Dateline
Ukraine at D+284: Microsoft's appreciation of the war's likely course. (CyberWire) With lines relatively static, Russia turns from ground combat to missile strikes (while the ammunition lasts), influence operations, and cyberattacks. Ukraine continues to enjoy EU and NATO support.
Russia-Ukraine war: List of key events, day 285 (Al Jazeera) As the Russia-Ukraine war enters its 285th day, we take a look at the main developments.
Explosions rock two Russian airbases far from Ukraine frontline (the Guardian) Blasts at military facilities raise possibility Kyiv has found way to target Russia’s long-range bombers
After Kherson, Ukraine’s military ponders new push south and east (Washington Post) The path to a Ukrainian victory — or at least the most obvious path — will probably cut south, through the muddy and flat fields of the Zaporizhzhia region.
Ukraine live briefing: Few crossing Dnieper River into Kherson; ‘reduced tempo’ of war to continue, U.S. intel chief says (Washington Post) On Saturday, more than three weeks after Ukraine regained control of this city, Ukrainian officials lifted a ban on crossing the Dnieper River, encouraging residents on the occupied eastern bank to flee to Kherson. But those hoping to cross in the opposite direction remained barred Sunday.
Russia burning through ammunition in Ukraine at ‘extraordinary’ rate (Yahoo) Russia is running out of its precision-guided weapons fastest, Director of National Intelligence Avril Haines said at the Reagan National Defense Forum.
Up to 13,000 Ukraine soldiers killed since Russian invasion, says Kyiv (the Guardian) Official’s comments come after Ursula von der Leyen estimated 100,000 Ukrainian soldiers had died or been injured
Ukraine rights probe condemns 'multiplying' impact of war on children (UN News) A top UN Human Rights Council-appointed probe into potential rights abuses linked to Russia’s invasion of Ukraine, outlined on Friday the “devastating” impact of the war on the country’s children.
US intel chief thinking 'optimistically' for Ukraine forces (AP NEWS) The head of U.S. intelligence says fighting in Russia’s war in Ukraine is running at a “reduced tempo” and suggests Ukrainian forces could have brighter prospects in coming months.
Russia’s vicious tactics in Ukraine serve only to further expose its weakness (the Guardian) Moscow had hoped to easily capture Ukraine – having totally failed, it has resorted to simply destroying it
Russia-Ukraine war live: Kyiv says ‘sick’ packages sent to its embassies following letter bomb in Madrid (the Guardian) Ukraine’s foreign minister says 17 diplomatic missions have now received suspicious packages
Russia and Ukraine are fighting the first full-scale drone war (Washington Post) A war that began with Russian tanks rolling across Ukraine’s borders, World War I-style trenches carved into the earth and Soviet-made artillery pounding the landscape now has a more modern dimension: soldiers observing the battlefield on a small satellite-linked monitor while their palm-size drone hovers out of sight.
Kherson’s Winter Will Not Be Like Kyiv’s Spring (Wilson Center) On November 11, Ukraine’s president Volodymyr Zelensky announced the liberation of Kherson from Russian occupiers. When the troops left the city, they destroyed all the critical infrastructure, leaving the city without electricity, water, heating, or communications.
Ukrainians hid orphaned children from Russian deportation (AP NEWS) Hours after Russia invaded Ukraine in February, health staff at a children’s hospital in the south started secretly planning how to save the babies. Russians were suspected of seizing orphan children and sending them to Russia , so staff at the children’s regional hospital in Kherson city began fabricating orphans’ medical records to make it appear like they were too ill to move.
Putin’s Blackmail Works Domestically As Well As Internationally (Wilson Center) In the course of the Kremlin’s stalled war against Ukraine, Vladimir Putin’s regime has undergone multiple crises. Against expectations, the president has emerged out of them almost unscathed. This is because his opponents at home and abroad are cautious. Through blackmail, he has led them to believe that he is a dangerous player who will stop at nothing to retain power.
Can Russia Police Its Protests – and Its Elites? (Royal United Services Institute) Putin can rely on his security forces to keep both protests and political allies in check for now, but this may change if the war’s impact begins to be felt more keenly by Putin’s traditional support base.
