Dateline Moscow, Kyiv: Fighting continues in the Donbas, and war's effect on the underworld
Ukraine at D+110: Hacktivists, spies, and cyber criminals. (The CyberWire) Supplying an artillery war, as Russia seeks to conquer rubble. Anonymous makes some large claims about its actions against Russia and Belarus. GRU's Sandworm exploits the Follina vulnerability against Ukrainian media organizations. Ukraine is backing up sensitive data abroad. And a study released this morning looks at the challenges and opportunities Russia's war has presented the cyber criminal underworld.
Russia-Ukraine war: List of key events, day 111 (Al Jazeera) As the Russia-Ukraine war enters its 111th day, we take a look at the main developments.
Russia is hammering Ukraine with up to 60,000 artillery shells and rockets every day (Task & Purpose) “Instead of a concrete target, the strikes target an entire neighborhood."
The battle of Donbas could prove decisive in Ukraine war (Military Times) If Russia prevails in the battle of Donbas, it will mean that Ukraine loses not only land but perhaps the bulk of its most capable military forces.
Russian Forces Destroy Last Bridge to Key Eastern Ukrainian City (Wall street Journal) Russia continued to bombard a chemical plant in Severodonetsk that is providing refuge for hundreds of civilians and soldiers, and has drawn comparisons with the protracted battle for Mariupol.
Ukraine war latest: Russia shoots down MiG and hits weapons depot in cruise missile attack (The Telegraph) Russia struck an artillery weapons depot with Kalibr cruise missiles in Ukraine's northerly Chernihiv region, the RIA news agency reported, citing the Russian defence ministry.
Ukraine asks the west for huge rise in heavy artillery supply (the Guardian) Zelenskiy adviser says far more hardware is needed to reach ‘heavy weapons parity’ with Russia and drive out its forces
Zelensky adviser reveals weapons Ukraine needs to end war against Russia (Newsweek) Pleas for more weapons from the West have intensified in recent days as Russian forces advance in eastern Ukraine.
Ukraine Will Survive and the US is Preparing to Arm it for Years, Says Pentagon’s Hicks (Defense One) Deputy Defense Secretary Hicks discusses Russia, China, and inflation’s effects on the Pentagon’s buying power at the 7th Annual Defense One Tech Summit.
Belarus dictator targets trade unions amid fears over anti-war mood (Atlantic Council) Belarus dictator Alyaksandr Lukashenka has initiated steps to shut down the country's independent trade unions amid growing disquiet on the domestic front over the Belarusian role in Putin’s Ukraine War.
How Ukraine Is Winning the Propaganda War (Wired) As the Russian siege drags on, Ukraine's media campaign has shifted from glorified myths to accounts of everyday bravery.
Anonymous claims hack on Russian drones (Computing) This attack is the group's first on the Russian military itself
Follina flaw being exploited by Russian hackers, info stealers (Computing) Reports of Ukrainian media organisations receiving emails with compromised Word docs, and AsyncRAT Trojan delivered by groups exploiting the unpatched flaw
Ukraine Has Begun Moving Sensitive Data Outside Its Borders (Wall Street Journal) Some government databases are already on cloud servers in Poland, and officials are negotiating similar arrangements with France, Estonia and several other nations.
How the Cybercrime Landscape has been Changed following the Russia-Ukraine War (Kela) Elena Koldobsky, Threat Intelligence Analyst
‘I could not be part of this crime’: the Russians fighting for Ukraine (the Guardian) Igor Volobuyev joined a legion of Russians hoping to defeat their homeland and maybe effect regime change
Russia-Ukraine war: Ukraine slaps down Joe Biden over 'absurd' invasion claims (The Telegraph) Ukraine has hit back at Joe Biden’s “absurd” remarks that Volodymyr Zelensky “didn’t want to hear” US intelligence about the likelihood of a Russian invasion.
On Russia, Europe Weighs Competing Goals: Peace and Punishment (New York Times) Arming Ukraine is not turning the tide. Is the answer vastly more weapons, as Ukraine says, or a bitter truce?
Why War Fails (Foreign Affairs) Russia’s invasion of Ukraine and the limits of military power.
Fears of Renewed Russian Strikes Hang Over Return to Kharkiv (Wall Street Journal) As residents who fled the bombardment of the northern Ukrainian city look to return following Russia’s withdrawal, the threat of attack still looms.
