Dateline the Internet: the Log4j vulnerability (Log4shell).
Log4shell is now undergoing active exploitation. (The CyberWire) Criminals continue scanning for the Log4shell vulnerability, and they've moved from cryptojacking to ransomware installation to data theft. Organizations have begun their long slog through a remediation that will take months (if you follow the Wall Street Journal) or years (if you believe CRN) or "months if not years" (as in ZDNet's headline). Remediation won't be easy or simple or quick, but it begins in situational awareness with respect to an organization's code.
CISA to brief critical infrastructure companies about urgent new Log4j vulnerability (CyberScoop) The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will host a call with critical infrastructure stakeholders Monday afternoon about a critical vulnerability affecting products with the Log4j software library, according to a statement.
CISA tells federal agencies to patch Log4Shell before Christmas (The Record by Recorded Future) The US Cybersecurity and Infrastructure Security Agency has told federal civilian agencies to patch systems affected by the Log4Shell vulnerability by Christmas Eve.
CISA Urges Quick Action on ‘Log4j’ Critical Vulnerability (MeriTalk) The Cybersecurity and Infrastructure Security Agency (CISA) released a statement on Dec. 11 with guidance for organizations to protect themselves against the “log4j” critical vulnerability that surfaced over the weekend.
CISA adds Log4j to critical vulnerabilities list, warns industry to follow similar guidelines (SC Media) The move adds the damaging bug to a recently established catalog of high-profile vulnerabilities that most agencies must prioritize for patching and mitigation within two weeks.
CISA Expands 'Must-Patch' List With Log4j, FortiOS, Other Vulnerabilities (SecurityWeek) CISA has added 13 new vulnerabilities to its list of security errors known to be exploited, including Apache Log4j and Fortinet FortiOS bugs that were disclosed last week.
CISA warns 'most serious' Log4j vulnerability likely to affect hundreds of millions of devices (CyberScoop) Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library “is one of the most serious I’ve seen in my entire career, if not the most serious.”
Widely used software with key vulnerability sends cyber defenders scrambling (Reuters) A newly discovered vulnerability in a widely used software library is causing mayhem on the internet, forcing cyber defenders to scramble as hackers rush to exploit the weakness.
What to know about the latest cybersecurity bug in log4j (Popular Science) A serious new software bug could impact Apple’s iCloud, Microsoft’s Minecraft, Baidu, IBM, Amazon Web Service, and others.
Implications of Log4j Vulnerability for Operational Technology (OT) Networks (Dragos) Understand the impact of the zero-day remote code execution (RCE) vulnerability, CVE-2021-44228, affecting Apache Log4j to Operational Technology (OT) networks.
Critical Log4Shell (Apache Log4j) Zero-Day Attack Analysis (CVE-2021-44228) (Nozomi Networks) An analysis of the Apache Log4j vulnerability and the architecture of zero-day exploits (CVE-2021-44228) from Nozomi Networks Labs.
Apache Log4j security flaw presents critical risk to organizations (Security Magazine) Threat actors are actively exploiting a critical security flaw in Java logging library Apache Log4j. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services, meaning many organizations are at risk from threat actors actively exploiting this vulnerability.
The new Log4Shell could be the worst software vulnerability ever (Netsparker) The Log4Shell vulnerability in Log4j has left thousands of Java applications vulnerable to remote code execution. This post summarizes what we know so far, how you can mitigate the vulnerability, and what to expect in the coming days.
Cyber experts express growing alarm over Apache vulnerability (TheHill) A vulnerability in a widely-used logging platform uncovered late last week has left security professionals and officials scrambling to respond and patch systems before other nations and cybercriminals can exploit the flaw.
Log4j Exploit Is ‘A Fukushima Moment’ For Cybersecurity: Tenable CTO (CRN) Businesses around the world will spend years dealing with the repercussions from critical vulnerabilities discovered in Apache log4j, Tenable Co-Founder and CTO Renaud Deraison predicted.
Log4Shell 'biggest vulnerability in computing history' (Information Age) Easily exploitable logging library triggers global panic.
What Is the Log4j Vulnerability? (Wall Street Journal) A flaw in widely used internet software has left companies and government officials scrambling to respond to a potentially glaring cybersecurity threat to global computer networks.
