Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+501: Auxiliary or privateer? (CyberWire) Russia goes over to static, positional defense against Ukraine's counteroffensive. The final resolution of the Wagner Group mutiny remains unclear. KillNet has PMC aspirations.
Russia-Ukraine war: List of key events, day 502 (Al Jazeera) As the conflict enters its 502nd day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 502 of the invasion (the Guardian) Ukrainian forces claim to have registered ‘a definite advance’ on the southern flank of Bakhmut; an investigation suggests Russia has lost 47,000 troops in Ukraine so far
Why the Ukraine Counteroffensive Is Such Slow Going (Wall Street Journal) Outgunned, outmanned and facing a deeply entrenched enemy, Ukrainian troops are attempting one of the most daunting operations a military can undertake.
Civilian Toll In Russian Shelling Rises To Nine As Ukrainian Counteroffensive Reportedly Makes Gains (RadioFreeEurope/RadioLiberty) The death toll of civilians killed by Russian shelling in the Donetsk region city of Lyman on July 8 has been raised to nine, Ukrainian officials said on July 9.
‘We have ambitious plans’: Anti-Putin forces plan fresh attacks inside Russia (the Guardian) Leader of cross-border raids says weapons, not words, are needed to overthrow the regime in Moscow
Volodymyr Zelenskiy visits Snake Island on 500th day of Russian invasion (the Guardian) President thanks forces and hails ‘this place of victory’ that became symbol of defiance in early days of war
Russia-Ukraine war live: Putin met with Wagner leader Yevgeny Prigozhin days after mutiny, says Kremlin (the Guardian) Spokesperson says president had three-hour meeting with Wagner head on 29 June, just days after the short-lived rebellion
Russia-Ukraine war live: Moscow hits out as Turkey allows return of ‘hero’ Mariupol commanders (the Guardian) Moscow says men’s return to Ukraine is a ‘direct violation’ of prisoner swap agreement
Russia-Ukraine war at a glance: what we know on day 500 of the invasion (the Guardian) Biden condemned by human rights groups for approving cluster munitions to Ukraine; Zelenskiy secures Turkey’s backing for Nato membership
Ukraine Quarterly Digest: April–June 2023 (Wilson Center) The second quarter of 2023 was dominated by preparations for Ukraine's counteroffensive operation, which started in late June. Fighters received specialized training, and arms and matériel were rounded up. Looking for greater international support, Ukraine devoted massive efforts to connect with as many states as possible, including those well off Ukraine's radar in recent years.
How many Russians have died in Ukraine? Data shows what Moscow hides (AP News) Nearly 50,000 Russian soldiers have died in the war in Ukraine, according to a new statistical analysis.
Why Ukraine's strategy terrifies the Russian army (The Telegraph) Unlike Russia, Ukraine as a nation fights its war as one people, unified in a common purpose
Last reactor at Zaporizhzhia NPP remains in 'hot shutdown' state – intelligence (Ukrinform) The last reactor at the Zaporizhzhia Nuclear Power Plant currently remains in a 'hot shutdown' state, according to Andrii Yusov, a representative of the Main Intelligence Directorate of Ukraine's Ministry of Defense. — Ukrinform.
The story of Yevgeny Prigozhin’s attempted mutiny in Russia is far from over (The Economist) A special episode of the daily podcast examining an extraordinary mutiny attempt
Kremlin smears Wagner boss Prigozhin, hailing Putin as Russia’s savior (Washington Post) The Kremlin does not speak his name.
Putin’s Post-Prigozhin Clean Up (Puck) Despite Western media assertions that the half-coup heard round the world was a sign of instability, my sources around Moscow and the Kremlin tell me that Putin is once again in full control. But questions linger about a future purge and missed warning signs.
Putin and Prigozhin's deal "may be in flux": ISW on Russia (Newsweek) "The status of the deal between Russian President Vladimir Putin and [Yevgeny] Prigozhin is unclear," the Washington-based think tank said.
