Dateline
Ukraine at D+477: Battlespace shaping and sabotage. (CyberWire) Opinions differ as to whether Ukraine's offensive has begun, but the evidence seems to point toward preliminary battlespace shaping as opposed to a full offensive campaign.
Russia-Ukraine war: List of key events, day 468 (Al Jazeera) As the war enters its 468th day, these are the main developments.
Russia claims Ukraine is attacking; Kyiv calls that disinformation (Military Times) Kyiv authorities didn’t confirm the attacks Monday and suggested the claims that major battles are underway were a Russian misinformation ruse.
As Ukrainian Attacks Surge, U.S. Officials See Signs of Counteroffensive (New York Times) Kyiv has not formally announced the start of operations. But on Tuesday, Ukraine said the Russians had blown up a dam on the Dnipro River, potentially imperiling residents and the Zaporizhzhia Nuclear Power Plant.
It seems like the counteroffensive has started (POLITICO) Importantly, Ukrainian officials deny that the maneuver is underway.
Ukraine launches multiple attacks along front line amid claims counter-offensive has begun (The Telegraph) Reported assaults follow weeks of strikes designed to stretch Moscow’s defences
Ukraine goes on front foot in search of weak spot to begin decisive push (The Telegraph) Reported assaults follow weeks of raids and drone strikes designed to stretch Moscow’s defences
How Ukraine’s activity is aimed at shaping the battlefield to its own advantage (The Telegraph) Kyiv is keeping its options open and keeping Moscow guessing as to where and when it will launch any major military offensive
Austin Talks Uncertainties of War as Ukraine Prepares Counteroffensive (U.S. Department of Defense) The Ukrainian military is prepared for a counteroffensive against the Russian invaders, but this is war and supporters of Kyiv must be ready for the long haul, Secretary of Defense Lloyd J. Austin III
Russia-Ukraine War: Critical Dam Destroyed on Front Line in Southern Ukraine (New York Times) President Volodymyr Zelensky blamed Russia for the attack, which came a day after U.S. and Russian officials said a Ukrainian counteroffensive had begun. Thousands of residents are evacuating under threat of flooding.
Ukraine Dam Disaster: What We Know (New York Times) A dam in southern Ukraine was split in half, but it is unclear who caused the damage. Thousands are being evacuated as dangerous volumes of water gush downstream.
Ukraine Dam Blast Blamed on Russia Tips War Into New Phase (Bloomberg) Ukraine’s Interior Ministry says Russian forces blew up dam. Ukraine’s president summons security council amid evacuations.
Ukraine war latest: Ukrainian dam destroyed in blow to counter-offensive (The Telegraph) A Ukrainian dam has been destroyed in a major blow to the counter-offensive.
Russia-Ukraine war live: evacuations under way near Kherson after Kyiv accuses Moscow of destroying dam (the Guardian) Around 16,000 people could be affected and water will reach ‘critical level’ in coming hours, says Kherson governor
Ukraine Says Russia Blows Up Major Dnieper Dam In Act Of 'Ecocide,' Orders Mass Evacuation (RadioFreeEurope/RadioLiberty) Ukraine has accused Russia of blowing up a major dam on the Dnieper River in the southern region of Kherson and ordered the evacuation of tens of thousands of people from areas threatened by massive flooding downstream.
Nova Kakhovka dam: everything you need to know about Ukraine’s strategically important reservoir (the Guardian) Ukraine has accused Russia of blowing up the huge dam which provides water to Crimea and the Zaporizhzhia nuclear plant
Ukrainian dam collapse ‘no immediate risk’ to Zaporizhzhia nuclear plant (the Guardian) But IAEA says damage to Nova Kakhovka dam raises long-term concerns for power station’s future
Ukraine war latest: Ukrainian dam destroyed in blow to counter-offensive (The Telegraph) A Ukrainian dam has been destroyed in a major blow to the counter-offensive.
