Dateline Moscow and Kyiv: Cyber phases of Russia's hybrid war.
Ukraine at D+64: DDoS, wipers, and doxing. (The CyberWire) War on the ground remains stagnant but intense. Russia and Ukraine continue to exchange cyber operations in the hybrid war.
Ukraine says Russian offensive in east gathering momentum (Military Times) Forced to regroup after failing to take the capital, Russia switched its focus to the vital eastern industrial heartland, where fighting is now picking up.
Russian submarine strikes Ukraine with cruise missiles - defence ministry (Reuters) Russia used a diesel submarine in the Black Sea to strike Ukrainian military targets with Kalibr cruise missiles, the first time Moscow has announced the use of its submarine fleet to hit its former Soviet neighbour.
Russia’s War on Ukraine: The First Two Months (Wilson Center) Two months have passed since the Russian Federation started a new phase of its invasion of Ukraine. This war is far from over, but a few interim conclusions can be drawn at this stage. Based on a thorough monitoring of the political and military processes in Ukraine, Russia, and Europe, I offer the following five conclusions.
Russian forces reportedly came close to capturing Zelenskiy during first hours of invasion (the Guardian) Interview with Time magazine reveals that Russian troops made two attempts to storm the presidential compound while Zelenskiy and his family were inside
Russian missiles bombard Kyiv during UN chief’s visit (The Telegraph) Ukrainian officials condemn attack as a deliberate attempt to frighten Antonio Guterres after meeting Vladimir Putin
Zelenskiy urges ‘strong response’ after Russia strikes Kyiv during UN Ukraine visit (the Guardian) Ukraine president and foreign minister decry ‘heinous act’ that came hours after Biden requested a $33bn package in military, economic and humanitarian aid
Ukraine slams Kyiv attack amid new Mariupol rescue effort (AP NEWS) Ukrainian President Volodymyr Zelenskyy accused Russia of trying to humiliate the United Nations by raining missiles on Kyiv during a visit to the city by the U.N. chief, an attack that upset weeks of relative calm and a tentative return to normal in the capital.
Scene 'like Hell' as Russians bombard makeshift hospital in Mariupol steel plant (The Telegraph) Injured shown in shock amidst rubble inside Azovstal steel plant
Ukraine’s Forces Get Boost From Arsenal of Old-Fashioned Artillery (Bloomberg) Combined with drones, artillery has been highly effective against the Russian military, with the U.S. and others rushing more howitzers to Ukraine.
Russia Crisis Military Assessment: The race to resupply Ukraine (Atlantic Council) Russia has launched its offensive to take control of the entire Donbas region and expel or encircle and destroy Ukrainian forces there.
Putin’s Path to Invasion (Wilson Center) Nations today are trying to come to terms with the war crimes committed by the Russian military in Ukraine as the Russian army gradually enters a new phase of belligerence, probably the bloodiest one, of this war. The threat of a nuclear strike seems more plausible than ever.
Start with the Political: Explaining Russia’s Bungled Invasion of Ukraine (War on the Rocks) Many of us who analyze the Russian military for a living have been shocked to see Russian forces fumble the way they have in Ukraine. There are already
How Not to Invade a Nation (Foreign Affairs) At the outset of the invasion, the odds favored Russia to defeat the Ukrainian armed forces, seize Ukraine’s capital, and establish a pro-Russian government. The Russian military comfortably outnumbered Ukraine’s, and its military technology was more advanced. Russia’s GDP was nearly ten times the size of the Ukrainian economy, and its population about triple that of its neighbor’s. Many analysts expected that, after being largely conquered, Ukrainians would launch a protracted insurgency that might defeat the Russians over time.
Battles in Ukraine show Putin was wrong about the country's Russian speakers (Newsweek) "80% of the guys in our unit speak Russian amongst themselves, but 100% of us are united against Russia and against Putin," Ukrainian soldier says.
Vladimir Putin gambles Russia's grip on Europe (Newsweek) The freeze on gas exports to Poland and Bulgaria might intimidate, but could also galvanize EU abandonment of Russian fossil fuels.