Why Belarus is (allegedly) the safe haven for Wagner Group mutineers (The Economist) Also on the daily podcast: American states bail out public transport and diplomatic reasons to wear red in China
Exclusive: The secret calendar of Russian rebel warlord Yevgeny Prigozhin revealed (Business Insider) Wagner chief Yevgeny Prigozhin frequently met with Putin's closest allies and advisers, including Defense Minister Sergei Shoigu and Gen. Valery Gerasimov.
Four scenarios for Russia's future after the Wagner Group mutiny (Atlantic Council) What will be the long-term aftermath of Russia's Wagner mutiny? Here are four possible paths for Russia's future the West should consider.
The war in Ukraine shows how technology is changing the battlefield (The Economist) But mass still counts, argues Shashank Joshi in the first of seven chapters of a special report on the future of warfare
DOD Announces $800M Security Assistance Package for Ukraine (U.S. Department of Defense) The Defense Department announced an additional security assistance package of up to $800 million aimed at providing key capabilities to support Ukraine's counteroffensive operations and defend against
Multiyear assistance package for Ukraine to be announced at NATO Vilnius Summit (Breaking Defense) "I am confident that we'll find a united way to address the specific issue on [Ukraine] membership, but I will not go into the details of exact language now because that is something we will announce [at the Summit],” said Jens Stoltenberg, NATO Secretary General.
Will US cluster munition decision meet pushback at NATO summit? (Breaking Defense) German Foreign Minister Annalena Baerbock said she opposes sending cluster munitions to Ukraine, while NATO Secretary General Jens Stoltenberg asserted that the alliance as a whole will not weigh in.
Joe Biden defends ‘difficult decision’ to send cluster munitions to Ukraine (the Guardian) Rights groups condemn supply of widely banned weapons and fellow Democrat calls it a ‘terrible mistake’
No legal reason against giving cluster bombs to Ukraine but moral? (Military Times) These munitions are not in themselves illegal, but their usage can be, if fired at civilians.
NATO to offer Ukraine continuing support but not immediate membership (Military Times) NATO will help Ukraine modernize its forces but membership talks are off the table while Ukraine is at war with Russia.
Ukraine wins Turkey’s backing for Nato membership but Biden urges caution on timing (the Guardian) Volodymyr Zelenskiy hails support from Turkey, a key mediator in the war, as Joe Biden warns of perils of joining alliance during a time of conflict
Fearful Germany preparing to block Ukraine’s Nato membership bid (The Telegraph) Nato’s allies insist the door is open for Kyiv to join, but many are deeply divided over how fast that step should be taken
Biden Says War Must End Before Ukraine Can Join NATO (RadioFreeEurope/RadioLiberty) U.S. President Joe Biden, who is scheduled to attend an important NATO summit later this week, said in an interview prior to his departure that Ukraine is not ready for membership in the alliance, asserting that the war with Russia must end before an invitation can be issued.
NATO’s Worst-of-Both-Worlds Approach to Ukraine (Foreign Affairs) The German model won’t solve a problem of the alliance's own making.
Here’s the ‘concrete’ path for Ukraine to join NATO (Atlantic Council) The upcoming NATO summit in Vilnius should establish a High Level Group to design a roadmap for Ukraine’s fast-track membership.
Ukraine needs NATO membership, not an ‘Israel model’ (Atlantic Council) Granting NATO membership to Ukraine is critical to ensuring it wins the war against Russia quickly and decisively.
Opinion Only NATO membership can guarantee peace for Ukraine (Washington Post) At his final NATO summit, in Bucharest, Romania, in 2008, President George W. Bush pushed, cajoled and pleaded with allies to invite Ukraine and Georgia into the alliance. Such a move, Bush explained, would send “a signal throughout the region that these two nations are, and will remain, sovereign and independent states.”
Don’t Let Ukraine Join NATO (Foreign Affairs) The costs of expanding the alliance outweigh the benefits.
Defeat for Ukraine would be a global disaster. Nato must finally step in to stop Russia | Simon Tisdall (the Guardian) European allies are split over when to offer Nato membership to Kyiv. The bigger question is: are they doing enough now to help Ukraine?Russia-Ukraine war – latest news updates
A Stronger NATO for a More Dangerous World (Foreign Affairs) What the alliance must do in Vilnius—and beyond.
