Improved security and increased team productivity are just some of the benefits of adding a password manager to your security tech stack. Download 1Password’s latest guide to learn what to look for when evaluating a password manager so you can choose one that best suits your needs.
We're always looking for ways to improve the CyberWire, now N2K Cyber Network, to give you an intelligence-driven news experience that saves you time and keeps you in the know on the latest developments in cybersecurity. Please share your feedback in our 2023 Audience Survey and you will have a chance to win a $100 Amazon gift card. Take the survey.
Researchers at Vulcan Cyber warn that attackers can use ChatGPT to trick developers into installing malicious packages.
Noting that developers have begun using ChatGPT for coding assistance, the researchers state, “We’ve seen ChatGPT generate URLs, references, and even code libraries and functions that do not actually exist.” Such articles are the “hallucinations” referred to. “These LLM (large language model) hallucinations have been reported before and may be the result of old training data,” Vulcan continues. “If ChatGPT is fabricating code libraries (packages), attackers could use these hallucinations to spread malicious packages without using familiar techniques like typosquatting or masquerading. Those techniques are suspicious and already detectable. But if an attacker can create a package to replace the ‘fake’ packages recommended by ChatGPT, they might be able to get a victim to download and use it.”
Mike Myer, CEO of Quiq, offered the following observations. “Large language models carry risk and limitations for companies. Outputs can be biased, wrong, or flat-out invented. We are seeing lots of interest from brands who want to take advantage of ChatGPT but don't know how to do it internally. No company can risk the legal and PR nightmare of notoriously wrong answers being provided to their customers," Myer wrote. “Yet the larger problem is that ChatGPT knows only information that is publicly available on the Internet. Customer service agents often use a company’s confidential information to answer questions. And to answer questions specific to a customer’s accounts, agents or bots need customer data to draw from.”
Register now for Mandiant’s mWISE security conference.
Following Cl0p's ongoing attempts to extort victims affected by its exploitation of a MOVEit vulnerability, reports say the gang has issued demands to negotiate ransoms to “potentially hundreds” of victims. The Register reports that “Clop, which Microsoft warned on Sunday was behind the attempts to exploit MOVEit, published an extortion note on Wednesday morning claiming that “hundreds” of businesses were affected and warning that these victims needed to contact the gang or be named on the group’s extortion site." The ransomware group, in an uncharacteristic move, gave a June 14th deadline for victims to contact the attackers. This change of tactics, as ITpro reports, could be due to the unusually large amount of data stolen by the group. “The approach taken by the group is atypical from most extortion scenarios which usually sees the attackers approach the victims first. Members of the cyber security industry have speculated that Cl0p...has ingested too much data for it to identify the company to which it belongs.” For more on Cl0p's recent activity, see CyberWire Pro.
With 84% of organizations experiencing an identity-related breach, identity is the new battlefield. As the pioneers of privileged access management, we started by protecting the most privileged users and most critical data. With intelligent privilege controls, today we’re applying the same levels of security and protection to every identity – both human and machine. CyberArk offers the most advanced identity security platform in the world, surrounding every identity with a powerful force field of continuous protection.
According to research from Kroll, Cl0p could have discovered the MOVEit zero day exploit as long ago as 2021. They explain that “Kroll’s review of Microsoft Internet Information Services (IIS) logs of impacted clients found evidence of similar activity occurring in multiple client environments last year (April 2022) and in some cases as early as July 2021.” Kroll also advises companies which use MOVEit “to look in the “C:\MOVEit Transfer\wwwroot\” directory for suspicious .aspx files such as “human2.aspx” as indicators of compromise (IoC),” in their blog post regarding the MOVEit attack. Kroll also recommends that MOVEit administrators “disable HTTP and HTTPS traffic to their MOVEit Transfer environment, Check for indicators or unauthorized access in the last 30 days, and Apply patches as they become available.” Progress, the software developer of MOVEit, has created a web page for the vulnerability that describes mitigation steps and provides situation updates.
Your prospects are demanding SOC 2 and you're not closing deals without it. Scytale's security compliance automation platform helps companies get compliant and stay compliant with frameworks like SOC 2, ISO 27001, HIPAA, GDPR and PCI-DSS without breaking a sweat.