Bucolic Ukraine forest is site of mass grave exhumation (AP NEWS) The lush green beauty of a pine forest with singing birds contrasted with the violent deaths of newly discovered victims of Russia's war in Ukraine , as workers exhumed bodies from another mass grave near the town of Bucha on Kyiv's outskirts.
Russia accused of deliberately targeting Ukraine's medical facilities (Atlantic Council) Russia has been accused of deliberately targeting Ukrainian hospitals and healthcare facilities as part of a campaign to destroy the country's basic medical infrastructure and force millions to flee their homes.
Clues to the Fate of Five Damaged Cultural Heritage Sites in Ukraine (bellingcat) From museums and monasteries to monuments and castles, Russia's invasion of Ukraine has put hundreds of cultural heritage sites at risk.
The Corpse of a Russian Soldier, and the Cold but Human Urge to Look (New York Times) Why does war’s wreckage — the downed helicopters, the destroyed tanks and the dead — draw crowds? A former Marine ponders the question as he stands before the badly burned body of a Russian fighter.
Vladimir Putin’s dark journey from economic reformer to war criminal (Atlantic Council) Vladimir Putin's recent boasts of waging war in Ukraine to "reclaim" historic Russian land mark a new low in his journey from would-be economic reformer to unapologetic authoritarian and enthusiastic imperialist.
‘No Way to Say’ When Turkey Will Release Hold on Sweden, Finland, Says NATO’s Stoltenberg (Defense One) With Madrid deadline looming, “the progress is maybe just the fact that we have open lines” of communication, Finland’s president said.
How France’s Army chief is avoiding getting sucked into a ‘Ukrainian tunnel’ (Defense News) Also high on Gen. Pierre Schill's mind is seeing the Scorpion program fully implemented and figuring out the “eternal dialectics between sword and shield” that characterize tank warfare.
Why 'Mad Max'-style technicals have become a staple of Ukraine's fight against Russia (Task & Purpose) These heavily armed trucks can pick up anything — including salvaged Russian guns.
With Billions Going to Ukraine, Officials Warn of Potential for Fraud, Waste (Wall Street Journal) Current and former U.S. officials warn that more must be done to ensure arms and money aren’t diverted, stolen or misused.
Russian fuel and supply challenges in Ukraine cause Pentagon to consider at-sea delivery needs in potential US conflict with China (Stars and Stripes) The Defense Department has taken Russia’s failures to keep its forces properly supplied as a reminder of the consequential nature of proper logistics, especially if conflict erupts between the U.S. and China in the Indo-Pacific region.
Emmanuel Macron ‘betrays Ukraine’ as French imports of Russian gas soar (The Telegraph) Figures show France received €900m worth of Kremlin gas while bombs rained down on Ukraine in the past two months
Ukraine’s State Energy Company Keeps Russian Gas Flowing as War Rages (Wall Street Journal) An uneasy alliance between Ukraine’s Naftogaz and its Russian counterpart sustains gas flows to Europe and fills government coffers on both sides of the fighting.
Ukrainian army crowdfunds by selling Russian weaponry wreckage as souvenirs (The Telegraph) Keyrings made out of the enemy's destroyed jets and helicopters are being auctioned off for $1,000 to raise money for military supplies
Meet The Russian Billionaire Who's The Proxy Owner Of Putin's $500 Million Yacht (Forbes) The U.S. DOJ alleges that Eduard Khudainatov, the ex-CEO of state-owned oil giant Rosneft, acts as the "straw owner” for three superyachts held by Vladimir Putin and two Russian oligarchs—but Khudainatov has a multibillion dollar fortune of his own, thanks to his ties to the Kremlin’s inner circle.
Attacks, Threats, and Vulnerabilities
Iranian hacking campaign that included former U.S. ambassador exposed (CyberScoop) The long-running operation involved hijacked email accounts, phony login pages and a legitimate ID verification service.
Iranian Spear Phishing Operation Targets Former Israeli Foreign Minister, Former US Ambassador to Israel, Former Israeli Army General and Three other High-Profile Executives - Check Point Software (Check Point Software) Check Point Research (CPR) exposes an Iranian spear-phishing operation targeting high-profile Israeli and US executives. The attackers hijacked emails of
Prophet row sparks cyber war: Malaysia’s DragonForce hacks corporate VPNs, websites of Mumbai varsity, Thane police (Moneycontrol) Cybersecurity company CloudSEK confirmed to Moneycontrol that Logixal, an Oracle banking service provider used by major banks in the country, and Cybernetyx, which offers services to edtech companies, were hacked
What is a Kerberoasting Attack? (CrowdStrike) Kerberoasting is a post-exploitation attack technique that attempts to crack the password of a service account within the Active Directory (AD).
