Dateline Moscow and Kyiv: Nuclear fears and a comparison of cyber war efforts in Ukraine.
Ukraine at D+182: Nuclear accident fears. (CyberWire) Russian strikes on Ukraine's Independence Day hit and kill civilians at a rail station. Kyiv warns of the risk of Russian forces inducing a nuclear accident at the power plant in Zaporizhzhia. Comparison and contrast between Russian and Ukrainian methods of cyberwar.
Russia-Ukraine war: List of key events, day 183 (Al Jazeera) As the Russia-Ukraine war enters its 183rd day, we take a look at the main developments.
Russia-Ukraine war: death toll from Russian strike on rail station rises to 25 as EU diplomat says Moscow will be held to account for ‘rocket terror’ – live (the Guardian) Toll confirmed after Russian forces attack train in Dnipropetrovsk oblast; Josep Borrell condemns rocket strike on railway station
Ukraine war: Russia railway station strike kills 25, injures dozens (BBC News) The deadly attack on passenger carriages came six months to the day since Russia's invasion.
Ukraine Says Missile Strike Kills 22 as Country Marks Subdued Independence Day (Wall Street Journal) President Volodymyr Zelensky said Russian missiles struck a train station and house in eastern Ukraine and killed at least 22 people, as the U.S. pledged another $3 billion to support the Ukrainian military.
Civilian death toll from Russia’s attack on Chaplyne rises to 25 (Al Jazeera) Russian attack kills 25 civilians as missiles strike a railway station and a residential area in eastern Ukraine.
‘Many killed, wounded in Russian attack’ on Ukraine train station (Al Jazeera) Zelenskyy says Russian attacks on eastern town of Chaplyne killed 22 people and set passenger train on fire.
Pro-Russia mayor of occupied Ukrainian village killed by car bomb (The Telegraph) Ivan Sushko, targeted in the village of Mikhailovka, is one of a number of pro-Russian officials to have been killed in recent weeks
Ukrainian fears run high over fighting near nuclear plant (AP NEWS) Ukrainians are once again anxious and alarmed about the fate of a nuclear power plant in a land that was home to the world’s worst atomic accident in 1986 at Chernobyl.
Russians are torturing us so we don't talk to UN, Ukraine nuclear plant workers say (The Telegraph) Staff say occupying forces don't want them to disclose safety risks ahead of inspection at Zaporizhzhia, Europe's largest power station
Revealed: Russian plan to disconnect Zaporizhzhia nuclear plant from grid (the Guardian) Plan risks catastrophic failure of cooling systems, says head of Ukraine’s atomic energy company
Increased Pressure in Kherson May Thwart Russia's Annexation Plans -- For Now (RANE | Stratfor) Ukraine faces serious obstacles in advancing toward the southern city, but the mere threat of a counteroffensive could still delay Russia's plans to annex Ukrainian territory.
On Ukraine’s Independence Day, UN urges end to ‘senseless’ war (Al Jazeera) UN Secretary-General Antonio Guterres says the people of Ukraine ‘need peace’ as the conflict enters its seventh month.
Belarus congratulates Ukraine on Independence Day (Al Jazeera) Ukrainians reject the greeting from Alexander Lukashenko, who has allowed Russian troops into his country.
EXPLAINER: Where Ukraine war stands after 6 months (AP NEWS) When Russian President Vladimir Putin invaded Ukraine on Feb. 24 in an unprovoked act of aggression, many expected a quick victory.
Timeline of 15 critical events during the first six months of the Ukraine war (NEWS9LIVE) Six months ago in February, Kremlin strongman Vladimir Putin launched his so-called 'special operation' to 'denazify and demilitarise' Ukraine
Six months of war: Ukraine regains initiative, but makes no push (Al Jazeera) Western allies provided Ukraine enough assistance to deprive Russia of victory but not to defeat it, analysts say.
Battle for Kyiv: Ukrainian valor, Russian blunders combined to save the capital (Washington Post) A hail of shrapnel from kamikaze drones ripped through the tent where off-duty Ukrainian border guards were sleeping near a crossing with Belarus, three hours north of Ukraine’s capital.