Save hundreds of hours with streamlined compliance and dedicated support, remain compliant all year round with automated monitoring and alerts, and most importantly, boost sales by providing proof of information security to your customers.
Can one trust what a ransomware gang says when it's negotiating? Experts say probably not. CBC Canada reported yesterday that the Cl0p gang, said to have the personal data of as many as 100,000 Nova Scotians after an exploitation of the MOVEit file-sharing system, claimed they’ve deleted all government data from their site. Private company data remained, however, fair game and Cl0p wants to be paid before June 14th. Emsisoft threat analyst Brett Callow wrote in an email that "Clop's claim to have deleted data belonging to public sector bodies should be assumed to be false .. There is no reason for a criminal enterprise to simply delete information that may have value.” And even if it were deleted, he reminds us, they still conducted the breach in the first place.
Businesses today aren’t exactly making it difficult for ransomware attackers, either. TechRadar writes that the amount of small and medium-sized businesses (SMBs) in the United Kingdom deciding to cough up the cash when victimized in a ransomware attack has increased significantly over the past year. A Censornet report shared that the shift to giving in seems to stem from the general incapability of companies to manage their cyber threats. Email attacks were the primary vector against companies in the past year, and the research shows that firms would benefit from better, more widespread threat solutions. For more on negotiating with ransomware gangs, see CyberWire Pro.
An investigation by the Wall Street Journal and researchers at Stanford University and the University of Massachusetts Amherst has found that Instagram’s algorithms have “a vast network of accounts openly devoted to the commission and purchase of underage-sex content.” Researchers from the Stanford Internet Observatory discovered many “accounts that appear to be operated by minors are openly advertising self-generated child sexual abuse material (SG-CSAM) for sale.” The researchers uncovered similar networks on Twitter and Telegram, but note that “Instagram is currently the most important platform for these networks with features like recommendation algorithms and direct messaging that help connect buyers and sellers.”
According to the Journal, a Meta spokesperson acknowledged that the company had failed to act on reports of child sex abuse content. The company stated, “Child exploitation is a horrific crime. We’re continuously investigating ways to actively defend against this behavior.”
KillMilk's reorganization of the hacktivist auxiliary he (or she) leads on behalf of the Russian intelligence and security organs continues. Radware describes the reboot as a move toward a more professional, better disciplined organization. KillNet had hitherto been willing to present itself as a grassroots movement, but no more. "The revised Killnet isn’t for armchair hackers and DDoSers," Radware writes, "nor is it a platform for self-promotion or a ticket to overnight fame. Only the shrewdest minds, not the IT layabouts, will earn their place in the 'New Killnet.'”
NoName has been posting interesting IT stories from the Russian perspective, and with it they also published their own tips to protect your financial data online by following twelve simple steps. "How can you defend your financial assets on the internet?" they ask, helpfully and rhetorically, and then go on to offer some advice on digital hygiene. NoName seems to be positioning itself as a community leader, offering advice and information to ordinary users.
The CyberWire's continuing coverage of Russia's war against Ukraine, with special attention to the cyber phases of that war, may be found here.
Today's issue includes events affecting Australia, Canada, China, the European Union, Germany, India, the Democratic Peoples Republic of Korea, NATO/OTAN, Romania, Russia, Senegal, Ukraine, the United Kingdom, and the United States.
Ukraine at D+469: Hacktivism reorganized amid an incipient counteroffensive. (CyberWire) Observers see the Dnipro flooding as evidence of a growing Russian appetite for escalation. Russian hacktivists reorganize, one moving in the direction of professionalism, another with gestures toward serving as a popular movement.
Russia-Ukraine war: List of key events, day 470 (Al Jazeera) As the war enters its 470th day, these are the main developments.
Ukraine makes 'large counter offensive push' with attack along three fronts (The Telegraph) Kyiv says its forces had clawed back territory from Russia in an attack on the flanks of the eastern city of Bakhmut
Russia-Ukraine war live: counteroffensive not yet launched, says senior Kyiv official; Britain ‘cannot yet say Russia responsible for dam destruction’ (the Guardian) Secretary of Ukraine’s National Security and Defence Council dismisses claim counteroffensive has begun; up to 42,000 people at risk following destruction of the Nova Kakhovka dam
Ukraine Recap: Kyiv Reports Bakhmut Gains as Floods Wreak Havoc (Bloomberg) Ukrainian troops advanced by as much as a kilometer (0.6 miles) during fighting around the eastern city of Bakhmut, the Defense Ministry said, as Kyiv rushed to evacuate people from areas flooded by the destruction of the Kakhovka dam.
