Dateline Moscow, Kyiv, Oslo, Paris, London, and Washington: Drone strikes and disinformation.
Ukraine at D+242: Infrastructure remains a target. (CyberWire) Drone strikes continue, and Ukrainian air defenses improve. Russian seeks to stabilize its lines as Ukraine's counteroffensive continues. Russian cyberattacks against energy infrastructure remain a threat, but at this point more a potential than an actual threat. Shifts in Russian propaganda.
Russia-Ukraine war: List of key events, day 243 (Al Jazeera) As the Russia-Ukraine war enters its 243rd day, we take a look at the main developments.
In Calls With Russia’s Defense Minister, Europe and U.S. Warn Against Escalation (New York Times) The Pentagon said the U.S. defense secretary had rejected any pretext for Russian escalation in his call with Sergei K. Shoigu.
Ukraine hit by another wave of strikes, power outages across country (Washington Post) Russian missiles rained down on locations across Ukraine early Saturday morning, leaving cities and villages without power and the population bracing for more attacks, while Kyiv officials increased their calls for Western governments to urgently provide antiaircraft systems.
Ukraine Works to Restore Electricity After Russian Missile Barrage (Wall Street Journal) Almost 1.5 million Ukrainians were left without power after Russia unleashed a volley of cruise missiles on Saturday—the latest salvo in a campaign to deprive the country of heat and light as winter sets in.
Ukrainians cuddle pets and put up plastic sheets for windows to keep warm as winter bites (The Telegraph) Residents in Irpin struggle to heat their damaged homes and cook food without electricity as Russia attacks power stations causing blackouts
‘We Heard It, We Saw It, Then We Opened Fire’ (New York Times) With an intense, hastily assembled effort, the Ukrainian military is pioneering successful techniques in the difficult art of anti-drone warfare.
Putin's army retreats from around Kherson (The Telegraph) Ukraine’s military says Russian forces are using barges to move equipment across the river and have 2,000 soldiers covering the retreat
Ukraine war latest: Kherson's pro-Russian occupiers launch militia to defend city (The Telegraph) Moscow forces have issued a call to arms amid a looming Ukrainian counteroffensive to recapture Kherson city.
EXPLAINER: What would retreat from Kherson mean for Russia? (AP NEWS) Ukrainian forces pressing an offensive in the south have zeroed in on Kherson, a provincial capital that has been under Russian control since the early days of the invasion.
Russian warplane slams into a residential building in second crash in less than a week (Task & Purpose) It's the 11th confirmed non-combat crash of a Russian military aircraft since the invasion of Ukraine began in late February.
In bloody battle for Bakhmut, Russian mercenaries eye a symbolic prize (Washington Post) The crash and roar of artillery rarely stops in this east Ukrainian city. In the cold and broken houses, residents huddle by candlelight and pray that they have safety in numbers. On the battlefield, soldiers on both sides are dying in droves.
Ukraine Enters a Dark New Era of Drone Warfare (WIRED) A series of deadly attacks using Iranian “suicide drones” shows Russia is shifting gears in the conflict.
22 torture chambers found in liberated Kharkiv Oblast; people were brought to Russia for torture (Ukrainska Pravda) Law enforcement officers have discovered 22 torture chambers in the liberated territories of Kharkiv Oblast.
How Russia organized its torture chamber network in Kharkiv Oblast (Kyiv Independent) War veteran Serhii Chepurnyi recently turned 40. This year, he didn't celebrate his birthday.
10 Torture Sites in 1 Town: Russia Sowed Pain, Fear in Izium (FRONTLINE) Russian torture in Izium was arbitrary, widespread and absolutely routine for both civilians and soldiers throughout the city, an Associated Press investigation has found.
Opinion Putin’s war crimes victims are joining forces — and they want him behind bars (Washington Post) Russian President Vladimir Putin’s forces have committed countless war crimes over the past decade in Syria. Now, he is putting the very same people, weapons and tactics implicated in those atrocities to fresh use in Ukraine.
Ukraine war: Path of further escalation ‘must be reversed’, Security Council hears (UN News) Russia’s military escalation in Ukraine will lead to more suffering worldwide and must be reversed, said the UN’s political affairs chief on Friday, adding that further talk of possible nuclear weapons use could lead to a “dangerous spiral”.
