Dateline Moscow, Kyiv, Helsinki, and Stockholm:
Ukraine at D+83: Mariupol falls. Chaos ransomware goes political, abandons criminal pretenses. (The CyberWire) Ukrainian resistance in Mariupol is ending. Ukraine wants to exchange prisoners, but Russia considers prosecuting Ukrainian p.o.w.s for "crimes against humanity." Russia's war effort receives an unexpectedly candid review on Russian television. The operators of Chaos ransomware go all-in for Russia's cause. A hacktivist claim of compromising Russian ground security robots is unconfirmed.
Russia’s invasion of Ukraine: List of key events, day 84 (Al Jazeera) As the Russia-Ukraine war enters its 84th day, we take a look at the main developments.
With Ukraine Taking Firmer Stance, Peace Talks Grind to a Halt (New York Times) The impasse is mainly driven by Russia’s insistence on controlling large areas of Ukrainian territory. But Ukraine is also emboldened by successes on the battlefield and angry over Russian atrocities.
Ukraine relinquishes Mariupol as Russia attacks both east and west (Los Angeles Times) After months of a devastating siege, the city of Mariupol is now in Russian hands as Moscow's forces concentrate their attacks elsewhere.
Azovstal defenders’ heroic hold-out may yet prove decisive in Donbas struggle (The Telegraph) Though Azov regiment’s evacuation fulfils one of Putin’s war aims, lessons from Napoleonic history suggest the siege may benefit Ukraine
Interrogation, uncertainty for soldiers abandoning Mariupol (AP NEWS) Russia said Wednesday that nearly 1,000 Ukrainian troops at a giant steelworks in Mariupol have surrendered, abandoning their dogged defense of a site that became a symbol of their country’s resistance , as the battle in the strategic port city appeared all but over.
Russia-Ukraine latest news: Azovstal leaders 'have not surrendered' in besieged steelworks, Russia claims (The Telegraph) Top-ranking Ukrainian commanders at the Azovstal steelworks "have not surrendered", a pro-Russian separatist leader has said, as Russia claims that almost one thousand Ukrainian troops have left the plant.
Azovstal steelworks fighters should be put to death, say Russian MPs (The Telegraph) Ukrainian soldiers evacuated after heroic last stand in the city of Mariupol deserve to be executed, claim hardliners
Around Kharkiv, Ukrainians Emerge to Find Lives in Ruin (New York Times) Air raid sirens wail daily and the steady rumble of artillery can still be heard in the distance, but Ukrainian forces this month pushed Russian troops out of the eastern city of Kharkiv and beyond striking distance.
‘The whole world is against us’: Retired Russian colonel speaks out against Kremlin war machine (The Telegraph) In a rare show of dissent, Mikhail Khodaryonok told the state’s flagship news show there was no good outcome from Ukraine invasion
ICC sends 42-member team to probe alleged war crimes in Ukraine (Al Jazeera) The court sent its ‘largest-ever’ team of experts to probe alleged war crimes since Russia’s invasion of Ukraine.
Did hackers commandeer surveillance robots at a Russian airport? (The Daily Dot) A hacker group claims to have compromised a robotics company that sells surveillance robots in countries across the world, including Russia.
Chaos Ransomware Variant Sides with Russia (Fortinet Blog) FortiGuard Labs recently came across a variant of Chaos ransomware that appears to side with Russia. Read to find out more about the destructive outcome the variant beings to a compromised machine.…
How Mobile Networks Have Become a Front in the Battle for Ukraine (Dark Reading) Since 2014's annexation of Crimea, Ukrainian mobile operators have taken multiple, proactive steps to defend networks in the country and ensure their resilience.
How to Help Ukraine Fight Cultural Erasure (Foreign Policy) Russia is seeking to destroy Ukrainian culture. The West must help those working to preserve it.
Cracks are emerging in Putin's alliance against the west (Newsweek) The Collective Security Treaty Organization (CSTO) met in Moscow on Monday but only Belarus's leader showed support for the Ukraine war.
The staggering amount of US military aid to Ukraine, explained in one chart (Vox) $9.8 billion — and that tranche for Ukraine is only part of the picture.
The EU Needs to Start Planning for ‘the Day After Putin’ in Russia (World Politics Review) The EU does not have the luxury of assuming that inflicting enough losses on the Putin regime will make its “Russia dilemma” go away. However much the survival of Ukraine needs to be the EU’s primary priority now, the question of how to promote democracy, stability and prosperity in Russia is a long-term challenge for the EU.
