Dateline Moscow and Kyiv (also Washington, Berlin, and Brussels): Crisis in Ukraine as a deadline and high-level talks approach.
Crisis in Ukraine as a deadline and high-level talks approach. (The CyberWire) Neither Russia nor NATO show signs of moving from their respective positions over Ukraine, and tensions in cyberspace remain high.
Russia-linked cyberattacks on Ukraine: A timeline (CSO Online) Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.
Technical Analysis of the WhisperGate Malicious Bootloader (CrowdStrike) A set of malware dubbed "WhisperGate" was recently reported to have been deployed against Ukrainian targets. This blog breaks down how the malicious bootloader works.
Russian attack could happen ‘any minute’ Ukraine official says (Military Times) A new Russian invasion of Ukraine could take place “at any minute,” a Ukrainian military official told Military Times Wednesday morning.
Biden Predicts Putin Will Order Ukraine Invasion, but ‘Will Regret Having Done It’ (New York Times) President Biden’s comments went well beyond the formal intelligence assessments described by White House officials, which conclude that Russia’s president has not yet decided whether to invade.
Ukraine tension: Biden says he thinks Putin will 'move in' (BBC News) The US president warns the Russian leader against invading, but hints at splits among Western allies.
Biden promises additional troops, sanctions if Russia invades Ukraine (Military Times) Tensions have been growing in recent months amid a Russian troop buildup near the Ukraine border.
Biden lays bare Nato divide over Russian aggression against Ukraine (the Guardian) Analysis: Greatest tension is between US and Germany over arms sale and energy dependency
Biden, Europe Sanctions Caution Cast Doubt on Russia Response (Bloomberg) Joe Biden spoke of possible Ukraine incursion by Russia. U.S. has pushed for faster agreement on sanctions package.
Analysis: Russian troop build-up sparks unintended NATO renewal (Reuters) Russia's troop buildup near Ukraine is galvanising NATO defences in Europe that President Vladimir Putin wants to dismantle, giving the alliance a sense of renewal after failures in Afghanistan.
Opinion | How the West Is Losing Ukraine (Wall Street Journal) Biden suggests a ‘minor incursion’ by Russia might divide Europe and the U.S. on how to respond.
EXPLAINER: What are US military options to help Ukraine? (AP NEWS) President Joe Biden is not planning to answer a further Russian invasion of Ukraine by sending combat troops.
US and Russia to hold talks on Ukraine in potential sign ‘diplomacy is not dead’ (the Guardian) US secretary of state Tony Blinken to meet with foreign minister Sergei Lavrov amid fears of Russian attack on Ukraine
Blinken Will Meet With Russia as U.S. Pushes for More Diplomacy (New York Times) Secretary of State Antony J. Blinken will meet with Foreign Minister Sergey V. Lavrov of Russia in Geneva on Friday as the United States warns that Russia could soon attack Ukraine.
Watch Ukrainian partners' messages carefully, says US govt (Register) NotPetya started over there, don't forget
Cyberattacks In Ukraine Show Potential For 'Widespread Damage' To U.S. Networks, Government Warns (The Drive) The White House is rushing to secure critical networks from similar attacks that have brought down Ukrainian government websites in recent days.
Biden signs cybersecurity memorandum for Defense Department, intelligence agencies (ZDNet) The memorandum comes as CISA released multiple warnings about potential intrusions by other governments.
Biden signs memorandum to secure sensitive national security systems (C4ISRNet) The memorandum builds upon a May 2021 executive order aimed at improving cybersecurity across the entirety of federal government systems.
Biden says defense, intel agencies have to follow cyber EO requirements, too (Federal News Network) A new memo sets deadlines for defense and intel agencies to implement multifactor authentication, encryption and endpoint detection.
Biden signs memo to secure DoD, IC national security systems (Breaking Defense) The memorandum pushes agencies to adopt zero-trust architecture implementation plans, cloud technologies, multifactor authentication and encryption.