Is Russia’s Post-Soviet Sphere of Influence in Jeopardy? (Royal United Services Institute) As Russia’s isolation due to the invasion of Ukraine grows, Moscow is struggling to assert itself over its regional partners.
Russia-Ukraine War: E.U. Agrees to a Price Cap for Sale of Russian Oil (New York Times) Following protracted negotiations, European Union diplomats set a price limit of $60 a barrel that they and their allies will try to enforce for buyers of Russian oil.
Kyiv lambasts Macron for calling for security guarantees for ‘terrorist state’ Russia (The Telegraph) The French president criticised after making the comments appearing to appease Vladimir Putin during a state visit to the US
Dutch defense chief talks Ukraine help and stocking ammo for NATO (Defense News) Gen. Onno Eichelsheim explains how he deals with a limited personnel pool, and which country might want to look closely at the Dutch Walrus submarine buy.
Europe Has to Step Up on Ukraine to Keep the U.S. From Stepping Back (World Politics Review) Tensions between the EU and US could ramp up again if Europe continues to fall behind when it comes to providing aid to Ukraine.
Europe's resolve against Putin risks crumbling at the first hurdle (The Telegraph) Winter has barely begun and there are already signs major European countries – and the EU – are playing into Russian hands
Biden and Putin just said they’re open to talks. Don’t count on it happening soon. (Vox) The president’s statements on talks with Russia aren’t that different from his previous positions.
Opinion Biden can help Zelensky, and Ukraine, by pushing for peac (Washington Post) The Biden administration would like to make one thing clear: It won’t throw Ukraine under the bus.
Biden and Macron seek to heal trade rift and present united front on Ukraine (the Guardian) US president promises ‘tweaks’ to Inflation Reduction Act that has led to French and European concern over state subsidies
Wagner Group head Yevgeny Prigozhin calls out The Mozart Group (Inside Cyber Warfare) Wagner Group followers immediately start a disinformation campaign against Andy Milburn and The Mozart Group
Preparing for a Russian cyber offensive against Ukraine this winter (Microsoft On the Issues) As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This approach has included destructive missile and cyber strikes on civilian infrastructure in Ukraine, cyberattacks on Ukrainian...
Russia coordinating Ukraine hacks with missiles, could increasingly target European allies, Microsoft warns (POLITICO) Microsoft’s report comes after nearly 10 months of brutal war in Ukraine, which has seen Russia hacking Ukrainian satellite systems, energy companies and other critical infrastructure.
Russia Is Boosting Its Cyber Attacks on Ukraine, Allies, Microsoft Says (Bloomberg.com) Moscow will intensify its cyber efforts to pressure the sources of Ukraine’s military and political support both domestic and foreign, according to Microsoft Corp.
NATO prepares for cyber war (POLITICO) More than 1,000 cyber professionals in NATO members and its allies across the globe participated in an exercise this week to test and strengthen cyber defenses.
Military officials look to Ukraine war for new lessons in training (Air Force Times) “This ... is not only a war against Ukraine,” said Maj. Gen. Serhii Salkutsan, its NATO military liaison. “This is a war against the ... civilized world."
Partnering With Ukraine on Cybersecurity Paid Off, Leaders Say (U.S. Department of Defense) A team from U.S. Cyber Command worked with Ukraine to strengthen its cyber defenses and provide reassurance, and it paid off big-time as Russia launched its invasion, Cybercom's commander told a
CryWiper: fake ransomware (Kaspersky) New CryWiper malware irreversibly corrupts files posing as ransomware.
CryWiper data wiper targets Russian courts and mayors' offices (Computing) Threat actors are using a new malware to attack Russian courts and mayoral offices, with the intention of completely erasing all the data on affected computers.
Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices (Ars Technica) CryWiper masquerades as ransomware, but its real purpose is to permanently destroy data.
Russian regions attacked by new wiper posing as ransomware (Cybernews) Judicial courts and mayor offices across several Russian regions have been hit by a new data-wiping trojan. Antivirus maker Kaspersky says it’s a piece of malware that pretends to ask for a ransom.
'CryWiper' trojan disguises as ransomware, says Kaspersky (IT PRO) The destructive wiper mocks up files as if encrypted, while in reality overwriting all but core system files
EU sets up cyber lab for Ukrainian Armed Forces (Ukrinform) The European Union has opened a cyber laboratory in Kyiv that will help the Ukrainian Armed Forces to protect themselves and Ukrainian cyberspace from attacks by Russian aggressors. — Ukrinform.