NATO chief hails 'historic moment' as Finland, Sweden apply (AP NEWS) NATO Secretary-General Jens Stoltenberg said Wednesday that the military alliance stands ready to seize a historic moment and move quickly on allowing Finland and Sweden to join its ranks, after the two countries submitted their membership requests.
NATO Countries Begin Ushering Finland and Sweden Into the Fold (Foreign Policy) The U.K. and several Nordic countries have offered security guarantees to what could be NATO’s newest members.
U.S. allies snubbed by Biden could now threaten to derail NATO expansion (Newsweek) Left out of December's Summit for Democracy, Turkey's Recep Tayyip Erdogan and Hungary's Viktor Orbán would need to approve Finland and Sweden's NATO bids.
The World Needs an Economic NATO (Foreign Policy) Russia’s war has made sanctions a powerful tool of statecraft. It’s time to formally enshrine them.
EU will rely on Russian oil for a ‘long time’, claims Putin (The Telegraph) Vladimir Putin has claimed that some EU countries will be unable to wean themselves off Russian oil "for a long time".
Canada introduces bill to ban Russia's Putin and others from entering country (Reuters) Canada on Tuesday introduced a bill in the Senate that will ban Russian President Vladimir Putin and some 1,000 other members of his government and military from entering the country as it continues to ratchet up sanctions after the invasion of Ukraine.
Attacks, Threats, and Vulnerabilities
Russian Hacking Cartel Attacks Costa Rican Government Agencies (New York Times) Experts who track the hackers’ actions said the group had recently begun to shift its focus to countries in Central and South America, perhaps as retaliation against nations that have supported Ukraine.
Costa Rican president claims collaborators are aiding Conti's ransomware extortion efforts (CyberScoop) The claim comes after Conti doubled its extortion demand to $20 million and called for the overthrow of the government.
"We will overthrow the government" - Does Conti have help inside Costa Rica? (Tech Monitor) The Conti Costa Rica attack is getting more serious, as the ransomware gang doubles its demands. But does it have insider help?
Costa Ricans scrambled to pay taxes by hand after cyberattack took down country’s collection system (Yahoo) Costa Ricans struggled to pay taxes by hand Monday after a ransomware cyberattack took down the country’s online tax collection system.
Ethiopia faces new cyberattacks on its Nile dam (Al-Monitor) Ethiopia said it foiled international cyberattack attempts targeting the works of its Grand Ethiopian Renaissance Dam.
Attempts to exploit new VMware vulnerabilities (Journey Notes) Barracuda researchers found a steady stream of attempts to exploit two recently uncovered VMware vulnerabilities: CVE-2022-22954 and CVE-2022-22960.
Cyber Actors Scrape Credit Card Data from US Business’ Online Checkout Page and Maintain Persistence by Injecting Malicious PHP Code (FBI Flash) As of January 2022, unidentified cyber actors unlawfully scraped credit card data from a US business by injecting malicious PHP Hypertext Preprocessor (PHP) code into the business’ online checkout page and sending the scraped data to an actor-controlled server that spoofed a legitimate card processing server.
Oregon FBI's Tech Tuesday: A warning about reverse instant payment scams (KTVZ) The FBI’s Internet Crime Complaint Center recently issued a warning about a rise in payment scams. Victims appear to get a text message from a bank’s fraud alert department. The text asks if the customer initiated an instant money transfer using digital payment apps connected to a bank. For example, a text may say- Bank
Connected federal buildings could become prime cyber targets (Federal News Network) Malicious actors can manipulate digitized systems and damage water infrastructure, or even change the way it’s treated to introduce harmful chemicals.
Phishers Impersonate Maersk to Exploit Global Supply Chain Chaos (Vade) Several waves of phishing emails posing as Maersk targeted thousands of recipients respectively between January 2022 and May 2022, exploiting the global supply chain crisis affecting millions of businesses around the world.
This simple cyberattack is still among the most effective (TechRadar) HTML attachments may be simple, but remain deadly
Personal information of 1.8 million Texans with Department of Insurance claims was exposed for years, audit says (The Texas Tribune) The personal data was accessible to the public because of a glitch in the code of the department’s web application.