The Log4Shell 0-day, four days on: What is it, and how bad is it really? (Ars Technica) If max-severity 0-day hasn't already dampened your Xmas spirit, it likely soon will.
Log4Shell Is Spawning Even Nastier Mutations (Threatpost) The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said.
Log4Shell (CVE-2021-44228) – What You Need to Know (Deep Instinct) On December 9, a severe remote code execution vulnerably was disclosed in Apache’s logging tool, Log4j2 – a widely-used open-source Java framework used for logging by countless commercial, non-commercial, and internally-developed applications and users – affecting all previous versions of the framework.
Here's Everything To Know About The 0-Day Log4Shell Vulnerability (JFrog) Understand the Log4Shell exploitation vectors, learn exactly what's vulnerable, and discover remediations about this zero-day vulnerability.
Critical Log4j Flaw Fallout Continues (Decipher) The widespread usage of Log4j is adding complexity to organizations attempting to apply patches.
Log4Shell Vulnerability is the Coal in our Stocking for 2021 (McAfee Blogs) Overview: On December 9th, a vulnerability (CVE-2021-44228) was released on Twitter along with a POC on Github for the Apache Log4J logging library. The
Software Vulnerability Expected to Persist, Possibly for Months (Wall Street Journal) A flaw in a widely used piece of internet software is prompting companies to rush to update their systems and prevent cyberattacks, but the technology’s ubiquity means the threat could affect businesses for months.
Log4j flaw repercussions will last years: experts (CRN Australia) The software's ubiquity could mean widespread global disruption.
Log4j update: Experts say log4shell exploits will persist for 'months if not years' (ZDNet) As attacks exploiting the Log4j flaw evolve, experts worry about how long it will take organizations will respond.
Log4Shell vulnerability: What we know so far (WeLiveSecurity) The zero-day flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what you should know.
Log4j zero-day flaw: What you need to know and how to protect yourself (ZDNet) The Log4j vulnerability affects everything from the cloud to developer tools and security devices. Here's what to look for, according to the latest information.
Widely used software with key vulnerability sends cyber defenders scrambling (Euronews) A newly discovered vulnerability in a widely used software library is causing mayhem on the internet, forcing cyber defenders to scramble as hackers rush to exploit the weakness.
CVE-2021-44228: New Updates to the Hacker’s Playbook – Apache Log4j Vulnerability (Safebreach) On December 9th, 2021, the security community became aware of a newly discovered zero-day vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1.
Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability (ZDNet) Cybersecurity researchers warn over attackers scanning for vulnerable systems to install malware, steal user credentials, and more.
Log4j exploits suggest attackers gearing up for ransomware (VentureBeat) Attackers may be using the Apache Log4j vulnerability, known as Log4Shell, to lay the groundwork for a ransomware attack, researchers said.
Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware (The Hacker News) Hackers Exploiting Log4j Vulnerability to Infect Windows PCs with Khonsari Ransomware
Log4J – A Look into Threat Actors Exploitation Attempts (Cato Networks) On December 9, a critical zero-day vulnerability was discovered in Apache Log4j, a very common Java logging tool. Exploiting this vulnerability allows attackers to take control over the affected servers, and this prompted a CVSS (Common Vulnerability Scoring System) severity level of 10.
Where the Latest Log4Shell Attacks Are Coming From (Threatpost) Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw.
The Log4j software bug could put your favorite sites at risk (CNET) Casual computer users might not have heard of the logging software, but it's used across the internet.
As Log4Shell wreaks havoc, payroll service reports ransomware attack (Ars Technica) Kronos outage will last several weeks. Firm advises customers to use other services.
Responding to the Log4Shell Vulnerability (Panorays) This post details everything you need to know about this new vulnerability—from how to tell if you’re exposed, to how to respond.
Security company offers Log4j 'vaccine' for systems that can't be updated immediately (ZDNet) Experts said the fix offered limited protection and is only a stop-gap solution.
Cato Networks Rapid Response to The Apache Log4J Remote Code Execution Vulnerability (Cato Networks) On December 9th, 2021, the security industry became aware of a new vulnerability, CVE-2021-44228. With a CVSS (Common Vulnerability Scoring System) score of a perfect 10.0, CVE-2021-442288 has the highest and most critical alert level.