Putin Is Making Nuclear Warfare the New Normal (Bloomberg) If Russian attempts at nuclear blackmail are seen to succeed, the world will be a more dangerous place forever.
The U.S. Army's 101st Airborne is practicing for war with Russia just miles from Ukraine's border (CBS News) U.S. troops in Romania are extremely close to Putin's war, conducting exercises with NATO allies that "replicate exactly what's going on" over the border.
‘Star Wars’ actor Mark Hamill sends 500 drones to Ukraine (Military Times) Mark Hamill of 'Star Wars' is donating big time to Ukraine.
Joint Statement on Ukraine - United States Department of State (United States Department of State) The text of the following statement was released by the Governments of the United States of America, France, and the United Kingdom. We, the Foreign Ministers of France, the United Kingdom, and the United States, reiterate our steadfast support for Ukraine’s sovereignty and territorial integrity in the face of Russia’s ongoing aggression. We remain committed […]
Russia's defense chief warns of 'dirty bomb' provocation (AP NEWS) Russia’s defense chief on Sunday alleged that Ukraine was preparing a “provocation” involving a radioactive device, a stark claim that was strongly rejected by Ukrainian and British officials amid soaring tensions as Moscow struggles to stem Ukrainian advances in the south.
Britain warns Russia against escalating the war in Ukraine after false ‘dirty bomb’ claim (The Telegraph) Ben Wallace refutes General Sergei Shoigu's allegations that the UK is helping Kyiv gather nuclear material to use on the battlefield
Russian and US defence ministers discuss Ukraine war in rare talks (the Guardian) Few details given but Ukraine discussed in second call between Lloyd Austin and Sergei Shoigu since war began
Austin Discusses War With Ukrainian Defense Minister (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III assured Ukrainian Defense Minister Oleksii Reznikov the United States, its allies and partners will continue to work with Ukraine.
Turkish, Russian defense ministers discuss regional security, Ukraine war (AA) Hulusi Akar, Sergei Shoigu exchange views on bilateral, regional defense issues, including ongoing Russia-Ukraine war - Anadolu Agency
Ukraine's cyber chief calls for global anti-fake news fight (Register) 'Completely new approaches should be developed to prevent the influence of this propaganda'
Russia Wages Winter Information War Against the West (Foreign Policy) The Kremlin is headhunting useful idiots to undermine European unity before Kyiv can prevail.
Russian state TV boss says drown Ukrainian children, burn families alive (Newsweek) Defense analyst Michael Clarke said the racist exchange was an example of "the complete moral degeneracy" of Vladimir Putin's Russia.
Ukraine urges global ban of Russia's RT after presenter calls for drowning of Ukrainian children (Reuters) Ukraine branded the Russian state-controlled RT media outlet as an inciter of genocide on Sunday after a presenter said Ukrainian children who saw Russians as occupiers under the Soviet Union should have been drowned.
RT presenter says ‘just drown those children’ as he promotes genocide in Ukraine (The Telegraph) Anton Krasovsky mimics grabbing youngsters by the scruff of their necks and throwing them into a river during chat show
Ukraine Could Still Face Cyberattacks, Experts Say (CNET) Ukraine's cyberdefenses have shown they're up to the challenge of facing Russia, but the conflict may be intensifying.
Fears over Russian threat to Norway's energy infrastructure (AP NEWS) Norwegian oil and gas workers normally don’t see anything more threatening than North Sea waves crashing against the steel legs of their offshore platforms. But lately they have noticed a more troubling sight: unidentified drones buzzing in the skies overhead.
Norway PM: Russia poses ‘real and serious’ cyber threat to oil and gas industry (The Record by Recorded Future) Norway’s prime minister Jonas Gahr Støre warned on Thursday that Russia poses “a real and serious threat” to the country’s oil and gas industry amid criticisms that the Scandinavian country has acted too slowly to protect its petroleum sector from cyberattacks.
Ukraine war cuts ransomware as Kremlin co-opts hackers (The Telegraph) Incidents are estimated to have declined 10pc over the last quarter
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia (The Record by Recorded Future) The Record spoke with expert Kenneth Geers about the cyber war between Russia and Ukraine and the likelihood of a major Russian cyberattack on the U.S.
Putin’s energy war against Europe also targets the US. Here’s how Washington can fight back. (Atlantic Council) Washington can do more to mitigate this crisis by boosting crude oil supply, increasing cleaner gas production, and reforming the way it grants permits for new energy projects.