Kennan Cable No. 77: Pleading for Peace: Collective Letters from Russia (Wilson Center) A video shot just outside of Red Square on March 13, 2022 shows policemen seizing a woman who holds a tiny sign reading “two words” in Russian. Her slogan alluded to a new law banning the use of the words “war” and “invasion” to describe Russia’s aggression against Ukraine.
Putin’s Russia has crossed a threshold: It now looks like 1933 Germany (BostonGlobe.com) I don’t use ‘totalitarianism’ lightly. But that’s what we’re witnessing.
Russia must not gain land from Ukraine war, says West (The Telegraph) Officials say no changes to Ukrainian borders without government agreement would equate to Vladimir Putin being ‘seen to fail’
Ukraine weapon switcheroos are flushing Soviet arms out of Europe (Defense News) As some Eastern European nations send their Soviet-era kit to help Ukraine defend itself against Russia’s attack, the new weapons those nations stand to get in return from the United States and its allies could shape the continent’s arsenal for years to come.
Britain to send anti-ship missiles to Ukraine to prevent blockade of Black Sea (The Telegraph) Defence Secretary warns of rising food prices should Russia's naval forces strike the Ukrainian coast
Britain to send 8,000 troops to Eastern Europe (The Telegraph) 'Show of solidarity and strength' as UK bolsters Nato forces with one of the largest deployments since the Cold War
Biden seeks a dramatic increase in aid for Ukraine (Washington Post) The White House is calling on Congress to approve $33 billion in additional funding, and is also seeking to seize the assets of Russian oligarchs and send the proceeds to Ukraine.
U.S. will ‘strongly support’ NATO bids of Sweden and Finland, Blinken says (Washington Post) The United States will “strongly support” NATO membership for Sweden and Finland if they choose to join the military alliance, Secretary of State Antony Blinken told the House Foreign Affairs Committee on Thursday.
Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector (Security Affairs) OpRussia continues, less than a week after my last update Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the collective claims to have published more than 6 TB of Russian data via DDoSecrets. This is my update […]
Ongoing DDoS attacks from compromised sites hit Ukraine (Security Affairs) Ukraine CERT-UA warns of ongoing DDoS attacks targeting pro-Ukraine sites and the government web portal. Ukraine ‘s computer emergency response team (CERT-UA) announced that it is investigating, along with the National Bank of Ukraine (CSIRT-NBU), ongoing DDoS (distributed denial of service) attacks targeting pro-Ukraine sites and the government web portal. The attacks originated from compromised […]
Ukraine’s Digital Battle With Russia Isn’t Going as Expected (Wired) Even the head of the country's online offensive is surprised by the successes—although they’re not without controversy.
CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine (CISA) CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper destructive malware.
Government and researchers keep US attention on Russia's cyber activity in Ukraine (The Record by Recorded Future) The FBI and CISA added several strains of wiper malware to its advisory on tools used to target Ukrainian organizations.
CISA Adds New Russian Malware to Cyber Advisory (Nextgov) The agency updated its warning regarding malware deployed by Russian state actors as the country continues war against Ukraine.
An Overview of the Increasing Wiper Malware Threat (Fortinet Blog) With wiper malware becoming popular in cyberattacks, FortiGuard Labs provides a deep dive on the threat technique to help organizations understand it and implement better protections. Read our blog…
As Russian Cyber Threats Grow, Securing Intellectual Property Must Be an Urgent National Security, Economic Priority (CPO Magazine) As the war in Ukraine intensifies and the risk of cyber-attacks from Russia grows, the Biden administration is urging businesses to step-up their cybersecurity efforts-both now and for the long-term. Among the administration’s recommendations for technology and software companies is to develop software on highly secure systems to “make it much harder for an intruder to jump from system to system and compromise a product or steal your intellectual property.”
Russia–Ukraine Conflict and Geopolitics of Data Routing | Manohar Parrikar Institute for Defence Studies and Analyses (IDSA) The Russia–Ukraine conflict, as well as Russia’s 2014 annexation of Crimea, draw light on the geopolitics of data routing and the usage of the Border Gateway Protocol (BGP) as a tool of control.