Companies Respond to Log4Shell Vulnerability as Attacks Rise (SecurityWeek) Government organizations and the private sector are responding to the disclosure of a critical vulnerability (CVE-2021-44228) affecting the widely used Log4j logging utility, as exploitation attempts are on the rise
Log4j software vulnerability: Major tech companies rush to fix software after US govt’s warning (The Indian Express) The flaw in the Log4j software could allow hackers unfettered access to computer systems and has prompted an urgent warning by the US government’s cybersecurity agency.
Cyber flaw within CRA, Quebec also prevalent in private sector, experts warn (Global News) Experts describe the software flaw as``leaving the back door open'' in that it could give cyber criminals access to the thousands of organizations that use the logging library.
Minecraft Java players advised to update game to fix major security exploit (Polygon) The vulnerability could compromise your computer
Apache Log4j Vulnerability in NetApp Products [CVE-2021-44228] (SystemTek) Note : If your looking for our main article on the Apache Log4j vulnerability – click here Multiple NetApp products
Canadian websites temporarily shut down as world scrambles to mitigate or patch Log4Shell vulnerability (IT World Canada) Federal and provincial departments including the Canada Revenue Agency, Employment and Social Development Canada and the Toronto region transportation system Metrolinx took their websites offline over the weekend to deal with the critical log4j2 Java library vulnerability. In Quebec, provincial Digital Transformation and Access to Information Minister Eric Caire was quoted as saying almost 4,000 […]
Attacks, Threats, and Vulnerabilities
Kronos ransomware attack may cause weeks of HR solutions downtime (BleepingComputer) Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks.
Kronos hit with ransomware, warns of data breach and 'several week' outage (ZDNet) The HR management platform has already informed major customers, like the city government of Cleveland, about the attack.
UKG expects weeks of downtime after ransomware attack (The Record by Recorded Future) UKG, a company that provides payroll and human resource management software, said today that it might need up to several weeks to restore cloud systems impacted by a ransomware attack that hit its systems over the weekend.
Communications sent to impacted Kronos Private Cloud (KPC) customers beginning December, 13 at 12:45AM ET (Kronos Customer & Partner Community) We are reaching out to inform you of a cyber security incident that has disrupted the Kronos Private Cloud.
Mirai-Based 'Manga' Botnet Targets Recent TP-Link Vulnerability (SecurityWeek) A newly discovered variant of the Mirai-based Manga botnet is targeting a vulnerability in TP-Link routers that was addressed last month.
Bugs in billions of WiFi, Bluetooth chips allow password, data theft (BleepingComputer) Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it's possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device's Bluetooth component.
TinyNuke info-stealing malware is again attacking French users (BleepingComputer) The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services.
CISA: Authentication Flaw in Certain Hillrom Cardio Products (GovInfoSecurity) Federal regulators are warning healthcare sector entities worldwide that an authentication vulnerability in a variety of Hillrom Welch Allyn cardio products, if
Ransomware attack shuts down computer systems for Virginia legislative agencies (Richmond Times-Dispatch) A ransomware attack has forced the shutdown of computer systems and websites for Virginia legislative agencies and commissions, including the Division of Capitol Police and the Division of Legislative Services,
The General Assembly is dealing with a cyberattack (VA Scope) A staffer for the Republican Caucus in the House of Delegates confirmed that a ransomware attack is taking place on the General Assembly’s VITA system.
A division of Virginia’s General Assembly is dealing with ransomware attack (Washington Post) The information technology arm of the state’s legislative branch has been hit by a ransomware cyberattack, and Gov. Ralph Northam (D) has ordered state agencies to assist in the response, according to a spokeswoman for the governor.
Inside Ireland’s Public Healthcare Ransomware Scare (KrebsOnSecurity) The accounting firm PricewatersCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland's public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching…
BSP, BDO coordinating on hacked accounts (The Manila Times) Following reports of hacked BDO Unibank Inc. accounts, the Bangko Sentral ng Pilipinas (BSP) said it is closely coordinating with the bank for possible reimbursements.BSP Governor...
Logistics Firm Hellmann Scrambling to Recover From Cyberattack (SecurityWeek) International logistics company Hellmann Worldwide Logistics is scrambling to restore operations after a cyberattack forced it to isolate its central data center from the rest of its environment.
Hackers Steal $140 Million From Users of Crypto Gaming Company (Vice) VulcanForge becomes the third cryptocurrency company to be hit by hackers this month. In total, hackers have stolen more than $400 million.