Veteran Israeli Diplomat: ‘We Are Only Part of the West When It Suits Us’ (Foreign Policy) Alon Liel discusses the lack of arms for Ukraine and the long-term damage accommodating Moscow could do.
Iran has declared war on Britain and the West (The Telegraph) By siding so openly with Putin, Tehran has shown its true aim — to challenge Nato by all means possible
Ex-empires Iran and Russia forge new bonds as both blame their woes on the West (Atlantic Council) From a societal level, Russia and Iran would seem to have little in common. However, the West, Russian and Iranian rulers jointly believe, want to overthrow their regimes, and don’t care if the alternative is chaos.
Putin’s War Escalation Is Hastening Demographic Crash for Russia (Bloomberg) President Vladimir Putin spent years racing against Russia’s demographic clock, only to order an invasion of Ukraine that’s consigning his country’s population to a historic decline.
Cyprus, a haven for Russian expats, welcomes techies fleeing Ukraine war (Washington Post) On the wide and shallow Larnaca beach, a group of young, pale men huddled over their phones disrupted the otherwise idyllic scene of blissful, tanned British and German tourists lying on the neatly arranged beige loungers.
War Is an Ecological Disaster—but Ukraine Can Build Back Greener (WIRED) Russia’s invasion is reversing years of environmental progress. But the world can help Ukraine reconstruct its damaged landscape and energy systems.
Attacks, Threats, and Vulnerabilities
CISA Alert AA22-294A – #StopRansomware: Daixin Team. (CyberWire) FBI, CISA, and Department of Health and Human Services are releasing this joint advisory to provide information on the Daixin Team, a cybercrime group that is actively targeting U.S. businesses, predominantly in the Healthcare and Public Health Sector.
#StopRansomware: Daixin Team (CISA) Actions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released. • Require phishing-resistant MFA for as many services as possible. • Train users to recognize and report phishing attempts.
CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware (The Hacker News) U.S. cybersecurity and intelligence agencies warn of Daixin Team hackers attacking healthcare organizations with ransomware.
Iranian Cyber Group Emennet Pasargad Conducting Hack-and-Leak Operations Using False-Flag Personas (FBI) The FBI is providing information concerning ongoing hack-and-leak cyber operations conducted by Iranian cyber group Emennet Pasargad. According to FBI information, since at least 2020, Emennet targeted entities primarily in Israel with cyber-enabled information operations that included an initial intrusion, theft and subsequent leak of data, followed by amplification through social media and online forums, and in some cases the deployment of destructive encryption malware.
FBI warns Iranian hackers active ahead of the U.S. midterms (NBC News) The FBI says the Iranian government-tied hacker group, which tried to interfere in the 2020 election posing online as “Proud Boys,” is a threat.
FBI Warns of Attacks From Iranian Threat Group Emennet Pasargad (Decipher) The FBI is warning companies about hack-and-leak operations from Iranian threat actor Emennet Pasargad.
Iran Hackers Behind Attempt on US Election Are Still Active (Gov Info Security) Emennet Pasargad, the Iranian cyber threat actors behind an attempt to disrupt the U.S. presidential election in 2020, remains active, warns the FBI. The group
FBI warns of ‘hack-and-leak’ operations from group based in Iran (The Record by Recorded Future) The FBI released an alert this week warning of hack-and-leak operations targeting organizations in the U.S. and Israel.
Iran's Atomic Energy Agency Says Its E-Mail Server Was Hacked (RadioFreeEurope/RadioLiberty) Iran's Atomic Energy Organization has said that an e-mail server belonging to one of its subsidiaries was hacked from a foreign country, state media reported on October 23. The agency said the hackers published some information online.
Iran says ‘specific foreign country’ behind hacktivist leak of atomic energy emails (The Record by Recorded Future) Iran’s Atomic Energy Organization (AEOI) said on Sunday that “a specific foreign country” which it did not name was behind the hacking of an email server a hacktivist group claimed responsibility for.
Iran’s Top Nuclear Agency Says Its Email Servers Were Hacked (Bloomberg) Statement follows claims by hacktivists they accessed messages. Iran under mounting pressure over protests and UAVs to Russia.