The World Putin Wants (Foreign Affairs) Distortions about the past feed delusions about the future.
'No one doubts Ukraine will win the war. The only question is how long it will take' (The Telegraph) Winter is coming, and the war goes on. Roland Oliphant speaks to those who have been touched by it and looks at what could happen next
New British aid package for Ukraine includes finger-sized scout drones (Defense News) The $64 million package of weapons makes Britain a leading donor to Ukraine.
With biggest-yet security package, US aid to Ukraine nears $13B (Breaking Defense) The security package "is not relevant to the fight today, tomorrow or next week," but is designed to support Ukraine for years to come, said Pentagon Under Secretary of Defense for Policy Colin Kahl.
US weapons package for Ukraine stresses long-haul commitment (Defense News) The Pentagon is expected to contract for the defense materiel, apart from billions in equipment it has sent Ukraine from its stockpiles.
Biden announces nearly $3B in new military aid for Ukraine (AP NEWS) Six months after Russia's invasion of Ukraine, President Joe Biden announced Wednesday that he is sending $2.98 billion in new military aid to Ukraine that will provide longer-term weapons and training to enable forces there to fight for years to come.
Vladimir Putin will never break our hunger for freedom (The Telegraph) Ukraine and Poland have stood side-by-side against Russian aggression. Now the free world must stay united to ensure victory over tyranny
Ukraine Independence Day: Talos update (Cisco Talos) Cisco Talos went live on the morning of Wednesday, Aug. 24, 2022 to celebrate Ukraine Independence Day.
Why Ukraine's agriculture sector could be set to attract cyberattacks (euronews) The technology company Cisco Talos says it is on high alert to cyber threats during Ukraine's Independence Day.
Ukraine war spotlights agriculture sector's vulnerability to cyber attack (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
G DATA Mobile Security Report: Ukraine-Konflikt sorgt für Rückgang schädlicher Android-Apps (unn) Smartphones mit alten Android-Versionen bleiben ein Sicherheitsrisiko
How Ukraine used Russia’s digital playbook against the Kremlin (POLITICO) From hacktivists to info wars, Kyiv is mastering digital warfare in ways previously associated with the Kremlin.
Ukraine's volunteer 'IT army' responds to Russian hackers, minister says (ABC News) Ukraine established an “IT army” -- a gathering of more than 230,000 anonymous volunteers who are working together via Telegram, an online messaging platform.
Overview of the Cyber Weapons Used in the Ukraine - Russia War (Trustwave) Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy.
How Russia-Ukraine cyberwar is impacting orgs: Two-thirds say they have been targeted (VentureBeat) New research released by Venafi found almost two-thirds of organizations have been targeted or impacted by cyberwar.
EU Outlines Critical Cyber Response to Ukraine War (Infosecurity Magazine) Agencies team up to police borders and mitigate Russian cyber-threats
Ukraine cyber cops battle Russian hackers and con men preying on public (Newsweek) "It is one thing to fight against criminals," Ukraine's cyber chief said, "and another to defend one's country against the cyber attacks of an aggressor."
Kaspersky Employees Say They Were Asked to Resign Because They Wanted To Leave Russia (Vice) Two former employees and one current employee said that the company has refused relocation requests after the invasion of Ukraine.
Russia’s War on Ukraine: Six Months of Lies, Implemented - United States Department of State (United States Department of State) This bulletin is also available in Arabic, Chinese, French, Russian, and Spanish. “Every day we fight so that everyone on the planet finally understands: we are not a colony, not an enclave, not a protectorate. Not a gubernia, an eyalet or a crown land, not a piece of a foreign empire, not a ‘part of […]
A Front for Influence: An Analysis of a Pro-Kremlin Network Promoting Narratives on COVID-19 and Ukraine (TAKEDOWN) (Stanford Cyber Policy Center) On August 24, 2022, Twitter shared 15 datasets of information operations it identified and removed from the platform with researchers in the Twitter Moderation Research Consortium for independent analysis.
