Luna Moth's callback phishing. Mustang Panda activity. DEV0569's malvertising. US indicts 10 in BEC case. Cyber auxiliaries.

Dateline Moscow and Kyiv: Russian Milbloggers call for hard war.

Ukraine at D+270: Rise of the Russian milbloggers. (CyberWire) Russia is feeding recent conscripts into prepared defensive positions in occupied territory. A new round of partial mobilization is rumored to be in the offing, and milbloggers seek to rally Russian public opinion by calling for a harder, more ruthless war.

Russia-Ukraine war: List of key events, day 271 (Al Jazeera) As the Russia-Ukraine war enters its 271st day, we take a look at the main developments.

Polish Military Chief Says Russia is Escalating on NATO’s Border (Defense One) After missile debris kills Poles, Ukrainian officials say “air shield” talks with allies are underway.

Zelensky advisor: 'Important' to wait for results of Poland missile explosion investigation (Breaking Defense) “It's a little bit not right to say that it's a Ukrainian rocket or a Russian rocket” before Poland reaches the result of its investigation, Zelensky advisor Andrii Yermak told attendees of the Halifax International Security Conference via teleconference.

‘Tyranny and turmoil’ in Russian invasion, US defense secretary says (Military Times) U.S. Defense Secretary Lloyd Austin called Russian President Vladimir Putin’s invasion the worst crisis in security since the end of the Second World War.

Russia-Ukraine war latest: 'Powerful blasts' at Zaporizhzhia nuclear plant (The Telegraph) "Powerful explosions" shook the area around Ukraine's Zaporizhzhia nuclear plant on Sunday, according to the International Atomic Energy Agency.

Russia-Ukraine war: Russia pounds Kherson with rockets and artillery (The Telegraph) A series of explosions rang out across Kherson on Monday morning amid reports of increased Russian shelling on the recently liberated territory.

Videos reportedly shows massive fireball blast near Russia's St. Petersburg (Newsweek) Local authorities quoted by The Euro Weekly News said that the fire caused no "threat to the population."

Explosion on gas pipeline near St. Petersburg causes major fire (Yahoo) An explosion and fire hit a gas pipeline in Russia’s Leningrad Oblast on Nov. 19, with a massive ball of flame being visible for over 10 kilometers around the blast site.

Watch - Explosion at gas pipeline near Russia's St. Petersburg (Express.co.uk) Watch flames rise at a gas pipeline in Russia after a destructive explosion tears through the energy bank.

Gas Pipeline On Fire Near Russian City Of St. Petersburg (Ukrainian News) Residents of the Russian town of Murino, which is a few kilometers from St. Petersburg, report a strong fire, the pillar of fire can be seen for kilometers. This is stated in the message of the administration of the Leningrad Oblast, the text of which is posted on the social network.

Two huge explosions in Russia leave at ‘least nine dead, including children’ (London World) Two huge explosions in Russia yesterday have left at least nine people dead including four children, according to local authorities

Ukraine confronts tougher fight in push to extend battlefield wins (Washington Post) Not far from this village on the east bank of the Oskil River, Ukrainian forces have hit a wall of Russian resistance as they try to extend a counteroffensive that just two months ago was sweeping across nearby lands at a stunning clip.

PM announces new air defence for Ukraine on first visit to Kyiv (GOV.UK) Prime Minister confirms UK will bolster Ukraine’s air defence against barbaric aerial assault.

Ukrainians Returning to Liberated Towns Find Utter Destruction (Foreign Policy) For many coming home to Ukraine’s east, their prewar lives are a distant dream.

Cold and dark: Kyiv readies for 'worst winter of our lives' (AP NEWS) When the power is out, as it so often is, the high-rise apartment overlooking Ukraine’s war-torn capital feels like a deathtrap. No lights, no water, no way to cook food. And no elevator by which to escape from the 21st floor should a Russian missile strike.

Russia Ukraine war: Rishi Sunak meets Zelensky in surprise visit to Ukraine (The Telegraph) Rishi Sunak has travelled to Ukraine to meet with President Volodymyr Zelensky in Kyiv as he announced a £50 million military package for the country.