TikTok accused of tracking targeted individuals, ad disinformation failures (Computing) TikTok reported to be tracking specific US citizens, while TikTok and Facebook failed to block ads containing blatant misinformation about the upcoming US midterm elections
With All Eyes on Russia, China Continues to Strike (HolistiCyber) With all eyes on Russia many enterprises are forgetting about the other silent predator, China. Learn why they strike & how to stay protected
WarHawk: the New Backdoor in the Arsenal of the SideWinder APT Group (Zscaler) SideWinder APT, an Indian threat group, has been targeting Pakistan in threat campaigns using a new backdoor called "WarHawk." Read the ThreatLabz analysis.
Indians Are Being Monitored By A Cloned WhatsApp Software That Records Audio And Video 2022 (Inventiva) Among the most used apps in India is WhatsApp. More than 400 million Indians actively use the Meta-owned app. Several WhatsApp clone apps are online, even if
Widely used Android apps found to have Clicker malware (SC Media) Sixteen Android apps downloaded more than 20 million times have been found to be infected with the new Clicker malware, which facilitates mobile ad fraud, reports The Hacker News.
Hackers exploit critical VMware flaw to drop ransomware, miners (BleepingComputer) Security researchers observed malicious campaigns leveraging a critical vulnerability in VMware Workspace One Access to deliver various malware, including the RAR1Ransom tool that locks files in password-protected archives.
Broken Dreams and Piggy Banks: Pig Butchering Crypto Fraud Growing Online (Proofpoint) Proofpoint tracks multiple threats known as Sha Zhu Pan, or “Pig Butchering” threats. These are confidence-based threats similar to romance scams.
Thousands of GitHub repositories deliver fake PoC exploits with malware (BleepingComputer) Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware.
EnergyAustralia latest to be hit by cyber-attack as details of hundreds of customers exposed (the Guardian) Electricity company says attack accessed information on 323 customers but ‘no evidence’ data was transferred elsewhere
Change your password now: Another Australian company hit by cyber attack (7NEWS) ‘We apologise for the concern that this issue may have caused our customers.’
Medibank hack turned into a data breach: The attackers are demanding money (Help Net Security) Medibank, Australia's largest private health provider, has confirmed that last week's "cyber incident" has resulted in a data breach.
Wholesale giant METRO hit by IT outage after cyberattack (BleepingComputer) International wholesale giant METRO is experiencing infrastructure outages and store payment issues following a recent cyberattack.
Cyber attack on Metro (Basic Tutorials) The wholesaler Metro has fallen victim to a cyber attack. There were slight disruptions to operations. The stores remained open.
Data breach in Advocate Aurora Health system may have exposed up to 3M patients' information (Wisconsin Public Radio) A data breach in the Advocate Aurora Health hospital system may have exposed up to 3 million of Wisconsin and Illinois patients' personal health information to outside companies like Google and Facebook.
St. Amant Centre suffers data breach (iHeart Radio) An organization supporting persons with intellectual disabilities says it has been the victim of a data breach.
More than 10,000 data breaches by Scottish local authorities (The Ferret) Scottish local authorities have recorded more than 10,000 data breaches over the last five years, The Ferret can reveal.
Cyberattack on Indianapolis Housing Agency has landlords, tenants concerned (WTHR) As the agency works through what it's calling a ransomware attack, landlords are missing rent reimbursements and tenants are getting nervous.
2022 Dark Web Hacked Social Media Prices and Trends (Whizcase) Social media and entertainment accounts sold illegally are now carving out their niche in Dark Web marketplaces.
Security Patches, Mitigations, and Software Updates
Cisco Releases Security Update for Cisco Identity Services Engine (CISA) Cisco has released a security update to address vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page.
Failed Cobalt Strike fix with buried RCE exploit now patched (The Daily Swig) The fix was developed at a running pace as Cobalt Strike is essential to Red Team operations
Trends
Comcast Business Research Shows Cybersecurity Remains a Persistent, Complex Problem for SMBs (Comcast) Comcast Business SecurityEdge™ blocks up to 70 million instances of malicious bot activity and 30 million phishing attempts a day
Half of SMBs are not worried about the risk posed by ex-employees (IT-Online) A recent global Kaspersky study on the behaviour of small and medium businesses during crises shows staff reductions may cause additional cybersecurity risks. Yet only 51% of organisations’ leaders are confident that their ex-emploees don’t have access to company data stored in cloud services, and just 53% are sure that former workers can’t use c […]
Irish firms sharpen focus on data safety as 72% too open to attack (Irish Examiner) Cyberattacks occur globally every 11 seconds, so it’s no longer a matter of ‘if’ but ‘when’ a business will encounter an attack
Executives Demand Converged Solutions to Cybersecurity | Focal Point (Tanium) Can you ever have too much cybersecurity in your organization? Not exactly, but you can have too many tools. Here’s why less is more.