Ukraine Independence Day: Talos update (Cisco Talos) Cisco Talos went live on the morning of Wednesday, Aug. 24, 2022 to celebrate Ukraine Independence Day.
Why Ukraine's agriculture sector could be set to attract cyberattacks (euronews) The technology company Cisco Talos says it is on high alert to cyber threats during Ukraine's Independence Day.
Ukraine war spotlights agriculture sector's vulnerability to cyber attack (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Outspoken antiwar politician and former Yekaterinburg mayor Evgeny Roizman charged with felony ‘discrediting the military,’ could face up to five years in prison (Meduza) Police in Yekaterinburg arrested former Mayor Evgeny Roizman on Wednesday morning, local time, on felony charges of discrediting the Russian Army. The Telegram channel Mash published a video showing police officers raiding Roizman’s home. The former mayor’s lawyer told the news website RBC that she learned about Roizman’s arrest from the media.
‘People won’t like what’s happening at home’ (Meduza) With prices and unemployment on the rise, Meduza’s sources say Kremlin officials fear Russians are in for a rude awakening this fall
Six months into war, Russian goods still flowing to US (AP NEWS) On a hot, humid East Coast day this summer, a massive container ship pulled into the Port of Baltimore loaded with sheets of plywood, aluminum rods and radioactive material – all sourced from the fields, forests and factories of Russia.
Boris Johnson: We’re paying higher bills – Ukraine is paying in blood (The Telegraph) PM urges people to endure cost-of-living crisis to support Kyiv during visit marking six months since Russian invasion
Russian patriarch scrubs meeting where he was to meet pope (AP NEWS) The head of the Russian Orthodox Church has canceled his planned attendance at an interfaith meeting in Kazakhstan next month where he was expected to meet with Pope Francis, a top Orthodox official said, in a sign of further deterioration in relations over Russia’s war in Ukraine.
Attacks, Threats, and Vulnerabilities
New malicious packages in PyPI: What it means for securing open source repositories (Reversing Labs) After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.
The Anatomy of Wiper Malware, Part 2: Third-Party Drivers (CrowdStrike) Learn how wiper families have used legitimate third-party drivers to bypass the visibility and detection capabilities of security mechanisms and solutions.
Twilio hackers breached over 130 organizations during months-long hacking spree (TechCrunch) Credentials of close to 10,000 employees were stolen during the months-long hacking spree.
Roasting 0ktapus: The phishing campaign going after Okta identity credentials (Group-IB) Over 130 organizations have been compromised in a sophisticated attack using simple phishing kits
Bumblebee Malware Loader: Deep Instinct Prevents Attack Pre-Execution (Deep Instinct) Deep Instinct prevented a complicated Bumblebee malware loader attack pre-execution. Read more about the Bumblebee attack and how Deep Instinct can help your business.
TikTok's in-app browser code can track anything you type, researcher claims (Computing) Injecting JavaScript code is comparable to installing a keylogger on third-party websites, Felix Krause says
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus (Trend Micro) We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.
Breaching airgap security: using your phone’s compass as a microphone! (Naked Security) One bit per second makes the Voyager probe data rate seem blindingly fast. But it’s enough to break your security assumptions…
CFO Spoofed in Convincing Business Email Compromise Scam (Avanan) If you get an email from your CFO requesting urgent action, what do you do?
VMware confirms Carbon Black causing BSODs (Register) Well, you can't be attacked if your PC won't boot
After a "ridiculous disclosure process," a security firm discloses the CrowdStrike issue (The Tech Outlook) Following what it referred to as a “ridiculous vulnerability disclosure process,” a security company has revealed the specifics of a problem with a CrowdStrike product. Following the disclosure, CrowdStrike clarified a few things. A flaw with CrowdStrike’s Falcon endpoint detection and response tool was uncovered by researchers at the Swiss security firm Modzero. In particular, …
Plex warns users to reset passwords after data breach (TechCrunch) The media streaming giant confirms usernames, email addresses, and scrambled passwords were accessed.