Russia Claims Ukrainian 'Saboteur' Group Blew Up Ammonia Pipeline, Kyiv Yet To Comment (RadioFreeEurope/RadioLiberty) Russia's Defense Ministry claims a Ukrainian "saboteur group" blew up a segment of the Tolyatti-Odesa pipeline, the world's largest ammonia conduit, in Ukraine's Kharkiv region.
Nova Kakhovka dam collapse before and after: satellite images reveal extent of destruction (The Telegraph) Tens of thousands of civilians have been forced to evacuate and swathes of the front line lie under water after the breach
Hundreds of thousands without drinking water after dam collapse, says Zelensky (The Telegraph) Ukrainian president has accused ‘Russian terrorists’ of deliberately bringing down the 30-metre-high structure with pre-laid explosives
Ukraine flood victims say occupying Russian officials fail to send help (Washington Post) Flood victims in Russian-occupied areas of southern Ukraine described scenes of panic and desperation Wednesday, with residents trapped in their homes and no sign of emergency responders in the area.
Russians shooting at rescuers in flooded areas, Zelenskyy says (POLITICO) EXCLUSIVE: Ukrainian president says dead bodies are floating in floodwater from the Nova Kakhovka dam.
Fleeing Floods, Ukrainians Make Perilous Boat Journeys To Safety (RadioFreeEurope/RadioLiberty) Boat after boat of exhausted and stressed civilians arrived in the flooded streets of Kherson on June 7. Some of the people had made it here from Russian-occupied areas on the east bank of the Dnieper River.
Burst Dam Alters Ukraine Battlefield as Floodwaters Rise (Wall Street Journal) The flooding has forced thousands of people to flee their homes, adding another dimension to a humanitarian crisis resulting from the war.
Ukraine’s Allies Call Destruction of Dam a ‘War Crime’ (Bloomberg) Germany blamed Russian President Vladimir Putin for the destruction of the Kakhova dam in Ukraine, and was joined by other European NATO members in denouncing it as a “war crime.”
We are now dangerously close to nuclear war (The Telegraph) The dam attack is a turning point. The West must act urgently to stop Putin seeing unconventional warfare as a viable option
U.S. Ex-General Says Russia Benefits From Dam Blast, Putin 'Likely' To Use Nuclear Weapons Rather Than Lose In Ukraine (RadioFreeEurope/RadioLiberty) Retired U.S. General Kevin Ryan has been outspoken in his warnings about Russian President Vladimir Putin’s willingness to use nuclear weapons in Ukraine. He spoke to RFE/RL’s Georgian Service about the effects of the Nova Kakhovka dam’s destruction, Zaporizhzhya, and other nuclear threats.
Nato members may send troops to Ukraine, warns former alliance chief (the Guardian) Security guarantees and membership path needed at Nato summit to avoid escalation, says Anders Rasmussen
Opinion | An Endgame for Ukraine (New York Times) Membership in the E.U. A security pact with America. And a restoration of borders, minus Crimea.
Rebooting Killnet, a New World Order and the End of the Tesla Botnet (Radware) In a recent move, KillMilk, the enigmatic figure at the helm of Killnet, disbanded the group’s main roster. The sweeping decision was made as around 50 splinter groups within Killnet, consisting of over 1,250 people, were deviating from the primary objectives of hacktivism.
Ukraine war: Deserters risk death fleeing to Romania (BBC News) Men desperate to avoid serving in the army are crossing the mountainous Romanian border to escape.
Ukraine war driving rural crime wave in UK (The Telegraph) Black market thriving as gangs steal farm machinery to send back to Russia
Germany fines woman €900 for saying Russian invasion of Ukraine was ‘necessary’ (The Telegraph) The country has some of Europe’s most stringent laws regulating what people can say and do in public
Chinese ‘Volt Typhoon’ hack underlines shift in Beijing's targets, skills (Breaking Defense) “The PRC’s goal is developing capabilities to disrupt critical infrastructure in the event of a future conflict,” NSA Cybersecurity Director Rob Joyce told Breaking Defense in a statement.