EXPLAINER: Can Ukraine pay for war without wrecking economy? (AP NEWS) Even as Ukraine celebrates recent battlefield victories , its government faces a looming challenge on the financial front: how to pay the enormous cost of the war effort without triggering out-of-control price spikes for ordinary people or piling up debt that could hamper postwar reconstruction.
France accused of funding Putin's war effort by buying his nuclear fuel (The Telegraph) 'Business as usual,' says Greenpeace as drums of uranium filmed arriving at a French port
G-7 Sets Russian Oil Price Cap of $60 a Barrel (Wall Street Journal) The move came just hours after the European Union united behind the figure, as Western nations try to curb Moscow’s ability to wage war in Ukraine by squeezing Russia’s oil revenues while keeping global supplies steady.
Oil Price Rises After Russia Cap Kicks In (Wall Street Journal) The West imposed sanctions on Russian crude, pitching the energy conflict with Moscow into an unpredictable new phase that could inject further volatility into global oil markets.
Edward Snowden swears allegiance to Russia and receives passport, lawyer says (Washington Post) Edward Snowden, a former National Security Agency contractor who leaked information about U.S. surveillance programs, swore an oath of allegiance to Russia and has collected his Russian passport, his lawyer told state media on Friday.
U.S. whistleblower Edward Snowden gets a Russian passport, TASS reports (Reuters) Former U.S. intelligence contractor Edward Snowden, who exposed the scale of secret surveillance by the National Security Agency (NSA), has sworn an oath of allegiance to Russia and received a Russian passport, TASS reported on Friday.
US whistle-blower Snowden defends Russian citizenship (South China Morning Post) He has repeatedly made it clear he applied for asylum in Russia out of necessity because he is threatened with extradition to the US by other countries.
Attacks, Threats, and Vulnerabilities
The Professionalization of Ransomware: How Gangs Are Becoming Like Businesses (LookingGlass Cyber Solutions Inc.) It’s no secret that the bulk of ransomware attacks are financially motivated. What might be surprising, however, is precisely how like technology businesses ransomware operations have started to become.
Hackers linked to Chinese government stole millions in Covid benefits (NBC News) The theft of state unemployment funds is the first pandemic fraud tied to foreign, state-sponsored cybercriminals that the U.S. government has acknowledged publicly.
A Log4Shell (Log4j) Retrospective (Arctic Wolf) As we approach the one-year anniversary of the Log4Shell vulnerability Arctic Wolf Labs looks back on the impact this critical vulnerability continues to have on organizations.
Defcon Skimming: A new batch of Web Skimming attacks | Jscrambler Blog (Jscrambler) In this post, our team explores findings about a new modus operandi in three threat groups.
AIIMS Delhi cyber attack: 5 main servers hacked, China suspected to be involved (Business Today) Hackers allegedly demanded from AIIMS Rs 200 crore in cryptocurrencies. It is feared that the ransomware attack may have compromised the data of 3–4 crore patients.
AIIMS cyber attack is a wakeup all for call hospitals (The Times of India) India News: With hospital services hit for almost a week due to ransomware attack, a cybersecurity expert explains why hackers are moving beyond financial and pow
French Hospital Suspends Operations After Cyber Attack: Report (NDTV.com) A hospital in Versailles, near Paris had to cancel operations and transfer some patients after being hit by a cyberattack over the weekend, France's health ministry said Sunday.
North Korean spyware campaign more potent than previously thought: Researchers | NK PRO (NK PRO) A North Korean cyber espionage campaign involved more malware than previously understood, security researchers said Wednesday, featuring capabilities such as exfiltrating passwords, screenshots and keystrokes to the attackers through Google Drive. The malware, which researchers at ESET Security dub Dolphin in a new report, is the next-stage payload of Bluelight, a backdoor previously uncovered by […]
Hackers use new, fake crypto app to breach networks, steal cryptocurrency (BleepingComputer) The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets.