Plex breach exposes usernames, emails, and encrypted passwords (The Verge) Financial information is reportedly secure, but it remains to be seen if private media libraries have been accessed.
Stolen BRP data leaked on the dark web (IT World Canada) The RansomEXX ransomware gang is believed to be behind the cyberattack BRP recently suffered. The Hackfest Facebook page reported yesterday that the gang has uploaded nearly 30 GB of data which includes, among other things, passports, contracts, project and partner data. For its part, BRP indicated in a press release published late Tuesday evening that
RansomEXX claims ransomware attack on Sea-Doo, Ski-Doo maker (BleepingComputer) The RansomEXX ransomware gang is claiming responsibility for the cyberattack against Bombardier Recreational Products (BRP), disclosed by the company on August 8, 2022.
A Facebook bug spammed celebrity comments to everyone for hours (The Verge) The News Feed was overrun.
Security Patches, Mitigations, and Software Updates
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird (CISA) Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
IBM Patches Severe Vulnerabilities in MQ Messaging Middleware (SecurityWeek) Patches that IBM announced this week for IBM MQ address high-severity vulnerabilities leading to security restrictions bypass and information leakage.
Trends
The GitLab 2022 Global DevSecOps Survey Thriving in an insecure world (GitLab) In May 2022, over 5,000 DevOps professionals shared details about their teams and practices. Despite a challenging business environment, strong momentum continued in automation, release cadences, and cutting-edge technology adoption.
The Rise of Data Exfiltration and Why It Is a Greater Risk Than Ransomware (The Hacker News) Businesses have mounted formidable defenses against ransomware in recent years. Threat actors have been searching for another opportunity and found on
Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023 (Dark Reading) Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection.
The Psychology of Hackers and Cybercriminals (iTWire) Most business owners realize that hackers and cybercriminals are genuine threats. One data breach is all it takes to cost your company dearly and potentially ruin your reputation for the foreseeable future. But there are many misconceptions about who hackers and cybercriminals...
Akamai’s Insights on DNS in Q2 2022 (Akamai) Akamai researchers have analyzed malicious DNS traffic from millions of devices to determine how corporate and personal devices are interacting with malicious domains, including phishing attacks, malware, ransomware, and command and control (C2).
Fighting the scariest things online in the US (Veriff) Veriff surveyed 1,000 US adults and analysed crime data to reveal which online crimes are most common
US Orgs Have Suffered 5,000 Healthcare Data Breaches Since 2009 (Health IT Security) More than 342 million medical records were impacted by the thousands of healthcare data breaches that occurred from 2009 to June 2022.
NFTs worth $100 million stolen in past year, Elliptic says (Reuters) Thieves stole over $100 million worth of non-fungible tokens in the year to July, blockchain research firm Elliptic said on Wednesday, as the fast-emerging digital asset became a new front in crypto's hacking problem.
Americans’ attitudes towards privacy - U.S. survey 2022 (Incogni Blog) The U.S. still has no nationwide data privacy laws in 2022. Despite this lack of federal action, the issue of data privacy is becoming more prominent and is
Marketplace
Israeli venture capital firm Cyberstarts raises $60M in seed funding (The Record by Recorded Future) Cyberstarts, an Israeli venture capital firm focused on cybersecurity, announced Wednesday it raised $60 million in seed funding.
Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market (Dark Reading) M&A activity in the identity and access management (IAM) space has continued at a steady clip so far this year.
Thoma Bravo: Securing digital identities has become a major priority (Help Net Security) Andrew Almeida, Partner on the Flagship team at Thoma Bravo, talks about securing digital identities and the recent SailPoint acquisition.
BalkanID Closes $8.1 Million Seed Funding Round Amid Surging Demand for its Intelligent Access Governance Platform (Globe Newswire) Backed by Uncommon Capital, Afore Capital, Sure Ventures, K2G Tech Fund and others
Johnson Controls Invests in Nozomi Networks and Signs Framework Agreement for Providing Nozomi Networks Cybersecurity Services (Nozomi Networks) Investment reinforces Johnson Controls’ commitment to best-of-breed cybersecurity for smart buildings, facilities automation and managed services
Marin County security software firm Blokworx learns to manage growth for scale (North Bay Business Journal) Marin County managed computer security firm Blokworx has been seen a boost in business in the past few years after high-profile cyberattacks and data breaches.