Insurance regulator implicated in mass data leak (Insurance Business America) Personal information of nearly two million workers' comp claimants exposed
Potential cyberattack detected on NUIG's IT network (RTE.ie) NUI Galway is taking precautionary measures after IT security systems detected a potential cyberattack on the institute's computer network.
Cyberangriff auf Luzerner Verkehrsbetriebe legt Anzeigetafeln lahm (IT Markt) Eine gezielte Cyberattacke hat bei den VBL Systemprobleme verursacht. Der Busbetrieb läuft noch normal, die Anzeigetafeln nicht. Die Untersuchungen laufen.
How Dangerous Is the Cyber Attack Risk to Transportation? (Security Intelligence) Cyber attackers are targeting transportation systems. What kinds of threats are out there, and what can the industry do about today's threats?
Weak Security Controls and Practices Routinely Exploited for Initial Access (CISA) The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory (CSA) on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise networks. While these poor practices may be common, organizations can apply basic practices, such as the following, to help protect their systems:
Security Patches, Mitigations, and Software Updates
Apple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina (SecurityWeek) Apple has released updates to patch tens of vulnerabilities across its operating systems, and it has finally released a macOS Big Sur and Catalina patch for two exploited vulnerabilities.
Apple Releases Security Updates for Multiple Products (CISA) Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Note: Apple notes they are aware of a report that states CVE-2022-22675 may have been actively exploited. CVE-2022-22675 affects watchOS, tvOS, and macOS Big Sur. CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates.
CISA warns admins to patch actively exploited Spring, Zyxel bugs (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices.
Researchers, NSA cybersecurity director warn of hackers targeting Zyxel vulnerability (The Record by Recorded Future) A widespread, critical vulnerability affecting Zyxel firewalls is being exploited by hackers, according to several researchers and the director of cybersecurity for the NSA.
Circutor COMPACT DC-S BASIC (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Circutor Equipment: COMPACT DC-S BASIC Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition resulting in remote code execution.
Cyber: The new frontier (CTech) “As technology evolves and the battle terrain changes, cyber criminals are quick to adapt and change their tactics, techniques and procedures accordingly,” writes Guy Caspi, CEO and Founder of Deep Instinct
2022 Compliance Benchmark Key Findings (A-LIGN) In this year’s Compliance Benchmark Report VIP Reveal, we’ll dive into the key compliance drivers and priorities for 2022, where companies are allocating spend, and more.
CISOs say they're at less risk of a substantial cyberattack (Cybersecurity Dive) A modest confidence boost and more deliberate security strategies follows two years of pandemic-induced chaos, a Proofpoint-sponsored survey found.
Ransomware Vulnerabilities Spike by 7.6% in Q1 2022 (Business Wire) New threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware
Crime Pays: Businesses Cough Up for Ransomware Most of the Time (Tech.co) A report finds 88% of executives previously hit by ransomware stated that they would pay if they were attacked again.
A third of companies paying ransom don’t recover data - report (SecurityBrief Asia) Veeam's report finds 76% of businesses who are victims of cyberattacks paid the ransom to recover data, but a third were still unable to get their information back.
DDoS Threat Report FHY 2021 (NexusGuard) Small bit-and-piece DDoS attacks boomed by 233% in the first half of 2021, revealed Nexusguard researchers in the Threat Report FHY 2021.
Microsoft Is Trying to Make 'Cryware' a Thing (PCMAG) Microsoft’s goal is to warn users to be on guard against the crypto-focused malware threat, but some in the cybersecurity space say it's just more unnecessary jargon.
Access Orchestration Firm Pathlock Announces Several M&As and $200M Funding (SecurityWeek) Pathlock has announced several mergers and acquisitions, as well as raising $200 million as part of these transactions.
Pangea Lands $25 Million Investment for API Security Services (SecurityWeek) Pangea Cyber, an early-stage startup working on technology to help developers add security and compliance features to applications, has landed $25 million in venture capital financing
Update on timing of Securitas acquisition of Stanley Security (News Powered by Cision) The acquisition of Stanley Security is conditional upon regulatory approval and customary closing
Zimperium Closes Acquisition by Liberty Strategic Capital and will Accelerate Mission of Strengthening Mobile Security Worldwide (Business Wire) Zimperium announced that it has closed its acquisition by Liberty Strategic Capital.