NATO Chief Details Plans for Summit (U.S. Department of Defense) NATO Secretary General Jens Stoltenberg laid out the agenda for the NATO summit in Vilnius, Lithuania, next week, saying it will demonstrate alliance unity.
NATO’s task in Vilnius is simple: Transform European defense (Defense News) European forces are not fit for purpose to conduct the collective defense missions that now drive NATO’s military and force planning.
The view from Vilnius: NATO needs speed and scale to ensure deterrence (Atlantic Council) The real test of the July 11-12 NATO Summit will be whether leaders take the opportunity to increase the Alliance's deterrence.
Nato’s new-found resolve is precarious (The Telegraph) The US President must start appreciating what a vital role Britain plays in the Western alliance
NATO summit host Lithuania is a small country with a loud voice, especially when it comes to Russia (AP News) One of the smallest members of NATO is preparing to hold one of the most important summits in the alliance’s 74-year history.
Zelensky rejects Trump's claim he could end Ukraine war "in 24 hours" (Newsweek) The Ukrainian president said on Sunday that Joe Biden could have ended the Russia-Ukraine war in "five minutes" if he wanted.
Behind the war in Ukraine is a shady war of cyber attackers reveals Radware research (iTWire) Behind the war taking place on the ground, there's a cyber-war being waged by shady hacktivists who are increasing their operations both in Eastern Europe and around the world. Killnet, Anonymous Sudan, Fancy Bear ... these aren't names you might hear on the daily news, but it’s a who’s who...
Killnet as a private military hacking company? For now, it's probably just a dream (Record) The cybercrime group known as Killnet is skilled at grabbing attention, even if some of its claims are hard to prove. Its leader now has a vision for organizing the pro-Russia hacker underground.
Telegram has become a window into war (The Verge) The messaging app has become a key channel for news about the Russian invasion of Ukraine. But the government’s relationship with it is complicated.
Inside the Secretive Russian Security Force That Targets Americans (Wall Street Journal) FSB unit that took Evan Gershkovich is also believed responsible for incidents blurring the lines between spycraft and harassment, including the mysterious death of a diplomat’s dog.
Follow the Latest Updates on Evan Gershkovich, WSJ Reporter Detained in Russia — #IStandWithEvan (Wall Street Journal) Follow the latest updates on Wall Street Journal reporter Evan Gershkovich, who was detained in Russia while on a reporting trip and held on an allegation of espionage that the Journal and the U.S. government vehemently deny.
Prigozhin wig pictures appear to be genuine, analysis shows (the Guardian) Images leaked by Russian security services are consistent with one another and appear distorted due to being pictures of a digital screen
Inside Putin’s armour-plated train that boasts a high-tech beauty suite (The Telegraph) Leaked photos of the Russian leader’s £57m custom-made carriages reveal an onboard hammam, gym and cosmetologist’s studio
Ukraine's Botanists Risked Their Lives for a Priceless Collection (WIRED) When the war came to Kherson, a small group of scientists ventured into the ruined city to rescue a unique herbarium.
Space Force captain kept US Cabinet officials safe amid Europe crisis (Air Force Times) Capt. Victoria Garcia, Military Times' 2023 Guardian of the Year, led the first space electronic warfare deployment at the onset of the war in Ukraine.
Attacks, Threats, and Vulnerabilities
Govt uses Israeli tech to hack opposition leaders’ phones: BNP (New Age) The main opposition Bangladesh Nationalist Party on Saturday accused the government of hacking smartphones of opposition leaders by using Pegasus spyware as part of its...
Ventia takes systems offline to contain cyber attack (iTnews) Warns "further protective action" may be required.
Charming Kitten hackers use new ‘NokNok’ malware for macOS (BleepingComputer) Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems.
Tailing Big Head Ransomware’s Variants, Tactics, and Impact (Trend Micro) We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.