Wagner Group Posts Video Of Russian Officer In Sign Of Rising Tensions With Army (RadioFreeEurope/RadioLiberty) In a sign of rising tensions between Russia's Wagner mercenary group and the country's official armed forces, the private company led by Yevgeny Prigozhin has released a video of a captured Russian officer where he "confesses" to ordering an attack on the mercenaries.
Wagner mercenaries capture Russian brigade commander (Task & Purpose) Wagner Group mercenaries captured Lt. Col. Roman Venevitin, commander of Russia’s 72nd Brigade.
FRANCE/UKRAINE : Thales Parade system prepped to defend Kyiv against Iranian and Russian drones (Intelligence Online) The Brave1 cluster launched by Ukraine to boost its buzzing defence industry has opened an opportunity for Thales to place its anti-drone system on the Kyiv market. The French firm's Parade system
Opinion | Here’s How We Can End the War in Ukraine (New York Times) It is time for the United States to provide Ukraine with the support it needs to win against Russia.
Kremlin: fake Putin address broadcast on Russian radio stations after 'hack' (Reuters) The Kremlin said a purported radio address by President Vladimir Putin heard on Monday on Russian stations in regions bordering Ukraine was fake and the result of a hack, Russian news agencies reported.
Deep fake video of Putin declaring martial law is broadcast in parts of Russia (Semafor) The fake video took over airwaves and television screens in some Russian border cities Monday.
Hype or Hoax: Are Russian Cyber Capabilities Robust Enough to Cripple Ukraine? (The Strategy Bridge) First, by analyzing Russia’s past success in cyber and electronic warfare, this essay examines how Putin developed his assumption that Russian cyber operations would overwhelm Ukrainian cyber security measures. Second, it explores how these assumptions contributed to complacency and failure in the w
Ukraine’s Serhiy Demedyuk took part in the fifth meeting of the Ukraine-U.S. Cyber Dialogue (EU Today) Ukraine's Deputy Secretary of the National Security and Defense Council of Ukraine Serhiy Demedyuk took part in the fifth meeting of the Bilateral Ukrainian-American Cyber Dialogue.
Proceedings of the 2023 U.S.-Ukraine Cyber Dialogue (US Department of State) The United States and Ukraine met on June 1, 2023 in Tallinn, Estonia to re-convene the U.S.-Ukraine Cyber Dialogue, an annual discussion on cyber policy issues
U.S. to provide Ukraine with $37M in cyber assistance – Ukrainian Foreign Ministry (Ukrinform) The United States is working with Congress to provide an additional $37 million in cyber assistance to Ukraine. — Ukrinform.
Attacks, Threats, and Vulnerabilities
Caribbean island of Martinique dealing with cyberattack that disrupted government services (Record) The Carribean island of Martinique is dealing with a cyberattack that has disrupted internet access and other infrastructure for weeks.
Cyclops Ransomware and Stealer Combo: Exploring a Dual Threat (Uptycs) The Uptycs threat intelligence team identified the presence of a Cyclops ransomware/stealer that threatens all three platforms: Windows, Linux, and macOS.
Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence (SentinelOne) Threat actor targets experts in North Korean affairs with spoofed URLs and weaponized Office documents to steal Google and other credentials.
Adversaries increasingly using vendor and contractor accounts to infiltrate networks (Cisco Talos Blog) The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood.
Tens of Thousands of Compromised Android Apps Found by Bitdefender Anomaly Detection Technology (Bitdefender Labs) Bitdefender researchers used a recently announced industry-first app anomaly detection technology...
Chinese-speaking phishing ring behind latest fake fee scam targeting UAE; another campaign exposed (Group-IB) Group-IB, a global cybersecurity leader headquartered in Singapore, has attributed a recent wave of scams impersonating UAE public bodies to a Chinese-speaking phishing gang, codenamed PostalFurious.
Data Exfiltration for MOVEit Transfer Exploit (CrowdStrike) Are you impacted by the MOVEit transfer exploit? CrowdStrike identifies data exfiltration techniques you should be aware of.