Russia fortifies Crimea as it anticipates further Ukrainian breakthroughs (The Telegraph) Russia is digging trenches as far as 40 miles behind the front line, suggesting it is nervous about how far Ukrainian forces could reach

Ukraine’s Kherson Win Shifts Dynamics Across Whole Front With Russia (Wall Street Journal) Kyiv’s recent recapture of this southern city enables it to target Russian supply lines running to the Crimean Peninsula, while Moscow strives to redeploy withdrawn troops to Donbas.

Putin's elite Wagner forces spotted surrendering from drone footage (Express.co.uk) A drone has been used to "lead" a Russian soldier towards a "safe surrender".

Putin's covert conscription will flood "overburdened" Russian forces: ISW (Newsweek) The U.S. think tank said the Kremlin is preparing for a second draft of troops to fight in Ukraine.

Putin drafting occupied Ukrainians could fuel "mutiny," desertions (Newsweek) Ukraine's General Staff said Russia was drafting a law to legalize conscripting Ukrainians in Russian-occupied territories who have a Russian passport.

Ukraine held off Russia for nine months. Here's what it needs to keep going (Breaking Defense) Despite its ingenuity when it comes to available weapons, Ukraine still has a number of requirements it hopes to fill with help from Western nations.

Austin Says Ukraine Matters to all Peoples and Nations (U.S. Department of Defense) Russia’s devastating war on Ukraine is a direct challenge to sovereignty everywhere, Secretary of Defense Lloyd J. Austin III said during a speech at the Halifax International Security Forum in

Russia Reportedly Raises $13 Billion for 2023 Defense Spending (VOA) Russia is relentlessly pounding Ukraine's energy infrastructure

Russia raised a record $13.6 billion in one day as the cost of Vladimir Putin's war with Ukraine keeps mounting (Business Insider) Russia sold more debt on November 16 to help pay for the ongoing invasion of its neighbor, according to British defence intelligence.

Iran will help Russia build drones for Ukraine war, Western officials say (Washington Post) Moscow and Tehran are said to agree on a plan to assemble Iranian-designed weapons on Russian soil

Putin's power base in Central Asia growing gun shy (Independent Australia) Post-Soviet states are seeking ties with other powers, fearing Putin's aggressive imperialism in his bid to dominate the states that were under Moscow's control as part of the USSR.

Russia Ukraine war: Rishi Sunak meets Zelensky in surprise visit to Ukraine (The Telegraph) Rishi Sunak has travelled to Ukraine to meet with President Volodymyr Zelensky in Kyiv as he announced a £50 million military package for the country.

'We survived': Kherson comes alive after Russian withdrawal (AP NEWS) A week since the southern Ukrainian city of Kherson was liberated , residents can't escape reminders of the terrifying eight months they spent under Russian occupation.

The Russians have gone. Now Kherson faces a relentless new enemy – winter (the Guardian) Residents in the newly liberated freezing city are gathering all the wood they can after the bombing devastated their power supplies

Russia says Ukrainian soldiers executed prisoners of war in Donbas region (the Guardian) A video has circulated on social media reportedly showing Ukrainian soldiers shooting at least 12 men

Shelling of Zaporizhzhia is playing with fire, says UN nuclear chief, as blasts reported (the Guardian) Explosions cause damage at Ukrainian power plant, as Kyiv says it will investigate videos allegedly of surrendering Russians being shot

Russian prison population falls dramatically as convicts are sent to fight in Ukraine (The Telegraph) The notorious Wagner mercenary group has been recruiting prisoners including murderers to shore up a faltering front line

Russian TV analyst says Moscow "clearly" not ready for Ukraine offensive (Newsweek) Russian state TV is one of Vladimir Putin's biggest cheerleaders, but politician Zakhar Prilepin acknowledged Moscow's struggles during a recent appearance.

Russian TV stars bite their tongues to feed Putin's propaganda machine (The Telegraph) After the Ukraine war broke out, liberal-minded presenters had to repeat propaganda or lose their jobs in Russia

Hunting Russian collaborators in Kherson with the soldier who knows all the secrets (The Telegraph) One plucky resident is risking life and limb to track the troops setting up a puppet government in his region – here is his story

SBU charges 11 suspected organizers of sham ‘referendum’ in occupied Zaporizhzhia Oblast (Kyiv Independent) Ukraine’s Security Service, SBU, identified 11 suspected Russian collaborators who allegedly participated in the organization of Russia's sham "referendum" in the occupied Zaporizhzhia Oblast. They allegedly organized a campaign in the occupied Ukrainian cities in support of the sham referendum and urged people to participate in it.