North Korean-linked APT groups focus on financial gain, intelligence gathering (SC Media) Researchers report on two separate North Korean-linked APT groups – one financially motivated, while the other focused on gathering strategic intelligence.
North Korea-Aligned TAG-71 Spoofs Financial Institutions in Asia and US (Recorded Future) TAG-71, linked to North Korea's APT38, targets global finance & venture firms, risking sensitive info exposure and business disruption.
#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability (Cybersecurity and Infrastructure Security Agency CISA) Actions to take today to mitigate cyber threats from CL0P ransomware:
MOVEit Transfer Exploited to Drop File-Stealing SQL Shell (SentinelOne) Mass exploitation of a MOVEit file transfer flaw is impacting organizations across verticals. Learn how the attack works and how to see if you are affected.
Critical MOVEit Transfer Vulnerability (CVE-2023-34362) (Kroll) Kroll has observed threat actors using this vulnerability to upload a web shell, exfiltrate data and initiate intrusion lifecycles. Learn more.
MOVEit cyber attack: Cl0p sparks speculation that it’s lost control of hack (ITPro) The hackers return with their second major data-extortion attack of 2023, but may have bitten off more than they can chew
Ransomware group Clop issues extortion notice to ‘hundreds’ of victims (Record) As the fallout from the MOVEit vulnerability continues, the Clop cybercrime group says victims should get in contact soon or risk being named on its extortion site.
BA, Boots and BBC cyber-attack: who is behind it and what happens next? (the Guardian) A cybercrime group has exploited a flaw in MOVEit software and is demanding a ransom
BBC, BA and Boots issued with ultimatum by cyber gang Clop (BBC News) The group warns personal details of 100,000 staff will be published if employers do not get in touch.
Can you trust ChatGPT’s package recommendations? (Vulcan Cyber) ChatGPT can offer coding solutions, but its tendency for hallucination presents attackers with an opportunity. Here's what we learned.
ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages (SecurityWeek) Researchers show how ChatGPT/AI hallucinations can be exploited to distribute malicious code packages to unsuspecting software developers.
New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux (BleepingComputer) Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects.
Prism Launcher - [MALWARE WARNING] "fractureiser" malware in many popular Minecraft mods and modpacks (Prism Launcher) Malware is being distributed through Minecraft mods and modpacks mainly through CurseForge
Hackers Issue 'Ultimatum' Over Payroll Data Breach (SecurityWeek) The Clop ransomware gang issued "an ultimatum" companies targeted in a recent large-scale hack of payroll data connected to users of MOVEit.
Cyberdefenders respond to hack of file-transfer tool (Washington Post) File-transfer tools are a popular target for hackers, contributing to a 2023 trend of widespread hacks
Notification of Ransomware Incident | News Release:2023 (Eisai Co., Ltd.) Eisai's news release Notification of Ransomware Incident is posted.
Japanese pharma giant Eisai working with law enforcement to resolve ransomware attack (Record) Japanese pharmaceutical company Eisai said it is working with law enforcement to deal with a ransomware attack that began late Saturday night.
Zipper giant YKK confirms cyberattack targeted U.S. networks (Record) The multibillion-dollar Tokyo-based corporation would not say if it was hit with ransomware, but a spokesperson told Recorded Future News that YKK “contained the threat before significant damage was done or sensitive information was exfiltrated.”
ACT government hit by cyber security breach (Yahoo News) The ACT government has been impacted by a cyber security breach in one of its email systems, with investigators examining if data was accessed.
Gloucester: Russian hackers behind cyber-attack on council (BBC News) Gloucester City Council concludes its investigation into the "sophisticated" attack on IT systems in 2021.
Excel spreadsheet error leads Austrian party to announce wrong leader (Washington Post) A major Austrian opposition political party on Monday corrected the results of a closely contested leadership election after it announced the wrong winner over the weekend due to a “technical” error: Someone had messed up an Excel spreadsheet.
Ascension Seton reports data breach of websites (KUT Radio, Austin's NPR Station) A security event affecting two of the local hospital system's websites in March may have put some patients' sensitive information at risk.