Cybersecurity M&A Roundup for May 1-15, 2022 (SecurityWeek) Fifteen cybersecurity-related M&A deals have been announced in the first half of May 2022.
Cyber Insurers Raise Rates Amid a Surge in Costly Hacks (Wall Street Journal) Insurers significantly increased premiums for cyber coverage over the course of 2021, as a string of high-profile attacks and government action helped boost demand for products, data collected by industry bodies shows.
Now a VC, Kevin Mandia thinks we don't really need most security startups (Protocol) The CEO of cybersecurity firm Mandiant has added venture capitalist to his resume, as a strategic partner at Ballistic Ventures.
NASA Awards Contract for Cybersecurity, Privacy Enterprise Solutions (PR Newswire) NASA has awarded the Cybersecurity and Privacy Enterprise Solutions and Services (CyPrESS) contract to Booz Allen Hamilton of McLean, Virginia....
SonarSource Appoints Kevin Thompson on its Board of Directors (Business Wire) SonarSource announces that Kevin Thompson, chairman and CEO of Tricentis and former president and CEO of SolarWinds, has joined its board of directors
Trio of Network Industry Veterans to Lead Growth at Alkira (Alkira) Alkira has added three top networking industry executives to lead sales, marketing and operations as it continues on its mission to reinvent networking for the cloud.
Cyber Defense Labs appoints Tim Kilcullen as CRO (Help Net Security) Cyber Defense Labs, a Dallas-based expert cybersecurity services firm, announced that Tim Kilcullen has joined the firm as its CRO.
Admiral Mike Rogers Joins Talon Cyber Security to Lead Board of Advisors (Talon Cyber Security) Former NSA Director and Commander of U.S. Cyber Command to Help Support Customers and Drive the Commercialization and Adoption of the TalonWork Browser Tel Aviv, Israel – May 18, 2022 – Talon Cyber Security, provider of the first secure enterprise browser, today announced the appointment of Admiral Mike Rogers as Chairman of the company’s Board...
Products, Services, and Solutions
SecZetta And Active Cyber Announce Partnership to Help Organizations Increase Cyber Resilience Through Third-party Identity Risk Management (SecZetta) SecZetta and Active Cyber announce partnership to help organizations increase cyber resilience through third-party identity risk management.
YouMail, Inc. Launches YouMail Protective Services for Carriers & Enterprises (PR Newswire) YouMail today announced the launch of YouMail Protective Services, which provides a set of services that perform AI-based threat detection,...
LogicHub Launches AuDRA, First AI Threat Hunting Bot (LogicHub) AuDRA, First AI Threat Hunting Bot. Interactive, bot-based system creates advanced threat detection playbooks in minutes, hours, instead of days to weeks.
NEXTGEN combines cyber and data management (CRN Australia) Appoints Ross Wehby to run combined business units.
Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS (Rubrik) Rubrik, the Zero Trust Data Security™ Company, today announced Rubrik Security Cloud to secure customers’ data, wherever it lives, across enterprise, cloud, and SaaS.
GlobalSign Announces “Ready S/MIME” (GlobalSign GMO Internet, Inc.) New auto-configuration capabilities in GlobalSign’s AEG 7.5 enable IT administrators to deploy S/MIME email certificates at scale
Barracuda launches new capabilities for Web Application and API Protection (WAAP) (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
Barracuda expands cloud-native SASE platform to protect hybrid cloud deployments (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
Introducing Pangea: Security Services and APIs for App Builders (Medium) Think about a brand new company, looking to build a new application. Where would you go to start building the foundation of your app?
Aryaka Partners with AppDirect to Deliver Managed SD-WAN and SASE on t (PRWeb) Aryaka, the leader in fully managed SD-WAN and SASE solutions, today announced a commercial partnership with AppDirect, the leading B2B commerce platform, t
GigNet Commits to Keeping Clients Safe from Cyber Crime By Launching New Cyber Security Products and Services (StreetInsider.com) Strategic Partnerships with Leading Cyber Security and Cyber Risk Management Companies Expands GigNets Managed Services Offerings
Bluebird Group teams up with Darktrace to tackle Indonesian cyber threats (Channel Asia) Bluebird Group has partnered with Darktrace to aid in its defence against rising security threats by autonomously interrupting in-progress cyber attacks.
Bitdefender Identity Theft Protection helps prevent criminals from stealing or using personal information (Help Net Security) Bitdefender unveiled Bitdefender Identity Theft Protection, a new U.S. consumer service delivering identity threat detection and alerts.
