Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+488: Join the Army or go to Belarus. Or just go home. (CyberWire) As the mutiny sorts itself out, influence operations seek to reach a domestic Russian audience.
Russia's hybrid war against Ukraine: lessons learned. (CyberWire) A brief retrospective on operations in cyberspace during Russia's hybrid war to date.
Russia-Ukraine war: List of key events, day 489 (Al Jazeera) As the war enters it 489th day, these are the main developments.
Ukrainian troops reportedly reclaim territory in Kherson province (the Guardian) Pro-Russian Telegram channels say Ukrainians crossed Dnipro River in apparent advance towards Crimea
Minefields and Menace: Why Ukraine’s Pushback Is Off to a Halting Start (New York Times) The Ukrainian Army is encountering an array of challenges that has complicated the early stages of its counteroffensive, especially the large swaths of minefields. But its leaders are urging patience, insisting the main push is yet to come.
Ukraine’s Zelenskiy praises frontline advances ‘in all sectors’ as Putin rails against Kyiv and west (the Guardian) The Ukrainian president visited the front in the wake of the aborted Wagner rebellion, as US denies involvement in Prigozhin’s uprising
Putin thanks nation for unity after aborted rebellion (AP NEWS) Russian President Vladimir Putin thanked the nation on Monday for unity after an armed rebellion staged by a mercenary chief over the weekend was aborted less than 24 hours after it began. Putin also thanked most of the mercenaries for not letting the situation deteriorate into “bloodshed.” He reiterated that all necessary measures have been taken to protect the country and the people from the rebellion.
Putin says security services ‘prevented civil war’ amid Wagner mutiny fallout (the Guardian) Russian president makes address at Kremlin as jet linked to Wagner’s Yevgeny Prigozhin flies to Belarus
Putin Blasts Wagner ‘Traitors’ After Prigozhin Denies Coup Plot (Bloomberg) President Vladimir Putin condemned leaders of the Wagner mercenary group as traitors to Russia in a late-night speech to the nation, his first public comments since the mutiny that posed the most serious threat to his nearly quarter-century rule.
Defiant Prigozhin says Wagner mercenaries to operate from Belarus (Washington Post) Wagner mercenary chief Yevgeniy Prigozhin resurfaced Monday for the first time since his Saturday mutiny, and declared that his motive was to save the private militia from being subsumed into the Russian military — not to topple President Vladimir Putin.
Ukraine-Russia war latest: Prigozhin breaks silence after failed coup (The Telegraph) The founder of the Wagner Group and leader of a coup against Russia Yevgeny Prigozhin has said that the “march” of his troops showed “serious” security issues in the country.
Shoigu Reappears As Russia Seeks To Display Quick Return To Post-Mutiny Normality (RadioFreeEurope/RadioLiberty) Russian authorities scrambled to present a return to normality, reversing counterterrorism measures in the capital and some regions prompted by mercenary chief Yevgeny Prigozhin's short-lived mutiny.
Opinion: Prigozhin's March on Moscow (Kyiv Post) How to understand Yevgeny Prigozhin's march on Moscow and its sudden end? Often there are plots without a coup; this seemed like a coup without a plot, Timothy Ash writes.
Belarusian dictator Lukashenko’s unlikely cameo as mediator with Wagner (Washington Post) A weekend of chaos in Russia yielded few winners. Russian President Vladimir Putin is politically wounded, mercenary chief Yevgeniy Prigozhin is in serious trouble and the rest of the world has been left shaken by the sight of a nuclear power appearing to teeter haplessly on the brink.
After Wagner uprising, UK sees 'cracks emerging' in Russian support for Ukraine war (Breaking Defense) "We and our allies are asking [questions] about what situations may evolve as a direct repercussion of this very public attack on Putin's authority by one of his protegees and closest allies," said James Cleverly, UK Foreign Secretary.
The Beginning of the End for Putin? (Foreign Affairs) Prigozhin’s rebellion ended quickly, but it spells trouble for the Kremlin.
