Dateline Houston, Texas, to Linden, New Jersey: Colonial Pipeline's ransomware incident.
Colonial Pipeline says it's returned to 'normal operations' after cyber attack (TheHill) Colonial Pipeline said Saturday that it has returned its systems to “normal operations” following the ransomware attack last week that forced the major pipeline to shut down.
Major US fuel pipeline resumes 'normal operations' following cyber attack (ABC) Washington believes a Russia-based criminal group known as Darkside had targeted the company in a so-called ransomware attack.
White House discussed using military fuel reserve after pipeline hack (NBC News) The options presented by the Pentagon could be reconsidered if the crisis lasts well beyond early next week, said people familiar with the conversations.
Colonial Pipeline Paid a $5M Ransom—and Kept a Vicious Cycle Turning (Wired) Stopping payments would go a long way to stopping ransomware. But the choice is never quite so easy.
Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity (New York Times) The hack underscored how vulnerable government and industry are to even basic assaults on computer networks.
Colonial Pipeline cyber attack a warning of worse to come (Australian Financial Review) Until the big cyber superpowers - US, Russia and China - set down some rules, commercial, geopolitical and military competition will continue to bleed into the more mundane world of cyber security.
Colonial Pipeline Failure Exposes an Obvious Willful Ignorance to take Cybersecurity Seriously (ABI Research) ABI Research’s Digital Security Research Director answers critical questions about the Colonial Pipeline ransomware hack
Colonial Is Problem We Can No Longer Avoid: Palo Alto Networks (Bloomberg) Wendi Whitmore, Palo Alto Networks' senior vice president , discusses the cyber attack on Colonial Pipeline Company and its apparent lack of security infrastructure allowing hackers to shutdown America's largest gasoline pipeline for six days. She speaks with Emily Chang on "Bloomberg Technology." (Source: Bloomberg)
The Colonial Pipeline Hack: Wake Up Call for the Oil & Gas Industry (INKY) What a wakeup call for the Oil & Gas industry the Colonial Pipeline hack has turned out to be! Bloomberg is reporting that Colonial has already paid a $5 million ransom to get its digital assets back. Learn more about how this attack could have been prevented.
Colonial Pipeline cyberattack is no cause for panic – here's why (CNBC) The Colonial Pipeline hack was not the first of a series of sudden attacks on America's critical infrastructure, according to cyber experts.
CISA: Do Not Pay Ransomware (SIGNAL Magazine) Federal cybersecurity agency works to confront and protect against ransomware activity.
Pipeline Ransomware Attack Could Raise Cyber Insurance Bar (Law360) The ransomware attack on Colonial Pipeline Co., the latest high-profile example of a growing threat, may make it tougher for companies to negotiate cyber insurance policies without first bolstering their technological defenses, experts said.
Experts note muted media reaction to alleged Russia-linked cyberattack on pipeline (Fox News) The lack of media outcry over a possible Russian government link to the attack by a Russia-based ransomware gang on the Colonial Pipeline is another example of the Biden administration getting a "pass," experts tell Fox News.
Attacks, Threats, and Vulnerabilities
Japan lashes out against alleged Chinese military cyberattacks (Nikkei Asia) Tokyo goes on offensive, names Beijing as culprit for first time ever
Darkside ransomware gang says it lost control of its servers & money a day after Biden threat (The Record by Recorded Future) A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments.
Colonial Pipeline Hacker DarkSide Says It Will Shut Operations (Wall Street Journal) DarkSide, the criminal group linked to a cyber attack that disrupted U.S. gasoline deliveries this week, has told hacking associates that it is shutting down, said security research firms.
DarkSide Ransomware Group Faces XSS Ban, Servers Seized (Flashpoint) After the conclusion of the DarkSide ransomware attack on Colonial Pipeline, DarkSide faces operational and reputational setbacks of its own.