Ukraine names 10 Russians it accuses of war crimes in Bucha (Washington Post) Ukrainian authorities have pushed ahead with efforts to investigate and prosecute potential war crimes committed by Russian forces in the Kyiv suburb of Bucha, even as Ukrainian President Volodymyr Zelensky acknowledges the alleged perpetrators may never face justice.
For many Syrians, the Russian military's brutality in Ukraine is all too familiar (Task & Purpose) Amid Russia's brutal war in Ukraine, survivors of Russian aggression in Syria are uniting with Ukrainians in common cause.
Putin has now made his fourth calamitous error (The Telegraph) This time, the Kremlin miscalculated how Europe would react to its oil and gas blackmail threats
Vladimir Putin gambles Russia's grip on Europe (Newsweek) The freeze on gas exports to Poland and Bulgaria might intimidate, but could also galvanize EU abandonment of Russian fossil fuels.
Gazprombank executive flees Russia to fight with Ukrainian army (The Telegraph) Igor Volobuyev, born in Ukraine, says he can no longer watch the war unfold in his homeland and ‘pretend’ he does not care
Russian-Born Billionaire Yuri Milner Pledges $100 Million To Help Ukrainian Refugees (Forbes) The early Facebook investor, who has long sought to distance himself from Kremlin connections, has partnered with tech companies, including Airbnb, to provide free housing, medical equipment and more to Ukrainian refugees.
Once a Money-Laundering Risk, Latvia Looks to Rebuild Reputation in Face of Russia Sanctions (Wall Street Journal) In Latvia some banks have stopped processing Russia-related transactions, only to see their clients attempt to reroute payments through other countries
Attacks, Threats, and Vulnerabilities
Cyber Attacks Hit Romanian Government Websites (Balkan Insight) Government websites in Romania experienced DDOS attacks on Friday, although officials said the attacks were largely 'symbolic' and could be dealt with by the country's cyber security institutions.
Microsoft Warns of 'Nimbuspwn' Security Flaws Haunting Linux (SecurityWeek) Researchers at Microsoft find a way to exploit for a pair of privilege escalation flaws to plant a root backdoor on Linux systems.
Google Issues Massive Warning To Users Of Chrome (Daily Caller) Google confirmed a plethora of vulnerabilities on their Chrome browser Tuesday, many of which pose a “high” threat level to users.
How Linux Became the New Bullseye for Bad Guys (SecurityWeek) Linux is becoming a more popular target for cyberattacks, as it operates the back-end systems of many networks and container-based solutions for IoT devices and mission-critical applications
New malware loader Bumblebee adopted by known ransomware access brokers (CSO Online) The Bumblebee downloader has deployed open-source penetration testing tools like Cobalt Strike and is delivered through spear-phishing campaigns.
Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability (SecurityWeek) Rapid7 security researchers have identified 2,000 internet-exposed Linux servers that appear to be impacted by a Redis vulnerability that has been exploited in attacks.
Coca-Cola Investigates Hacking Claim (Wall Street Journal) The Stormous gang says it launched a cyberattack against Coke and is selling stolen data. But other hacks claimed by the group haven’t been verified.
Coca-Cola investigating data breach claims by Stormous group (Computing) Coca-Cola has confirmed that it is looking into reports of possible data hack after Stormous ransomware group said it had stolen data from the beverage maker.
Has 'clown show' hacking gang Stormous really breached Coca-Cola? (Tech Monitor) Stormous claims to have stolen 161Gb of data from the soft drinks giant. But is the claim of a Coca-Cola hack genuine?
Facebook has no idea what most of its user data is used for, leaked document suggests (Computing) Social media company Meta (earlier Facebook) does not know where all of its user data goes or what it does with it, according to a leaked internal document seen by Motherboard.
Critical vulnerabilities open Synology, QNAP NAS devices to attack (Help Net Security) Users of network-attached storage (NAS) devices are advised to be on the lookout for patches for critical vulnerabilities affecting Netatalk.
More than $13 million stolen from DeFi platform Deus Finance (The Record by Recorded Future) PeckShield said a hacker stole about $13.4 million worth of cryptocurrency from Deus Finance but noted that the protocol loss may be larger.