Beware wishful thinking on Russia (Telegraph) For a few hours on Saturday, Putin’s future hung in the balance. For now, he has reasserted his control
Putin's Russia isn't finished. It may just have become even more dangerous (The Telegraph) The country still poses an existential threat to the West – and Wagner’s ‘coup’ may have increased it
A Mutiny That Showed the Stress on Putin’s System of Rule (New York Times) A member of Russia’s elite marched on his rivals, with a mercenary army at his back, suggesting that Vladimir V. Putin’s grip over a coalition of powerful figures may be more brittle than it appeared.
Opinion What happened in Russia — and what happens next? Our columnists weigh in. (Washington Post) A remarkable series of events in Russia kept the world on edge this weekend. Yevgeniy Prigozhin, the leader of the mercenary Wagner Group, took over a regional capital on Saturday and sent a column of soldiers to Moscow in what looked like a coup in the making. Then, just as suddenly as it began, Prigozhin called it all off on Saturday night, sending his forces back to their barracks. He had seemingly struck a deal with Russian President Vladimir Putin — a deal that entailed broad amnesty for himself and his fellow mutineers, and that will supposedly see his organization integrated into the Russian army. What does it all mean? And what’s next for Russia — and by extension, Ukraine? We asked our columnists to weigh in.
US Denies Any Role in Russia Uprising as Allies Watch and Wait (Bloomberg) Biden and allies trying to determine what spurred mutiny. Wagner chief says he had no plans to overthrow Putin.
Defiant Prigozhin says Wagner mercenaries to operate from Belarus (Washington Post) Wagner mercenary chief Yevgeniy Prigozhin resurfaced Monday for the first time since his Saturday mutiny, and declared that his motive was to save the private militia from being subsumed into the Russian military — not to topple President Vladimir Putin.
Ukraine-Russia war latest: Prigozhin breaks silence after failed coup (The Telegraph) The founder of the Wagner Group and leader of a coup against Russia Yevgeny Prigozhin has said that the “march” of his troops showed “serious” security issues in the country.
Ukraine live briefing: Russia’s Prigozhin resurfaces, says Wagner rebelled to fight absorption by military (Washington Post) Wagner Group leader Yevgeniy Prigozhin, who sent a convoy of mercenary fighters toward Moscow over the weekend in an extraordinary challenge to Russian President Vladimir Putin’s authority, posted an 11-minute audio statement on Monday claiming he launched the rebellion after Russian forces killed 30 of his fighters. They were his first remarks since accepting a deal to avoid prosecution and withdrawing his fighters on Saturday.
Wagner ‘shot down seven Russian aircraft and killed 13 airmen’ during coup attempt (The Telegraph) Video footage on social media appears to show wreckage of Russian Air Force plane and helicopter gunship
Information Warfare Was Key to Prigozhin's Mutiny Against Putin (The Intercept) Yevgeny Prigozhin oversees an online army that has pushed disinformation around the globe, including alleged interference in the 2016 presidential election.
Yevgeny Prigozhin, We Knew Him When (Lawfare) Years before he launched an abortive mutiny against the Russian Ministry of Defense, Prigozhin was busy interfering in the 2016 U.S. election.
Putin Is Caught in His Own Trap (The Atlantic) After spending years cultivating public apathy, the Russian president found his people indifferent to his fate.
U.S. Studying Russian Revolt, Focused on Supporting Ukraine (U.S. Department of Defense) The U.S. remains laser-focused on supporting Ukraine's defense, sovereignty and territorial integrity, President Joe Biden said at the White House.
U.S. Keeps Up Weapons Shipments To Ukraine With New $500 Million Package (RadioFreeEurope/RadioLiberty) The United States plans to announce as soon as June 27 a new military aid package for Ukraine worth up to $500 million, keeping up U.S. resolve to help Ukraine against Russia as Moscow deals with an abortive mutiny by some of its soldiers.