Microsoft links Clop ransomware gang to MOVEit data-theft attacks (BleepingComputer) Microsoft has linked the Clop ransomware gang to recent attacks exploiting a zero-day vulnerability in the MOVEit Transfer platform to steal data from organizations.
Clop ransomware claims responsibility for MOVEit extortion attacks (BleepingComputer) The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies' servers and steal data.
Hacking Spree Feared After Breach of File-Sharing Software (Bloomberg) Thousands of companies vulnerable to flaw, cyber expert says. British Airways, BBC among early known victims of cyberattack.
Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App (The Hacker News) Microsoft reveals critical flaw exploit in Progress Software MOVEit Transfer app, linking it to notorious threat actor Lace Tempest.
MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362) (Help Net Security) The zero-day vulnerability attackers have exploited to compromise MOVEit Transfer a apps now has an identification number: CVE-2023-34362.
Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations (SecurityWeek) The recent MOVEit zero-day attack has been linked to a known ransomware group, which reportedly stole data from dozens of organizations.
Russian hackers raid British Airways and BBC in cyber attack (The Telegraph) Personal details of staff stolen following payroll provider hack
Cyber Attack Targets Major UK Companies with MOVEit Hack (Cyber Kendra) MOVEit Hack: British Airways, BBC and Boots hit by cyber attack
BA, BBC and Boots hit by cyber security breach with contact and bank details exposed (Sky News) Hackers exploited a vulnerability in MOVEit Transfer software last week to access a range of information which is now casting a cloud over a growing number of UK firms and their staff.
Mass Exploitation of Zero-Day Bug in MOVEit File Transfer Underway (Dark Reading) With shades of the GoAnywhere attacks, a cyber threat actor linked to FIN11 is leveraging a bug in the widely used managed file transfer product to steal data from organizations in multiple countries.
Scrubs & Beyond Leaks 400GB of User PII and Card Data in Plain Text (HackRead) Scrubs & Beyond were alerted multiple times about the data leak, but the company did not respond or secure the server.
June 5, 2023 CISA KEV Breakdown | Zyxel (Nucleus Security) In this Breakdown, two vulnerabilities in Zyxel Firewalls were added to the Known Exploited Vulnerabilities Catalog.
Qbot malware adapts to live another day … and another … (Register) Operators stay ahead of defenders with new access methods and C2 infrastructure
If you are going to buy online these days, be careful with this scam (Gearrice) This problem affects many countries around the world, but mainly in America and Europe. The attackers have succeeded infect websites to steal customer bank details when they go to make a purchase. This occurs just at the moment in which they are going to make the payment.
Microsoft's Outlook.com is down again on mobile, web (BleepingComputer) Outlook is down again for the second time today, with users facing a frustrating 503 error message when trying to access their accounts.
The Phantom Menace: Brute Ratel remains rare and targeted (SC Media) The commercial attack tool’s use by bad actors has faded after an initial flurry, while Cobalt Strike remains the go-to post-exploitation tool for many.
WSJ News Exclusive | Twitter Missed Dozens of Known Images of Child Sexual Abuse Material, Researchers Say (Wall Street Journal) The researchers say the social-media platform told them it has now improved its detection system for child sexual abuse.
NHS England reports GP data breach after Capita cyber-attack (Pulse Today) NHS England has reported a data breach involving GP information following a cyber-attack concerning Capita, which affected 90 organisations.
Deepfakes are adding an insidious edge to some sextortion schemes, FBI says (Record) There was a time when sextortion schemes typically involved digital material that was either coerced or stolen from a victim. The FBI is warning now that deepfakes are changing the nature of the crime.
Security Patches, Mitigations, and Software Updates
Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security (SecurityWeek) Microsoft is making SMB signing a default requirement in Windows 11 Enterprise editions, starting with insider preview build 25381.