Zimperium uncovers Android trojan masquerading as reading and education app (IT World Canada) Zimperium, a mobile security firm, is warning of an Android trojan masquerading as reading and education apps that may have stolen Facebook credentials from at least 300,000 users across 71 countries, primarily in Vietnam, since 2018. Zimperium has named the malware Schoolyard Bully Trojan, and it has been delivered via innocent-looking Android applications hosted on […]
Schoolyard Bully Trojan Facebook Credential Stealer (Zimperium) Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018. The campaign has spread to over 300,000 victims and is specifically targeting Facebook credentials. The Schoolyard Bully Trojans have been found in numerous applications that were downloaded from the Google Play Store and third-party app stores.
Binance freezes $3 million worth of crypto stolen in Ankr hack (The Record by Recorded Future) Binance froze about $3 million worth of cryptocurrency early on Friday morning after Web3 infrastructure provider Ankr was hacked.
More than 150 Oracle Access Management systems exposed to bug highlighted by CISA (The Record by Recorded Future) At least 151 Oracle systems are exposed to a vulnerability that CISA said this week is actively being exploited.
Rackspace: Ongoing Exchange outage caused by security incident (BleepingComputer) American cloud computing services provider Rackspace says an ongoing outage affecting its hosted Microsoft Exchange environments and likely thousands of customers was caused by a security incident.
Man who lost $149k after clicking on phishing e-mail among at least 10 victims in Case cyber attack (The Straits Times) He clicked on a live chat icon in an e-mail that was purportedly from the consumer watchdog.
Read more at straitstimes.com.
FUREY: The massive cyber attack on a Canadian school board is a troubling wake-up call (TNC) It’s been over a week since the Durham District School Board was hit by a massive cyber attack and they still haven’t brought all of their systems back online and figured out what actually happened.
Former City of Edmonton worker accessed info of 5,000 personnel in 2021 data breach (Global News) An outside forensic IT consulting firm identified more than 157,000 records in the data breach, an Edmonton city official said.
Notice of Data Security Incident (CommonSpirit) CommonSpirit Health and its affiliated entities (“CommonSpirit”) take the protection and proper use of personal information very seriously. Regrettably, CommonSpirit recently experienced a ransomware event that impacted some personal information.
Bank details of South Staffordshire Water customers posted on the dark web (Computing) South Staffordshire Water, which owns Cambridge Water and South Staffs Water (SSW), has apologised to customers after their bank details were leaked on the dark web.
How Hackers Take Down Websites (Discover Magazine) When a website goes down, it can be a big deal. But how do hackers bring down sites?
How familiar are you with Hacktivist groups? (NordVPN) Hacktivism is the act of hacking a computer or network for social or politically-related motivations. Here's what you need to know about hacktivist groups.
After Discovery of Huge Data Breach, Twitter Alternative Hive Goes Offline (Gizmodo) A social platform that saw intense growth in a short period of time has now been forced to pull its servers offline due to a huge security bungle.
Security Patches, Mitigations, and Software Updates
Twitter alternative Hive shuts down its app to fix critical security issues (TechCrunch) It's an unusual way to patch bugs, to say the least, and one that raises questions about the development workflow at the company.
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability (The Hacker News) Google just rolled out a patch update for yet another zero-day vulnerability that attackers are exploiting in the wild.
Google fixed the ninth actively exploited Chrome zeroday this year (Security Affairs) Google released security updates to address a new Chrome zero-day flaw, tracked as CVE-2022-4262, actively exploited in the wild. Google rolled out an emergency security update for the Chrome web browser to address a new zero-day vulnerability, tracked as CVE-2022-4262, that is actively exploited. The CVE-2022-4262 vulnerability is a type confusion bug in the V8 […]
Trends
Seniors, What You Don’t Know About Cybersecurity Will Scare the Crap Out of You (Medium) A quick look at the dark underbelly of the internet
Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech (Dark Reading) Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts say.
Skills Shortage and Integration Challenges Halt Cybersecurity Adoption (BlackFog) BlackFog research highlights that a skills shortage is halting cybersecurity adoption and the practical challenges of managing a complex threat landscape.
‘Just the beginning’: Experts warn more Australian systems will be targeted in cyber attacks (7NEWS) Organisations that refuse to believe they will be targeted are ‘a little bit delusional’, experts say.