Cyber risks to critical infrastructure are on the rise (CEE Multi-Country News Center) This what we are experiencing now has become a hybrid war – both a kinetic and digital. The recent and ongoing cyberattacks have been precisely targeted, with the aim to bring down Ukraine’s economy and government. Microsoft Digital Defense Report showed that the number of cyberattacks targeting critical infrastructure had grown significantly. The level of […]
Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers (The Hacker News) Microsoft exposes a surge in credential-stealing attacks by Russian hacker group Midnight Blizzard.
Microsoft warns of rise in credential stealing attacks by Russia-linked group (Register) Midnight Blizzard/Nobelium/Cozy Bear threat group is focusing on governments, IT service providers, defence industry, among others
Wagner’s aborted coup piles pressure on Russia’s economy (The Telegraph) Rouble sinks to a 15-month low as Putin faces the greatest challenge to his reign
Russian super-rich flock to booming Dubai (The Telegraph) UAE was the strongest growing market for private wealth in 2022
Attacks, Threats, and Vulnerabilities
Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks (The Hacker News) New cyber espionage threat! Chinese group Volt Typhoon, aka Bronze Silhouette, employs advanced techniques to infiltrate and maintain access.
China's 'Volt Typhoon' APT Now Exploits Zoho ManageEngine (Dark Reading) A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks.
China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks (Security Affairs) China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon, using a novel tradecraft to gain initial access to target networks. The Volt Typhoon group has been active since at least mid-2021 […]
Grafana warns of critical auth bypass due to Azure AD integration (BleepingComputer) Grafana has released security fixes for multiple versions of its application, addressing a vulnerability that enables attackers to bypass authentication and take over any Grafana account that uses Azure Active Directory for authentication.
Mallox Ransomware Implements New Infection Strategy (Cyble) Cyble analyzes Mallox Ransomware's new infection chain, leveraging BatLoader to execute ransomware payloads.
Beware! Mallox Ransomware Attacks IT Industries With a New Attack Pattern (GBHackers) Mallox ransomware, also known as “Target company” ransomware, adopts a unique method of appending the name of the targeted company.
“Hybrid ransomware” poses a major threat to utilities (Power Grid International) In spite of the U.S. government’s efforts to declare the energy sector and other critical national infrastructure (CNI) “off limits” to hackers, ransomware gangs continue to target electric utilities.
Why ORMs and Prepared Statements Can't (Always) Win (Sonar) We always assume prepared statements and ORMs are enough to protect us from SQL injection, but be careful not to misuse their APIs! Let's look into a real-world case and see what we can learn from it.
Anatsa banking Trojan hits UK, US and DACH with new campaign (TreatFabric) Anatsa returns with a new campaign targeting UK, US and DACH supported by droppers on Google Play Store.
Anatsa Android trojan now steals banking info from users in US, UK (BleepingComputer) A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland.
Critical flaw in VMware Aria Operations for Networks sees mass exploitation (CSO Online) Akamai reports nearly 700,000 attacks with 27,000 of its customers being scanned for the vulnerability.
Thousands of American Airlines and Southwest pilots impacted by third-party data breach (Bitdefender) American Airlines and Southwest Airlines disclosed on June 23 data breaches impacting the personal information of thousands of pilots.
American Airlines, Southwest Airlines disclose data breaches affecting pilots (BleepingComputer) American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the hack of Pilot Credentials, a third-party vendor that manages multiple airlines' pilot applications and recruitment portals.
American Airlines, Southwest Airlines Impacted by Data Breach at Third-Party Provider (SecurityWeek) The personal information of American Airlines and Southwest Airlines pilots was exposed in a data breach at a third-party services provider.
Recruitment portal exposes data of US pilot candidates (Register) Time to start practicing identity protection
Pilot data of American Airlines and Southwest stolen in data breach (CSO Online) Personal information of 5,745 pilots of American Airlines and 3,009 pilots from Southwest Airlines has been leaked due to the incident.