Bored Ape Yacht Club: Someone accidentally sold a $300,000 NFT for $3,000 (CNET) "Fat finger" errors occasionally happen in traditional finance, but they're usually stopped or reversed. Not so with NFTs and cryptocurrency.
Curran says 11-day email, computer outage in Oyster Bay is 'unacceptable' (Newsday) Oyster Bay’s computer outage entered its 11th day on Monday as emails to town officials continued to bounce back to the senders, a situation Nassau County Executive Laura Curran called "unacceptable."
The time I almost got scammed from my college email (Avast) Read your emails with a critical eye. Any “opportunity” that seems too good to be true likely is just that: too good to be real. Here are a few additional steps that you can take to prevent yourself from being scammed.
PrimeXM Explains How It Dealt with Ransomware Attack (Finance Feeds) The FX technology provider has shared the sequence of events in regard to the attack on parts of its hosting infrastructure.
Vulnerability Summary for the Week of December 6, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Trends
Employees think they're safe from cyberthreats on company devices (Help Net Security) Menlo Security reveals increased cybersecurity risks posed to employees and organizations during the 2021 holiday shopping season.
The state of U.S. cybersecurity a year after the SolarWinds hack (NPR) One year ago, Russian hackers burrowed their way deep inside a network monitoring tool made by a company called SolarWinds. How much has changed in U.S. cybersecurity since then?
Opportunity for Software Security to Shift Further Left to Become SecDevOps, According to Veracode (Veracode) 133 percent growth in static scans initiated by an API call, rather than by a human, reveals a massive shift towards automation
Cybercriminals Set Their Sight on IT & Tech Companies, Finds New Report by Keeper Security (Businesswire) IT and technology companies in the UK have experienced an average of 44 cyberattacks in the last 12 months - roughly one every 8 days - according to n
Remote work culture makes traditional network perimeter obsolete; securing identities becomes key (SiliconANGLE) Remote work culture makes traditional network perimeter obsolete; securing identities becomes key - SiliconANGLE
Marketplace
Cyberhaven Raises $33M in Series B Funding to Transform Stagnant and Ineffective Data Protection Market (Cyberhaven) Company Grows ARR 5x in Last 12 Months as Customer Demand Accelerates
Sumo Logic Strengthens Investment in India as Customers and Partners Accelerate Security Operations Modernization (Sumo Logic) Delivers Regional Access to Sumo Logic Cloud SIEM and Appoints New Country Leader as Cloud Initiatives Drive Growth in the Region
Polymer lands $4M to bring no-code data loss prevention to SaaS apps (VentureBeat) Polymer says its no-code platform enables automated data loss prevention (DLP) for SaaS apps, including Microsoft Teams and Google Drive.
Crosspoint Capital Partners Completes Significant Strategic Investment in DigiCert in Partnership with Clearlake Capital and TA Associates
(DigiCert) DigiCert, Inc., the world’s leading provider of TLS/SSL, PKI and IoT solutions, today announced that Crosspoint Capital Partners, L.P. has completed an investment in the Company.
Dazz, from ex-Microsoft team, gets $60M to automate cloud security (VentureBeat) Dazz, founded by former Microsoft security executives, has raised $60 million for its platform that brings automation to cloud security.
Telcos ramping up investments in cybersecurity (BusinessWorld Online) THE PLDT group and Globe Telecom, Inc. on Monday said investments in their cybersecurity capabilities have been increasing, as they continue to work to protect their customers from online threats.
Bug-Bounty Programs Shift Focus to Most Critical Flaws (Dark Reading) The number of bug bounty programs jumped by a third, the median payout for a critical vulnerability report rose to $3,000, but rewards for easier-to-find lower-severity flaws stagnated in 2021.
Intel adds payout bonuses as it migrates bug bounty program to Intigriti (The Daily Swig) Payout ceiling lifted from $100,000 to $150,000 for 12-month bonus period
Embattled NSO said considering closing its Pegasus unit, selling to Americans (Times of Israel) Tech firm behind the contentious spyware is reportedly at risk of defaulting on its debt, and is seeking an outside injection of capital and a business pivot to keep it afloat
As New York bank begins minting stablecoins, security concerns ensue (SC Media) The stablecoin market has grown more than tenfold in the past year from a market cap of $20 billion last year to more than $137 billion in November 2021.