TryHackMe: The Story Behind the UK’s Most Innovative Cyber SME (Infosecurity Magazine) Cybersecurity training platform TryHackMe's co-founder describes the company's journey so far
Exclusive: Twitter reshuffles 'health' team amid spam bot debate (Reuters) Twitter Inc is combining teams that work on reducing toxic content and spam bots, according to a staff memo on Tuesday seen by Reuters, amid accusations from a former executive that the company failed to do either job well.
Huawei Switches to Survival Mode, Founder Warns of 10 Years of Economic Downturn (SDxCentral) Huawei founder Zhengfei Ren forecasts a global economic slowdown and a substantial drop in consumption power for the next decade.
Cyber experts skeptical of reduced spyware use amid NSO Group reorganization (SC Media) Deployment of NSO Group spyware in covert cyber espionage operations is unlikely to be deterred by major reorganization efforts by the Israeli spyware vendor, reports CyberScoop.
Ransomware, other security threats reveal insurance ‘cyber gap’ (InsuranceNewsNet) A growing majority of businesses in North America are either uninsured or underinsured against the rising wave of ransomware attacks and other cyber events.
Cyberstarts Closes $60 Million in Seed Fund III (GlobeNewswire News Room) Venture firm hires former Splunk CEO to spearhead new GTM advisory board and help portfolio companies scale up...
SailPoint appoints its first NZ country leader (Reseller News) Enterprise identity security vendor SailPoint Technologies has appointed Raymond Dickinson as its first country leader for New Zealand.
Former VMware Cybersecurity Leader Tom Kellermann Joins Contrast Security as Senior Vice President of Cyber Strategy (PR Newswire) Contrast Security (Contrast), the leader in code security that empowers developers to secure as they code, today announced the appointment of...
SCYTHE’s Elizabeth Wharton Named Cybersecurity or Privacy Woman Law Professional for 2022 By United Cybersecurity Alliance (Business Wire) SCYTHE’s Elizabeth Wharton Named Cybersecurity or Privacy Woman Law Professional for 2022 By United Cybersecurity Alliance
Products, Services, and Solutions
Cyber Leaders from Israel, Germany, Canada, UK, Ukraine, and US Discuss Collaboration at 13th Billington CyberSecurity Summit (Business Wire) Israel, Germany, Canada, UK, Ukraine, and US cyber leaders speak at the 13th Annual Billington CyberSecurity Summit as part of international focus.
AU10TIX Wins Gold in Best in Biz Awards 2022 International (AU10TIX) AU10TIX Awarded Enterprise Service of the Year for its Fraud Intelligence Platform and Artificial Intelligence (AI) Neural Network Technology, INSTINCT NEW YORK, NY and TEL AVIV, ISRAEL – August 17, 2022 – AU10TIX, a leading global provider of fully automated identity verification technology powered by cutting-edge machine learning and artificial intelligence (AI), has been named […]
senhasegura Expands Global Reach, Launches Next-Generation PAM Offering In North America (Business Wire) senhasegura Expands Global Reach, Launches Next-Generation PAM Offering In North America
Jack Henry Announces Plan for New Financial Crimes Platform (PR Newswire) Jack Henry™ (Nasdaq:JKHY) announced today the development of Jack Henry Financial Crimes Defender™, the company's next-generation financial...
Keeper Security Announces FedRAMP Authorization (PR Newswire) Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets, and connections,...
Juniper Launches Network as a Service Capabilities with Partners in Mind (Channel Futures) Juniper Networks enhanced its AIOps platform with network-as-a-service enhancements that executives say represent a growing investment in channel partners.
Proofpoint Introduces a Smarter Way to Stay Compliant with New Intelligent Compliance Platform (GlobeNewswire News Room) Integrated solution offers enterprises modern regulatory compliance safeguards while simplifying corporate legal protection practices...