India third most targeted country by phishing campaign: Report (Hindustan Times) India ranked third globally and first in the Asia-Pacific region in the list of 111 countries affected by a world-wide cyberattack involving a syndicate of cybercriminals stealing passwords through a concerted phishing campaign, according to a recent report
Marketplace
GV Leads $26 Million Series B Round in Pangea Cyber (Silicon Valley Daily) Pangea Cyber has announced a $26 million Series B funding round to accelerate the delivery of its API-based security services. The round was led by GV, with participation from Decibel and Okta Ventures. They join existing investors Ballistic Ventures and SYN Ventures. This brings total funding raised for the one year old […]
‘We need more people,’ says Irish boss of US cybersecurity giant Imperva as it forges ahead with European hiring plans (independent) Pam Murphy, the Irishwoman heading up US cybersecurity giant Imperva, said the company plans to continue hiring in Europe despite the downturn in the tech sector.
Amazon could terminate up to 20,000 employees (Computing) Amazon could lay off as many as 20,000 workers in the coming months, following a recruiting binge during the pandemic.
Mozilla, Microsoft drop root Certificate Authority (Register) 'There is no evidence to suggest that TrustCor violated conduct, policy, or procedure' says biz
Hackuity drives global expansion with UK launch (Hackuity) Hackuity, the risk-based vulnerability management company, today announced a further milestone in its continued growth with the opening of a UK office and plans for new hires to expand its global presence.
Products, Services, and Solutions
New infosec products of the week: December 2, 2022 (Help Net Security) The featured infosec products this week are from: Adaptive Shield, Datadog, Delinea, Fortinet, LogicGate, Shoreline, and Trend Micro.
Torq Users Hit 1,000,000+ Daily Security Automations (Torq) Torq users hit 1,000,000+ daily security automations in 2022. Torq Insights Dashboard is a comprehensive reporting and analytics tool.
Copper River Cyber Solutions Wins DCSA Contract to Provide Background Investigation Support Services (ClearanceJobs) Copper River Cyber Solutions LLC, Anchorage, Alaska, wins a $10.3 million contract to provide Defense Counterintelligence and Security Agency with background investigation support services.
Cyera is the first Data Security Posture Management (DSPM) platform to secure cloud data across SaaS, PaaS, and IaaS (Cyera) Cyera provides businesses with consistent visibility and a unified data security control plane.
Technologies, Techniques, and Standards
Top 10 OT Security challenges and solutions in 2022 [Updated] (Sectrio) Read the top 10 OT security challenges & learn how to implement solutions to gain seamless visibility into OT environments & close the security gaps
We are still failing to learn the most important lesson in cybersecurity. That needs to change, fast (ZDNET) We know the problems and the answers. So why do so few organisations act?
Twitter moderators turn to automation amid a reported surge in hate speech (the Guardian) New head of trust and safety Ella Irwin says Elon Musk is urging Twitter ‘to take more risks’ in the wake of mass layoffs
CISO council considers new authentication mechanisms for feds, citizens (Federal News Network) Multifactor authentication and identity are a major issues in front of the federal chief information security officer council.
Design and Innovation
Google is testing end-to-end encryption for group chats in the Messages app (TechCrunch) Google said it is testing end-to-end encryption for RCS (Rich Communication Services)-based group chats on its Messages app.
Let's get ethical: Data privacy as an ethical business practice (Security Magazine) Creating ethical business practices that focus on data privacy enable organizations to use data responsibly, build customer trust, and meet data protection compliance requirements.
Australian Securities Exchange to cut up to 200 jobs from blockchain project (CRN Australia) After cancelling the overhaul.
Legislation, Policy, and Regulation
Swiss seek mandatory reporting of cyberattacks on key infrastructure (Reuters) The Swiss government proposed on Friday making it mandatory to report cyberattacks on critical infrastructure as a way to help shed light on hackers and sound the alarm more widely.
German government not planning blanket Huawei ban (Reuters) Germany does not want to follow the United States in generally banning products made by Chinese telecoms equipment makers such as Huawei, but will continue making such decisions on a case-by-case basis, an Economy Ministry spokesperson said on Friday.
Sen. King: Government-private sector cooperation vital in cyberwar (Defense News) King also said disinformation efforts are another form of cyber war, one that is "a very tricky thing" to stymie.