Biden signs memorandum to improve cybersecurity across DOD, intelligence community (FedScoop) President Joe Biden on Wednesday signed a national security memorandum intended to improve cybersecurity across the Department of Defense and the intelligence community. The memo builds on Biden’s landmark cybersecurity executive order issued last May and spells out how network requirements for civilian federal agencies included in that order — such as applying zero-trust security […]
Biden Memo Orders Cybersecurity Mandates For National Security Systems (Decipher) A National Security Memorandum signed Wednesday by President Joe Biden addresses various cybersecurity mandates - including MFA and encryption - for national security systems.
FACT SHEET: President Biden Signs National Security Memorandum to Improve the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems (The White House) Today, President Biden signed a National Security Memorandum (NSM) to improve the cybersecurity of National Security, Department of Defense, and
Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems (The White House) SUBJECT: Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems
CISA urges US orgs to prepare for data-wiping cyberattacks (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) urges U.S. organizations to strengthen their cybersecurity defenses against data-wiping attacks recently seen targeting Ukrainian government agencies and businesses.
Biden Expects Russia to ‘Move In’ on Ukraine, Warns Putin Again (Bloomberg) Sanctions response will be a ‘disaster’ for Russia, Biden says. ‘Minor incursion’ might prompt different response, Biden says.
Russia tells U.S. to not arm Ukraine as it assembles nearly 130k troops at border (Newsweek) Secretary of State Antony Blinken is expected to meet Russian Foreign Minister Sergei Lavrov on Friday.
Liberal Illusions Caused the Ukraine Crisis (Foreign Policy) The greatest tragedy about Russia’s potential invasion is how easily it could have been avoided.
When Putin Loved NATO (Foreign Policy) Former NATO Secretary-General George Robertson, who had a cordial relationship with the Russian leader, recalls an era when Moscow wanted closer ties with the West.
What Will Putin Do Next? Game Theory Offers Some Clues (Bloomberg) Economics teaches that most people respond to incentives, but not people who are obsessed with power.
Attacks, Threats, and Vulnerabilities
Thousands of Industrial Firms Targeted in Attacks Leveraging Short-Lived Malware (SecurityWeek) Thousands of industrial companies have been hit in campaigns that leverage short-lived spyware to harvest corporate credentials.
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks (Kaspersky ICS CERT) In 2021, Kaspersky ICS CERT experts noticed a growing number of anomalous spyware attacks infecting ICS computers across the globe.
Belarus, Ukraine Saw Largest Increase in ICS Attacks During H1 2021: Kaspersky (SecurityWeek) Belarus and Ukraine saw the largest increase in ICS attacks during the first half of 2021, but it’s unclear if the attacks are linked to the political situation in the area.
Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute Malware (The Hacker News) Russian hackers are heavily relying on the Malware Traffic Distribution System (TDS)
New Log4j attacks target SolarWinds, ZyXEL devices (The Record by Recorded Future) Cybercriminals looking to capitalize on the Log4Shell vulnerability are attacking devices from SolarWinds and ZyXEL that are known to have used the Log4j library inside their software, according to two reports published on Wednesday by Microsoft and Akamai.
BadUSB explained: How rogue USBs threaten your organization (CSO Online) The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks.
Threat Spotlight: COVID-19 test-related email scams (Barracuda Journey Notes) As demand for COVID-19 tests increased in recent weeks, the number of scams exploiting the scarcity of tests also went up, jumping by 521%.
What CISOs can learn about insider threats from Iran's human espionage tactics (CSO Online) Israel's arrest of four women recruited to spy for Iran reveals how an adversary might recruit an insider to act on its behalf.
Red Cross Falls Victim to Massive Cyberattack (SecurityWeek) The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said.
Cyberattack on Red Cross compromised data of over 515,000 'highly vulnerable people' (CNN) A cyberattack on a contractor used by the International Committee of the Red Cross (ICRC) has compromised the personal data of more than 515,000 "highly vulnerable people," including people separated from their families by conflict and disaster, the organization said Wednesday.
Red Cross begs hackers not to leak data of "highly vulnerable people" (The Record by Recorded Future) The Red Cross has disclosed that it was the victim of a cyber attack and has asked the hackers who broke into the IT network of one of its contractors not to leak the personal information of more than 515,000 of "highly vulnerable people."
‘You’ve got criminals thinking this is an easy way to launder money’ (Engineering & Technology) Netacea’s head of Threat Research, Matt Gracey-McMinn explains how automated internet bots are being hijacked by the money- laundering trade. He says elimination of malicious bots is the first step in the defence against organised crime.