DarkSide Ransomware Shutdown: An Exit Scam or Running for Hills? (SecurityWeek) The criminal gang behind the disruptive Colonial Pipeline ransomware hack says it is shutting down operations, but threat hunters believe the group will reemerge with a new name and new ransomware variants.
Ransomware Going for $4K on the Cyber-Underground (Threatpost) An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships.
Insurer AXA hit by ransomware after dropping support for ransom payments (BleepingComputer) Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack. As seen by BleepingComputer yesterday, the Avaddon ransomware group claimed on their leak site that they had stolen over 3 TB of sensitive data from AXA's Asian operations.
Hunters Research: Detecting Obfuscated Attacker IPs in AWS (Hunters) Hunters' research team discovers obfuscation technique using AWS VPC feature. Attackers could change the IP address written to AWS CloudTrail logs.
Kaspersky: TunnelSnake Campaign Targeting Diplomatic Bureaus in Asia, Africa (MSSP Alert) TunnelSnake malware gives attacker nearly unlimited control over a computer's operating system, endpoint security software company Kaspersky says.
Irish Healthcare Service Says Ransomware Attack to Cost Tens of Millions of Euros (Wall Street Journal) Some hospitals continued to cancel certain procedures on Monday as Health Service Executive repairs damage to computer systems.
Department of Health hit by cyberattack similar to that on HSE (The Irish Times) Gardaí strongly suspect the same criminal gang is involved in both ransomware attacks
Irish healthcare shuts down IT systems after Conti ransomware attack (BleepingComputer) Ireland's Health Service Executive(HSE), the country's publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack.
Statement on the Cyber Attack on HSE (Government of Ireland) The HSE became aware of a significant ransomware attack on some of its systems overnight. The National Cyber Security Centre (NCSC) was informed of the issue and immediately activated its crisis response plan.
Hackers Behind the HSE Cyberattack Demand $20 Million Ransom (TechDator) The threat actor behind Ireland's HSE is now asking for a massive $20 million sum for the decryptor and erasing the stolen data.
Cyberattack on HSE systems prompts cancellation of key medical procedures (The Irish Times) Disruption set to persist into next week as Taoiseach vows ransom will not be paid
HSE cyber attack: Full impact may take days to assess but COVID-19 vaccines continue (Newstalk) The full impact of the cyber attack on the HSE's IT system will not be known for a number of days...
Twitter protests create online fraud threat (Signifyd) The games began once protesters tweeted officials' credit card details.
QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day (BleepingComputer) QNAP warns customers of an actively exploited Roon Server zero-day bug and eCh0raix ransomware attacks targeting their Network Attached Storage (NAS) devices, just two weeks after alerting them of an ongoing AgeLocker ransomware outbreak.
Remote Mouse App Crippled With ‘Mouse Trap’ Zero-Day Bugs (Latest Hacking News) Mobile app Remote Mouse with 100,000K installs is affected with six different zero-day bugs that allow remote code execution. No patches yet.
Two attacks disclosed against AMD's SEV virtual machine protection system (The Record by Recorded Future) Chipmaker AMD has issued guidance this week for two attacks against its SEV (Secure Encrypted Virtualization) technology that protects virtual machines from rogue operating systems.
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity (Malwarebytes Labs) This skimmer is using a hybrid approach to bypass detection and target vulnerable e-commerce websites.
FIN7 Backdoor Masquerades as Ethical Hacking Tool (Threatpost) The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines.
Cyber security researchers identify hackers stealing money through 167 fake Android and iOS apps (The New Indian Express) Some apps included an embedded customer support chat option. When researchers tried to communicate with the support teams using this, the replies they received used near-identical language
Microsoft build tool abused to deliver password-stealing malware (BleepingComputer) Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign.
We Found Joe Biden On Venmo. Here’s Why That’s A Privacy Nightmare For Everyone (BuzzFeed News) The peer-to-peer payments app leaves everyone from ordinary people to the most powerful person in the world exposed.