Massy crippled by cyber attack (Trinidad Express Newspapers) Massy Stores is confirming that it was the target of a cybersecurity attack which led to the technical difficulties experienced today at all stores across the country.
Austin Peay State University resumes after ransomware cyber attack (BleepingComputer) Austin Peay State University (APSU) confirmed yesterday that it had been a victim of a ransomware attack. The university, located in Clarksville, Tennessee advised students, staff, and faculty to disconnect their computers and devices from the university network immediately as a precaution.
Austin Peay State University becomes latest US school hit with ransomware (The Record by Recorded Future) Austin Peay State University sent out an urgent message to students and faculty on Wednesday afternoon warning of a ransomware attack affecting the school’s systems.
Investigation on impact of Wyandotte County cyber attack continues (FOX 4 Kansas City WDAF-TV) The Unified Government is continuing to assess the impact of a cyberattack on services in departments like appraisals and motor vehicles.
Security Patches, Mitigations, and Software Updates
Google Releases Security Updates for Chrome (CISA) Google has released Chrome version 101.0.4951.41 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.
Cisco Patches 11 High-Severity Vulnerabilities in Security Products (SecurityWeek) Cisco this week announced the release of its April 2022 bundle of security advisories for Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC).
Cisco Releases Security Updates for Multiple Products (CISA) Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates.
Delta Electronics DIAEnergie (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Path Traversal, Incorrect Default Permissions, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution, causing a user to carry out an action unintentionally.
Johnson Controls Metasys (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to elevate their privileges to administrator.
Google forces developers to explain data collection (Computing) Google is introducing a new section in Play Store listings that requires developers to describe the data their app gathers and how it is used.
Trends
The Global Cyber Innovation Summit, the CISO "Invitation-only" Event, Returns in 2022 to Set the Global Agenda for Cybersecurity (Business Wire) The Global Cyber Innovation Summit (GCIS), renowned as the “Davos of Cybersecurity,” returned this year to bring together a preeminent group of leadin
Digital Fraud in Q1 2022 (TransUnion) Understanding where digital fraud is and isn’t coming from; which industries fraudsters are and aren’t targeting; and what types of fraud are most prevalent can give you an edge.
71% of IT Leaders Expect Increased Cyber Breach and Expenditure Risks Due To Expanding Enterprise Technology Management Blind Spots (Oomnitza) snapshot survey, conducted by Gatepoint Research, which found that siloed technology management is increasing operational blind spots and cyber risk. While three fourths (76%) of enterprises employ multiple systems to oversee the underlying technology that supports their IT and business services, the majority (71%) of IT leaders anticipate increased security breaches and operational expenditures.
Mirror, Mirror, on the Wall, Who’s the Fairest (website) of Them all? (Domain Tools) Back in the .com days of the internet, a company called Alexa started collecting statistics on the websites that users visited with a plugin people installed in their browser. As part of that collection, Alexa aggregated that data into a collection of the “Top 1 Million” sites on the internet — the most-requested domains by users of their plugin. They then gave that list away for use by the Internet community.
Pittsburgh calls itself the robotics capital of the world. But it's also the birthplace of cybersecurity (Technical.ly) From a team launched out of an effort to prevent the next Morris worm to leadership in modern cybersecurity litigation, Pittsburgh has long been a home base for cyber talent. Here’s why the industry hasn’t boomed like robotics or AI — and how it still could.
Beyond Identity Study Highlights Who's Streaming but Not Paying: 84% of People Mooch Off Someone Else's Netflix Account (Beyond Identity) A recent study from Beyond Identity set out to uncover how many people are sharing their streaming logins and how difficult it is to kick people off.
Marketplace
Cyber Insurance: What to Know for 2022 and Beyond (Hyperproof) Cyber insurance can help cover losses such as personal customer data, compromised company hardware or software, financial losses, and others.
HackerOne acquires code security tester, review service PullRequest (ZDNet) HackerOne says that clients will be able to more easily integrate code security reviews during workflows.