New ‘Big Head’ ransomware displays fake Windows update alert (BleepingComputer) Security researchers have dissected a recently emerged ransomware strain named 'Big Head' that may be spreading through malvertising that promotes fake Windows updates and Microsoft Word installers.
M365 Phishing Email Analysis – eevilcorp (Vade Secure) Vade’s Threat Intelligence and Response Center (TIRC) presents a phishing email analysis of a recent Microsoft 365 phishing attack.
New Phishing Attack Spoofs Microsoft 365 Authentication System (HackRead) Vade, a provider of email security and threat detection services, has released a report on a recently discovered phishing attack that involves the spoofing of the Microsoft 365 authentication system.
TOITOIN Trojan: A New Multi-Stage Attack Targeting LATAM (Zscaler) Zscaler ThreatLabz recently uncovered a new targeted multi-staged attack campaign striking businesses in the LATAM region delivering the TOITOIN Trojan
Advanced Vishing Attack Campaign "LetsCall" Targets Andriod Users (HackRead) In a newly detected muli-stage vishing campaign attackers are using an advanced toolset dubbed LetsCall, featuring strong evasion tactics.
Weaponized Phishing Attack via WhatsApp Targets International Hospitality & Tourism Industry (Votiro) Votiro was made aware of a new phishing attack when a hotel employee received a password-protected zip file from an unknown contact via WhatsApp on her work mobile. This method of attack is not surprising, considering that WhatsApp’s billions-strong user base makes it a frequent target of hackers. More Channels, Same Threats Today, it has...
Ciena Says ‘Limited’ Data Impacted In MOVEit Attack (CRN) Ciena confirmed that data was impacted in a MOVEit-related breach after the company was claimed as a victim by the cybercriminal group Clop.
Dole, Pepsi bottler issue more info on recent cyberattacks (Record) Multinational food processing giant Dole and the main U.S. bottler for Pepsi both revealed more information about separate cybersecurity incidents that affected both companies earlier this year.
Unfolding Cybersecurity Crisis: Aptos Network and Multichain Face Cyber-Attacks (CryptoMode) Aptos Labs swiftly alerted the community, clarifying via a tweet that their account had been compromised and debunked the alleged APT airdrop.
More than $125 million taken from crypto platform Multichain (Record) Crypto platform Multichain has suspended its services as it investigates claims that more than $125 million in cryptocurrency was stolen.
Exploit of Fantom, Moonriver and Dogechain Crypto Bridges Confirmed by Multichain Team (CoinDesk) “It is recommended that all users suspend the use of Multichain services and revoke all contract approvals related to Multichain,” developers said early Friday.
Crypto projects lose $600M in H1 2023 to hacks (Atlas VPN) According to the analysis by the Atlas VPN team, various crypto projects and their clients lost $666,354,302 to 125 cyberattacks in the first half of 2023.
Attorney General’s office hit by cyber attack (Trinidad and Tobago Newsday -) DAYS after retired judge Stanley John delivered a report to the Attorney General (AG) advising that the Civil Law Department (CLD) of the Ministry of the Attorney General and Legal Affairs be restructured, the unit claimed it was the subject of a cyber attack. In a statement on Friday the Ministry of Digital Transformation said
Criminals preying on generosity to steal donations: Avast (SecurityBrief Australia) Avast researchers have identified a video campaign from an organisation claiming to be collecting money for sick children, which are actually scam sites.
Kids’ intimate files — including suicide attempts — are being put online after ransomware gangs hack schools: report (New York Post) Ransomware gangs are stealing confidential documents stolen from schools and dumping them online.
Capita tells employees: Personal data stolen in March hack (Computing) Capita has told some of its own employees that their personal information was compromised in a Russian cyberattack earlier this year.
Ransomware Gang Has 6M Life and Annuity Client Records (ThinkAdvisor) Known victims include Genworth, F&G and the department that oversees Medicare.
More than 42,000 affected by ransomware attack on pro bono California law firm (Record) More than 42,000 people had their information exposed during a ransomware attack on a California law firm that provides free services to those in need.
Beware of the Growing Scourge of Job Recruitment Scams (Security Intelligence) Every year, 14 million people are exposed to job scams amounting to $2 billion in direct losses. How can job seekers and companies protect themselves?