Personal information of 7,000 retired Vermont teachers stolen in cybersecurity attack (VTDigger) The Vermont Treasurer’s Office said most of the information taken by the still-unknown attackers were names, dates of birth and addresses, as well as medical and insurance information. It underscored that social security numbers were not taken.
The Dallas ransomware attack is in week 5. What can be done to prevent the next one? (KERA News) As ransomware attacks like the one on Dallas city government become more common, how do businesses and municipalities protect themselves? One UTA professor says the best strategies include beefing up cybersecurity and not negotiating with attackers.
LockBit Ransomware Responsible for Data Breach of Major Medicaid Dental Provider, 8.9 Million Patient Records Exposed (CPO Magazine) One of North America’s largest Medicaid and CHIP dental care providers has suffered a massive data breach of highly sensitive patient information, thought to be perpetrated by the LockBit ransomware group.
Cybergang behind N.S. breach says it erased stolen data, but experts urge caution (CBC) A hacker gang said to be in possession of sensitive personal information belonging to as many as 100,000 Nova Scotians says it has deleted the data, but cybersecurity experts say the province should be suspicious of that claim.
How to Tell if Your Passwords Were Hacked—and What to Do if They Were (Wall Street Journal) Discovering that even one password has been possibly stolen can be unsettling. But what’s the game plan if you’ve used that password on dozens of sites?
The Most Important Vulnerabilities Discovered in 2023 (so far) (Rezilion) Access the new Rezilion First-Half Critical Vulnerabilities Report: Key Software Applications Under Fire
OWASP's 2023 API Security Top 10 Refines View of API Risks (SecurityWeek) OWASP’s ranking for the major API security risks in 2023 has been published with some reorganizations/redefinitions, and some new concepts.
CISA Adds One Known Exploited Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency CISA)
Mozilla Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Mozilla has released security updates to address vulnerabilities for Firefox 114 and Firefox ESR 102.12. An attacker could exploit these vulnerabilities to take control of an affected system.
Firefox 114 is out: No 0-days, but one fascinating “teachable moment” bug (Naked Security) With the right (or wrong, if you’re on the right side of the fence) timing…
VMware Plugs Critical Flaws in Network Monitoring Product (SecurityWeek) VMware ships urgent patches to cover security defects that expose businesses to remote code execution attacks.
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges (BleepingComputer) Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let attackers escalate privileges to the SYSTEM account used by the operating system.
Barracuda says hacked ESG appliances must be replaced immediately (BleepingComputer) Email and network security company Barracuda warns customers they must replace Email Security Gateway (ESG) appliances hacked in attacks targeting a now-patched zero-day vulnerability.
You are most likely to get phishing on Mondays (AtlasVPN) Among the myriad of tactics employed by cybercriminals, phishing emails continue to reign as one of the most prevalent and effective methods.
Public sector apps face widespread security challenges, report reveals (Nextgov.com) A new study found alarming security vulnerabilities across the vast majority of public applications over the last year.
Securing the Future: Unveiling the State of Software Security in the Public Sector (Veracode) Each year we publish a series of cuts of the data specific to verticals or geographic regions as companion research to the State of Software Security.
Shift5 expands its investor network (Washington Technology) Booz Allen Hamilton's venture capital arm is among the newly-revealed names that are investing in the cyber company.
Exclusive: Defense contractor Shift5 closes $83M Series B round (Axios) A defense contractor aiming to protect military weapon systems and other critical infrastructure has closed an $83 million Series B funding round, the company first shared with Axios.
Industrial CyberSecurity company Dragos to lay off 9% of its workforce (iTWire) Dragos CEO Robert M. Lee sent an email to the company today (US time), to share the news about a layoff of 50 Dragos employees. Details include why this decision, was necessary to maintain the company’s trajectory as a business, ensure long-term continued growth and success, and continue to deliver...
USAID Awards $329M Cyber Contract to Accenture (Meritalk) The United States Agency for International Development (USAID) has awarded a $329 million contract to Accenture Federal Services to manage the agency’s comprehensive information assurance and privacy program.