Apple AirTag hacked again – free internet with no mobile data plan! (Naked Security) More phun with Apple AirTags! Free internet, no data plan required… but it’s s-l-o-o-o-w.
Clark County investigating malware attack that took down network servers; some service gradually returning (Springfield News-Sun) Clark County officials had no estimate when the servers would be fully back online.
Cyber Attack Interrupts Services in Anson County, N.C. (GovTech) After a May 1 malware attack, Anson County, N.C., lost several services, including email and telephone. The county, however, doesn't believe any employee or citizen data was affected.
Security Patches, Mitigations, and Software Updates
VMware vRealize Business for Cloud updates address a remote code execution vulnerability (CVE-2021-21984) (VMware) A remote code execution vulnerability in VMware vRealize Business for Cloud was privately reported to VMware. Updates are available to remediate this vulnerability in affected VMware product.
Trends
Cybersecurity Perspectives 2021 (Scale Security) The Pandemic, SolarWinds, and the Security Leader State of Mind
The Cybersecurity 202: Ransomware groups are going underground, which could make them harder to track (Washington Post) A cybercriminal group behind an attack that forced major fuel-provider Colonial Pipeline to go offline for several days has allegedly gone inactive.
Welcome to DarkSide – and the inexorable rise of ransomware (the Guardian) The hacking of a US gas pipeline is proof that cybercrime is now a major industry – with its own trading markets and even CSR
Ransomware is a national security threat and a big business — and it’s wreaking havoc (Washington Post) The attack that crippled Colonial Pipeline is just the tip of the iceberg
Disruptionware: A New Cyber Threat Targeting Critical Infrastructure (JD Supra) Disruptionware is an emerging type of cyberattack calculated not only to disrupt the availability, integrity and confidentiality of victims’ data,...
How ransomware became a disruptive & lucrative form of cybercrime (RTE.ie) Ransomware gangs are running riot online and staying one step ahead of cybersecurity efforts
Cyber Ransom Payments Set a Bad Precedent But Happen Often (Insurance Journal) The U.S. government's fight to choke off ransom payments collected by hackers hit a major snag Thursday, following news that Colonial Pipeline Co. paid a
Proofpoint Releases 2021 Voice of the CISO Report (Solutions Review) Proofpoint recently released its 2021 Voice of the CISO Report. This inaugural white paper explores key challenges facing CISOs.
Firms unprepared for cyber attacks, says CISO report (Financier Worldwide) Two-thirds of chief information security officers (CISOs) feel their companies are unprepared for a cyber attack, according to a new report from Proofpoint Inc. The company’s inaugural ‘2021 Voice of the CISO Report’ examines global third-party survey responses from more tha
COVID's silver lining: The race to cloud-based cybersecurity quickens (SiliconANGLE) When security integrator Optiv Security Inc. went into lockdowns more than a year ago, Chief Information Officer Sujan Turlapaty immediately realized what he was up against. “We went from managing 20 to 30 branch offices to 2,500 remote offices,” he said. “The attack surface was much bigger.”
SolarWinds breach exposes hybrid multicloud security weaknesses (VentureBeat) The SolarWinds breach strikes at the heart of hybrid multicloud security. This dashes assumptions and pushes zero trust policy to the fore.
The child safety problem on platforms is worse than we knew (Platformer) A startling new report finds far more young kids using platforms than we suspected — and they’re having sexual interactions with adults in huge numbers
GameStop FOMO Inspires a New Wave of Crypto Pump-and-Dumps (Wired) Thousands of would-be investors are joining Discord groups that promise big earnings by manipulating the crypto market.
UAE is a major draw for cybercriminals, research shows (Khaleej Times) When it comes to the UAE, 78 per cent of businesses indicated that they had been impacted by ransomware in 2020, a massive increase from 66 per cent of companies reporting such disruption last year
Marketplace
SpaceTech cyber platform to create 2,000 jobs (BusinessCloud) Quantum technology start-up signs BT contract as it exits stealth mode with plan for SPAC merger which values it at £1bn
Centricus Acquisition Corp. Combines With Arqit Limited To Focus On Cyber Security With Quantum Encryption Technology (Sat News) Arqit Limited (“Arqit”), a leader in quantum encryption technology and Centricus Acquisition Corp. (Nasdaq: CENH, CENHW, CENHU) (“Centricus”), a special purpose acquisition company, have entered into a definitive agreement that would result in Arqit becoming a publicly listed company (the “Business Combination Agreement”).