Chinese Hackers Adding Backdoor to iOS, Android Web3 Wallets in 'SeaFlower' Campaign (SecurityWeek) Researchers analyze SeaFlower, an activity cluster linked to China that involves adding backdoors to popular iOS and Android Web3 wallets.
How SeaFlower...installs backdoors in iOS/Android web3 wallets to steal your seed phrase (Medium) During the course of our work at Confiant, we see malicious activity on a daily basis. What matters the most for us is the ability to:
Linux Malware Deemed ‘Nearly Impossible’ to Detect (Threatpost) Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.
New ultra-stealthy Linux backdoor isn’t your everyday malware discovery (Ars Technica) Symbiote gives remote access to any account. Normal methods don't detect it.
Microsoft: Ransomware groups, nation-states exploiting Atlassian Confluence vulnerability (The Record by Recorded Future) Microsoft said ransomware groups and nation-state actors have begun exploiting Atlassian's CVE-2022-26134.
Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability (SecurityWeek) Multiple cybercrime and state-sponsored threat groups are exploiting the recently patched Confluence Server vulnerability tracked as CVE-2022-26134.
Australia's banking apps targeted by malware – report (MPA) Country's "horrendous" hardwired infrastructure and high use of mobile devices make it an attractive target for cyber criminals
Researcher Shows How Tesla Key Card Feature Can Be Abused to Steal Cars (SecurityWeek) A researcher has found a new way to hack and steal Teslas, via a Bluetooth-based relay attack that abuses a key card feature.
Researchers: Wi-Fi Probe Requests Expose User Data (SecurityWeek) A group of academic researchers from the University of Hamburg in Germany has discovered that mobile devices leak identifying information about their owners via Wi-Fi probe requests.
The many lives of BlackCat ransomware (Microsoft 365 Defender Threat Intelligence Team) The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy. It’s noteworthy due to its unconventional programming language (Rust), multiple target devices and possible entry points, and affiliation with prolific threat activity groups.
You agreed to what? Doctor check-in software harvests your health data. (Washington Post) A consent form from Phreesia gives it permission to use your data for marketing
Arizona hospital says SSNs of 700,000 people leaked during April ransomware attack (The Record by Recorded Future) A hospital in Yuma, Arizona is sending breach notification letters to more than 700,000 patients after a ransomware attack in April lead to a data breach involving SSNs.
700 patients' private information stolen in Avera data breach (SDPB) Avera says a data breach allowed someone to obtain the private information of about 700 patients.
Kaiser Permanente Breach Exposes Data on 70K Patients (Dark Reading) Employee email compromise potentially exposed patients' medical information, including lab test results and dates of services.
Kaiser Permanente data breach exposes health data of 69K people (BleepingComputer) Kaiser Permanente, one of America's leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals.
Important privacy notice for some Kaiser Permanente patients (Kaiser Permanente) Kaiser Foundation Health Plan of Washington (“Kaiser Permanente”) is committed to protecting the confidentiality and privacy of our patients’ information.
Vulnerability Summary for the Week of June 6, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Cape Cod transit bureau still recovering from Memorial Day ransomware attack (The Record by Recorded Future) Officials at Cape Cod’s transit bureau said they are still in the process of recovering from a ransomware attack that impacted their servers and communication systems over Memorial Day weekend.
Cyber attack impacting county’s operations (Seguin Today) Guadalupe County officials are responding to a cyber attack that has impacted the county's overall...
Single beaver caused mass internet, cell service outages in Northern B.C. (British Columbia) Officials have now identified a beaver as the cause of a June outage which left many residents of northwestern B.C. without internet, landline and cellular service for more than eight hours.
Security Patches, Mitigations, and Software Updates
Time to update: Google patches seven Chrome browser bugs, four rated 'high' risk (ZDNet) Google discloses four high-risk cybersecurity vulnerabilities in Google Chrome. CISA says users should apply the patches as soon as possible.
Microsoft won’t say if it will patch critical Windows vulnerability under exploit (Ars Technica) Slow to act on the code execution bug from the start, company is still in no hurry.