Tamkeen partners with world-renowned provider of cyber security training, SANS institute to train hundreds of bahrainis (ACE Times) In response to market requirements within the Technology sector
Axway partners with Cloudentity for Open Banking in North America (PayPers) API management provider <a href='https://www.axway.com/en' target='_blank'>Axway</a> and modern application identity and authorisation provider Cloudentity have partnered to provide the first production release to support FDX 5.0 APIs, according to <a href='https://www.crowdfundinsider.com/2022/05/191008-axway-partners-with-cloudentity-to-support-open-banking-adoption-in-north-america/' target='_blank'>Crowdfund ...
Google to launch repository service with security-tested versions of open-source software packages (CSO Online) The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies.
Technologies, Techniques, and Standards
Cyber Defenders Council Report: Defend Forward - A Proactive Model for Cyber Deterrence (Cybereason) The Defend Forward concept emerged from the US Department of Defense 2018 National Cyber Strategy. Senior Defense Department leaders had grown increasingly concerned about the sophisticated ways in which certain nation-states were bringing together economic coercion, political influence, information operations, cyber operations, and conventional and unconventional military operations to advance their national interests.
A Proactive Model for Cyber Deterrence (Cybereason) The Cyber Defenders Council is an independent group of preeminent cybersecurity leaders from public- and private-sector organizations around the world. The mission of the Council is to adapt an approach to cyber deterrence, known as “Defend Forward,” for private-sector enterprises and to provide prescriptive guidance to help organizations implement Defend Forward cybersecurity strategies that increase costs for attackers and improve the efficacy of Defenders. The Cyber Defenders Council is sponsored by Cybereason.
Security Summit: Google Cloud charts a safer future | Google Cloud Blog (Google Cloud Blog) At this year’s Security Summit, we are sharing how we’re making government and enterprises safer with Google Cloud.
New from Google Cloud: Assured Open Source Software service | Google Cloud Blog (Google Cloud Blog) Announcing Google Cloud’s new Assured Open Source Software Service, which can help organizations add the same software that Google uses into their own workflows.
Critical infrastructure cyber security is broken – process sensors continue to be ignored (Control Global) This blog started out as a response to Dale Peterson’s May 11, 2022 S4 interview with Ilan Gendelman of Siga OT Solutions, but I have extended its scope to all infrastructures because if you can’t trust what you measure, you have no cyber security, process safety, or product quality.
New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses (SecurityWeek) MITRE, CyManII and the US government have teamed up for a special interest group whose goal is to enhance cyber defenses for ICS and OT.
Just How Risky Are Your Machine Identities? (CPO Magazine) We’re at the inflection point in cybersecurity where machine identity-related attacks are moving higher on CISOs’ lists of top worries.
Training to Beat a Bad Cybersecurity Culture (Dark Reading) Creating a company culture for security may need to start by tearing down an anti-security culture.
How to modernise legacy apps without compromising security (SecurityBrief Asia) At a time when digital transformation has become central to business, even the most important applications come with a ‘use-by’ date.
In hot pursuit of ‘cryware’: Defending hot wallets from attacks (Microsoft) The steep rise in cryptocurrency market capitalization, not surprisingly, mirrors a marked increase in threats and attacks that target or leverage cryptocurrencies. But Microsoft researchers are observing an even more interesting trend: the evolution of related malware and their techniques, and the emergence of a threat type we’re referring to as cryware.
Research and Development
As DNS Hijacking Increases, DigiCert Labs Funds Research for Automatically Detecting DNS Attacks at Scale (Digicert) In recent years, DNS hijacking cases have increased. As the leader in digital trust, we're working with researchers at UC San Diego and Stanford to prevent future attacks by understanding DNS hijacks, identifying maliciously obtained certs and building countermeasures.
Cybersecurity In The Education Sector (MarketScreener) One of the common issues raised by many educational institutions in South Africa is inadequate security measures. In this document, we investigate the impact of Cybersecurity on the security system... | May 18, 2022
Immaculata University Partners with National Cybersecurity Firm (Malvern, PA Patch) One of your neighbors posted in Schools. Click through to read what they have to say. (The views expressed in this post are the author’s own.)