Russia is coming up short on medical supplies - Ukraine intel (Jerusalem Post) Ukrainian intelligence reports that the Russian Ministry of Health instructed all regions of the country to build up a stock of medicine and supplies to last at least four months.

Independent Russian media: Number of inmates shrinks sharply as prisoners are recruited to fight in Ukraine (Kyiv Independent) According to the Russian independent media outlet Mediazona that focuses on law enforcement and penal system, the number of Russian inmates went down by 23,000 in just two months, likely due to the Kremlin-backed private military company Wagner Group's recruitment of the prisoners to fight in Ukraine.

Russia Says All Missile Units Re-Armed With Nuke-Capable 'Modern & Unique' SS-26 Stone Tactical Missile System (Latest Asian, Middle-East, EurAsian, Indian News) Russia said all missile units in its armed forces had been re-armed with Iskander-M Missile systems or SS-26 Stone.

Ukraine-Russia war latest: Putin tests intercontinental ballistic missile that carries multiple nuclear warheads (The Telegraph) Russia has test-fired its new nuclear intercontinental ballistic missile just days after the Kremlin insisted that using nuclear weapons in Ukraine was out of the question.

How Close Are We to Nuclear War? (The Atlantic) Recent advances in military technology may push us closer to the edge.

Vladimir Putin’s only hope now is to terrify the West into negotiating away Ukraine’s victories (The Telegraph) It is bizarre that calls for peace talks pick up every time Kyiv shows its ability to take back territory from the Russians

Russia's elite know Putin "lost the real war": Report (Newsweek) The withdrawal from Kherson has led those within Putin's inner circle to question the end game of the Ukraine war.

"Traces of explosives" found near undersea Nord Stream gas pipelines hit by "gross sabotage" (CBS News) Swedish prosecutor said the "very complex and comprehensive" investigation would determine whether anyone could be charged "with suspicion of crime."

A journey to the site of the Nord Stream explosions (BBC News) As Sweden says the gas lines were blown up deliberately, our Europe editor reports from the scene.

Top Ukrainian official raises concerns about Elon Musk's 'manipulation' of information (Breaking Defense) Ukranian deputy prime minister Olga Stefanishyna is worried that Twitter is becoming “the major source of manipulation” under Musk’s leadership, with Musk himself “test[ing] the manipulation limits he can use.”

Government of Moldova shaken by big hack-and-leak operation (Cybernews) A weird newly-registered website called Moldova Leaks has been releasing damaging private exchanges of at least two prominent political figures in this small Eastern European country. The leaked Telegram conversations have caused a major political scandal.

EXCLUSIVE: Rounding up a cyber posse for Ukraine (The Record by Recorded Future) Washington and the tech world have been talking about public private partnerships in cyberspace for decades. The NSA and Cyber Command have intelligence about attacks; cybersecurity companies have the means to block them. It looks like they are finally working together — not in the U.S, but in Ukraine.

Tech for good: How the IT industry is helping Ukraine (Computing) Marta Kępa, Executive Director at Software Development Association Poland (SoDA), discusses the need for IT and tech companies to support people impacted by the war in Ukraine – and the Polish companies that are doing just that.

Attacks, Threats, and Vulnerabilities

Black Friday and Cyber Monday risks. (CyberWire) Cybercriminals always take advantage of the holiday season to launch scams and other attacks, and shopping scams began ramping up last month.

Tech-savvy Iranian activists reveal Islamic republic's abuses (The Telegraph) In a country where free media is banned, 1500tasvir has emerged as a hub for independent information relied upon by protesters in the street

Earth Preta Spear-Phishing Governments Worldwide (Trend Micro) We have been monitoring a wave of spear-phishing attacks targeting the government, academic, foundations, and research sectors around the world. Based on the lure documents we observed in the wild, this is a large-scale cyberespionage campaign that began around March.