Trends
BlackFog State of Ransomware Report May 2023 (BlackFog) The month of May was a record-breaker as we recorded a massive 66 publicly disclosed ransomware attacks, the highest we have ever recorded since we started this blog back in January 2020. Royal, LockBit and BlackCat were the most active during the month, while education remained the most heavily targeted sector, with a few attacks on religious organizations also noted which is an uncommon occurrence.
Research Reveals Software Security at Public Sector Organizations Lagging (Business Wire) Veracode’s State of Software Security Public Sector 2023 Report Finds Security Flaws in 82% of Government Applications
New Cloud Security Alliance Survey Finds SaaS Security Has Become a Top Priority for 80% of Organizations (Business Wire) More than half of security executives experienced a SaaS security incident in the past two years
KnowBe4’s SecurityCoach: Top 10 Risky Behaviors (KnowBe4) KnowBe4’s SecurityCoach is a real-time security coaching tool that integrates into your existing security stack, analyzes alert data and determines which threats and risky user behavior warrant sending immediate feedback.
Since 2018, ransomware attacks on food, beverage, and agriculture organizations have cost the world economy $1.36bn in downtime alone (Comparitech) From 2018 to May 2023, ransomware attacks hit 157 food, beverage, and agriculture organizations. We estimate such attacks have cost these organizations $1.36 billion in downtime alone. Ransomware attacks across this sector can cause widespread and ongoing disruptions, leading to delays in production, missed deliveries, shut stores, and stolen personal data. Companies can feel the […]
Research Reveals Software Security at Public Sector Organizations Lagging (Veracode) Veracode’s State of Software Security Public Sector 2023 Report Finds Security Flaws in 82% of Government Applications
Marketplace
Fortinet Research Finds Over 80% of Organizations Experience Cyber Attacks that Target Employees (Fortinet) New research underscores importance of effective cyber awareness training for employees to decrease cyber risks, with more than 50% of leaders indicating their employees lack proper knowledge
Cybersecurity M&A Roundup: 36 Deals Announced in May 2023 (SecurityWeek) Thirty-six cybersecurity-related merger and acquisition (M&A) deals were announced in May 2023.
Microsoft-backed Rubrik hires banks for IPO -sources (Reuters) Rubrik Inc, a U.S. cybersecurity software startup backed by Microsoft Corp and valued at $4 billion in a fundraising round two years ago, has hired banks for an initial public offering, four people familiar with the matter said.
CISOs as Board Directors, CISO Board Readiness Analysis (IANS) New SEC rule changes will require public companies to disclose the cybersecurity expertise of board members, as well as governance practices in overseeing the cybersecurity risk. On most boards, cyber understanding is insufficient with recent research revealing that most companies lack even a single board director with cybersecurity expertise.
Cyber Chiefs Seeking Board Seats Have Their Work Cut Out for Them (Wall Street Journal) Cyber chiefs who want to serve on corporate boards are filling out their résumés with directorship training and stints on advisory boards. Such moves probably aren’t enough.
Shortfall of skilled cybersecurity workers in the US reaches an estimated 466,000, CyberSeek™ data reveals (PR Newswire) Demand for cybersecurity talent continues to outpace supply, according to the latest data from CyberSeek™, the joint initiative of the National...
Leidos names former NSA executive as chief security officer (FedScoop) Amy Davis was most recently deputy chief of the NSA Office of Security and Counterintelligence.
ECI Appoints Jeff Schmidt as CEO to Lead the Company’s Next Phase of Growth (Business Wire) Schmidt brings decades of industry leadership, powerful background in cybersecurity, and impressive growth record to ECI
Axonius Names Chris Kramer as Chief Financial Officer (GlobeNewswire News Room) Kramer brings more than 25 years of experience scaling businesses from early stage to public company and will help prepare Axonius for scale and IPO...
Products, Services, and Solutions
Data443 Adds Antivirus and Ransomware Protection to Data Placement Manager (DPM) (GlobeNewswire News Room) DPM Bolsters Existing Capabilities within Leading Fintech Enhanced File Transfer/Managed File Transfer (EFT/MFT) Solution...