Dashlane shares the new report on the assessment of global password health (Research Snipers) A recent news report from Dashlane reveals that most of us are not protected as...
Construction faces a cyber security challenge (Construction News) SPONSORED CONTENT By James Chambers, director, global industry development, Bluebeam The construction industry has proven to be resilient in the face of
Marketplace
Why Cyber Insurance? Because SMBs Are A ‘Priority For The Bad Guys' (CRN) Cyber insurance is a must-have for businesses, but even more so for SMBs, channel executives say.
Godspeed Capital-Backed SilverEdge Partners with Counter Threat Solutions (Business Wire) SilverEdge Government Solutions (“SilverEdge”) today announced it has partnered with Counter Threat Solutions, LLC (“CTS”), a leading provider of all
Qualys acquires Blue Hexagon’s AI/Machine Learning platform (ITP.net) This acquisition will enable Qualys to leverage its Cloud Platform and its more than 10 trillion data points to uncover behaviour patterns.
FRANCE/ITALY : Cyber offence specialist Cy4gate reinforces its presence in France by buying Diateam (Intelligence Online) Italian cyber-intelligence company Cy4gate is taking over cybersecurity company Diateam, which has strong connections in the French defence sector.
$2.5 Billion–Valuation Security Firm Cybereason Hires JPMorgan to Find Buyer (The Information) Cybereason, a prominent Israeli security software firm valued at $2.5 billion by investors including Google, SoftBank and ex-Treasury Secretary Steve Mnuchin’s private equity firm, has hired JPMorgan Chase & Co. to find a buyer, according to a person with direct knowledge of the matter. The ...
Cybereason Explores Sale After Scrapped IPO, Layoffs: Report (CRN) Cybersecurity company Cybreason is reportedly considering a sale after a scrapped IPO and layoffs.
NINJIO acquires Israeli behavior-based cybersecurity company DCOYA (Israel Defense) The combination of NINJIO's cybersecurity content with DCOYA's powerful machine-learning-driven cybersecurity awareness platform will give CISOs and other company leaders the most effective cybersecurity awareness training toolkit on the market
IronNet joins Space ISAC to protect infrastructure essential to missions and exploration in space (Help Net Security) IronNet was named the newest Gold member of the Space ISAC to identify and respond to threats to the space mission.
Intel Layoffs: Will Intel Stock Keep Going Up By Cutting Costs? (Forbes) Intel is expected to announce major layoffs of its workforce next month, lifting the stock price, but causing investors to debate whether or not the stock is a good buy.
Honeywell Recognized As Leader In Industrial Security Consulting And Managed Services By Westlands Advisory (Honeywell) Honeywell announced today that Westlands Advisory, a leading security industry analysis and strategy firm, has named it as a “leader” in the independent research firm’s Industrial Security Consulting & Managed Services Navigator 2022 report.
How KnowBe4 Made Billions as a Homegrown Company (Tampa Bay Business Journal) The multibillion-dollar price tag goes beyond a win for the company — it showcases the potential Tampa Bay companies can now achieve.
Cisco Security Exec Exits (SDxCentral) Cisco Security Chief Strategy Officer Dug Song who co-founded Duo Security left the networking giant earlier this month.
Products, Services, and Solutions
New infosec products of the week: October 21, 2022 (Help Net Security) The featured infosec products this week are from: AwareGO, Code42, Corelight, EnigmaSoft, Exabeam, Mandiant, and RSA.
Kaspersky Threat Intelligence portal extends its free services with new and updated features (The Times of India) Kaspersky Threat Intelligence portal has extended its free services to help enterprises speed up and improve threat analysis. The Threat Heatmap, whic
How Dashlane secures and changes your online experiences (Digital Trends) Dashlane is a password manager and online companion that completely changes how you log in to accounts and secure data. It's for individuals and businesses.