Kaspersky Opens Doors to New Transparency Center in North America (Dark Reading) The opening marks the fifth center opened globally, fulfilling a key milestone within the Global Transparency Initiative.
Palo Alto Networks joins the Nasdaq-100 (PR Newswire) Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, shared today that it has joined the Nasdaq-100® Index, the top 100 largest...
Fortinet Named to Nasdaq-100 Index (Yahoo) Ken Xie, Founder, Chairman of the Board and CEO at Fortinet“Fortinet has led the evolution of cybersecurity innovation over the past two decades, and is leading the next-generation of security solutions. The network security market is rapidly expanding from the data center out to the work-from-anywhere edge and to the cloud. We expect our innovative ASIC-supported security fabric platform and converged Security-driven networking approach to un
The Cyber Guild Honors Eight Capital Region Cybersecurity Leaders at Third Annual Cybersecurity Awards Ceremony (Yahoo Finance) The Cyber Guild, the only Virginia cybersecurity trade association, honored eight Capital Region cybersecurity leaders at this year's third annual Cybersecurity Awards ceremony held on December 8 at Refraction.
Arctic Wolf Appoints Andrew Hill as Chief Legal Officer and General Counsel (Arctic Wolf) Industry veteran brings decades of experience as corporate counsel for high-growth technology companies
Feedzai Grows 125%, Hires new CRO, General Counsel, and brings in a new independent board member (GlobeNewswire News Room) 125% year-over-year ARR growth in Q3 with multiple new customers in North America, Europe, Latin America, and Asia.New Chief Revenue Officer and General...
TripleBlind expands leadership team with four hires (KC Inno) Kansas City-based TripleBlind is building on its momentum with the addition of executive hires.
LookingGlass Promotes Cody Pierce to Chief Product Officer (GlobeNewswire News Room) New role deepens the alignment of the company’s growth with the expansion its product line....
Exabeam Welcomes Gianna Driver As Chief Human Resources Officer (Security Informed) Exabeam, the pioneer in Next-gen SIEM and XDR announced the appointment of Gianna Driver as Chief Human Resources Officer (CHRO). As CHRO, Driver is chartered with creating scalable processes that will enrich the employee experience and enable Exabeam employees to do their best work.
Deduce Makes Key Additions to its Executive Team (Enterprise Security Magazine) It is the leadership and executive team's obligation to secure the company and its data by identifying threats, analyzing their impact, and taking...
Products, Services, and Solutions
PerimeterX Prevents Over $1.5B in Losses from Account and Purchase Fraud Over Cyber 5 (PerimeterX) We saw some interesting trends during the Cyber 5 shopping period that give a preview into the future threat landscape.
Apple launches AirTags and Find My app for Android, in effort to boost privacy (CNET) Apple's following through on a promise to help Android users identify nearby AirTags and Find My trackers that aren't with their owners.
Her Instagram Handle Was ‘Metaverse.’ Last Month, It Vanished. (New York Times) Five days after Facebook changed its name to Meta, an Australian artist found herself blocked, with seemingly no recourse, from an account documenting nearly a decade of her life and work.
Iron Bow to Offer Xage Zero Trust Security Platform to Military, Government Customers (ExecutiveBiz) Iron Bow Technologies has partnered with Xage to offer the latter's zero trust security platform to the Department of Defense and federal government customers.Under the deal, Iron Bow will serve as a distributor of the Xage Fabric remote access authentication tool built to protect connected digital systems and communications networks from unauthorized access, Xage said
Network Security Leader iboss Joins ForgeRock Trust Network (PRWeb) iboss, the leading SASE cloud security provider, today announced it has joined the ForgeRock (NYSE: FORG) Trust Network, an exclusive technology ecosystem of over
Ukrainian cyber police will work hand in hand with DeHealth to strengthen the protection of medical data (StreetInsider.com) Oleksandr Hrynchak, the Head of the Cyber Police Department, and Anna Bondarenko, the Co-Founder of DeHealth, signed a memorandum of cooperation. Both parties will share their...
ImmuniWeb and CERT.LV Join Efforts to Fight Cybercrime (ARN) ImmuniWeb will support CERT.LV educational and cyber-defense activities to prevent financially motivated cyber-attacks, reinforce cyber-resilience and reduce losses from cybercrime in the region.