Legislation, Policy, and Regulation
SRI : In terms of cyber espionage, Russia's all relevant intelligence services try to be present in Romania (ACT Media) All relevant intelligence services from Russia, namely FSB, GRU and SVR, are trying to be present in Romania, on the cyber espionage side, the general director ...
CISA pledges half of federal agencies will have EDR by end of fiscal year (SC Magazine) CISA and OMB update Congress on how federal agencies had complied with the Biden administration’s cybersecurity executive order as well as their push to implement zero-trust architectures across agencies and departments.
CISA to Address State, Local Government Quantum Readiness (GovTech) A new memorandum instructs CISA to “engage with” state and local governments by late fall about quantum computing risks. Federal officials, meanwhile, are looking for new ways to build a quantum-focused workforce.
Cyber officials express confidence over ‘significant progress’ in federal security (The Hill) U.S. cyber officials testifying before a House subcommittee on Tuesday told lawmakers that they’ve made “significant progress” in improving and securing federal networks from cyber threats.&nb…
One year after Biden executive order, cyber officials defend progress (The Record by Recorded Future) A year after President Joe Biden signed a sweeping executive order to better secure federal networks from hackers, senior cyber officials insisted progress has been made — even though compliance with key portions of the directive remains uneven.
Leaders cite progress under cyber EO, but lawmakers press for more amid persistent threats (Federal News Network) Lawmakers are skeptical about progress on multifactor authentication, endpoint detection and other capabilities mandated by the cybersecurity executive order.
U.S. House passes bill requiring report on federal cyberattack response (Nebraska Examiner) The U.S. House has easily passed a bill that would require the Department of Homeland Security to evaluate its cybersecurity capability.
President Biden’s Policy Changes for Offensive Cyber Operations (Lawfare) Concerns about changes to the U.S. policy on offensive cyber operations raise an interesting and important question about the balance of power between the White House and the Department of Defense. But this is a poor framing of the problem.
Special ops leader issues warning over information warfare capabilities, funding (C4ISRNet) Though operational commitments keep U.S. Special Operations Command moving, progress comes down to affordability.
Understanding—and Fixing—the Army’s Challenge in Keeping Cyber Talent (Modern War Institute) This article is part of the series “Compete and Win: Envisioning a Competitive Strategy for the Twenty-First Century.” The series endeavors to present expert commentary on diverse issues surrounding US competitive strategy and irregular warfare with peer and near-peer competitors in the physical, cyber, and information spaces. The series is part of the Competition in Cyberspace […]
91st Cyber Brigade welcomes new commander (Virginia National Guard) Col. Rusty McGuire took command of the Virginia National Guard’s Bowling Green-based 91st Cyber Brigade from Brig. Gen. Teri Williams May 14, 2022, in Bowling Green, Virginia.
Litigation, Investigation, and Law Enforcement
The Biggest Data Breach (Irish Council for Civil Liberties) ICCL report on scale of Real-Time Bidding data broadcasts in the U.S. and Europe
Report flags vast scale of adtech’s ‘biggest data breach (TechCrunch) New data about the real-time-bidding (RTB) system's use of web users' info suggests Google and others are processing and passing people's data.
NSO Group Refuses To Fight Lawsuit Filed By Facebook While Asking For Intervention By Supreme Court (Digital Information World) NSO group that comes from Israel has requested the Supreme Court to intervene and thoroughly go through a decision entailing.
Before Massacre Began, Suspect Invited Others to Review His Plan (New York Times) The man accused of killing 10 people at a Buffalo supermarket permitted a small group to join his private chatroom about 30 minutes before the massacre.
Darktrace executive was part of 'clique' behind Britain's biggest ever fraud (The Telegraph) Judge finds that Nicole Eagan was involved in Mike Lynch's toxic $11bn sale of Autonomy
Radiology Companies Win Dismissal of Data Breach Lawsuit (Bloomberg Law) Northeast Radiology PC and Alliance HealthCare Services won’t have to face a proposed data breach class action because the plaintiffs didn’t allege a cognizable injury, a Manhattan federal judge ruled.
Prosecutor says Sussmann used connections to share Trump dirt with FBI (Washington Post) ‘This is a case about privilege,’ Durham prosecutor tells the jury on the first day of testimony
Georgia elections board dismisses allegations of ballot harvesting (Washington Post) One of the disproved complaints is featured in the movie ‘2,000 Mules,’ which is circulating among conservative activists.