Chinese 'Mustang Panda' Hackers Actively Targeting Governments Worldwide (The Hacker News) ​Chinese Mustang Panda hackers have been linked to a spate of spear-phishing attacks targeting governments, educational institutions, and researchers.

Research sector targeted in new spear phishing attack using Google Drive (HackRead) A Chinese state-sponsored APT group has launched spear-phishing attacks to target education, government, and research sectors worldwide.

DEV-0569 finds new ways to deliver Royal ransomware, various payloads (Microsoft Security) Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed DEV-0569 attacks show a pattern of continuous innovation, with regular incorporation of new discovery techniques, defense evasion, and various post-compromise payloads, alongside increasing ransomware facilitation.

DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions (Dark Reading) Although the group relies on good old phishing to deliver Royal ransomware, researchers say DEV-0569 regularly uses new and creative discovery techniques to lure victims.

Emerging Threat Actor DEV-0569 Expands Its Toolkit to Deliver Royal Ransomware (Infosecurity Magazine) As well as malvertising and phishing links, the new threat actor is now also using contact forms to deliver its payloads, found Microsoft

Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware (The Hacker News) Microsoft researchers warn of an ongoing malware campaign leveraging Google Ads to widely distribute various post-compromise malware.

Threat Assessment: Luna Moth Callback Phishing Campaign (Unit 42) Unit 42 investigates Luna Moth/Silent Ransom Group callback phishing extortion campaign that targeted businesses in multiple sectors.

‘Callback phishing’ is all the rage for hackers (Washington Post) Hackers are stepping up their attempts to lure people into calling them to try to reverse fake payments and charges, according to research out this morning.

CDSL services down due to cyber attacks (The Economic Times) Brokers said services such as pay-in, pay-out, pledge, or unpledged securities for margin were down due to system failure at the CDSL. However, trading was not affected, they added.

Phishing attacks targeting Middle East countries double ahead of World Cup: report (The Record by Recorded Future) Phishing attacks leveraging FIFA and targeting people living in Middle Eastern countries have grown 100% in the last month as the World Cup approaches.

Fielding Threats: Cyber, Influence, and Physical Threats to the 2022 FIFA World Cup in Qatar (Recorded Future) With FIFA World Cup Qatar 2022 about to kick off, Insikt Group® analyzes the threat landscape: disruptions, physical threats, influence operations, fraud, espionage, and more.

Threat actors exploiting Twitter changes after Musk takeover, research shows (The Record by Recorded Future) Cybercriminals are taking advantage of the chaos around Twitter's recent acquisition by Elon Musk.

More than 17 million control system cyber incidents are hidden in plain sight (Control Global) Control system cyber incidents are common and dangerous

Don’t download Qatar World Cup apps, EU data authorities warn (POLITICO) Two World Cup apps pose serious privacy and security risks, European privacy regulators say.

Fielding Threats: Cyber, Influence, and Physical Threats to the 2022 FIFA World Cup in Qatar (Recorded Future) With FIFA World Cup Qatar 2022 about to kick off, Insikt Group® analyzes the threat landscape: disruptions, physical threats, influence operations, fraud, espionage, and more.

Booz Allen says former staffer downloaded employees' personal data (TechCrunch) The U.S. government contractor says the exposed data includes employee names, Social Security numbers, and security clearance eligibility.

Medibank hackers release 1,500 more patient records on dark web, including mental health data (the Guardian) Company says leak includes details on chronic conditions such as heart disease and people with cancer and dementia

Fresh blow for Medibank customers as hackers release more data. Here’s what was leaked (7NEWS) Hackers continue to play games with customers of the nation’s biggest health insurer as they push for a $15 million ransom payment.

Over 100 hospitals hit by cyber-attacks is prompting calls to reevaluate cyber security (Fox News) Kroll Cyber Risk managing director John Bennett sounds the alarm on American cyber security after a huge wave of ransomware attacks plague hospitals.

Lake Charles Memorial assessing information after recent cyber attack (KPLC TV) Anyone affected by the attack will be notified in accordance with applicable laws and regulations, the statement reads.