Phishing-as-a-Service: The commercialization of cybercrime and the risk to your organization (ITProPortal) Phishing-as-a-service has changed the way cybercriminals operate - and organizations need to respond
U.S. Olympians Told to Use 'Burner Phones' in China (SecurityWeek) U.S. Olympic and Paralympic Committee is pushing the U.S. delegation to use burner phones and carefully wipe and destroy devices after use in China
Project Zero: Zoom Platform Missed ASLR Exploit Mitigation (SecurityWeek) Google researcher documents a pair of Zoom security defects and chides the company for missing a decades-old anti-exploit mitigation.
Cybercriminals Tampering with QR Codes to Steal Victim Funds (Internet Crime Complaint Center (IC3)) The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.
How secure are journalists’ favorite transcription tools? (Freedom of the Press) Journalistic work often depends on transcription services for creating written logs of recorded audio, from assisting in research to captioning videos to publication of interviews. But uploading audio to a transcription service means giving a copy of that — sometimes sensitive — recording over to a company.
Crypto.com Finally Acknowledges $34 Million Stolen by Hackers (Gizmodo) Hackers are currently trying to launder the stolen funds through crypto "mixer" applications.
Crypto.com CEO confirms hundreds of accounts were hacked, hedges on other details (The Verge) Marszalek gave the details in an interview with Bloomberg.
A Hacker Is Negotiating With Victims on the Blockchain After $1.4M Heist (Vice) One of the hackers who exploited a vulnerability affecting a blockchain service is now offering to return some of the money, except “tips for me saving your money.”
Marketing giant RRD confirms data theft in Conti ransomware attack (BleepingComputer) RR Donnelly has confirmed that threat actors stole data in a December cyberattack, confirmed by BleepingComputer to be a Conti ransomware attack.
OpenSubtitles Hacked, 7 Million Subscribers' Details Leaked Online (TorrentFreak) OpenSubtitles, one of the largest repositories of subtitle files on the internet, has been hacked. Founded in 2006, the site was reportedly hacked in August 2021 with the attacker obtaining the personal data of nearly seven million subscribers including email and IP addresses, usernames and passwords. The site alerted users yesterday after the hacker leaked the database online.
VUSD admin says ‘ransomware attack failed’ (The Sun-Gazette Newspaper) VISALIA – The ransomware hack of Visalia Unified’s email accounts in spring 2021 did not include any student emails and no student information was accessed, the district said in letter last week.
Gloucester Council cyber attack linked to Russian hackers (BBC News) It is believed the malware made its way into the council's system embedded in an email.
Security Patches, Mitigations, and Software Updates
Microsoft releases fix for patch that broke VPNs, Hyper-V virtual machines and more (ZDNet) Microsoft's first Patch Tuesday for 2022 was a rocky start to the year, giving admins and users numerous headaches to deal with.
Trends
PwC Report: 72% of Central and Eastern Europe CEOs anticipate an increase in cybercrime in 2022 (Business Review) Online - Nearly three-quarters (72%) of CEOs in Central and Eastern Europe (CEE), including Romania, expect cybercrime to increase in 2022, as last year was one of
Ransomware Q4 Overview | Digital Shadows (Digital Shadows) An analyzation of trends affecting the ransomware threat landscape in Q4 2021, and also a look forward at how that is likely to affect Q1 2022.
Internet Security Report - Q3 2021 (WatchGuard Technologies) The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Their smart, practical security advice contained in the Internet Security Report will enable you to better protect your organization in the ever-changing threat landscape.
The 2021 Threat Landscape Retrospective: Targeting the Vulnerabilities that Matter Most (Tenable®) A review of the year in vulnerabilities and breaches, with insights to help guide cybersecurity strategy in 2022 and beyond.
2021 Threat Landscape Retrospective (Tenable®) In this year’s edition of the Threat Landscape Retrospective, we look at the major vulnerabilities and security incidents that marked 2021, evaluate the impact on cloud and Active Directory environments and explore the tactics used by attackers to breach organizations by holding them to ransom.