Query.AI raises $4.6M to scale its go-to-market and engineering teams to meet demand for its platform (Help Net Security) Query.AI raises $4.6M to scale its go-to-market and engineering teams to meet significant demand for its platform.
Cisco strikes again grabbing threat assessment tool Kenna Security as third acquisition this week (TechCrunch) Cisco has been busy on the acquisition front this week, and today the company announced it was buying threat assessment platform Kenna Security, the third company it has purchased this week. The two companies did not disclose the purchase price. With Kenna, Cisco gets a startup that uses machine le…
M&A Activity in Cyber Security Insurances Market to Set New Growth Cycle (Brockville Observer)
Novetta wins U.S. Army CAMO award (PR Newswire) Novetta, an advanced analytics company, announced today that it was awarded an agreement under the SOSSEC Consortium's Other Transactional...
Booz Allen Signs Up for Global Radio Network Access Consortium (ExecutiveBiz) Booz Allen Hamilton has become one of the industry members of the O-RAN Alliance, which promotes int
Illusive Donates Security Resources and Charitable Contributions to Highlight Organizational Risk (PR Newswire) Illusive, the leader in Active Defense, today announced its Lateral Movement Risk Audit initiative to shed light on security risks to business'...
RevBits® Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2021 (PR Newswire) RevBits is proud to announce that it was the winner of the following award(s) from Cyber Defense Magazine (CDM), the industry's leading...
How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly (Threatpost) Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting.
Read the pitch deck that South Dakota-based Query.AI used to raise its first-ever funding (Business Insider) The "Silicon Prairie" startup is launching with $4.6 million in seed funding in a round led by ClearSky Security.
WSJ News Exclusive | Microsoft Directors Decided Bill Gates Needed to Leave Board Due to Prior Relationship With Staffer (Wall Street Journal) Some Microsoft directors began an investigation in 2019 into a woman’s allegations of prior sexual relationship with Bill Gates; Mr. Gates’s spokeswoman says his decision to leave board in 2020 wasn’t related to the matter.
Long Before Divorce, Bill Gates Had Reputation for Questionable Behavior (Ney York Times) Melinda French Gates voiced concerns about her husband’s relationship with Jeffrey Epstein and a harassment claim against his money manager.
Kate Barecchia Named Global Data Privacy Officer and Deputy General Counsel at Imperva® (GlobeNewswire) Imperva, Inc., (@Imperva) the cybersecurity leader whose mission is to protect data and all paths to it, announces Kate Barecchia as Global Data Privacy Officer and Deputy General Counsel.
Coalfire appoints first chief product officer (BizWest) Coalfire Systems Inc., a Westminster cybersecurity firm, has hired Vineet Seth as the company’s first chief product officer. “The move supports the company’s expanding focus on solutions that deliver real-time insights and product-enabled approaches to drive efficiency and reduce risk,” according to a Coalfire news release.
Palo Alto Networks Appoints Aparna Bawa to Its Board of Directors (PR Newswire) Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today announced the appointment of Aparna Bawa to the company's board of...
Cisco security lead Steve Moros jumps to Proofpoint (CRN Australia) Leading vendor’s sales and go-to-market.
Products, Services, and Solutions
New Microsoft Security podcast debuts on the CyberWire Network (PR Newswire) The CyberWire announced today that Microsoft Security's newest podcast, "Security Unlocked: CISO Series with Bret Arsenault," made its debut as...