Drupal Releases Security Updates (CISA) Drupal has released security updates to address a Guzzle third-party library vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website. CISA encourages users and administrators to review Drupal security advisory SA-CORE-011 and apply the necessary updates.
Drupal Patches 'High-Risk' Third-Party Library Flaws (SecurityWeek) A pair of high-risk flaws in a third-party library exposes Drupal-powered websites to remote takeover attacks.
Trends
Inside the RSA expo: Buzzword bingo and the bear in the room (Register) We mingle with the vendors so you don't have to
5 takeaways from the RSA Conference (Cybersecurity Dive) The event tried to pick up where it left off 28 months ago. Can defenders keep up with the accelerated pace and scale of the cyber threat?
We Go To RSA So You Don’t Have To (Reason.com) Episode 411 of the Cyberlaw Podcast
Threat actors becoming more creative exploiting the human factor (CSO Online) Remote work, supply chains, commercial clouds offer threat actors opportunities to trick people into doing their bidding.
New Dashlane Report: The Future of Secure Work (Business Wire) New Dashlane Report: The Future of Secure Work
The Future of Secure Work for People + Organizations Report (Dashlane) Discover key trends on the state of security for small and medium organizations—and predictions on what’s to come.
Marketplace
HYCU Raises $53 Million for Data Backup Technology (SecurityWeek) Backup-as-a-service firm HYCU has raised $53 million in a Series B funding round led by Acrew Capital.
L3's plan to acquire Israeli cyber specialist NSO (Intelligence Online) US electronic warfare giant L3Harris is, according to our sources, the leading candidate to buy the former Israeli leader in tactical interception, NSO. The latter has been badly hit by American
Billion-Dollar Valuations Can't Halt Layoffs at OneTrust, Cybereason (SecurityWeek) Despite soaring valuations, several well-capitalized cybersecurity startups with 'unicorn' valuations are cutting staff to weather macroeconomic storms.
Crypto Exchange Coinbase to Lay Off 18% of Staff (Wall Street Journal) The biggest cryptocurrency exchange in the U.S. has struggled to keep users this year
ControlCase Selected to Join the HITRUST Assessor Council (PRWeb) ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services, announced they have joined the HITRUST Assessor Council. Contr
CrowdStrike Sees Opportunities to ‘Replace Carbon Black’ Post Broadcom-VMware Acquisition (SDxCentral) CrowdStrike announced plans to expand its CrowdXDR Alliance and Falcon XDR platform during the RSA conference.
Why CrowdStrike, MongoDB, and HubSpot Were Plunging Today (Nasdaq) Shares of cybersecurity firm CrowdStrike (NASDAQ: CRWD), database disruptor MongoDB (NASDAQ: MDB), and customer management and online marketing platform HubSpot (NYSE: HUBS) were down big today. As of 2:30 p.m. ET, these stocks were off 8.4%, 10.2%, and 10.4%, respectively.
Binance And Celsius Native Tokens Are In Freefall After Freezing Customer Withdrawals (Forbes) Cryptocurrency exchanges Binance and Celsius are forcing users to hold their investments as they pause withdrawals while broader cryptocurrency markets drop 14% over the last day.
Short Sellers Profit As Bitcoin’s Drop Moves MicroStrategy Dangerously Close To Collateral Call (Forbes) Microstrategy founder Michael Saylor bet his software company’s future speculating on billions of bitcoin. Crypto’s collapse has short sellers circling.
Sophos Named Cybersecurity Company of the Year by Cyber Defense Magazine (ForexTV) Sophos, a global leader in next-generation cybersecurity, today announced it has been named Cybersecurity Company of the Year by Cyber Defense Magazine. It is an Editor’s Choice winner in the publication’s 10th annual Global InfoSec Awards, which honor worldwide industry innovators for their unique and compelling solutions ...
Keeper Security Named Winner of Several Coveted Global InfoSec Awards During RSA Conference 2022 (PR Newswire) Keeper Security, the leading provider of zero-trust and zero-knowledge cyber security software, today announced that the company and its...