CISA Adds One Known Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2021-29256 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
Security Patches, Mitigations, and Software Updates
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities (Cybersecurity and Infrastructure Security Agency CISA) Progress Software has released a Service Pack to address three newly disclosed vulnerabilities (CVE-2023-36934, CVE-2023-36932, CVE-2023-36933) in MOVEit Transfer. A cyber threat actor could exploit some of these vulnerabilities to obtain sensitive information.
After Zero-Day Attacks, MOVEit Turns to Security Service Packs (SecurityWeek) Facing ransomware zero-days, Progress Software will release regular service packs to help customers mitigate critical security flaws.
Google patches 43 Android Vulnerabilities Including 3 actively exploited zero-days (Cyber Security News) In July 2023, Android has released that, more than 43 vulnerabilities in the Android Operating System and its components are fixed.
CISA warns govt agencies to patch actively exploited Android driver (BleepingComputer) CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month's Android security updates.
July 2023 Patch Tuesday forecast: A month of instability and uncertainty (Help Net Security) Todd Schell from Ivanti offers his predictions for July 2023 Patch Tuesday. Deploy Apple and Mozilla updates to lighten your load next week.
Trends
Cyber Security Report 2023 (Check Point Software) Check Point’s 2023 Cyber Security Report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war.
Botnets responsible for nearly all malicious web traffic (Yahoo News) Botnets take up 95% of all malicious internet traffic, new in-depth analysis shows.
Hackers ‘weaponising’ data theft to shake down business (AFR) Cybercriminals are increasingly “weaponising” data to extort businesses, exploiting the threat of stiff government penalties and multimillion-dollar fines for information and privacy breaches to demand companies quietly pay up.
Surge in young children being targeted by cyber bullies (Yahoo Sports) The eSafety Commissioner's latest report shows a rapidly rising number of cyber bullying complaints from children aged under 14.
Marketplace
EDGE expands portfolio with acquisition of Oryxlabs (Gulf Business) The acquisition is expected to elevate the defence group’s portfolio of advanced technology solutions
DC Two acquires WA security firm Thomas Cyber (ARN) Publicly listed data centre provider DC Two has acquired Perth-based security and intelligence organisation Thomas Cyber.
TPG to buy Forcepoint unit from Francisco Partners for $2.45 billion - WSJ (MarketScreener) Buyout house TPG is buying a business unit of software provider Forcepoint for $2.45 billion from Francisco Partners, the Wall Street Journal reported on Sunday citing people familiar with the matter.
Armis Joins AWS ISV Accelerate Program for Enhanced Collaboration (Data Storage Asean) Armis, the leading asset visibility and security company, announced that it has joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, a co-sell program for AWS Par
10 Dynamic Cybersecurity Leaders Making an Impact in 2023 (ExecutiveBiz) Learn how these cybersecurity leaders protect organizations against evolving cyber threats in this rapidly changing digital landscape.
High Wire Networks Appoints Cybersecurity Technology Trailblazer and Patent Inventor, John Peterson, as Chief Product Officer (GlobeNewswire News Room) Key Appointment Marks Beginning of High Wire’s Evolution from a Managed Security Services Provider to IP-Driven Cybersecurity Technology Leader...
Optery Expands Senior Leadership Team as it Continues to Lead Personal Data Removal Industry, Protecting Consumers and Businesses from Digital and Physical Threats (GlobeNewswire News Room) Paul Mander and Hideko Tachibana Join Executive Team as Optery for Business, Removing PII for Enterprises, Rapidly Expands...
Products, Services, and Solutions
OSINT Tool 'Illicit Services' Shuts Down Amidst Exploitation Concerns (HackRead) The owner and administrator of the Illicit Services OSINT Tool cites the rise in illegitimate activities and exploitation as reasons for closure.