Introducing the World's First: Small and Medium-Sized Business Vulnerabilities Report (SMBVR) (CyberCatch) The SMBVR is the first ever study of cybersecurity deficiencies detected from the outside-in at SMBs with Internet-facing assets in high value supply chain sectors.
Cisco's Kenna Security Research Shows the Relative Likelihood of An Organization Being Exploited (Yahoo) Cisco's Kenna Security Research Shows the Relative Likelihood of An Organization Being Exploited
Aryaka Releases 6th Annual State of the WAN Report (Aryaka) Aryaka published its Sixth Annual 2021 State of the WAN Report, the industry’s foremost compendium of insights into global SD-WAN and SASE planning
Marketplace
Former Top Law Enforcement and Cybersecurity Experts Launch CyberCatch to Better Protect Small and Medium-Sized Businesses in North America from Cyber Threats (PR Newswire) CyberCatch today announced the publication of its inaugural Small and Medium-Sized Businesses Vulnerabilities Report (SMBVR) and launch of the...
Virtru Closes $60M Growth Financing Round Co-Led by ICONIQ Growth and Foundry Capital, with Participation from Tiger Global and MC2 (GlobeNewswire News Room) As the world migrates to a Zero Trust cybersecurity model, investors back Virtru to make Trusted Data Format (TDF) the open standard for sharing and...
Orca acquiring web application security startup RapidSec (CTECH) The unicorn is purchasing its fellow Israeli company in a deal estimated to be valued at $5 million
The mysterious Israeli cybersecurity startup that has raised $100 million under the radar (CTECH) Island, which was founded by serial entrepreneur Dan Amiga together with Michael Fey, the former CTO of Symantec and McAfee, is developing a secure browser for organizations
Evo Security Announces $3.9M Series Seed Round (MarTech Series) Evo Security, has announced a $3.9M Series Seed Round to Solve IAM for MSPs and their SMB Customers.
SolarWinds Announces Acquisition of Federal Services Provider, Monalytic (SolarWinds) SolarWinds provides federal customers with the tools, and now the services, needed to enhance and protect their mission-critical systems SolarWinds (NYSE:SWI), a leading provider of simple, powerful, and secure IT management software, today announced it has acquired Monalytic , a monitoring, analytics, and professional services company, and preferred SolarWinds services provider.
Cymulate Continues Exceptional Growth Trend in 2021 as Ransomware and Supply Chain Attacks Mount (PR Newswire) Cymulate, the Extended Security Posture Management market leader, today announced it has achieved 100% revenue growth globally, and 200% growth...
Competition for Compliance Officers Intensifies Amid Regulatory Pressures (Wall Street Journal) In a tight labor market, businesses are luring compliance staff with salary increases, remote-working opportunities and company equity.
5 Myths About Interning in Cybersecurity (Imperva) Dear future interns (and intern employers), Everyone says, “do what you love”; but when the world is your oyster, where do you start? We are Arianna De Leon and Kaylin Hiatt and last summer we started our careers as marketing interns at Imperva. We come from very different backgrounds and had very different experiences on […]
Former RSA Chief Technology Officer Zulfikar Ramzan Joins Aura as Chief Scientist (PR Newswire) Aura, a leading provider of proactive, all-in-one digital security for consumers, today announced the appointment of Dr. Zulfikar Ramzan to...
Cyberwrite appoints former Symantec and Experian sales leader, Tim Olson, as Chief Revenue Officer (PR Newswire) Cyberwrite – a leader in cyber risk quantification for cyber insurance and risk management – has reinforced its sales team in the US with the...
Deloitte Hires Maj. Gen. (Ret.) Kim Crider to Lead National Security Artificial Intelligence Innovation – Press Release (Deloitte United States) Maj. Gen. (Ret.) Kim Crider has joined Deloitte’s government and public services (GPS) practice to lead the organization’s artificial intelligence (AI) innovation for national security team, which helps government agencies adopt and implement effective data analytics and AI solutions.
Products, Services, and Solutions
Protegrity Partners With Google Cloud to Support BigQuery Remote Functions (Protegrity) Enabling Organizations To Perform Secure Analysis on Large Data Sets Across Google Cloud’s Services and Deliver Strategic Business Value
Reducing Security Risks in Open Source Software at Scale: Scorecards Launches V4 (Google) Posted by Laurent Simon and Azeem Shaikh, Google Open Source Security Team (GOSST) Since our July announcement of Scorecards V2, the Score...