HP Wolf Security expands endpoint protection with Sure Access Enterprise (SiliconANGLE) HP Wolf Security expands endpoint protection with Sure Access Enterprise - SiliconANGLE
AU10TIX Protect Businesses Against $3.3B in Fraud in 2022 (PR Newswire) AU10TIX, a leading global provider of fully automated identity verification technology powered by cutting-edge machine learning and artificial...
Product showcase: ImmuniWeb Discovery - attack surface management with dark web monitoring (Help Net Security) ImmuniWeb Discovery will automatically seek every single IT asset, trademark, brand, employee name and other keywords on the dark web.
Nok Nok, a Global Leader in Customer Passwordless Authentication, Rele (PRWeb) Nok Nok, a leader in FIDO customer authentication (Fast IDentity Online) and a founder of the FIDO Alliance, today announced full support for passkeys -
Forward Networks Named to Department of Homeland Security's Continuous Diagnostics and Mitigation Program's Approved Product List (PR Newswire) Forward Networks today announced that the Department of Homeland Security (DHS) has named Forward Enterprise to the Continuous Diagnostics and...
Technologies, Techniques, and Standards
Lesson Learned: How SolarWinds Strengthened its Security Post-Incident (Infosecurity Magazine) Tim Brown, CISO at SolarWinds shared his experiences remediating a major cyber-attack during Mandiant’s mWISE event
IoT Security Ratings: Survey Explores Cybersecurity Labeling System (BlackBerry) More countries around the world are considering the development of labeling systems for Internet of Things (IoT) devices and a new survey reveals consumers welcome the idea of having insights into the relative cybersecurity of the devices they buy.
Your Microsoft Exchange Server Is a Security Liability (WIRED) Endless vulnerabilities. Massive hacking campaigns. Slow and technically tough patching. It's time to say goodbye to on-premise Exchange.
UK and US launch joint military operation to tackle cyberthreats (PublicTechnology.net) The UK and the US are to embark upon a joint military operation to help combat cyberthreats faced by the two nations. The Ministry of Defence announced this week that the UK Strategic Command – which oversees resources and operations that cut across the three Armed Forces and their domains – will take part in the operation.
Space Force's 'Digital Bloodhound' project will sniff out cyberthreats (Breaking Defense) "If we're gonna protect and defend the architecture, it can't be just something that we do against just the space threat. It's got to be against the holistic threat of both space and cyber," said SSC's Brig. Gen. Tim Sjeba.
6 Cybersecurity Conversation Starters to Use with Clients (Channel Futures) Cybersecurity conversation starters can help VARs and MSPs strike up a stress-free discussion with their clients and customers.
Design and Innovation
Google announces GUAC open source project on software supply chains (The Record by Recorded Future) Google unveiled a new open source security project called GUAC centered around software supply chain management.
CrowdStrike Advances to Research Partner with the MITRE Engenuity (CrowdStrike) CrowdStrike is now a Research Partner with MITRE Engenuity, joining select leaders and practitioners contributing to public research to advance cybersecurity.
Research and Development
Kaspersky patents technology for analysing relationships between electronic devices (IT-Online) Kaspersky’s latest invention is intended for logically linking various electronic devices into a single network around the account of the owner and identifying similarities between device configurations. The technology will help to prevent any user devices from becoming a vector of attack on another device or user data and will inform them if their configuration […]
Academia
IBM Grants a Total of $5 Million in-kind to Bolster Schools' Cybersecurity Preparedness (IBM Newsroom) To help schools worldwide proactively prepare for and respond to cyberattacks, IBM announced the first eight recipients of the 2022 IBM Education Security Preparedness Grants, totaling $5 million in in-kind services.
Wilson: Cyber attack could undermine national confidence (Madison Daily Leader) Heather Wilson still has a military bearing. When she enters a room, she enters with her hand cordially extended but her back – to fall back on cliché – is
Legislation, Policy, and Regulation
After cutting ties with Iran, Albanian PM arrives in Israel to talk cybersecurity (Times of Israel) Edi Rama blames Tehran for series of attacks in July, will meet with Israel's cyber czar; Dutch PM also slated to land this week
S. Korea to participate in US-led cyber exercise for 1st time (Korea Times) South Korea's military is set to participate in a U.S.-led multinational exercise on cyber operations this week, the defense ministry said Monday, amid growing security threats from North Korea.
Is an 'epoch-making' agreement between Australia and Japan in the works? (Breaking Defense) "Two new aspects in the revised declaration are intelligence sharing, and greater interoperability. The latter is already underway, so the question is what is actually new here? More detail is required," Japan analyst Rikki Kirsten said.