Airline data breach: Major companies warn staff thousands had their information exposed (Washington Examiner) American Airlines and Southwest Airlines staff were made aware Friday of a cybersecurity threat to them from earlier this year.
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack (The Hacker News) A Japanese cryptocurrency exchange fell victim to a recent cyberattack, deploying the stealthy JokerSpy backdoor on Apple macOS.
Suncor Energy says it experienced a cybersecurity incident (Reuters) Canadian energy firm Suncor on Sunday said it experienced a cybersecurity incident, adding that some transactions with customers and suppliers could be impacted while they investigate and resolve the situation.
Suncor Energy cyberattack impacts Petro-Canada gas stations (BleepingComputer) Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points as its parent company, Suncor Energy, discloses they suffered a cyberattack.
Canadian oil giant Suncor confirms cyberattack after countrywide outages (Record) The Canadian oil giant Suncor has confirmed that a cyberattack was the cause of widespread outages that ground services to a halt throughout the weekend.
Energy producer Suncor admits ‘cyber security incident’ (IT World Canada) A major Canadian energy producer and owner of the Petro-Can gas station network has acknowledged suffering an undefined cyber attack. In a brief news release late Sunday, Suncor Engery said it "has experienced a cyber security incident. The company is taking measures and working with third-party experts to investigate and resolve the situation, and has
Suncor Energy cyberattack could prove 'sizable incident,' security expert warns (Financial Post) Suncor Energy confirmed it was hit by a cyberattack but was unaware of any data being compromised or misused at this point. Read on.
‘Really serious’ problems cybersecurity breaches pose in Australia’s DER near future (pv magazine Australia) In two to three years, the number of DER control devices plugged into Australia’s national grid are predicted to hit critical mass, bringing with it the potential for wide-scale ramifications in the event of a successful cyberattack. The second in a two part series, <b>pv magazine Australia</b> outlines what the consequences could involve.
Activision Blizzard games crippled by hours-long DDoS attack (Record) A distributed denial-of-service (DDoS) attack targeted the servers of Diablo’s developer, Activision Blizzard, making it almost impossible to play some of its hit games, including Diablo IV, World of Warcraft, and Call of Duty.
Diablo IV video game hit by DDoS attacks (Graham Cluley) It wasn't a great weekend for video game fans, as players of Diablo IV multiplayer role-playing game were greeted with an error message as it tried to connect to the servers of developer Blizzard.
HWL Ebsworth hack: sensitive information from dozens of government agencies may be compromised (the Guardian) Hundreds of law firm’s clients waiting on confirmation of whether they are affected by data leaked in cyberattack
Victim Count in Maryland Ransomware Breach Jumps Fivefold (Gov Info Security) A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly
How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS (The Hacker News) Generative AI poses major security risks to enterprises. Threat actors can exploit it to hack weak SaaS authentication protocols, jeopardizing sensiti
Little Rock School District tallies cyberattack’s cost (Arkansas Online) The 2022 cyberattack on the 21,000-student Little Rock School District's data networks cost the capital city system almost $692,000, according to records obtained from the district.
Political hackers strike City of Fort Worth, in protest at anti-trans legislation (Bitdefender) The city of Fort Worth in Texas announced on Saturday that it had suffered a security breach that saw hackers claim to have gained unauthorised access to data.
Security Patches, Mitigations, and Software Updates
Grafana security release for CVE-2023-3128 (Grafana Labs) Today we are releasing Grafana 10.0.1, 9.5.5, 9.4.13, 9.3.16, 9.2.20 and 8.5.27, which include a critical security fix. If you are affected, we recommend that you install newly released versions.
Trends
Hackers’ Favorite Victims: Who Are They and Why Are They at Risk? (MUO) Anyone can be hit by hackers, but who do cybercriminals target more than most and why?