Traceable AI Announces the Industry’s First API Security Reference Architecture for a Zero Trust World (Business Wire) Traceable’s API security reference architecture for Zero Trust provides organizations with the guidance they need to operationalize Zero Trust Security at the API layer
Splunk Cloud Platform Attains StateRAMP Moderate Authorization (Splunk) Splunk Inc. (NASDAQ: SPLK), the cybersecurity and observability leader, today announced that Splunk Cloud Platform received StateRAMP authorization at a moderate impact level from the State Risk and Authorization Management Program (StateRAMP®). Splunk’s StateRAMP authorization validates its
Keeper Security announces passkey support (iTWire) COMPANY NEWS: Keeper Security, the leading provider of cloud-based zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets, connections and privileged access, today announces support for passkeys within its platform. With Keeper, passkeys are stored and managed in the Keep...
Group-IB and Defence Technology Institute join forces to build secure digital environment in Thailand (Group-IB) Group-IB, a global cybersecurity leader headquartered in Singapore, and Defence Technology Institute (DTI), a government agency under the supervision of the Minister of Defence of Thailand, signed a Memorandum of Understanding (MOU) to enhance knowledge sharing and collaboration in the development of the Defense Technology Institute Cyber Academy Program.
Group-IB signs partnership agreement with Ingram Micro covering Italian market (Group-IB) Group-IB, a global cybersecurity leader headquartered in Singapore, has concluded a partnership agreement with the Italian division of Ingram Micro, the world’s leading wholesale distributor of technology products and services.
BeyondID launches self-service tool for transition to Okta Identity Engine (SiliconANGLE) BeyondID launches self-service tool for transition to Okta Identity Engine - SiliconANGLE
PRESS RELEASE: SSH launches OpenSSH support service for multi-platform SSH environments (GlobeNewswire News Room) To resolve various customer support problems regarding OpenSSH implementations, SSH has launched a support service for...
Securing Genopets: Approov Prevents Cheaters from Ruining the Game (Business Wire) Adds Mobile Apps Gaming to Growing Customer Base with Immediate Reduction of Malicious Access to API Resources After Approov Installation
Cloudbrink debuts industry first “software appliance” for hybrid workplace security and performance (GlobeNewswire News Room) Bridge mode provides faster, lower cost alternative to network hardware appliances for critical applications...
Netskope Intelligent SSE Selected by Transdev to Secure and Connect its Hybrid Workforce (Netskope) Implementation is part of Transdev's Cloud-First approach to better manage technological obsolescence Paris, June 6, 2023 – Netskope, a leader in
Imply Announces Automatic Schema Discovery for Apache Druid, Reinforcing Druid’s Leadership for Real-Time Analytics on Streaming Data (Business Wire) The third milestone of Imply’s Project Shapeshift brings industry-leading developer ease of use and operational efficiency to Apache Druid in the Druid 26.0 release
Cyera Integrates OpenAI to Accelerate Multi-Cloud Data Security, Privacy and Governance (PR Newswire) Cyera, the data security company, today announced its integration with Azure OpenAI. The integration enables Cyera customers to make faster,...
Radiflow’s CIARA 4.0 Delivers Actionable Insights to Simplify the Management of OT Cyber Risk at Industrial Facilities (EEJournal) Tel Aviv, Israel, June 6, 2023 – Radiflow, creators of the award-winning OT cybersecurity platform, CIARA, announced the general availability of CIARA 4.0. This release introduces a leading benchma…
NinjaOne Debuts Patch Management Advancements to Mitigate Security Vulnerabilities (NinjaOne) Read first-hand accounts of how Ninja's products and superior support help companies deliver fast and effective IT management.
Lacework Unifies Entitlements Management and Threat Detection for Simplified Cloud Security (PR Newswire) Lacework, the data-driven security platform, today announced new CIEM functionality that empowers teams to gain observability of all cloud...