Trends

Cyber Risk Index 1H'22 Snapshot (Trend Micro) North America Least Prepared for Cyberattacks

After the Crisis Comes the Blow – The Mental Impact of Ransomware Attacks (Northwave) We examined the mental impact of ransomware incidents on CERT employees, managers, and employees. We did that using a combination of a survey in our own CERT (Computer Emergency Response Team), interviews with CEOs, IT managers and other managers of 11 affected companies, and a survey among 352 employees of affected companies.

6 in 10 Indians report personal data breach by loan service providers (The Rahnuma Daily) New Delhi, Nov 17 (IANS) As many as 6 in 10 Indians report personal data breach by their loan service providers while 4 in 10 blame insurance providers or banks, a new report has revealed. Nearly 59 per cent with existing loans have been approached by alternate service providers to switch to another lending institution either …

Marketplace

Kite is saying farewell - Code Faster with Kite (Code Faster with Kite) From 2014 to 2021, Kite was a startup using AI to help developers write code. We have stopped working on Kite, and are no longer supporting the Kite software. Thank you to everyone who used our product, and thank you to our team members and investors who made this journey possible.

Tech Industry Layoffs Are Accelerating. What Does That Mean? (Crunchbase News) The first week of November saw about 6,473 tech workers in the U.S. laid off, by our tally — a more than 600% increase from the week before.

Why Everything in Tech Seems to Be Collapsing at Once (The Atlantic) The industry is having a midlife crisis.

The Myth of the Tech God Is Crumbling (Wall Street Journal) Society’s belief that startup founders possess extraordinary powers is harmful to everyday workers and investors.

With Crypto in Retreat, Central Banks Take a Quantum Leap (Washington Post) In the chaos surrounding the collapse of Sam Bankman-Fried’s empire, it’s easy to lose sight of what has died in this year’s crypto carnage and what lives on. The biggest casualty is “anarcho-capitalism,” championed by engineer Timothy May in the 1990s as cyberspace interactions unconstrained by external regulation, taxation or interference — in short, an absence of government.

WSJ News Exclusive | FTX’s Sam Bankman-Fried Cashed Out $300 Million During Funding Spree (Wall Street Journal) Nearly three-quarters of the $420 million that FTX raised in a fundraising blitz last year went to founder Sam Bankman-Fried, who sold some of his personal stake in the company.

Amazon job cuts will continue to 2023, says CEO (Computing) Amazon will continue to engage in buyouts and layoffs next year, according to CEO Andy Jassy.

Musk summons engineers to Twitter HQ as millions await platform’s collapse (Washington Post) Musk also announced new content moderation rules and the restoration of some accounts, but not Donald Trump’s

Elon Musk’s Twitter Teeters on the Edge After Another 1,200 Leave (New York Times) Mr. Musk sent emails on Friday asking to learn about Twitter’s underlying technology as key infrastructure teams have been decimated.

Elon Musk Says Twitter Would Reinstate Donald Trump’s Account After Online Poll (Wall Street Journal) The move would broaden the former president’s potential reach days after he declared another run for the White House.

Trump Cites Twitter ‘Problems,’ Says He’ll Stick to Own Platform (Bloomberg) Donald Trump said he sees “a lot of problems at Twitter” and will stick to his own social-media platform, offering an initial response to Elon Musk’s poll on whether to reinstate the former president’s account.

Trump snubs Twitter after Musk announces reactivation of ex-president's account (Reuters) The former president said he had no interest in returning as a slim majority of Twitter users voted in favor of reinstating him in a poll organized by Elon Musk.

Twitter’s Broken Its Copyright Strike System, Users Are Uploading Full Movies (Forbes) Last night, it became apparent that Twitter's automated copyright strike/takedown system was no longer functional.

Why Elon Musk Is Blowing Up Twitter’s Business (The Atlantic) The new owner says he hates advertising. That’s a problem because it provides 90 percent of his social-media platform’s revenue.

Opinion | I Was the Head of Trust and Safety at Twitter. This Is What Could Become of It. (New York Times) Elon Musk’s brand of radical transformation has unavoidable limits.

To Save Twitter, Elon Musk Should Fire Himself (Foreign Policy) Musk’s conflicts of interest make him too dangerous to run the global public sphere.

The Bankman-Fried Mystique (Puck) A clear-eyed assessment of the past and future of the crypto-political-philanthropic machine, some two weeks after his scandal erupted.