Technologies, Techniques, and Standards
USPS built and secretly tested a mobile voting system before 2020 (Washington Post) Such systems are widely considered insecure against hacking
CISA Issues Guidance on Social Media Account Protection (Executive Gov) The Cybersecurity and Infrastructure Security Agency has introduced new guidance providing ways to ensure the security of social media accounts operated by
NIST Seeks Comments on Project Draft for IPv6-Only Implementation (Executive Gov) The National Institute of Standards and Technology's National Cybersecurity Center of Excellence has drafted a project description for implementing a secure
Defense Department blocks ads to counter malvertising, official tells Congress (CyberScoop) The Defense Department employs multiple methods of blocking internet advertisements because of the threats that malicious ads pose, the Pentagon said in a letter Monday.
Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums (Dark Reading) Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold.
Shoring up the solar industry’s resilience to cyberattack (pv magazine USA) As solar and storage technologies are deployed on the grid in record numbers, there’s no time like the present to take steps to prevent solar and storage from being vulnerable to cyberattack.
SOC Denial is Real in the 3rd Annual Devo SOC Performance Report (GlobeNewswire News Room) Report finds that while external risk factors continue to accelerate, internal roadblocks and leadership disconnect have stalled even high-performing...
Why proactive cyber defence is essential (teiss) So don't depend on detection alone; at the very least invest in detection + containment, and ideally map out a path to enhancing preventative controls.
KnowBe4 Releases Top 5 Cybersecurity Tips for the 2021 Holiday Season (GlobeNewswire News Room) Shopping scams, gift card payment requests and other dangerous tricks threaten to ruin the holiday season...
Design and Innovation
Cybersecurity 'Vaccines' Emerge as Ransomware, Vulnerability Defense (eSecurityPlanet) Vaccines have emerged as a critical tool for stopping cybersecurity threats - but they have their limitations.
Australia launches national AI centre in CSIRO's Data61 (ZDNet) The new AI centre will work on reducing barriers faced by small to medium-sized businesses in adopting and developing AI and emerging technology.
Legislation, Policy, and Regulation
The End of Cyber-Anarchy? (Foreign Affairs) How to build a new digital order.
Documents link Huawei to China’s surveillance programs (Washington Post) The Chinese tech giant Huawei Technologies has long brushed off questions about its role in China’s state surveillance, saying it just sells general-purpose networking gear.
The Growing Danger of U.S. Ambiguity on Taiwan (Foreign Affairs) Biden must make America’s commitment clear to China—and the world.
Online Safety Bill: New offences and tighter rules (BBC) New criminal offences and major changes have been proposed in the UK's landmark Online Safety Bill, which seeks to regulate social media and tech giants.
Joint Committee recommends 'major changes' in Online Safety Bill (Computing) The Bill should cover more criminal offences to regulate "land of the lawless"
UAE Law Regarding the Protection of Personal Data (JD Supra) The United Arab Emirates joins Saudi Arabia by passing Federal Decree-Law No (45) of 2021 Regarding the Protection of Personal Data (“PPD Law”) to...
Not just NSO: Israel fears U.S. targeting all Israeli offensive cyber firms (haaretz.com) The days in which NSO worked in secret with the active encouragement of PM Netanyahu and the intelligence community are over, never to return
America’s Cyber-Reckoning (Foreign Affairs) How to fix a failing strategy.
James Stavridis - Four Ways the US Can Keep Putin From Invading Ukraine (Asharq AL-awsat) When I became the supreme military commander at the North Atlantic Treaty Organization in 2009, the alliance was focused on the war in Afghanistan. But one of the first senior delegations to visit me came to discuss Russia: the military chiefs of Est
Biden will sign an executive order to move government services online (Protocol) The order will direct 17 agencies to overhaul the way they interact with Americans, including allowing them to apply for things like passports online.
Cyberattacks on our energy infrastructure: The need for a national response to a national security threat (Atlantic Council) Secretary Jeh Johnson calls for a cohesive national response to combat the growing cyber threat to our nation's energy infrastructure. He lays out several recommendations for a path forward.
Why Classifying Ransomware as a National Security Threat Matters (Dark Reading) Government actions help starve attack groups of the resources - money, ability to recruit, and time.
The Cyber Trap is Broken – 94 Percent of Federal Cyber Decision-Makers See Flaws in Today’s Cybersecurity Strategies (Businesswire) New research finds that the Cybersecurity EO brings cyber issues to the forefront, but Federal leaders need to shift gears to make real progress.