SonicWall Boosts Wireless Play with Ultra-High-Speed Wi-Fi 6 Access Points (PR Newswire) SonicWall today announced the introduction of the new Wi-Fi 6 wireless security product line, which provides always-on, always-secure...
Telos Corporation Expands Growth at Major U.S. Airports (GlobeNewswire News Room) Cybersecurity leader’s aviation channeling service continues growth, with renewals at marquee customers ASHBURN, Va., Aug. 25, 2022 (GLOBE NEWSWIRE) --...
Technologies, Techniques, and Standards
Preparing Critical Infrastructure for Post-Quantum Cryptography (CISA Insights) Nation-states and private companies are actively pursuing the capabilities of quantum computers. Quantum computing opens up exciting new possibilities; however, the consequences of this new technology include threats to the current cryptographic standards.
Cyber agency highlights emerging threats from quantum computing (The Hill) The Cybersecurity and Infrastructure Security Agency (CISA) released new advice Wednesday on ways critical infrastructure should prepare for potential security risks stemming from quantum computing…
CISA Prepares for Future Election Threats (Defense One) As 2022 midterms approach, concerns are rising about misinformation and targeted harassment of election officials.
How to create a critical infrastructure incident response plan (SearchSecurity) Critical infrastructure disruptions could damage your business's operations. Learn how to create a critical infrastructure incident response plan.
Why the ‘product security executive’ needs recognition: embedded (Embedded.com) The skill set of the product security executive (PSE) combines engineering, cybersecurity, threat modeling, secure coding & risk management.
Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack (Dark Reading) SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.
Why Empathy Is the Key to Better Threat Modeling (Dark Reading) Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it "everybody's thing" is communication between security and development teams.
5 Signs the World Isn’t Paying Enough Attention to 5G Security (CSO Online) With each successive generation, advances in mobile technology have trained us to expect ever-faster mobile speeds and the ability of the signal to transport ever-greater loads of data. Increased data transfer rates enabled 3G to handle larger capacities, and that generation was the first to have serious broadband capabilities. As 4G LTE rolled out, mobile signals could now support interactive multimedia, voice, and video with greater speed and efficiency.
Ahead of election season, cybersecurity agency releases toolkit to help secure local systems (American City and County) As communities prepare for election season, the Cybersecurity and Infrastructure Security Agency has released a toolkit designed to help secure systems.
U.S. Army cyber leaders help build partnership, interoperability with French Army during Fort Gordon visit (DVIDS) U.S. and French Army leaders strengthened the partnership and mutual security cooperation between the two nations during a visit by Gen. Pierre Schill, Chief of the French Army, with U.S. Army Cyber Center of Excellence (CCOE) and U.S. Army Cyber Command (ARCYBER) leaders here, Aug. 24, 2022.
It’s OK to Look Like a Cyber Hero. Just Don’t Act Like One. - (CISO Series) Security professionals should turn in the Cyber hero mentality for the "sidekick" role. Don't think you need to save everyone.
Legislation, Policy, and Regulation
Following HSAC Recommendation, DHS terminates Disinformation Governance Board (US Department of Homeland Security) Statement from the Department of Homeland Security following the recommendation from the Homeland Security Advisory Council regarding the Disinformation Governance Board
Homeland Security Scraps Disinformation Board Attacked by GOP (Bloomberg) Board became lightning rod soon after its creation this year. Democrats saw national security shield, Republicans saw threat.
Chemical Sector Next in Line for White House Plan to Incentivize Cybersecurity (Nextgov.com) Operators of chemical facilities will follow those of electric utilities, gas pipelines and water treatment plants in being asked to facilitate visibility into their systems.