WitFoo Announces Partnership with Ardalyst (WitFoo) Federal MSSP & VAR partners with SECOPS platform to deliver SOC of the Future & compliance with evolving government cybersecurity standards Dunwoody, Ga. – May 17, 2021 – WitFoo, the world’s most intelligent SECOPS platform fueled by big data analytics, announced today a partnership with Ardalyst, a digital risk management company, to offer Precinct as […]
Nuspire Revolutionizes the Security Industry Experience with the Release of myNuspire (Nuspire) Nuspire, managed security services provider (MSSP), releases myNuspire, a revolutionary, technology agnostic and fully customizable security operating system that consolidates an organization’s entire technology stack into a single pane of glass.
TAG Cyber Finds Investment in Cyber Skills Development Saves Money and Reduces MTTR (BusinessWire) The Cyberbit platform for cybersecurity skill development results in budgetary reductions, cost savings, and improvements in critical SOC KPIs.
Digital.ai Introduces Intelligent Essential App Protection to Provide Organizations with Visibility to App Security Risks (Digital.ai) New Low Code Solution Enables Teams to Rapidly Integrate Mobile App Protection as part of The DevSecOps Pipeline and Gain the Visibility Required to Intelligently Assess and Respond to Security Risks
ReversingLabs announces REVERSING2021 software supply chain virtual roadshow (Help Net Security) ReversingLabs announced REVERSING2021, a seven-city digital, global roadshow series. Addressing Fortune 500 business concerns, this virtual series will
Cloudflare’s new authentication system aims to eliminate CAPTCHA from Internet (mint) The system is called Cryptographic Attestation of Personhood and it will be able to authenticate logins to websites by using physical USB keys
DigiCert selected to provide PKI-based security services for the TIP OpenWiFi initiative - VanillaPlus - The global voice of Telecoms IT (VanillaPlus) DigiCert, Inc., the provider of TLS/SSL, IoT and other PKI solutions, announced that it has been selected by the Telecom Infra Project (TIP) to provide glo
Oklahoma cuts phishing threats with cloud-based email gateway (GCN) A cloud-based secure email gateway has helped the Oklahoma Office of Management and Enterprise Services decrease the threat from inbound malware messages.
Best ethical hacking certification in 2021: Top pro courses (ZDNet) Becoming a certified ethical hacker can be a rewarding career. Here are ZDNet’s recommendations for the top certifications in 2021.
Technologies, Techniques, and Standards
NIST Wants Help Assessing China’s Influence on Emerging Technology Standards (Nextgov.com) The agency wants insight into how the nation might engage in international standardization activities for artificial intelligence and quantum information science.
Council Post: Why Cloud-Native Security Can’t Wait For Mandates (Forbes) Is operating by mandate ever bad? When does waiting to be told what to do become your biggest risk?
The 5 Password Security Rules Your Employees Are Ignoring (Threatpost) According to Keeper Security’s Workplace Password Malpractice Report, many remote workers aren’t following best practices for password security.
If We Don’t Secure People, Information Security Will Remain a Pipe Dream (Lawfare) Until employees are appropriately safeguarded, true information security is likely to remain just beyond reach.
Design and Innovation
Cloudflare reveals plan to end CAPTCHA 'madness' (Computing) Cloudflare says the CAPTCHA system wastes nearly 500 human years every single day
The Blue Check Mark’s Evil Cousin (The Atlantic) On Clubhouse, a black badge was meant to identify trolls. It’s become an emblem of the app’s dysfunctional moderation system.
Academia
NSA, Morgan State University Use Ghidra to Mitigate Vehicle Cyber Vulnerabilities (Homeland Security Today) The National Security Agency recently partnered with Morgan State University to use Ghidra — an NSA-created reverse-engineering tool — to help identify cyber weaknesses in vehicles and improve their resistance to cyber threats.