Aqua Nautilus Research Finds 1,400% Surge in Memory-Based Attacks as Hackers Evade Traditional Cloud Security Defenses (GlobeNewswire News Room) Based on analysis of 700K real-world attacks, the report provides insight into threat actors’ changing tactics and techniques, showing cloud protections...
Postman’s 2023 State of the API Report Reveals APIs as Key Revenue Generators (Business Wire) World’s largest survey of more than 40,000 developers and API professionals finds API monetization, AI tools a key focus for over half of the sector
Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries (PR Newswire) CardinalOps, the detection posture management company, today released its Third Annual Report on the State of SIEM Detection Risk. The report...
Why cyberattacks against Australian organisations are increasing (CSO Online) Whether it is due to API risks or the value of stolen Australian personally identifiable information, cyberattacks have become more frequent and bigger.
Marketplace
Cyera Secures $100 Million Series B Investment to Become the Data Security Platform Enabling the AI Revolution (PR Newswire) Cyera, the data security company, today announced a $100 million Series B investment led by Accel with participation from existing investors...
How Israel invested in spyware at heart of Greek scandal, EU inquiry (Haaretz) Six years ago, the state-owned defense contractor Israel Aerospace Industries (IAI) announced it was investing millions in two promising foreign firms: One registered in the Netherlands providing “cutting-edge cybersecurity solutions,” the other registered in Hungary and focusing on “cyberintelligence” for governments.
CyberRisk Alliance Acquires LaunchTech CommunicationsCyberRisk Alliance Acquires LaunchTech Communications (LaunchTech) CyberRisk Alliance (CRA), a business intelligence company serving the cybersecurity community, has acquired LaunchTech Communications, a leading public relations and communications agency serving fast-paced, global cybersecurity and technology companies.
SAIC Wins $1.3B Treasury Cloud Contract (WashingtonExec) Bob Genter, SAIC Science Applications International Corp. has won a $1.3 billion single-source 7-year contract with the Treasury Department to provide a com ...
How Christina Cacioppo Built Startup Vanta Into A $1.6 Billion Unicorn To Automate Complicated Security Compliance Issues (Forbes) The Stanford graduate built a fast-growing software company to automate what had previously been a manual process. She’s now one of America’s richest self-made women.
FS-ISAC ANNOUNCES EUROPE BOARD OF DIRECTORS (PR Newswire) FS-ISAC, the member-driven, not-for-profit organisation that advances cybersecurity and resilience in the global financial system, today...
Products, Services, and Solutions
KnowBe4 Launches Children’s Interactive Activity Kit To Help Teach Cybersecurity Skills (KnowBe4) KnowBe4 Launches Children’s Interactive Activity Kit To Help Teach Cybersecurity Skills
Jscrambler launches free tool for compliance PCI DSS v4 (Jscrambler) Jscrambler is launching a free tool for faster compliance with new PCI DSS v4.0 e-skimming prevention requirements.
SentinelOne Secures India’s Food Supply (Business Wire) Nation’s premier agritech business leverages company’s autonomous security platform to shield supply chain from cyberthreats
Cequence Strengthens API Protection Platform with Game-Changing Generative AI and No-Code Security Automation (Cequence Security) New release of the Unified API Protection (UAP) platform strengthens the ability to discover, manage risk and protect APIs.
RedShield Security joins AWS ISV Accelerate Program (CRN Australia) To support risk management and protect web applications.
Activestate Enables Secure Open Source Integration for Developers amid Changing US Regulations (PR Newswire) In case you missed it, the US Government recently let their own direct consumers of open source off the hook for the first iteration of the...
Delinea's Latest Release Helps Reduce Phishing Effectiveness with the Workstation Policy Framework (PR Newswire) Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced the latest release of...