Network Perception Supercharges OT Security Analysis With Enhanced Platform That Delivers Next-Generation Performance (Business Wire) The new release of the NP-View platform introduces greater path analysis scale and speed
Snyk Announces Next Big Leap in DevSecOps With Ability of Enterprises to Now Secure Their Software Supply Chains at Scale (GlobeNewswire News Room) Company Accelerates Developer-First Innovation with Acquisition of Enso Security, Unveiling of New Application Security Posture Management Solution and...
DoControl Joins AWS ISV Accelerate Program (PR Newswire) DoControl, the leading SaaS Security Platform (SSP) vendor has announced today that it has been accepted into the Amazon Web Services (AWS)...
Network Perception Supercharges OT Security Analysis With Enhanced Platform That Delivers Next-Generation Performance (Business Wire) The new release of the NP-View platform introduces greater path analysis scale and speed
Veridas Expands Its Age Verification Solution, Enabling Seamless Compliance with Enhanced User Experience (Veridas) Veridas Expands Its Age Verification Solution, Enabling Seamless Compliance with Enhanced User Experience Age Estimation Solution Delivers Accurate and Efficient Age Verification Veridas, a leading global provider of AI-driven identity verification solutions, is proud to announce the expansion of its groundbreaking Age Verification product. Designed to help businesses meet stringent age verification regulations, this cutting-edge […]
RANE Enhances Industry-Leading Risk Intelligence Platform (GlobeNewswire News Room) Horizon Scanning Tools Better Prepare Risk Professionals for Emerging Threats...
Secureworks Integrates SentinelOne Telemetry into its Open XDR Platform to increase cybersecurity visibility for its customers (iTWire) COMPANY NEWS: Secureworks, a global leader in cybersecurity, and SentinelOne, an industry-leading autonomous security platform company, are joining forces to further transform threat prevention and response with the launch of Secureworks Taegis integration for SentinelOne. The combined power of Taeg...
DigiCert partners with ReversingLabs to advance software supply chain security (influencing) DigiCert integrates ReversingLabs technology into DigiCert® Software Trust Manager to create tamper-proof software delivery (Australia) June 8, 2023 — DigiCert, a leading global provider of digital trust, today announced a
Fidelis Cybersecurity Unleashes the Power of Fidelis CloudPassage Halo Across Europe, Fueling Unprecedented Cloud Security Coverage (PR Newswire) Fidelis Cybersecurity, a global leader in advanced cybersecurity solutions, proudly announces the expanded availability of Fidelis CloudPassage...
Thales unveils CipherTrust Data Security Platform as-a-Service (IT Brief New Zealand) The flexible model removes the need for upfront investment in data security infrastructure and auto-scales to support capacity changes.
Satori’s Data Security Platform is Selected for the Microsoft Pegasus Program and is Available in the Azure Marketplace (GlobeNewswire News Room) It’s now easier than ever for Microsoft customers to implement Satori’s powerful data access technology and accelerate time-to-value from data while...
Indian government offers free tools to detect and remove malware: Here’s how to download (The Indian Express) Cyber Swachhta Kendra is offering free botnet detection and removal tools as part of the Digital India initiative. Here's how you can download them.
Cyber insurance claims Minimize risk, maximize recovery (ReedSmith) Cybercrime, including ransomware attacks and data breaches, is one of the top challenges confronting organizations globally. Businesses are suffering staggering cyber-related losses, estimated at $60 billion each year. Claims are also rising, and insurance policies continue to develop and mature in response to evolving risks and exposures.
Winning the Mind Game: The Role of the Ransomware Negotiator (The Hacker News) Ever wondered what goes on behind the scenes of a ransomware attack? Get exclusive insights from a real ransomware negotiator.
Most SMBs admit to paying ransomware demands - here's why (TechRadar) They're not getting better at defending from attacks
Disruptive Cyber Capabilities Offer Solutions to US Space Force Pain Points (Yahoo Finance) Defensive Cyber Operations for Space Demo Day Defensive Cyber Operations for Space Cohort Catalyst Accelerator
Meta starts task force in fight against child pornography on Instagram (Washington Post) A Stanford University report found large networks of accounts operated by minors advertising self-generated images of child sexual abuse
Five years in, a look at how Cybercom and NSA's Integrated Cyber Center improved coordination of operations (DefenseScoop) As the Integrated Cyber Center and Joint Operations Center turned five in May, current and former officials reflected on how it has improved overall coordination and cyber defense.