Cycode Adds New Software Bill of Materials Capabilities to Software Composition Analysis Solution (GlobeNewswire News Room) Cycode, the leading application security platform, today announced the release of Cycode Software Bill...
Vectra Extends Support for Amazon Security Lake (GlobeNewswire News Room) Advances capabilities with access to Security AI-driven Attack Signal Intelligence™...
TrustCloud™ Releases World’s First Free Security Questionnaire Tool and Compliance Sharing Portal for Startups | TrustCloud (TrustCloud) TrustShare™ application includes AI-powered security questionnaire responses and a dynamic compliance portal, so startups can pass security reviews and win
Source Defense Releases Free Platform Directly Addressing New PCI DSS 4.0 Requirements (GlobeNewswire News Room) Solution provides millions of merchants with the ability to easily go above and beyond complex new requirements for website security and monitoring...
Appdome Partners with GitHub to Automate Delivery of Secure Mobile Apps (PR Newswire) Appdome, the mobile app economy's one and only Cyber Defense Automation platform, today announced that it has integrated its platform with...
ColorTokens’ Microsegmentation Brings Zero Trust to Virtualized Containers (ColorTokens) ColorTokens, an American company specializing in zero trust cybersecurity, recently announced the addition of microsegmentation for virtualized containers to their portfolio of capabilities. The new feature provides security for containerized workloads running in private data centers as well as public cloud environments, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
Caveonix is Waiving up to Two Years of License Fees on its Hybrid Cloud Security, Compliance, and Governance Platform (GlobeNewswire News Room) Organizations Who Switch from Competing Services Can Save Up to 40% On Their Current Costs While Optimizing Resources...
Aware Delivers AI-Powered Insights for Secure Enterprises with Webex by Cisco (PR Newswire) Aware, the leading AI data platform for the employee experience, today announced a partnership with Webex by Cisco. Aware's AI data platform...
New CRITICALSTART® Managed XDR Reduces Cybersecurity Risk Through Improved Visibility, Rapid Delivery, and Enhanced Security (PR Newswire) Today, Critical Start, a leading provider of Managed Detection and Response (MDR) cybersecurity solutions, announced the release of its new...
Obsidian Solidifies Market Leadership Position, Expanding Posture Hardening Support to 11 New Applications (Business Wire) Removing the burden from its customers' security teams, Obsidian seamlessly rolls out and integrates apps into existing SaaS postures
DigiCert partners with ReversingLabs to advance software supply chain security
(DigiCert) DigiCert, a leading global provider of digital trust and a member of Oracle PartnerNetwork (OPN), today announced a partnership to provide DigiCert ONE, the platform for digital trust, on Oracle Cloud Infrastructure (OCI).
1Password Launches Two Passkey Features to Accelerate a Passwordless Future (PR Newswire) 1Password, the leader in human-centric security and privacy, today announced two passkey features to continue its leadership with passkey...
Thales Announces CipherTrust Data Security Platform as-a-Service (Business Wire) CipherTrust Data Security Platform as-a-Service allows businesses to rapidly deploy and scale key management and data security services without the need to manage hardware or fund upfront investments
Cisco Shows Breakthrough Innovation Towards AI-First Security Cloud (Cisco) Cisco launches new security service edge (SSE) solution to enable superior hybrid work experiences and dramatically simplify access across any location, any device, and any application.
Technologies, Techniques, and Standards
SBOMs - Software Supply Chain Security’s Future or Fantasy? (SecurityWeek) Two years after the requirement for SBOMs were announced, we are not close to achieving them. Are SBOMs achievable, or an elusive fantasy?
4 security myths hindering CISOs effectiveness (SDxCentral) Gartner analysts pointed out four security myths that are hindering the effectiveness of security teams led by CISOs.
Download Free Report | Tackling SaaS Security Challenges (Ironscales) Download this report to gain insight into key challenges organizations face when it comes to SaaS security and recommendations for how to address them.