WatchGuard changes PE hands with new majority investment (CRN) Vector Capital has bought Francisco Partners out of their 16-year long joint ownership of the vendor
Sabanci Acquires OT Security Vendor Radiflow (PRLog) Sabanci Acquires OT Security Vendor Radiflow. Acquisition will include an initial controlling stake in Radiflow with a phase 2 in Q1 2025. "We are confident that this transaction will enable Radiflow to continue its growth in the growing OT Security market," said Ilan Barda, Radiflow's CEO. - PR12915346
Darktrace employees sell shares in oversubscribed block (GlobalCapital) UK cybersecurity company shows how tech companies can still thrive in a tricky market
Conquest Cyber announces executive team addition, Matthew Horne as VP of Corporate Development (EIN News) Conquest Cyber has continued the expansion of top-tier executive growth with the addition of a new Vice President of Corporate Development.
Lumu Names Cybersecurity Veteran Jeffrey A. Wheat as Field Chief Technology Officer (StreetInsider.com) As threats intensify, Wheat's 30 years of innovation, advocacy in the public and private sectors will help organizations operate cybersecurity with speed and accuracy
Products, Services, and Solutions
New infosec products of the week: April 29, 2022 (Help Net Security) The featured infosec products this week are from: Akamai, Alert Logic, BreachBits, Kudelski Security, ThreatX, and Workato.
Devo Launches Cyber CEOs Decoded Podcast with the CyberWire Network (The CyberWire) The CyberWire announced today that cloud-native logging and security analytics company, Devo, debuted their new Cyber CEOs Decoded podcast on the rapidly growing CyberWire Podcast Network.
Linux security, reimagined (Red Canary) Red Canary's approach simplifies security for Linux systems to help protect businesses of any size, industry, or sophistication.
DXC Technology Selects Appgate to Deliver Enterprise-grade ZTNA (Appgate) DXC Technology has selected Appgate SDP, an industry-leading ZTNA solution, to support a multi-year strategic network transformation initiative.
Darktrace To Protect Leading British Port Group In Million-Dollar-Deal (PR Newswire) Darktrace, a global leader in cyber security AI, today announced that one of the UK's leading port groups has selected Darktrace's AI to...
$10b US defense cloud contract re-awarded to AWS (Register) Microsoft won, Amazon complained. Amazon won, Microsoft complained. Amazon won... again
AWS Locks up NSA Cloud Deal After Protest (Meritalk) The National Security Agency (NSA) confirmed that it re-awarded a cloud computing contract believed to be worth up to $10 billion to Amazon Web Services (AWS) after the agency’s initial award of the deal to AWS last summer was derailed by a protest by Microsoft.
Cybersecurity in Orbit: Sollensys Signs ETA Space (Yahoo Finance) The deal lays a path to keep important test data - expected to be in orbit by 2024 - safe from the threat of hacking. The announcement was made by Sollensys CEO Don Beavers and Eta Space CEO Bill Notardonato, a 30- year NASA veteran.
Technologies, Techniques, and Standards
Pegasus in Downing Street? Commercial Spyware and Espionage Competition (The National Interest) States have always spied on each other, but is commercial spyware an equalizer?
DigiCert Highlights Role of Digital Trust to Protect Against Cybersecurity Threats (PR Newswire) At its annual Security Summit, DigiCert, Inc., the world's leading provider of digital trust, along with top security industry pundits,...
How MSPs Can Navigate Log4Shell Ramifications (MSSP Alert) Log4shell exploitations are on the rise. To mitigate the ramifications, managed service providers need to stay informed & proactively monitor for threats. Sophos VP Scott Barlow explains how.
Design and Innovation
Certihash to begin developing an enterprise suite of blockchain information security tools with IBM (PR Newswire) Today, Certihash is pleased to announce a project to develop "Sentinel Node", the first of a suite of five blockchain-empowered enterprise...