CIOs at HHS, TSA, CTO at Justice leaving federal service (Federal News Network) Long-time data guru Tom Beach joins the FDA while GSA shuffles some seats after Carlton Shufflebarger retires after 37 years in government.
N.C. Department of Information Technology Hires State's First Chief Privacy Officer (North Carolina Department of Information Technology) As chief privacy officer, Cherie Givens is tasked with managing risk related to information privacy laws and compliance regulations. The role was created to allow for stronger authority for making privacy decisions and protecting the interests of North Carolina residents, businesses and visitors.
Litigation, Investigation, and Law Enforcement
The ultra-violent cult that became a global mafia (BBC News) A BBC investigation into Black Axe has unearthed new evidence of political infiltration, and a scamming and killing operation spanning the globe.
Ukraine arrests 51 for selling data of 300 million people in US, EU (BleepingComputer) Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe.
Germany Jails Operators of 'Cyberbunker' Darknet Hub (SecurityWeek) Eight people were handed jail sentences in Germany for operating a web-hosting service known as "cyberbunker" in a former NATO bunker that enabled illegal trade in drugs, stolen data and child pornography.
Ransomware Affiliate Arrested in Romania (SecurityWeek) Europol and the Romanian National Police on Monday announced the arrest of an individual allegedly involved in a ransomware operation targeting multiple high-profile organizations.
Ransomware suspect arrested over attacks on 'high-profile' organisations (ZDNet) Europol, FBI and Romanian Police operation leads to a suspect being detained over ransomware attacks.
Romanian ransomware suspect arrested in joint Europol, FBI operation (CyberScoop) A Romanian man accused of using ransomware to target “high-profile” organizations and companies was arrested Monday as part of a joint operation between the Romanian National Police, the FBI, and Europol. The man — identified only as a 41-year-old living in Craiova, Romania — is accused of compromising an unnamed Romanian IT services company with clients in the retail, energy and utilities sectors, according to a Europol statement posted to the agency’s website.
Ransomware affiliate arrested in Romania (The Record by Recorded Future) Romanian police have detained a 41-year-old suspect today in the city of Craiova on suspicion of participating in ransomware attacks across the globe.
Arrest in Romania of a ransomware affiliate scavenging for sensitive data (Europol) The suspect – a 41-year-old Romanian national - was arrested today at his home in Craiova, Romania, in the early hours of the morning. Ransomware with blackmail The criminal is suspected of having compromised the network of a large Romanian IT company delivering services to clients in the retail, energy and utilities sectors. He is then believed to have deployed...
Swiss court allows U.S. extradition of Russian businessman (Reuters) A Swiss court dismissed an appeal by a Kremlin-linked Russian businessman to block his extradition to the United States, rejecting his argument that he was a victim of a U.S. political campaign to snare him on trumped-up insider trading charges.
FBI Investigates Cyber Attack Against TheBus and TheHandi-Van on O‘ahu | Maui Now (Maui Now) The FBI and Cybersecurity and Infrastructure Security Agency are working to investigate the cyber-attack against the operator of the City and County of Honolulu’s systems managing TheBus and TheHandi-Van.
Cyber Attack Against TheBus and TheHandi-Van (Federal Bureau of Investigation) The FBI and CISA are working with federal, state, and local partners to investigate the cyber-attack against the operator of the City and County of Honolulu’s transit systems.
AP seeks answers from US gov't on tracking of journalists (KMTV) The Associated Press is seeking answers from the Department of Homeland Security on its use of sensitive government databases for tracking international terrorists to investigate as many as 20 American journalists, including an acclaimed AP reporter.
Ransomware or Revenge? Former Employee Charged With Extortion (The Daily Beast) A tech company employee was fired for performance issues—and then he sought sloppy revenge, court records obtained by The Daily Beast show.
Transamerica Hit With Lawsuit Over Data Breach (PLANSPONSOR) A retirement plan participant says that, since the data breach, his personal information has been used to make fraudulent purchases and spam calls.
Her Majesty's Revenue and Customs reported 17 serious data breaches to ICO (IBS Intelligence) Her Majesty's Revenue and Customs (HMRC) has reported a total of 17 serious data breaches to the Information Commissioner's Office (ICO) over