Just Like FTX, FTX Ventures Went Big — And Fast — When It Came To Investing (Crunchbase News) Now as FTX and more than 130 of its affiliated entities declare bankruptcy, it seems crypto has lost a venture firm primed to be a big player in the Web3 space.

Meta employees blame management for 11,000-person layoff (Silicon Valley Business Journal) Meta employees blame management for 11,000-person layoff

WSJ News Exclusive | FTX’s Sam Bankman-Fried Cashed Out $300 Million During Funding Spree (Wall Street Journal) Nearly three-quarters of the $420 million that FTX raised in a fundraising blitz last year went to founder Sam Bankman-Fried, who sold some of his personal stake in the company.

Photos: Cybersecurity marketers gather at Cyber Marketing Con 2022 (Help Net Security) Help Net Security is attending Cybersecurity Marketing Society’s Cyber Marketing Con 2022, and here are some photos from the event.

Claroty appoints CJ Radford as global VP of Channels and Alliances (iTWire) Cyber security company Claroty has appointed 15-year IT industry veteran CJ Radford as global vice president of channels and alliances. Claroty says Radford brings over 15 years of experience leading channel sales, alliances, and business development for market-leading cybersecurity solution provide...

Products, Services, and Solutions

New infosec products of the week: November 18, 2022 (Help Net Security) The featured infosec products this week are from: Abnormal Security, Bearer, Clumio, Cohesity, ForgeRock, Keyo, LOKKER, and SecureAuth.

Wickr’s free encrypted messaging app is shutting down next year (The Verge) Wickr Me is going away on December 31st, 2023.

1Password wants to ditch passwords without locking you in to one platform (Fast Company) Here’s a passwordless system that won’t lock you into one company’s computing platform forever.

Solvo Introduces Data Posture Manager to Remediate Sensitive Data Exposure and IAM Policy Violations for Public Cloud Users (PR Newswire) Solvo, provider of adaptive cloud infrastructure security solutions, today announces the general availability of Data Posture Manager, its new...

LIGA MX Adopts Incode "Fan ID" Across Stadiums in Mexico (PR Newswire) Incode Technologies Inc., the next-generation identity verification and authentication platform for global enterprises, today announced that...

HITRUST Addresses Key National Information Security Priorities (HITRUST Alliance) Introduces Cyber Hygiene Assessment and 3rd Party Risk Management Playbook November 14, 2022 – Frisco, Texas, and Las Vegas – HITRUST is announcing resources that address national cyber and information... Read more »

Technologies, Techniques, and Standards

How financial advisers can prevent cyber breaches (Money Management) A specialist cybersecurity lawyer has shared six tips for advisers to mitigate the risk of attacks, following evolving updates from the Optus and Medibank data breaches.

5: Harnessing and Protecting Data and Technology To Improve the Health and Well-Being of Individuals (Office of Inspector General | U.S. Department of Health and Human Services) The Department continues to improve how it collects, manages, shares, and secures its data. In parallel, HHS is refining its approach to influence and shape how other entities use technology.

Bill requiring barcodes on ballots sent via USPS gets bipartisan support (Federal News Network) The Postal Service, a longtime supporting player in voting thrust into the spotlight since its major role in the 2020 election, may get some additional support from a bill that’s headed for a House…

Design and Innovation

Jack Dorsey, Marc Andreessen and the Makings of a Crypto Holy War (The Information) People in Silicon Valley fight about money constantly. They squabble about startup valuations, executive compensation, pro rata rights and who does and does not have three commas in their bank account. But the bigger fight, the one Americans haven’t had since the battle over the gold standard, ...

Meta pulls Galactica language model three days after launch (Computing) Meta has taken its new large language model, Galactica AI, offline after experts found it to be biased and generating false information.

Academia

MSU receives $4.47 million award for project improving cybersecurity (KECI) Montana State University received a $4.47 million Department of Homeland Security contract award to improve cybersecurity.MSU is leading a new effort to reduce

Legislation, Policy, and Regulation

What India’s draft digital privacy law says — and how it compares with data protection laws elsewhere (The Indian Express) The reworked version of the data protection Bill, released three months after the Govt withdrew an earlier draft, eases cross-border data flows and increases penalties for breaches. But it gives the Centre wide-ranging powers and prescribes very few safeguards.