SentinelOne Extends Support for Amazon Inspector, Amazon EKS Anywhere, and Amazon ECS Anywhere (Barron's) Broad AWS Solution Coverage Minimizes Risk for Enterprise Cloud Adoption
U.S. Department of Agriculture awards Lumen $1.2 billion network services contract (Yahoo Finance) The U.S. Department of Agriculture (USDA) recently awarded Lumen Technologies (NYSE: LUMN) a task order worth more than $1.2 billion to deliver a fully integrated wide area data transport service with secure remote access, contact center and cloud connectivity solutions to more than 9,500 USDA locations across the country and abroad.
authID.ai Launches Verified™ Platform Version 2.4 (GlobeNewswire News Room) Verified 2.4 enhancements offer more streamlined, cloud-native facial biometric authentication to defend against identity fraud Long Beach, NY, Jan. ...
GrammaTech CodeSentry 3.0 improves software supply chain security (Help Net Security) GrammaTech announced a new version of its CodeSentry software supply chain security platform which enables organizations to produce a SBOM.
Darktrace clinches $multimillion cyber security deal with global airline (Business Weekly) Cambridge’s world leader in cyber security AI – Darktrace – has secured a $multimillion deal with one of the planet’s largest airlines to help the client defend against cyber attacks. The global aviation giant’s identity is being kept hidden in the hold but Business Weekly understands it is a mega contract for Darktrace both financially and reputationally. "Business news from
Deloitte launches new SaaS cyber threat detection and response platform (ZDNet) AWS, CrowdStrike, Exabeam, and Google Cloud Chronicle are operationalizing the new platform.
ReadyWorks and Access IT Automation Team up to Fully Automate Windows Lifecycle Management (PR Newswire) ReadyWorks, a leading digital platform conductor (DPC) provider, and Access IT Automation, an industry leader in automated application...
CrowdStrike Selected to Help Power MXDR by Deloitte (CrowdStrike) CrowdStrike announced that Deloitte has expanded their alliance with CrowdStrike by choosing Falcon to power critical components of MXDR by Deloitte.
Technologies, Techniques, and Standards
UK’s Cyber Security Center publishes new guidance to fight smishing (BleepingComputer) UK's National Cyber Security Center (NCSC) has published new guidance for organizations to follow when communicating with customers via SMS or phone calls.
Spiking fraud will force financial industry to rethink authentication in 2022 (SC Magazine) As financial fraud continues to climb, experts say that this year will force the industry to change its approach on many security fronts, especially authentication.
When Patching Security Flaws, Smarter Trumps Faster (Dark Reading) Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
FS-ISAC Launches Program to Bolster the Financial Sector's Supply Chain Security (PR Newswire) FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today the launch of its Critical...
Banking Group Looks to ‘Critical Providers’ to Help Curb Hacking (Blooomberg Law) A global cyber-intelligence group for financial institutions has launched an information-sharing campaign to help members combat a surge in cyberattacks on the digital supply chain.
Design and Innovation
This group of tech firms just signed up to a safer metaverse (MIT Technology Review) But it's going to be harder than it seems—and there are some glaring missing names.
IRS Will Soon Require Selfies for Online Access (KrebsOnSecurity) If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way…
Academia
NMU a Cyber Defense Center of Excellence (Northern Michigan University) Northern Michigan University is the first Upper Peninsula institution to be designated as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE), a program jointly sponsored by the National Security Agency and Department of Homeland Security.
Legislation, Policy, and Regulation
EU wants to build its own DNS infrastructure with built-in filtering capabilities (The Record by Recorded Future) The European Union is interested in building its own recursive DNS service that will be made available to EU institutions and the general public for free.
Embedding standards and pathways across the cyber profession by 2025 (GOV.UK) The UK is a global tech leader. We have seen impressive growth, record levels of investment and a fast growing tech workforce. Cyber security is core to our success in tech. We have hundreds of successful startups, and a growing number of cyber unicorns. Investment in cyber can be seen across the whole economy, securing critical infrastructure, securing government and securing businesses.