Okta eats own dog food on WFH, tightens supplier access after Lapsus$ breach (Computing) Okta contracts are 100% work from home, says senior solutions engineer Craig Hinchliffe
Peraton Subsidiary Wins $563M DOD Cyber Crime Center Contract (WashingtonExec) Perspecta Enterprise Services LLC, a Peraton subsidiary, has been awarded the Defense Department Cyber Crime Center Technical, Analytical and Business
Cyber Threat Alliance Elects Avast's Jaya Baloo and Symantec's Joe Chen to Board of Directors (Cyber Threat Alliance) The Cyber Threat Alliance (CTA) today announced the election of Jaya Baloo, Chief Information Security Officer (CISO) at Avast, and Joe Chen, Vice President of Engineering at Symantec Enterprise Division of Broadcom, to the organization’s board of directors. Jaya and Joe join Charter member Board Directors Dr. Dorit Dor, Check Point Software […]
Fidelma Russo and Jeetu Patel join Equinix Board of Directors (Help Net Security) Equinix announced the appointments of Fidelma Russo and Jeetu Patel to the Equinix Board of Directors, effective June 9, 2022.
Jason Fickett joins Booz Allen Hamilton to help lead its national cyber strategy (Help Net Security) Booz Allen Hamilton announced that Jason Fickett has joined the firm as a leader of Booz Allen’s national cyber strategy.
Products, Services, and Solutions
Schneider Electric and Claroty launch 'Cybersecurity Solutions for Buildings' reducing cyber and asset risks for smart buildings (Schneider Electric) Schneider Electric Global. Comprehensive asset inventory, secure remote access, and threat detection for buildings to help ensure resilience from cyber-attacks and equipment failures A flexible, scalable, and affordable solution to better protect buildings ranging from hospitals and data centers to commercial real estate.
Fortinet Helps Restaurant Chain Prepare its Network for Cutting-Edge Digital Experiences (CSO Online) With Fortinet’s solution in place, the restaurant chain benefits from a much more resilient and reliable network.
Koverse, an SAIC Company, Introduces Industry’s Only Zero Trust Data Platform (Koverse) Attribute-based access controls ensure safe use of complex and sensitive data to power the most demanding analytics, data science, and AI use cases SEATTLE, WA – June 14, 2022 – Koverse, Inc., an SAIC company, today announced availability of Koverse Data Platform (KDP) 4.0, a security-first data platform that introduces attribute-based access controls (ABAC) to
Trustwave Launches New Managed Detection and Response Offerings with Rapid Time to Value and Personalized MTTR (Trustwave) Trustwave today announced new managed detection and response (MDR) offerings built to improve threat visibility, rapidly detect and respond to threats, and boost the overall cybersecurity resilience of organizations to combat the evolving threat landscape.
Incognia Introduces New Location-Based Liveness Spoofing Detection Solution (Incognia) Mobile apps that rely on facial recognition for identity proofing can now detect fraudulent attempts to fake liveness
Trend Micro Innovations Shape the Automotive Cybersecurity Industry (Trend Micro | Newsroom) Strong market demand and business incubation drive connected vehicle security solutions DALLAS, June 14, 2022 /PRNewswire/ -- Connected cars provide plenty to entice threat actors, with more than...
Alert Logic Expands Global Distribution of Leading Managed Detection and Response Solution Through New Strategic Partnership with TD SYNNEX (PR Newswire) Alert Logic by HelpSystems today announced a strategic partnership with TD SYNNEX, a leading IT distributor and solutions aggregator for the IT...
Forescout Expands Channel Program with New Managed Service Provider Partner Offering (Business Wire) Forescout Technologies, the leader in automated cybersecurity, today announced the expansion of its Envision Channel Program, launching a new Managed
Proofpoint Announces CASB Integration to Protect 7,000+ Okta-Federated Cloud Apps from Account Takeover Risks (Proofpoint) Proofpoint, Inc., a leading cybersecurity and compliance company, today announced a product integration between its CASB solution and Okta, giving customers the ability to detect and remediate suspicious logins for all 7,000+ cloud applications federated through the Okta Identity Cloud.
QuSecure and DataBridge Sites Partner to Deliver Industry’s First Post-Quantum Cybersecurity Available Live in a Data Center (Yahoo) QuSecure™, Inc., a leader in post-quantum cybersecurity (PQC), today announced a partnership with DataBridge Sites, a state-of-the-art data center provider that supports off-site business critical IT environments, to showcase its Quantum-as-a-Service (QaaS) orchestration platform QuProtect™. QuProtect is the industry’s first end-to-end post-quantum cybersecurity software-based solution uniquely designed to protect encrypted communications and data with quantum-r
Technologies, Techniques, and Standards
OMB guidance presents chance to standardize software bill of materials (FedScoop) Practical deadlines for vendors and a concrete process for using the information SBOMs contain at agencies are needed, security experts say.