U.S. urges Mexico not to buy Chinese scanners for the border (Washington Post) As the Biden administration revamped security technology at the U.S.-Mexico border this year, officials learned of an unexpected national security threat developing on the other side of the Rio Grande. The Mexican government was preparing to purchase hundreds of millions of dollars of Chinese scanning equipment for its own checkpoints.
Llewelyn-jones: UK Will Continue to Collaborate with Nigeria on Cyber Security (This Day) The British High Commissioner in Nigeria, Ben Llewelyn-jones, at the weekend in Lagos, reiterated the commitment of the government of the United Kingdom (UK), to address cyber security issues across Nigeria, in collaboration with the Nigerian government
Is cyber-security important to Pakistan? (The Express Tribune) Federal minister for IT says over 900,000 hacking incidents take place in country daily
Tougher penalties for serious data breaches (Australian Government: Attorney General) The Albanese Government will next week introduce legislation to significantly increase penalties for repeated or serious privacy breaches.
Australia flags increased penalties for data breaches following major cyberattacks (Reuters) Australia will introduce laws to parliament to increase penalties for companies subject to major data breaches, Attorney-General Mark Dreyfus said, after high-profile cyberattacks hit millions of Australians in recent weeks.
Australia flags new corporate penalties for privacy breaches (AP NEWS) Australia on Saturday proposed tougher penalties for companies that fail to protect customers’ personal data after two major cybersecurity breaches left millions vulnerable to criminals.
'Government has made it pretty clear it just wants a free pass', ORG on GDPR replacement (Computing) The draft Data Protection and Digital Information Bill is a data grab, the advocacy group says
A former official talks past, present and future of cyber at the Justice Department (Washington Post) John Carlin had a lot of cyber in his portfolio as a principal associate deputy attorney general at the Justice Department. The New York Times described his job as “one of the most powerful and under-the-radar posts” at DOJ.
Colo. Privacy Rules Spotlight Emerging Patchwork Of Laws (Law360) Colorado's attorney general has delivered much-needed clarity on how the state's new privacy rules are likely to be enforced, while also highlighting areas of growing tension on topics like consent and consumer opt-outs that companies should focus on moving forward, experts say.
Litigation, Investigation, and Law Enforcement
Myanmar Joins North Korea and Iran on Global Illicit Finance Blacklist (Wall Street Journal) The Financial Action Task Force’s action follows last year’s military coup and could further isolate the junta-controlled nation.
When cops hack back: Dutch police fleece DEADBOLT criminals (legally!) (Naked Security) Crooks: Show us the money! Cops: How about you show us the decryption keys first?
EyeMed’s $4.5 Million Cyber Fine Shows Ramped-Up Regulation of Financial Firms (Wall Street Journal) EyeMed Vision Care LLC’s $4.5 million settlement last week over a New York cybersecurity probe is the latest signal regulators are turning up the heat on financial-services firms.
A long-dormant Texas privacy law is finally being put to use against tech giants (The Record by Recorded Future) On Thursday, Texas Attorney General Ken Paxton activated a state privacy law again, alleging that Google’s data practices violated the 2009 CUBI Act.
Twitter Tumbles as US Weighs Security Reviews for Musk Deals (Bloomberg) Concerns over Musk’s stance on Russia, threat to cut Starlink. Musk also considering cutting Twitter’s workforce by 75%.
Threat to campus (W&M News) The William & Mary Emergency Alert Team sent the following messages to the campus community on Oct. 22, 2022.
ICO serves Interserve £4.4m fine after cyberattack (Computing) The regulator said Interserve lacked adequate systems, protocols, risk assessments and staff training.
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack (the Guardian) Watchdog says phishing email enabled hackers to steal personal information of 113,000 employees
Paramount Knew About Data-Sharing, CBS Subscriber Says (Law360) A woman accusing Paramount of secretly disclosing CBS.com subscribers' personal viewing information to Facebook is fighting the company's attempt to toss her suit, arguing the company cannot claim it did not actually know the information was being shared.
UK: Hacker who stole Sheeran songs sentenced to 18 months (AP NEWS) A computer hacker who stole unreleased songs from British pop star Ed Sheeran and American rap artist Lil Uzi Vert has been sentenced to 18 months in prison, U.K. prosecutors said Friday.