat vectors and vulnerabilities inherent to 5G infrastructures. At the conclusion of the study, the group recommended a three-pronged approach to explore this threat space...
ChemLock Security Plan (CISA) Do you have a security plan in place to secure your dangerous chemicals? If your facility experienced a cyber of physical attack, would you and your facility’s personnel know what to do?
ChemLock Exercises (CISA) Exercises and drills are an excellent way to test your organization’s preparedness for a variety of different risks. CISA offers CISA Tabletop Exercise Packages (CTEPs), drills, and general materials to help facilities conduct exercises that are tailored specifically for chemical security.
ChemLock Training (CISA) CISA offers live, on-demand training to assist owners, operators, facility personnel, retailers, and emergency personnel with understanding the threats that chemicals pose and what security measures can be put into place to reduce the risk of dangerous chemicals being weaponized.
Creating a culture of cybersecurity (The Hub) In advance of his book <em>Confronting Cyber Risk</em>, engineer Gregory Falco discusses how and why organizations should incorporate cybersecurity into everyday business and planning
Cyberangriffe: Vorbereitung ist alles (Tagesspiegel) Von Mittelständlern bis hin zu großen Handelsketten: Vor Cyberattacken ist kein Unternehmen gefeit. Was verantwortliche Führungskräfte vor, während und nach einem Angriff beachten und umsetzen müssen, erklärt Martin Kuppinger, Principal Analyst bei KuppingerCole Analysts.
Legislation, Policy, and Regulation
North Korea’s Push for Reunification Isn’t Just Empty Rhetoric (World Politics Review) In the final months of his single term in office, South Korean President Moon Jae-in is making a strong push to formally end the Korean War. Setting aside for a moment the policy debate over whether that would be a good idea, it is worth considering the logical end of such a peace declaration: Korean reunification.
Ukraine in the Crosshairs (Foreign Affairs) Washington is concerned about the latest movements of Russian forces, wondering whether Vladimir Putin plans to invade Ukraine.
U.N. envoy says Islamic State now appears present in all Afghan provinces (Reuters) The U.N. envoy to Afghanistan on Wednesday delivered a bleak assessment of the situation following the Taliban takeover, saying that an affiliate of the Islamic State group has grown and now appears present in nearly all 34 provinces.
Chinese leaders approve a new government digitization drive (The Record by Recorded Future) Premier Li Keqiang and the State Council called for provincial leaders to step up their efforts to digitize Chinese government information.
Xi sends congratulatory letter to 1st China Internet Civilization Conference (CGTN) Chinese President Xi Jinping on Friday sent a congratulatory letter to the first China Internet Civilization Conference being held in Beijing.
China’s Search for Allies (Foreign Affairs) Is Beijing building a rival alliance system?
China Poses A National Security Threat Unlike Any The U.S. Has Seen Before (NPR) This week's virtual summit between President Joe Biden and China's President Xi Jinping may have restored a tone of respect between the world's two largest powers, but U.S. intelligence is telling a different story. NPR's Greg Myre reports on a national security conference held in Georgia last month where former and current U.S. intelligence officers were surprisingly candid about what they see as the biggest growing threat: China. In participating regions, you'll also hear a local news segment that will help you make sense of what's going on in your community.Email us at considerthis@npr.org.
UK and US join forces to strike back in cyber-space (BBC News) Combined "enduring" operations will use the "full range of capabilities", the two nations say.
UK and US intelligence chiefs commit to enduring combined cyber operations (GCHQ) Recently, UK and US intelligence and defence chiefs met to discuss enduring combined operations in cyberspace to impose costs on adversaries who conduct malicious cyber activity
Partners in Cyberspace: US and United Kingdom Reaffirm Commitment (U.S. Cyber Command) For the first time in two years, the United Kingdom and United States militaries conducted an in-person headquarters-level forum to discuss combined cyberspace campaigns and capabilities, called the
Government powers to strip Huawei equipment from 5G networks come into force (Evening Standard) The Telecommunications (Security) Act has received Royal Assent.
Government intervention will be 'very effective' in reducing MSP supply chain attacks, finds DCMS (CRN) The government lays out how it will respond to findings on whether new measures are needed for MSPs and firms procuring digital services
UK Telecommunications Act enshrined in law (Register) We bet the Chinese comms giant just LOVED that description
Israel is becoming a cybersecurity guarantor in the Middle East. Here’s how. (Atlantic Council) Israel is becoming more of a security guarantor in the cyber field against Iran and other regional threats by filling the vacuum resulting from the US’s increasingly passive attitude towards the changing security dynamics in the region.