Hunterdon County Vocational School District Students Make Good Showing At National Cyber Scholarship Competition - Insider NJ (Insider NJ) Hunterdon County Vocational School District Students Make Good Showing At National Cyber Scholarship Competition FLEMINGTON, N.J. – Some 27 students from the Hunterdon County Vocational School District’s (HCVSD) Computer Science & Applied Engineering Academy (CSAEA) qualified to compete in CyberStart America, a national cyber scholarship competition, held in early April. CSAEA had the highest ratio of qualifiers[...]
Legislation, Policy, and Regulation
Russia Gives Safe Harbor to Pirates of the Cyber Seas (Bloomberg) Putin seems to have revived the 16th-century “letter of marque” that England used against the Spanish Empire.
'Twisted': Russia brands US an 'unfriendly' country (Washington Examiner) Russian President Vladimir Putin’s government has branded the United States an “unfriendly” nation, putting a new legal stamp on tensions with Washington in advance of high-level meetings with President Joe Biden’s administration.
Jonah Goldberg: Deterrence method for piracy might also discourage cyberattacks (TribLIVE.com) The Colonial Pipeline, which provides roughly 45% of the East Coast’s oil, gas and jet fuel, was hacked last week by a group called DarkSide. The cyberattack forced the pipeline owners to shut down operations, leading to long gas lines in many American cities. The incident has sparked a long-overdue
Ban ransom payments to hackers, urges ex-GCHQ boss (Times) Britain’s former cybersecurity chief has called for a ban on ransomware payments after the Irish health service became the latest to be hit by a major attack from international criminals.Ciaran Martin
Biden revokes Trump's social media executive order (Protocol) President Biden revoked the Trump-era executive order on "preventing online censorship," which a source told Protocol last summer had been issued in response to Twitter's decision to apply fact-checking label to several of former President Trump's tweets.
Addressing SolarWinds Through Executive Action: A Welcomed And Critical Advancement (Forbes) While the EO will not solve all of our security problems or prevent the next SolarWinds attack – and the truth is no single policy, government initiative, or technology will – it is a great start.
Biden Says Greater Private-Sector Investment In Cybersecurity Is Needed (Forbes) In remarks at the White House, President Joe Biden said, “private entities are in charge of their own cybersecurity...and we know what they need. They need greater private-sector investment in cybersecurity.”
The Executive Order on Cybersecurity does not adequately protect critical infrastructures – real cases prove it (Control Global) President Biden issued the Executive Order (EO) on Improving the Nation’s Cybersecurity. I am happy that cybersecurity is recognized at the Presidential level. However, I am disappointed the EO did not address the unique issues associated with control systems.
A federal government left ‘completely blind’ on cyberattacks looks to force reporting (POLITICO) A bipartisan group of lawmakers wants to make sure the government is never left in the dark about serious hacks again.
Learning from cyber attacks could be the key to stopping them (ZDNet) Anne Neuberger, deputy national security advisor for cyber and emerging technology at the White House says recent events demonstrate need to focus on preventing incidents.
Tech Sector Likes Cyber Order’s Enterprise-Wide View, Cloud Push (Meritalk) Tech-sector reaction to the White House’s sweeping cybersecurity executive order issued May 12 came in largely positive today, with security technology makers particularly applauding the urgency of the administration’s plans, the enterprise-wide view that the order takes for improving security, and its actions to hasten the movement of Federal agencies to cloud services.
Biden's Cybersecurity Order Likely To Reach Beyond Gov't (Law360) The Biden administration has taken a major step toward curtailing a growing scourge of cyberattacks with a new executive order that not only imposes heightened cybersecurity requirements on the federal government and its contractors but also sets a strong example that's likely to rub off on private companies.
Cyber Response Bill Advances in Senate (Nextgov.com) The legislation includes a fund to help impacted organizations pay for remediation efforts.