Lessons for policymakers from the NSO Group saga (Brookings) The fallout from the NSO saga offers important lessons for policymakers, researchers, and activists aiming to secure human rights online.
Three takeaways from NSO-police spying controversy - analysis (Jerusalem Post) Many public officials and hi-tech experts have demanded legislation to enforce clearer limits on future police use of hacking technologies so it's not left to the personal discretion of investigators.
Lawmakers Propose Expanding Cybersecurity Support for Commercial Satellite Companies (Nextgov) New legislation would direct CISA to create a one-stop clearinghouse to help inform such entities.
Senators Introduce Bill to Protect Satellites From Getting Hacked (Gizmodo) Commercial satellites are increasingly vulnerable to hacking and need additional protections, according to lawmakers.
Infrastructure Act Includes Funding to Shore Up Cybersecurity for Utilities (BizTech Magazine) Newly signed legislation offers federal money for wide-ranging efforts to improve cybersecurity and prevent attacks on critical infrastructure.
Biden Official Endorses Effort to Move Pipeline Cybersecurity Regulation to DOE (Nextgov.com) An emergency directive from the Transportation Security Administration following the Colonial Pipeline attack faced opposition from Senate Republicans after the industry complained they weren’t sufficiently consulted beforehand.
Biden’s cyber chief wants to help software developers code better and Americans click smarter (POLITICO) Chris Inglis, the United States’ first national cyber director, is planning a range of projects he hopes will demonstrate the value of his new office.
How CISA can help bolster cyber defense of small businesses (TheHill) As we enter 2022, we must work in a bipartisan manner to improve our cybersecurity infrastructure. As members of the Committee on Homeland Security, we will continue to push for a more streamlined and efficient CISA to best serve our constituents.
[Pennsylvania] Senate passes bills aimed at ransomware, data breaches (New Canaan Advertiser) Pennsylvania's state Senate passed a package of legislation on...
Litigation, Investigation, and Law Enforcement
The NSO file: A complete (updating) list of individuals targeted with Pegasus spyware (haaretz.com) The Israeli-made Pegasus spyware is suspected of infecting over 450 phones targeted by clients of NSO, who range from Saudi Arabia to Mexican drug lords. Here’s a list of the confirmed Pegasus victims
Merck’s $1.4 Billion Insurance Win Splits Cyber From ‘Act of War’ (Bloomberg Law) Merck & Co.‘s victory in a legal dispute with insurers over coverage for $1.4 billion in losses from malware known as NotPetya is expected to force insurance policies to more clearly confront responsibility for the fallout from nation-state cyberattacks.
Interpol and Nigerian police bust cybercrime BEC ring (ZDNet) Palo Alto Networks Unit 42 and Group-IB helped law enforcement officials disrupt the ring, which was in possession of more than 800,000 potential victim domain credentials.
Interpol arrests 11 alleged members of Nigerian scam syndicate 'SilverTerrier' (CyberScoop) International law enforcement authorities say they’ve arrested nearly a dozen members of a notorious Nigerian cybercrime gang potentially responsible for targeting as many as 50,000 victims in various scams in recent years.
UK competition regulator probes NortonLifeLock $8.6 bln takeover of Avast (Reuters) Britain's competition regulator has launched an investigation into whether a takeover by U.S. cybersecurity firm NortonLifeLock Inc of London-listed rival Avast Plc will reduce choice for customers in the country.
CIA finds no ‘worldwide campaign’ by any foreign power behind mysterious Havana syndrome (Washington Post) The Central Intelligence Agency has determined that a foreign country is probably not mounting a global attack aimed at U.S. personnel who have reported painful and sometimes debilitating physical symptoms, a significant finding that could undermine some officials’ suspicion that Russia is to blame for a years-long series of mysterious illnesses.
Judge Nixes Former Employees' Suit Against Marsh & McLennan Over 2021 Data Breach (Insurance Journal) A federal judge in New York has dismissed a potential class action against Marsh & McLennan by two former employees who sued after the firm suffered a
Menswear Firm Bonobos Gets Data Breach Class Action Nixed (Law360) Partial credit card numbers, encrypted passwords and other data exposed in a 2020 breach at menswear company Bonobos do not raise a high enough risk of future identity theft to justify keeping a class action alive, a New York federal court found Wednesday.