Cato Networks Revolutionizes Network Security with Real-Time, Machine Learning-Powered Protection (Cato Networks) The combination of data science expertise, cloud resources, and Cato’s vast data lake enables real-time, ML-powered protection against evasive cyber-attacks, reducing risk and improving security TEL AVIV, Israel, June 27, 2023 — Cato Networks, provider of the world’s leading single-vendor SASE platform, introduced today real-time, deep learning algorithms for threat prevention as part of Cato IPS. The...
Hopr's Cloud Workload and API Threat Protection Technology Available in AWS Marketplace (Business Wire) Company also details joining AWS Activate Portfolio Program, allowing for continued investments in product development and customer success
Tanium Unveils Total Experience for ServiceNow (Business Wire) New integration creates exceptional shared experiences by converging IT staff, employee, and customer experiences that deliver superior operational outcomes and accelerated growth
Brazil’s Largest Financial and Digital Services Provider Selects IRONSCALES to Confidently Secure Email Enterprise-Wide (Business Wire) IRONSCALES replaces secure email gateway (SEG) to protect market-leading services provider, Paschoalotto, from ransomware and VIP impersonation
NanoLock Announces General Availability of OT Defender to Secure Critical Infrastructure from Insider Threats, Cyber Attacks, and Human Errors (Cision) Amid dramatic rise in threats to industrial environments, NanoLock expands U.S. market presence and appoints cybersecurity industry veteran Jay Smilyk as GM of the Americas
Immuta Named Snowflake Data Security Partner of the Year Award Winner (Business Wire) Immuta, a data security leader, today announced at Snowflake’s annual user conference, Snowflake Summit 2023, that it has been named the 2023 Data Security Partner of the Year award winner by Snowflake, the Data Cloud company.
Leaseweb Canada Launches Cloud Connect to Support Hybrid Cloud Environments (Leaseweb) Leaseweb Cloud Connect enables fast, secure connections to Microsoft Azure, Google Cloud and AWS from Leaseweb’s Canada data centers
Technologies, Techniques, and Standards
CISA Releases Cloud Services Guidance and Resources (Cybersecurity and Infrastructure Security Agency) Final guidance and resources help agencies adopt necessary security and resilience best practices for utilizing cloud services
Introducing OWASP CycloneDX v1.5: Advanced Bill of Materials Standard Empowering Transparency, Security, and Compliance (CycloneDX) OWASP, the Open Worldwide Application Security Project, is proud to announce the launch of OWASP CycloneDX version 1.5, an innovative and advanced Bill of Materials (BOM) standard that addresses transparency and compliance in the software industry.
FIDO Alliance Publishes Guidance for Deploying Passkeys in the Enterprise (PR Newswire) Passkeys are a game changer for signing in to online services and apps, providing phishing-resistant security and easy user experience far...
3 Steps to Successfully & Ethically Navigate a Data Breach (Dark Reading) In this day of "not if, but when" for breaches, transparency and full disclosure are important to salvage a company's reputation and keep public trust.
91st Cyber Brigade leads Cyber Shield 2023 (Virginia National Guard) In the early 2000s the Defense Department and the National Guard Bureau came to the quick realization that cyber threats were on the rise and attack frequencies were only going to become more
Design and Innovation
Google DeepMind CEO Demis Hassabis Says Its Next Algorithm Will Eclipse ChatGPT (WIRED) The company is working on a system called Gemini that will draw on techniques that powered AlphaGo to a historic victory over a Go champion in 2016.
WithSecure aims to make security more sustainable (News Powered by Cision) The company’s W/Sustainability program includes green coding initiative to lower energy consumed by
Research and Development
DARPA Sets Proposers Day for Intelligent Generation of Tools for Security Program (ExecutiveBiz) Looking for the latest Government Contracting News? Check out our story: DARPA Sets Proposers Day for Intelligent Generation of Tools for Security Program.
DARPA launches INGOTS program (Intelligence Community News) DARPA’s Intelligent Generation of Tools for Security (INGOTS) program aims to identify and fix high-severity, chainable vulnerabilities before attackers can exploit them.