Agencies approve final rule requiring computer-security incident notification (Board of Governors of the Federal Reserve System) Federal bank regulatory agencies today announced the approval of a final rule to improve the sharing of information about cyber incidents that may affect the U
Statement by NSC Spokesperson Emily Horne on Deputy National Security Advisor Anne Neuberger’s Travel to Japan | The White House (The White House) From November 15-17, Deputy National Security Advisory for Cyber and Emerging Technologies Anne Neuberger traveled to Japan to continue the
Arizona’s cyber command center is for collaboration, CIO says (StateScoop) Arizona CIO J.R. Sloan said the state's new cyber center provides new ways for government to work across agencies and sectors.
Litigation, Investigation, and Law Enforcement
Gantz’s house cleaner, an ex-bank robber, accused of trying to spy on him for Iran (Times of Israel) With indictment filed, Shin Bet security service says Omri Goren spoke to an Iran-linked hacking group about giving them access to the defense minister's computer
Israel Defence Minister's Cleaner Charged With Spying for Iran (SecurityWeek) A man employed in the home of Israeli Defence Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hackers, who are purportedly linked to Iran.
Ex-con employed in Gantz's home charged with offering to spy for Iran (Haaretz) The cleaner at the Defense Minister's house contacted the Black Shadow hacker group, responsible for numerous cyberattacks on Israel, with offers of help, indictment says.
Israel charges Defense Minister's house cleaner with leaking data to Iranian hackers (The Record by Recorded Future) Israel has detained a man who worked as the personal house cleaner for the Defense Minister and charged him with leaking his employer's photos and personal details to a group of Iranian hackers known as Black Shadow.
Shin Bet to probe background check process after Gantz’s house cleaner arrested (Times of Israel) Officials admit to failure in case of Omri Goren, who served four prison sentences for numerous crimes before arrest on suspicion of spying for Iran
DOJ Battles Ransomware Attacks (JD Supra) The Justice Department continues to attack and dismantle global ransomware extortion organizations. Business surveys often confirm that executives...
How a battle over Trump computer accusations is playing out in court (Washington Post) A long-running fight over accusations of computer links between Donald Trump and a Russian bank has intensified recently, shedding new light on how the government uses obscure Internet data to hunt for hackers and underscoring how the legal battles rage on regarding the 2016 presidential race.
DOJ charges two Iranians with interference in 2020 election (TheHill) The Department of Justice (DOJ) on Thursday indicted two Iranian nationals for allegedly interfering in the 2020 U.S.
U.S. Charges Two Iranians With Attempting to Interfere in 2020 Presidential Election (Wall Street Journal) Justice Department says the Iranians sent threatening messages to voters and accessed a U.S. media company’s computer network.
U.S. indicts two Iranian hackers over 2020 election disinformation campaign (Washington Post) Two Iranian men were indicted by the U.S. Justice Department on Thursday, accused of a brazen hacking and disinformation campaign that targeted American voters in the run-up to the 2020 U.S. presidential election.
WSJ News Exclusive | Instagram’s Effects on Children Are Being Investigated by Coalition of States (Wall Street Journal) A bipartisan coalition of state attorneys general said it is investigating how Instagram recruits and affects young people, amping up the pressure on parent company Meta Platforms over the potential harms to its users.
State AGs start investigation into Instagram's impact on youth (SeekingAlpha) Several state AGs, including New York and California, are probing Instagram on allegations that it promoted the app to young people even though there...
A California couple vanished after stealing millions in Covid-19 relief funds. They left a goodbye note for their three kids (CNN) A husband and wife were facing prison for a covid relief fraud scheme when they fled their California home, abandoning their three children. Three months later, they still haven't been found.
Canadian Teen Arrested in Crypto Theft Worth $36.5 Million (Bloomberg) Case marks the biggest crypto theft reported by one person. Police identified the alleged thief through a gaming username.
BREAKING: Ex-K&L Gates Partner Charged With Cyberstalking Colleagues (Law360) Former K&L Gates partner Willie Dennis has been arrested and charged with cyberstalking for allegedly sending thousands of emails and texts to colleagues in a "campaign of harassment, intimidation and threats," Manhattan federal prosecutors said Friday.