Design and Innovation
What if the Current AI Hype Is a Dead End? (SecurityWeek) If we face a Dead-End AI future, the cybersecurity industry will continue to rely on traditional approaches, especially human-driven ones.
Microsoft Israel R&D Center to develop security for ChatGPT (Globes) The Herzliya center's cybersecurity capabilities will play a key role in the commercialization of OpenAI's chatbot, sources familiar with the matter tell "Globes.
Research and Development
First in space: SpaceX and NASA launch satellite that hackers will attempt to infiltrate during DEF CON (CyberScoop) For the first time ever, researchers will be able to test the security of a satellite on-orbit at this year's Hack-A-Sat contest at DEF CON.
Moonlighter Satellite Offers In-Orbit Target for Space Hackers (Dark Reading) Moonlighter, which offers red teams a chance at operational disruption, will be up for pwning at in August, timed with DEF CON.
Academia
UAlbany Research Looking for Cybersecurity Vulnerabilities (GovTech) Two new labs at SUNY’s Albany campus are searching for cybersecurity vulnerabilities in open-source intelligence and IoT devices. Ten other labs are planned to open in the university’s cybersecurity college by 2025.
Legislation, Policy, and Regulation
War crimes committed through cyberspace must not escape international justice, says Estonian president (Record) “This is about ensuring justice, but also strengthening deterrence by punishing those who violate the most sacred international laws and norms,” President Alar Karis said at CyCon.
‘Delhi Declaration’ for responsible state behaviour in cyberspace for G20 countries (The Hindu) The Delhi Declaration outlined a series of commitments to “responsible state behaviour in cyberspace” for G20 member countries
NCSC Proposes 'Delhi Declaration' For G20 Nations To Safeguard Cyber Peace, Cooperation (ABP Live) The Delhi Declaration aims to enhance global cybersecurity cooperation and reinforce responsible state behaviour in cyberspace.
AI generated content should be labelled, EU Commissioner Jourova says (Reuters) Companies deploying generative AI tools such as ChatGPT and Bard with the potential to generate disinformation should label such content as part of their efforts to combat fake news, European Commission deputy head Vera Jourova said on Monday.
The EU to the AI Rescue (Again) (Medium) Leading the Way in Compliance and Regulations — Thankfully
Governments worldwide grapple with regulation to rein in AI dangers (Computerworld) As generative AI revolutionizes tech, governments around the world are trying to come up with regulations that encourage its benefits while minimizing risks such as bias and disinformation.
SEC's New Cyber Rule Plan Needs Changes, Trade Groups Say (ThinkAdvisor) The update to Reg S-P would require firms to notify clients of data breaches.
Litigation, Investigation, and Law Enforcement
SEC Says Binance Misused Customer Funds, Ran Illegal Crypto Exchange in U.S. (Wall Street Journal) The regulator alleges that the company misused customer funds and ran an illegal crypto exchange in the U.S.
FTC Will Require Microsoft to Pay $20 million over Charges it Illegally Collected Personal Information from Children without Their Parents’ Consent (Federal Trade Commission) Microsoft will pay $20 million to settle Federal Trade Commission charges that it violated the Children’s Online Privacy Protection Act (COPPA) by collecting personal inform
Microsoft will pay $20M to settle U.S. charges of illegally collecting children's data (AP NEWS) Microsoft will pay a fine of $20 million to settle Federal Trade Commission charges that it illegally collected and retained the data of children who signed up to use its Xbox video game console. The agency charged that Microsoft gathered the data without notifying parents or obtaining their consent, and that it also illegally held onto the data. In a blog post, Microsoft vice president for Xbox Dave McCarthy outlined additional steps the company is taking to improve its age verification systems and to ensure that parents are involved in the creation of child accounts for the service.
Robert Hanssen, F.B.I. Agent Exposed as Spy for Moscow, Dies at 79 (New York Times) Mr. Hanssen was sentenced to life in prison in 2002, bringing to a close one of the most lurid and damaging espionage cases in American history.