Academia
UWF receives top honor for cybersecurity community outreach initiatives (University of West Florida Newsroom) The University of West Florida received the National Centers of Academic Excellence in Cybersecurity Community Outreach first place award at the 2023 NCAE-C Symposium in Seattle, Washington, in June. “The UWF Center for Cybersecurity’s talented faculty and staff have created an exceptional array of community outreach programs tailored to the distinct needs of our various […]
Legislation, Policy, and Regulation
The Race to Regulate Artificial Intelligence (Foreign Affairs) Why Europe has an edge over America and China.
US goading Japan to up its cybersecurity game (Asia Times) Prime Minister Fumio Kishida’s administration hopes to raise Japan’s poor cybersecurity performance to an acceptable level by requiring government contractors to meet US standards, according to loc…
The US Senate Wants to Reign In AI. Good Luck With That (WIRED) With a poor track record on tech regulation, do lawmakers stand a chance?
New report finds generative machine learning exacerbates online sexual exploitation (Stanford Internet Observatory Cyber Policy Center) The Stanford Internet Observatory and Thorn find rapid advances in generative machine learning make it possible to create realistic imagery that is facilitating child sexual exploitation.
CISA Appoints David Carroll & Andrew Scott Associate Directors Within Cybersecurity Division (Executive Gov) Looking for the latest Government Contracting News? Read about CISA Appoints David Carroll & Andrew Scott Associate Directors Within Cybersecurity Division.
Litigation, Investigation, and Law Enforcement
Israel's Shin Bet spy service uses generative AI to thwart threats (Reuters) Israel's Shin Bet security service has incorporated artificial intelligence into its tradecraft and used the technology to foil substantial threats, its director said on Tuesday, highlighting generative AI's potential for law-enforcement.
SolarWinds says SEC investigation ‘progressing to charges’ () SolarWinds — the technology firm at the center of a December 2020 hack that affected multiple U.S. government agencies — said its executives may soon face charges from the U.S. Securities and Exchange Commission (SEC) for its response to the incident.
UK hacker busted in Spain gets 5 years over Twitter hack and more (Naked Security) Not just that infamous Twitter hack, but SIM-swapping, stalking and swatting too…
Citizen of Croatia and Serbia Charged with Running Monopoly Drug Market on the Darknet (US Attorney's Office for the District of Columbia) Defendant Facilitated $18 Million in Illegal Drug Transactions Using Cryptocurrency
Citizen of Croatia charged with running the Monopoly Market drug marketplace (Security Affairs) Milomir Desnica, a citizen of Croatia and Serbia, has been charged with running the Monopoly Market drug darknet marketplace. Milomir Desnica (33), a citizen of Croatia and Serbia, has been extradited from Austria to the United States to face charges of running the darknet drug marketplace Monopoly Market. According to the indictment, in late 2019, […]
Man charged with running $18 million ‘Monopoly’ darknet marketplace (Record) The U.S. Department of Justice charged a 33-year-old citizen of Croatia and Serbia with allegedly operating a drug trafficking platform called Monopoly Market on the darknet.
NHS Psychiatrist Jailed; Dark Web Forum and 7,000 Images Seized (HackRead) Dr. Kabir Garg was administering “The Annex,” a notorious dark web platform for child sexual abuse, which had over 30,000 registered members.
Twitter hack: Joseph O'Connor jailed for celebrity cyber attack (BBC News) Joseph O'Connor, 24, targeted some of the most popular accounts as part of a Bitcoin scam.
FTX Bankruptcy Team Says the Exchange Owed Customers $8.7B (CoinDesk) Commingling and misuse of customer funds occurred from the start at FTX, says current CEO John J. Ray III, and senior executives knew of the shortfall as early as August 2022.
CYBER: The Increasingly Violent Discord Servers Where Kids Flaunt Their Crimes (Vice) Inside ‘The Comm,’ a series of Discord servers where kids post about their life of crime.