TSA now wants to scan your face at security. Here are your rights. (Washington Post) 16 major domestic airports are testing facial-recognition tech to verify IDs — and it could go nationwide in 2023
Palo Alto Networks seeks clarity on third-party incident reporting submissions under CISA’s proposed regulation (Inside Cybersecurity) Guidance for third-party submitters who file incident reports on behalf of a “covered entity” would be helpful as CISA works to develop a proposed rule to implement its mandatory reporting regime, according to security firm Palo Alto Networks.
U.S. Marshals CTO Christine Finnelle Becomes DHS Director of Enterprise Architecture (Hstoday) DHS Chief Technology Officer David Larrimore called the move "more great news for DHS CTOD... We are doing incredible things at DHS."
Litigation, Investigation, and Law Enforcement
Cyber Safety Review Board to Conduct Second Review on Lapsus$ (US Department of Homeland Security) The U.S. Department of Homeland Security (DHS) announced that the Cyber Safety Review Board (CSRB) will review the recent attacks associated with Lapsus$, a global extortion-focused hacker group. Lapsus$ has reportedly employed techniques to bypass a range of commonly-used security controls and has successfully infiltrated a number of companies across industries and geographic areas.
DHS Cyber Safety Board to review Lapsus$ gang’s hacking tactics (BleepingComputer) The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached multiple high-profile companies in recent attacks.
Teenagers led a group of hackers who breached some of the world's biggest tech companies. The government wants to know how they did it. (CBS News) The group targeted Uber, Microsoft, Okta and Samsung for extortion, in some cases, DHS Secretary Mayorkas said, "with relatively unsophisticated techniques."
Microsoft, Nvidia, and Other Cyber Attacks Will Be Investigated by the Department of Homeland Security (TechStory) The Cyber Safety Review Board will look into recent intrusions connected to Lapsus$, according to the U.S. Department of Homeland Security
U.S. dismissing charges against Huawei's Meng Wanzhou (CBC News) U.S. prosecutors on Thursday asked a judge to dismiss bank fraud and other charges against Meng Wanzhou, the chief financial officer of China's Huawei Technologies whose 2018 arrest strained relations between the U.S. and China.
US ends case against Huawei CFO (Register) Wanzhou Meng hasn't re-offended, so last possible charges have been dismissed
Spanish police arrest 55 people involved in wide-ranging cyberscam operation (The Record by Recorded Future) At least 55 people were arrested by the Spanish National Police for their alleged involvement in a wide-ranging cybercrime operation.
DOJ asks for independent probe into FTX bankruptcy, a likely tactic to gather evidence on alleged fraud (CNBC) FTX's bankruptcy protection case requires an independent review, the DOJ said in a court filing. It could be used to gather evidence on alleged fraud.
11 Hours With Sam Bankman-Fried: Inside the Bahamian Penthouse After FTX’s Fall (Bloomberg) Billions of dollars of customer money is missing, investigators are circling, and the 30-year-old ex-CEO admits his company broke its own rules.
FTX Founder Sam Bankman-Fried Says He Can’t Account for Billions Sent to Alameda (Wall Street Journal) FTX’s founder said he couldn’t explain what happened to billions of dollars that customers of his failed cryptocurrency exchange sent to the bank accounts of his trading firm.
Hacked El Salvador Journalists Sue Spyware Maker Pegasus in US Court (Vice) Journalists from the El Faro investigative outlet believe President Nayib Bukele's government purchased the spyware and is behind the hacking.
SIM-swapper gets 18 months, must pay back $20 million he stole from crypto investor (The Record by Recorded Future) A 25-year-old Florida man was sentenced on Thursday to a year-and-a-half in prison for his participation in a SIM-swapping scheme.
Failure of officials to follow policy caused California gun owners’ data leak (the Guardian) Investigation says personal information of nearly 200,000 people was released as officials didn’t understand their website
Google Escapes Revised 'LockBox' Privacy Dispute For Good (Law360) A California federal judge has permanently tossed a proposed class action accusing Google of using a secret program called "Android Lockbox" to unlawfully collect data from non-Google apps on Android devices, finding that the plaintiffs had failed to remedy pleading deficiencies that previously doomed their claims.