ChatGPT loses users for first time, shaking faith in AI revolution (Washington Post) The number of people visiting ChatGPT’s website was down 10 percent worldwide in June
Reddit Won’t Be the Same. Neither Will the Internet (WIRED) Subreddits and third-party apps are going dark in response to Reddit’s proposed API changes. It’s the latest front in a labor battle between algorithms and the humans who feed them.
Meta's Twitter rival Threads explodes to 70 million signups one day after launch (CNBC) The text-based social media product already has 70 million sign-ups, Meta CEO Mark Zuckerberg said on Friday.
Threads isn’t for news and politics, says Instagram’s boss (The Verge) Adam Mosseri says it isn’t going to “encourage” these verticals.
How Meta is pitching Threads to advertisers (Ad Age) Meta promises more features that will make Threads even closer to Twitter as the rivalry heats up.
Auvik Launches Partner Program, Expanding Revenue Opportunities for Channel Partners (Auvik Networks Inc.) Tiered partner program offers resellers a streamlined, profitable experience through Auvik’s award-winning technology
Technologies, Techniques, and Standards
Cybercrime Ops (Demo) (Kumu) A demo version of an evolving mind-map of cybercrime operations
Cyberwarfare threats have reached a critical point (Security Magazine) As the world is quickly learning, a country does not need to be physically bordered by enemies to be in the crosshairs of cyber threats.
Cyber Security Penetration Testing Saves Time and Money (PRWeb) A NYC area cyber security expert explains penetration testing in a new article. The informative article first asserts that a penetration test simulates an actu
Cybersecurity In The Fast Lane | Why Speed Is Key In Incident Response & Mitigation (SentinelOne) As modern TTPs allow attackers to move faster than ever, learn how to shave off critical minutes in your detection and response strategy.
Council Post: Don’t Let Your Decommissioned IT Assets Come Back To Haunt You (Forbes) Many businesses underestimate both the risk from decommissioned IT assets and the attention required to mitigate that risk.
Object Management Group Approves SysML V2, Beta Specifications (Object Management Group) New specifications enable next-generation systems modeling.
Design and Innovation
Generative AI Holds the Power to Transform Core Cybersecurity Functions (Acceleration Economy) The potential of generative AI goes far beyond image generation and blog writing—it is a game-changer for staying ahead of evolving cybersecurity threats.
‘Sometimes, It Feels Real’: Character.AI Gives Humans the Chatbots They Desire (The Information) One Saturday morning earlier this year, Noam Shazeer, CEO of Character.AI and one of the world’s foremost machine-learning researchers, looked out his window to see a stranger perched on a folding chair outside his home in Palo Alto, Calif. The man had come to Shazeer’s quiet residential street ...
5 Uses for ChatGPT that Aren’t Fan Fiction or Cheating at School (WIRED) Chatbots are great for lots of things, but these ones may be unexpected.
School Districts Experiment With Robot Surveillance (WSJ) Santa Fe is one of few school districts experimenting with robot surveillance on their campuses.
Research and Development
DHS Awards $3.15M to 20 U.S. Small Businesses for Proof-of-Concept Research (HS Today) One of the topic areas will address air cargo manifest analysis to aid screeners.
Academia
CSIA Program Details (SUU) Everything you need to know about SUU's Master's of Cyber Security and Information Assurance program.
Cornell University partners with Google in online security initiative (India Education) Cornell is one of four higher-education institutions in a new partnership with Google aimed at establishing New York City as the world leader in cybersecurity.On June 12, Google announced the Google Cyber NYC Institutional Research Program to jump-st
Legislation, Policy, and Regulation
How India, UAE, Israel are trying to build secure cyberspace (The Week) UAE cyber security head had recently visited India and Israel
Germany must be able to defend itself, warns new cybersecurity chief (Record) Germany’s new cybersecurity chief, Claudia Plattner, told journalists on Friday that the country needed to defend itself amidst a surge in attacks on hospitals, local government authorities and private sector businesses in the country.
Critical Infrastructure and the Cloud: Policy for Emerging Risk (DFRLab) Critical infrastructure increasingly depends on cloud computing. Cloud risk is different from previous paradigms', and policy must adapt.