Global Sanctions Dashboard: What's coming in 2023? (Atlantic Council) In this edition of the Global Sanctions Dashboard, we walk you through the Fall sanctions against Russia and Iran, explain the implications of US semiconductor export controls against China, and show you the projected sanctions trends in 2023.

Ohio National Guard unit announced for cyberspace mission (WHIO TV 7 and WHIO Radio) It follows a yearlong assessment of the site by the Air Force and National Guard Bureau.

Top Senate Democrat: 'Trump was right' about TikTok, warns parents to keep children off app (Washington Examiner) Senate Intelligence Committee Chairman Mark Warner (D-VA) praised former President Donald Trump on Sunday for recognizing the threat posed by TikTok, warning that parents should be "very concerned" about their children using the app.

CISA Welcomes Dr. Elizabeth Kolmstetter as Agency’s New Chief People Officer (HS Today) Kolmstetter is an Industrial and Organizational (IO) Psychologist and has been a member of the Senior Executive Service for 13 years.

Litigation, Investigation, and Law Enforcement

10 Charged in Business Email Compromise and Money Laundering Schemes Targeting Medicare, Medicaid, and Other Victims (US Department of Justice) The U.S. Department of Justice announced charges today against 10 defendants in multiple states in connection with multiple business email compromise (BEC), money laundering, and wire fraud schemes that targeted Medicare, state Medicaid programs, private health insurers, and numerous other victims and resulted in more than $11.1 million in total losses.

A Leak Details Apple's Secret Dirt on a Trusted Security Startup (WIRED) A 500-page document reviewed by WIRED shows that Corellium engaged with several controversial companies, including spyware maker NSO Group.

Opinion | Biden rewards Saudi leader’s impunity with legal immunity (Washington Post) The Biden administration has granted legal immunity to Saudi Crown Prince Mohammed bin Salman, a protection that even President Donald Trump’s administration didn’t offer.

A ruling in our legal case against the Glupteba botnet (Google) Overview of the ruling in Google's nearly year-long legal battle against the Glupteba botnet.

Public Defender's Office slams state for abuse of power in hacking cell phones (Jerusalem Post) Public Defender's Office issued its annual report slamming the state for abuse of power in hacking suspect's cell phones and a variety of other areas.

Open-Source Passive Radar Taken Down For Regulatory Reasons (Hackaday) Open-source technology brings a world that laws and regulations are not quite prepared for. As a result, every now and then, open projects need to work around governmental regulations. In today&#82…

'The youngest cyber offender I arrested was eight years old' (Computing) Chris White of the South East Cyber Resilience Centre on redirecting the talents of young offenders to help small businesses

For a complete running list of events, please visit the Event Tracker.

Events

Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Nov 28 - Dec 2, 2022) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.

Healthcare Cybersecurity Forum (Boston, Massachusetts, USA, Dec 5 - 6, 2022) The HIMSS 2022 Healthcare Cybersecurity Forum will explore how the industry is protecting itself today and how it must evolve for the future. As healthcare cybersecurity professionals adapt to new threats, you also must remain focused on safeguarding patients, defending against attackers, and delivering business value. At this year’s forum, you’ll gain actionable insights from leading organizations on how to proactively shield healthcare's expanding digital footprint and secure data inside and outside your enterprise walls.

Open Source Security Summit (Virtual, Dec 8, 2022) Explore advancements in open source security and how using open source tools can build trust with customers and consumers. For the third annual Open Source Security Summit, we will bring together users, business leaders, and industry visionaries to chart a path forward and highlight the future of open source security solutions at this free virtual event.

Ignite '22 (Las Vegas, Nevada, USA, Dec 12 - 15, 2022) Securing our digital future against cyberthreats has never been more critical. Collectively, we have a huge opportunity to do it right. At Palo Alto Networks, our mission is to make sure each day is safer than the one before. But we can’t do that on our own. We’re committed to partnering with the world’s cybersecurity leaders, practitioners and strategists to build the right security architectures of the future. At Ignite ’22 we’ll share our innovation, insights, strategies, and training. We invite you to join us there so that, together, we can build what’s next.