Deepmind’s AI Is Learning About the Art of Coding (WIRED) AlphaDev has made small but significant improvements to decades-old C++ algorithms. Its builders say that’s just the start.
The Bold Plan to Create Cyber 311 Hotlines (WIRED) UT-Austin will join a growing movement to launch cybersecurity clinics for cities and small businesses that often fall through the cracks.
Microsoft Is Bringing OpenAI’s GPT-4 AI model to US Government Agencies (Bloomberg) Microsoft Corp. will make it possible for users of its Azure Government cloud computing service, which include a variety of US agencies, to access artificial intelligence models from ChatGPT creator OpenAI.
Eastern Michigan University’s Information Assurance Student Association ranks No. 1 in Michigan and No. 18 nationally by Cyber Power Rankings (Eastern Michigan University) Jumping up 10 spots nationally from fall 2022
Senegal continues curfew-like internet shutdown to subdue protests (Record) The government of Senegal has continued to impose curfew-like shutdowns on internet access in an effort to quell dissent over the trial of opposition figure Ousmane Sonko.
The Messy US Influence That’s Helping Iranians Stay Online (WIRED) Newly announced sanctions against Iran-based Avaran Cloud underscore the complexity of crafting Washington’s internet freedom efforts.
Revising Public-Private Collaboration to Protect U.S. Critical Infrastructure (CSC 2.0) The current systems for designating sectors as critical and for mitigating cross-sector risks are inadequate.
Experts call for overhaul of 'outdated' critical infrastructure cyber policy (Nextgov.com) A new report analyzes the federal government’s approach to infrastructure cybersecurity as a key strategy document is getting a rewrite.
White House needs to urgently fix nation's approach to protecting critical infrastructure, group says (CyberScoop) Attacks against critical infrastructure are reaching new heights, but strategy documents outlining federal efforts are a decade old.
A Decade-Old Cyber Policy Desperately Needs an Update, Group Says (Defense One) The bipartisan Cyberspace Solarium Commission has recommendations for a new critical-infrastructure playbook.
White House critical infrastructure protection order is ‘outdated’ and needs rethinking, Cyberspace Solarium Commission says (Record) A decade-old presidential directive that clarified how the private sector should protect critical infrastructure like power utilities and manufacturing plants has “become outdated and incapable of meeting today’s demands,” according to an influential cybersecurity policy organization.
10 years after Snowden's first leak, what have we learned? (Register) Spies gonna spy
Democrats and Republicans are skeptical of US spying practices, an AP-NORC poll finds (AP NEWS) The American public is broadly skeptical of common intelligence practices and of the need to sacrifice civil liberties for security. That’s according to a new poll from The Associated Press-NORC Center for Public Affairs Research. It shows that Democrats and Republicans are opposed at similar levels to many common surveillance tactics. A big shift is that Republicans have become substantially less likely over the last decade to say it’s at least sometimes necessary to sacrifice freedom in response to threats. The polling underscores the challenge facing the Biden administration as it pushes Congress to renew a cornerstone foreign surveillance law that expires at year’s end.
FTC Proposes Changes to Health Breach Notification Rule and Finalizes Second Enforcement Action Under the Rule (Ropes & Gray) On May 18, 2023, the Federal Trade Commission (FTC) announced a Notice of Proposed Rulemaking and a parallel Request for Comment on changes to the Health Breach Notification Rule (HBNR).
Pentagon's Microsoft monopoly raises concerns in Congress (Newsweek) A senior congressman has raised concerns over the military's decision to rely more and more on Microsoft for cybersecurity tools as well as other software.
Proposed SEC cyber regulations draw mixed reviews (Washington Post) SEC rules changes are the latest battleground over government cybersecurity mandates
Biden taps Senate Intel Committee staff director to lead NCSC (Record) After nearly two and a half years, President Joe Biden has found his person to lead U.S. counterintelligence efforts.
WSJ News Exclusive | Instagram Connects Vast Pedophile Network (Wall Street Journal) The Meta unit’s systems for fostering communities have guided users to child-sex content; company says it is improving internal controls.