Opinion CIA Director Burns: What U.S. intelligence needs to do today — and tomorrow (Washington Post) This essay was adapted from remarks CIA Director William J. Burns delivered July 1 for the annual Ditchley Foundation lecture in Oxfordshire, England. The topic was “A World Transformed and the Role of Intelligence.”
The cyber provisions to watch in the big defense bill (Washington Post) The House is expected to tackle its annual defense policy bill this week, legislation that has provisions meant to safeguard U.S. nuclear systems from cyberattacks and force the Pentagon to cooperate on cybersecurity with Taiwan.
NDAA amendment calls for DOD, DHS to assess cyber threats to border security (Nextgov) Rep. Vicente Gonzalez, D-Texas, said his proposal “sets a plan to prevent cyber incidents by reducing the risk of future cyber vulnerabilities” in key border technologies.
Litigation, Investigation, and Law Enforcement
Royal Navy contractor forced to pay off cyber criminals (The Telegraph) Supplier to British fleet was hit by ransomware at height of lockdown
China Ends Tech Crackdown With Fines on Tencent, Ant Group (Bloomberg) Alibaba shares rally on prospect of end to Beijing probe. Ant Group had to withdraw plans for largest-ever IPO.
Class-action lawsuit against antivirus firm for selling data of millions of Dutch people (NL Times) The Czech security firm, Avast, is being sued in a mass claim lawsuit. The plaintiffs include the CUIC Foundation (Consumers United In Court), cooperating with the civil rights organization Privacy First, AD reported on Friday. The company, known for its antivirus software, is accused of selling sensitive data of millions of Dutch users for several years.
Kansas audit of election security exposes strengths, weaknesses of voting systems (Kansas Reflector) Kansas auditors found no smoking gun in a review of election security in Kansas, but urged the secretary of state to help counties adopt best procedures.
Police investigate cyber attack at Scottish University (Yahoo News) Police are investigating after the University of the West of Scotland was hit by a cyber attack which has affected many of its systems.
‘Blescoin’ scam: Lured by woman cyber fraudster on marriage portal, techie duped of Rs 91.75 lakh (The Indian Express) The police said the complainant came in contact with the accused woman on a matrimonial website in February this year.
SolarWinds Investor’s Data Breach Suit Meets Death by Bylaw (1) (Bloomberg Law) A SolarWinds Corp. investor’s suit over a cyberattack was dismissed when a federal court in Texas endorsed the power of corporate bylaws to select inhospitable venues for derivative suits, an issue that has divided federal appeals courts.
A man has been charged with a cyber attack on the Discovery Bay water treatment facility (Security Affairs) A man from Tracy, California, has been charged with a computer attack on the Discovery Bay water treatment facility. Rambler Gallo (53), a man from Tracy (California) has been charged with intentionally causing damage to a computer after he allegedly breached the network of the Discovery Bay Water Treatment Facility. The man targeted the water […]
Charges filed in cyber attack on East Bay water treatment plant (Silicon Valley) Federal prosecutors say 53-year-old Tracy man remotely uninstalled critical software.
‘Vague’ injunction on social media should be stayed, Justice Dept. says (Washington Post) The Biden administration asked a federal judge to stay his sweeping July 4 injunction barring many government interactions with social media companies
Kronos Reaches $6M Settlement Over Ransomware Attack (Health IT Security) HR management solutions provider Kronos suffered a ransomware attack on its cloud solution in 2021 that impacted many healthcare organizations.
FBI Hired Social Media Surveillance Firm That Labeled Black Lives Matter Organizers “Threat Actors” (The Intercept) A new Senate report calls out the FBI for lying to Congress about its social media monitoring, pointing out the FBI’s hiring of ZeroFox.
FBI Investigates Kraken Co-Founder’s Home For Cyber-Stalking Allegations (Coin Culture) The United States Federal Bureau of Investigations (FBI) searched the residence of Jesse Powell, the co-founder of Kraken, in March.
Sarah Silverman is suing OpenAI and Meta for copyright infringement (The Verge) She says the companies’ chatbots were trained on her book.
Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014 (KrebsOnSecurity) When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the company’s then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as…