Elon Musk Wants to Make Twitter DMs End-to-End Encrypted (HackRead) Follow us on Twitter @HackRead - Facebook @ /HackRead
Legislation, Policy, and Regulation
A Declaration for the Future of the Internet (The White House) We are united by a belief in the potential of digital technologies to promote connectivity, democracy, peace, the rule of law, sustainable development, and the enjoyment of human rights and fundamental freedoms. As we increasingly work, communicate, connect, engage, learn, and enjoy leisure time using digital technologies, our
FACT SHEET: United States and 60 Global Partners Launch Declaration for the Future of the Internet (The White House) The Internet has been revolutionary. It provides unprecedented opportunities for people around the world to connect and to express themselves,
US joins 55 nations to set rules for internet, with eye on China and Russia (South China Morning Post) The move seeks to counter what Biden officials call a ‘dangerous new model’ of internet policy from Beijing, Moscow and others.
China, India, Russia missing from future of internet pledge by US, EU, and 33 others (ZDNet) The countries agreed to promote a democratic internet, whilst notable absent signatories included Russia, China, and India.
US, partners launch plan for 'future' of internet, as China, Russia use 'dangerous' malign practices (Fox News) The U.S. and more than 55 global partners on Thursday launched the Declaration for the Future of the Internet – a commitment to advance a “positive vision” for the internet and digital technologies.
U.S. joins 55 nations to set new global rules for the internet (Reuters) The United States and 55 other nations on Thursday signed a political commitment to push rules for the internet that are underpinned by democratic values, at a time when the U.S. has accused Russia of wielding internet disruptions as a part of its escalating attacks on Ukraine.
India directs firms, govt organizations to report cyber incidents within 6 hours (mint) CERT-In has also asked virtual asset, exchange, and custodian wallet providers to maintain records on KYC and financial transactions for a period of five years
China Plans Reprieve for Tech Giants, Including Delaying New Rules, as Economy Slows (Wall Street Journal) China is preparing to hit pause on its monthslong campaign against technology companies, according to people familiar with the matter, as officials seek to arrest a rapid deterioration in the country’s economic outlook.
Cyber warfare cannot stand alone, argues Israeli cybersecurity expert | Government Matters (Government Matters) The West is on heightened alert for cyber attacks from Russia, but according to Israel Defense Forces Brig. Gen. Doron Tamir (Ret.), a founding member of Israel’s National Cyber Directorate, cyber attacks don’t win wars. Tamir said the war in Ukraine demonstrates that “boots on the ground” still determine war outcomes and although cyber attacks […]
The development of warfare cyberspace in the United States, part 6 (Modern Diplomacy) The Air Force’s organic teams, cutting-edge Silicon Valley startups, or traditional large defense contractors are not mutually exclusive. Each group brings different ideas, processes, and experiences to the range of cyber problems and the development of tools driven by each team provides timely, in-demand capabilities to the cyber forces. Furthermore, the Air Force and Navy […]
U.S. Cyber Command Eyes Enhanced Budgetary Control (SIGNAL Magazine) U.S. Cyber Command taking the reins for cyber warfighting via advancing budgetary oversight will help the command fine-tune its operations, leader says.
Navy Rear Adm. Craig Clapperton Nominated as Commander of Fleet Cyber Command (ExecutiveGov) U.S Navy Rear Adm. Craig Clapperton has received a nomination from President Biden to elevate to the grade of vice admiral and assume the role of commander of the Fleet Cyber Command and the Tenth Fleet at Fort George Meade in Maryland.
As Baltimore rebuilds from 2019 ransomware attack, is $10 million for a cure better than prevention? (Technical.ly) Baltimore city's own documents, sourced by Technical.ly through a FOIA request, paint a picture of how and with who the city worked to rebuild. Local cyber contractors give insight on what that $10 million for cybersecurity actually buys.
Litigation, Investigation, and Law Enforcement
Interpol: We can't arrest our way out of cybercrime (Register) Especially when gangs are better funded than local police
Prominent Aerojet Cybersecurity FCA Suit Ends In Settlement (Law360) Aerojet Rocketdyne and a whistleblower have reached a settlement to end a high-profile False Claims Act suit alleging the federal contractor misled the government about its compliance with certain cybersecurity requirements, bringing a trial in the case to an early end.
Bank of Ireland fined €463,000 for breaches of GDPR (Lexology) The Data Protection Commission recently announced its decision to fine Bank of Ireland (“BOI”) €463,000 for a number of breaches of the General Data…