Addressing the distribution of illicit sexual content by minors online (Stanford Internet Observatory) A Stanford Internet Observatory investigation identified large networks of accounts, purportedly operated by minors, selling self-generated illicit sexual content. Platforms have updated safety measures based on the findings, but more work
‘No regrets,’ says Edward Snowden, after 10 years in exile (the Guardian) But whistleblower says 2013 surveillance ‘child’s play’ compared to technology today
The FBI's most treacherous spy was inspired by Kim Philby to pass US secrets to Russia (The Telegraph) The most damaging spy in bureau history, who died this week, spent 20 years duping his superiors because he 'feared being a failure'
Secret government unit collected Telegram posts about Covid policy critic (The Telegraph) Writing in The Telegraph, Prof Carl Heneghan reveals the chilling effects of being monitored by a Counter-Disinformation Unit
Malwarebytes faces lawsuit for classifying rival's anti-spyware program as a threat (TechSpot) The 2-1 split verdict from the Ninth Circuit came after Enigma appealed a 2017 California district court ruling that held cybersecurity firms can classify any software as...
For a complete running list of events, please visit the Event Tracker.
35th Annual FIRST Conference (Montréal, Québec, Canada, Jun 4 - 9, 2023) FIRST is an international non-profit association of Computer Security and Incident Response Teams (“CSIRTs”), Product Security and Incident Response Teams (“PSIRTs”), and independent security researchers from the public, private, and academic sectors. Membership comprises of over 600 teams with representation from over 100 nations. The annual conference provides a forum for sharing goals, ideas, and information on how to improve global cyber security. FIRST is a front-line enabler in the global response community, providing access to the best practices, tools, and trusted communication with its member teams. Named one of the Top 19 Information Security Conferences of 2020 by TripWire, the FIRST annual conference promotes worldwide coordination and cooperation among computer security and incident response teams (CSIRTs). The conference provides a forum for sharing goals, ideas, and information on how to improve computer security on a global scale.
Techno Security & Digital Forensics Conference (Wilmington, North Carolina, USA, Jun 5 - 8, 2023) Techno Security & Digital Forensics Conference provides a unique education experience that blends the digital forensics and cybersecurity industries for collaboration between government and private sectors. The 2023 East edition of Techno Security & Digital Forensics Conference will feature educational sessions, industry-leading speakers, and sponsors/exhibits over four days of networking among cybersecurity and digital forensics industry professionals. Learn about new tools and techniques, discuss important case studies, and share insight on future trends and the current state of the industry. Educational sessions cover a wide range of topics within the following primary tracks from which CPE credits can be earned: Audit/Risk Management, eDiscovery (New!), Forensics, Information Security, Investigations, Magnet Forensics Lab, Cellebrite Lab, and Sponsor Demos. In addition to educational sessions, sponsoring/exhibiting companies will be on hand to introduce and demonstrate the latest products and services in the industry. Learn from industry experts, connect with leading suppliers, explore the latest tools, and network with cybersecurity and digital forensics professionals.
Fuel Frenzy CTF (Baltimore, Maryland, USA, Jun 7 - 8, 2023) Critical infrastructure systems are increasingly becoming targets for cyber-attacks, and it's up to us to protect them! Fuel Frenzy is a Percival Engineering Capture the Flag (CTF) competition with various fuel-related challenges: securing fuel supplies, interrupting fuel transportation, protecting fuel-related assets, and disrupting fuel critical infrastructure. This CTF is designed to help raise awareness about the importance of protecting critical infrastructure from cyber threats while also supporting the development of skills and knowledge in the cybersecurity community.
SecureWorld Chicago (Rosemont, Illinois, USA, Jun 8, 2023) Join your regional cybersecurity community for high-quality, affordable training and collaboration. Earn 6-12 CPE credits through 15+ educational elements learning from local and nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with peers in InfoSec.
2023 Cyber Summit--Potomac Officers Club (McLean, Virginia, USA, Jun 8, 2023) Today, cyberspace is the newest warfighting domain, and cyber attacks are at an all-time high around the world. Government, military and industry leaders in the U.S. are now focused on developing both offensive and defensive cyber capabilities to stay ahead of emerging threats and keep our vital cyber ecosystems online and secure. The Potomac Officers Club invites cybersecurity experts and thought leaders to discuss the dynamic and ever-changing role of cyber across the public sector in the digital age. Join POC’s Cyber Summit to be a part of this timely and important conversation.