CISA details new “FEIT” advisors helping agencies improve cyber defenses (Federal News Network) The agency is sending teams of advisors to help agencies shore up their cybersecurity plans.
The World Economic Forum wants to draw a global map of cybercrime (TechRadar) Probing the cyber underworld will help spot threats, says WEF
Proof-Of-Work Is Objective, Proof-Of-Stake Is Not (Bitcoin Magazine) The proof-of-work consensus mechanism used in Bitcoin is an objective measure of history which cannot be changed on the whims of validators.
Design and Innovation
Behavioural biometrics are bad news for hackers (ITP.net) Traditional usernames and passwords have increasingly come under scrutiny as hackers find new ways around them to gain access to individuals’ accounts and information
Nonsense on Stilts (Gary Marcus) No, LaMDA is not sentient. Not even slightly.
Is "acceptably non-dystopian" self-sovereign identity even possible? (Molly White) Anonymity and trustlessness are central to the crypto world. People don’t have to attach real-world identities to crypto wallets, and communities at least nominally try to avoid placing trust into institutions like governments or big tech companies. But with the crypto world increasingly trying to move beyond simple payments and NFT trades, they are running up against these limitations.
The intelligent way to detect fraud (VentureBeat) AI is best when tasked with finding hidden patterns within large datasets. So, it’s no wonder that AI applications are increasingly used to detect fraud.
Research and Development
U. Of Florida: Protecting Chip-Design IP From Reverse-Engineering (Semiconductor Engineering) New research paper titled “Hardening Circuit-Design IP Against Reverse-Engineering Attacks” from University of Florida. “Design-hiding techniques are a central piece of academic and industrial efforts to protect electronic circuits from being reverse-engineered. However, these techniques have lacked a principled foundation to guide their design and security evaluation, leading to a long line of broken schemes.... » read more
Legislation, Policy, and Regulation
Top cyber official urge for transformation in cyberspace (Yahoo) National Cyber Director Chris Inglis said Monday that the administration and federal agencies should prioritize transforming the way they approach and invest in cybersecurity, as previous efforts have “not worked.” Ingles was speaking at cyber summit hosted by The Information Technology Industry Council on ways the public and private sector can combat cyber threats. “I…
Gilman Louie and the dance with Wolf Warriors (The Record by Recorded Future) In a wide-ranging conversation on the fringes of this month’s RSA Conference, we sat down with Silicon Valley venture capitalist and Presidential Intelligence Advisory Board member Gilman Louie. We talked about the Chinese cyber threat, the growth of superpower competition, and the importance of bringing high-tech manufacturing back to America.
Water Sector Leaders Seek Increased EPA Cybersecurity Collaboration and Guidance (Nextgov.com) Experts from the water and wastewater sectors called on the Environmental Protection Agency to take action on recommendations from the Cyberspace Solarium Commission to bolster cybersecurity for America's water infrastructure.
US Army to double cyber corps strength as focus shifts from counterinsurgency (Army Times) "We're on a multiyear growth pattern," said Army Lt. Gen. John Morrison. "But we're in a pretty good spot right now."
Prospective Cyber Fellow Candidates (CISA) The CISA Cyber Innovation Fellows initiative offers senior technical experts from across the private sector the opportunity to embed on CISA’s cybersecurity teams for their professional development benefit, and to the benefit of CISA’s growing mission space.
NSA quietly appoints new top lawyer (The Record by Recorded Future) The National Security Agency last month named a new top lawyer, quietly drawing to a close a hiring controversy that lasted well over a year and triggered an investigation by the Pentagon’s inspector general.
Computer executive goes straight to lieutenant colonel rank in Army’s Cyber Corps (Augusta Press) On Monday, Paul Son, 48, became the first person to come straight into the U.S. Army as a lieutenant colonel in the Cyber Corps.
Litigation, Investigation, and Law Enforcement
Two Israeli Intel Soldiers Accused of Exposing Secrets on Social Media (Haaretz) The investigation shows hostile parties were not behind the incident, nor were the accused motivated by financial gain, but rather sought to be the first to reveal top secret information
Cyber-security a top risk, ASIC warns boards (The Mandarin) ASIC executive director for markets Greg Yanco has urged listed entities to boost cyber resilience measures.
How DOJ took the malware fight into your computer (POLITICO) Reaching into people’s computers and removing malware, once controversial inside the government, has gained more acceptance as a tool to thwart hackers.