FTC Expects Board-Level Cybersecurity Oversight (cyber/data/privacy insights) Federal Trade Commission (FTC) staff published a blog post that highlights increased cybersecurity threats and emphasizes the key role corporate boards play in a successful cybersecurity program: “Corporate boards: don’t underestimate your role in data security oversight.” Boards that are not active
Cyber Deterrence, Workforce Questions Dominate at House Cyber Hearing (Meritalk) With the Colonial Pipeline ransomware attack adding to the count of high-profile cyberattacks to make news in the past six months, members of Congress focused in on how the United States can deter such attacks, as well as how to attract talent to the cyber workforce, at a May 14 House Armed Services subcommittee hearing.
Watch live: NSA director testifies on cybersecurity (TheHill) National Security Agency Director Gen. Paul Nakasone will testify on Friday morning before the House Armed Services Committee regarding cybersecurity across the defense department.The hearing comes as a major pipeline, Colonial Pipeline, was the target of a cyberattack last week. The attack prompted gasoline shortages in stations across the southeast.The hearing is slated to begin at 11 a.m. ET.Watch the live video above.
Former NSA Chief Assess U.S. Vulnerability To Cyberattacks (NPR.org) NPR's Noel King talks to Keith Alexander, former director of the National Security Agency, about the risk of cyberattacks on the country's infrastructure, following the Colonial Pipeline shutdown.
Royal Household seeks a cyber security expert to secure networks (teiss) The Royal Household is looking for a cyber security engineer to monitor networks and protect digital systems from hacking attacks.
Sen. Hwang Calls For CT Cyber Security Task Force (Hamlethub.com) Sen. Tony Hwang has called for CT Cyber Security Task Force
Govt pro-actively looking for action on WhatsApp privacy rules issue: MeitY official (HT Tech) WhatsApp had set May 15 for its users to accept a change in privacy policy but later scrapped the deadline for users to accept the controversial update.
Will the cyber mission force soon receive more personnel? (C4ISRNET) The head of U.S. Cyber Command hinted that the cyber mission force could soon receive a bump in staffing.
CMMC board adds new training head, board members (FCW) Melanie Kyle Gingrich will take over training daily operations for the Cybersecurity Maturity Model Certification Accreditation Body as the vice president of training and development.
FTC Picks New Antitrust Top Cop to Battle Facebook, Probe Amazon (The Information) A little-known criminal antitrust prosecutor at the U.S. Department of Justice, Eyitayo St. Matthew-Daniel, is expected to be named the top antitrust enforcer at the department’s sister agency, the Federal Trade Commission, say three people familiar with the situation. The previously unreported ...
Litigation, Investigation, and Law Enforcement
HSE 'zero day' attack could lead to major cancellations as Interpol investigates (DublinLive) All hospital systems are down across Ireland as a precautionary measure
To curb ethnic riots, ex-intel officers volunteer to spy on extremists online (Times of Israel) Despite flagging imminent threats, such as the anti-Arab mob violence in Bat Yam, police are slow to act, says activist
US Senator asks hard disk drive manufacturers if they are improperly supplying Huawei (Data Center Dynamics) Following a probe of Seagate for possible sanctions breach
Court allows Irish regulator to proceed with inquiry into Facebook data flows (Reuters) Ireland's High Court on Friday rejected a Facebook bid to block an inquiry by the Irish data regulator that could halt Facebook's data flows from the European Union to the United States.
Brazilian gang defrauds Uber, Lyft, DoorDash using GPS spoofing and stolen IDs (The Record by Recorded Future) US authorities have charged a gang of Brazilian nationals for a scheme that defrauded the customers of services like Uber, Lyft, DoorDash, and two other unidentified food delivery services.
Ex-Army Green Beret gets 15 years for Russian espionage (Army Times) Debbins’ relationship with Russian intelligence dates to 1996 and spanned 15 years.
Prosecutors probe Pennsylvania contact tracing data breach (The Daily News) The Pennsylvania attorney general said Wednesday his agency has begun looking into a breach of COVID-19 contact tracing data that may have compromised private information of
Police caught one of the web’s most dangerous paedophiles. Then everything went dark (WIRED UK) A trail of clues helped police close in on a dangerous predator. Now, a battle over the future of end-to-end encryption could change the rules of engagement