Guidance 3.0: TSA Issues a Third Directive on Pipeline Security (Lexology) It has been over a year since the Colonial Pipeline cybersecurity incident, and the Department of Homeland Security’s Transportation Security…
China & Russia are "formidable" cyber adversaries: CISA's Jen Easterly (GZERO Media) The next 10 years are critical for America to defend itself from China and Russia in cyberspace, says US cybersecurity chief Jen Easterly. We'll know by then if we've won or lost the battle for tech innovation against Beijing and Moscow when it comes to things like smart cities, she tells Ian Bremmer on GZERO World.
The Privacy Flaw Threatening US Democracy (WIRED) Without robust federal protections, the country's widespread mass surveillance systems could be used against citizens like never before.
Biden announces new head of Secret Service (POLITICO) Kimberly Cheatle’s career with the agency spans more than 25 years, including numerous leadership roles.
Statement from President Biden on the Appointment of Kimberly Cheatle to be the Next Director of the United States Secret Service (The White House) I am proud to announce that I have selected Kim Cheatle to be the next Director of the United States Secret Service. Kim has had a long and distinguished
Litigation, Investigation, and Law Enforcement
Suspicious Arrests in Albania Could Forecast a NATO-Russia Clash (World Politics Review) A suspected Russian intelligence operation on the soil of NATO ally Albania may have been the first direct confrontation between NATO and Russia since Putin’s forces invaded Ukraine six months ago.
How much did former KGB officer get for betraying his colleagues to Israeli intelligence? (EU Reporter) Hacking email accounts of former and current Russian officials, as well as their relatives, can reveal some very interesting facts to the general public. No discussions about the moral here, we are not going to bandy about their personal life. Something different is of interest here - writes Hanna Braun. Suspicious cash inflows to a […]
Finnish journalists on trial in rare defence intelligence case (Reuters) Three journalists from Finland's largest daily are expected to appear in a Helsinki court on Thursday, suspected of publishing classified defence intelligence in an unprecedented case for the Nordic country renowned for its press freedom.
Twitter faces scrutiny from EU watchdogs after Mudge report (TechCrunch) Two national data protection authorities in the EU (Ireland and France) have confirmed to TechCrunch they are following up on the Twitter whistleblower complaint
Twitter whistleblower to testify in Congress about security failures (Washington Post) Peiter Zatko will appear before the Senate Judiciary Committee next month pursuant to a subpoena
The Most Damning Allegation in the Twitter Whistleblower’s Report (WIRED) Peiter “Mudge” Zatko’s claims about the company’s lax security are all bad. But one clearly captures the extent of systemic issues.
‘False Narrative': Twitter Dismisses Whistleblower's Claim Of Sensitive User Data Breach (ABP Live) Twitter CEO Parag Agrawal dismissed Zatko's claims as a 'false narrative' and called it 'frustrating and confusing to read'.
Twitter whistleblower won hacker acclaim for exposing software flaws (Washington Post) From the L0pht and Cult of the Dead Cow to DARPA and Google, Peiter ‘Mudge’ Zatko took unorthodox approaches to ‘make a dent in the universe’
Jack Dorsey’s Other Company Hit With Lawsuit Over Alleged Negligent Data Security Practices (Gizmodo) The suit accused Block of failing to properly prevent a former employee from gaining access to millions of Cash App investing customers' data.
Jack Dorsey’s Payments Company Block Is Sued For ‘Negligent’ Security After Breach Of 8.2 Million Users’ Data (Forbes) The company formerly known as Square is facing a class action in which the Twitter cofounder’s business is accused of being “negligent.” It comes as a former Twitter security exec dropped bombshell allegations about the ways in which it handles data.
Top crypto company defies U.S. sanctions on service that hid stolen assets (Washington Post) The decision by Tether, the issuer of the world’s largest stablecoin, signals broader industry resistance to the Treasury Department’s sanctioning of Tornado Cash
Officials’ personal info published online by government lawyers in ‘regrettable’ data leak (PublicTechnology.net) The Government Legal Department has launched an investigation after a data leak in which the names of civil servants claiming expenses was published online.
Sephora Agrees to $1.2 Million Settlement of Data Privacy Charges (Wall Street Journal) The proposed deal would be the first enforcement action under the California Consumer Privacy Act, the state’s attorney general said.