Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+510: Assessing progress in a long war. (CyberWire) Russia begins targeting port infrastructure to stop Black Sea grain shipments. The US and UK both see slow Ukrainian progress in its counteroffensive.
Russia-Ukraine war: List of key events, day 511 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 511th day.
Russia-Ukraine war at a glance: what we know on day 511 of the invasion (the Guardian) Russia again attacks Ukrainian port of Odesa after pulling out of grain deal; fire reported at military base in Crimea
Russia-Ukraine war live: Lavrov to replace Putin at South Africa summit amid ICC arrest warrant (the Guardian) South Africa had previously asked the ICC for permission not to arrest Putin at the BRICS summit
Ukraine’s counteroffensive ‘slow’ and ‘steady’ but not a failure, Milley says (Stars and Stripes) Ukraine’s military is a few weeks into the counteroffensive and top Pentagon leaders have said progress is coming slowly due partly to complex minefields Ukrainian troops are finding along the battle lines.
US says Ukraine has significant combat power not yet committed to the war (AP News) The top U.S. military officer says Ukrainian forces have a “significant amount of combat power” that hasn’t yet been committed to the war. Army Gen.
Russia Targets Odesa for a Second Night (New York Times) Moscow launched drones and missiles at the Black Sea port city in what appeared to be continued retribution for an attack on a Crimean bridge.
Russia launches intense nighttime attacks across Ukraine, targeting the southern port city of Odesa (AP News) Ukrainian officials say Russia has launched an intense series of nighttime air attacks using drones and missiles against targets across Ukraine.
Russia massing 100,000 troops for attack on Kharkiv (The Telegraph) Senior military officials believe attack may be a diversionary tactic to draw Ukrainians away from the counter-offensive
Russia strikes Ukraine grain port after exiting export deal (Reuters) Russia struck Ukrainian ports a day after pulling out of a U.N.-backed deal for safe Black Sea grain exports, and Moscow and Kyiv gave vastly different accounts of fighting in northeastern Ukraine on Tuesday.
Russia just quit a grain deal critical to global food supply. What happens now? (Atlantic Council) The last ship under the UN- and Turkey-brokered deal to export grain and fertilizer from Ukraine by sea has left Odesa. Atlantic Council experts explain what to expect next.
From Logistics To Psychology, Effects Of Crimea Bridge Blast Will Linger (RadioFreeEurope/RadioLiberty) Although Russian officials have hastened to downplay the damage caused by the July 17 explosion on the only bridge linking Russia to occupied Crimea, experts say even a few hours of logistical delay at this time could be important.
Ukraine aims to sap Russia’s defenses, as U.S. urges a decisive breakthrough (Washington Post) Ukrainian commanders have yet to use the large-scale offensive tactics they have been trained on, as Kyiv says it needs more weapons to fight the war Washington wants
Russian command structure ‘confusing at best’ after Wagner mutiny, says top U.S. general (POLITICO) The Ukraine war "is going to be long, it’s going to be hard, it’s going to be bloody,” Joint Chiefs Chair Gen. Mark Milley predicted.
Russian President Vladimir Putin reveals exiled Wagner boss’ replacement after failed coup (News.com) Vladimir Putin wants to make a man with a very troubled past the new chief of the Wagner group that – just weeks ago – rose in open mutiny.
Ukraine Defense Contact Group Members Remain Unified in Support to Kyiv (U.S. Department of Defense) There is no lessening of the solidarity of members of the Ukraine Defense Contact Group, Secretary of Defense Lloyd J. Austin III said at the conclusion of the 14th meeting of the group.
Watch: MI6 chief urges Russians appalled by Ukraine war to spy for UK (The Telegraph) Sir Richard Moore called on those ‘watching in horror’ to ‘join hands with us’ and ‘work together to bring the bloodshed to an end’
Putin’s biggest mistake was believing Ukrainians were really Russians (Atlantic Council) Vladimir Putin insists Ukrainians and Russians are "one people" and appears to have genuinely believed his invading army would be welcomed. It is now clear this was a catastrophic miscalculation, writes Roman Solchanyk.
Russia’s invasion of Ukraine was never about NATO (Atlantic Council) Putin's relaxed response to the NATO accession of Finland and Sweden proves that he knows NATO enlargement poses no security threat to Russia but has used the issue as a smokescreen for the invasion of Ukraine, writes Peter Dickinson.
Arresting Putin Would be 'Declaration Of War,' South African President Says (RadioFreeEurope/RadioLiberty) South African President Cyril Ramaphosa says arresting Russian President Vladimir Putin if he attends a BRICS summit next month in Johannesburg would amount to a declaration of war.
UK's MI6 spy tells Russians: join us as agents to end war (Reuters) The head of Britain's MI6 foreign spy service appealed on Wednesday to Russians appalled by the war in Ukraine to "join hands" with his intelligence service and bring the bloodshed to an end.
Britain’s MI6 chief says his spies are using AI to disrupt flow of weapons to Russia (AP News) The head of Britain’s MI6 intelligence agency says British spies are already using artificial intelligence to hamper the supply of weapons to Russia.
If you want peace, prepare for… cyberwar - Friends of Europe (Friends of Europe) After the war in Ukraine, there will be hundreds of thousands of cyber-veterans. And if we do not start preparing for that, it’s going to be a global problem.
Russian hackers may be behind 'DDoS' attack on NZ Parliament website (Stuff) GCSB confirms attacks on multiple websites after group reportedly targeted countries that have provided support for Ukraine.
Ukraine police bust another bot farm accused of pro-Russia propaganda, internet fraud (Record) Ukraine's Cyber Police shut down yet another bot farm that was reportedly spreading disinformation about the war in Ukraine on social media, just one month after a similar illicit operation was raided in west-central Ukraine.
Russian medical lab suspends some services after ransomware attack (Record) Customers of the Russian medical laboratory Helix have been unable to receive their test results for several days due to a “serious” cyberattack that crippled the company's systems over the weekend.
Rights Watchdog Says Russian Missile Attack On Lviv Possible War Crime (RadioFreeEurope/RadioLiberty) Human Rights Watch (HRW) says a Russian cruise missile strike on Lviv in western Ukraine on July 6, which killed 10 civilians in a residential apartment complex, should be investigated as a possible war crime.
Ukraine: Russian Missile Strike on Lviv a Possible War Crime (Human Rights Watch) A Russian cruise missile strike on Lviv in western Ukraine on July 6, 2023 struck a residential apartment complex in violation of the laws of war. Although Ukrainian military targets were in the vicinity, the strike by a guided munition with a large, high-explosive warhead on an apartment complex in a residential area should be investigated as a possible war crime.
Militia units commanded by Russia named in Izium abuse investigation (the Guardian) Exclusive: Four units from Donbas ‘people’s republics’ allegedly abused civilians in Ukrainian city where mass grave was found
How Russia is brainwashing Ukrainian children to ‘use as weapons’ (The Telegraph) Abducted young people schooled to blame 'Nazis and Nato' – then sent to the front line once they are old enough to fight
Attacks, Threats, and Vulnerabilities
Renewable technologies add risk to the US electric grid, experts warn (CyberScoop) In congressional testimony, experts warned about the potential cyberthreats from tech needed for the grid transformation.
Aggressive China Hackers Could Threaten Critical US Infrastructure (Yahoo Finance) Chinese hackers could pose a serious threat to critical US infrastructure, according to a top US cybersecurity official.
Attackers Pummel Millions of Websites via Critical WooCommerce Payments Flaw (Dark Reading) A barrage of targeted attacks against vulnerable installations peaked at 1.3 million against 157,000 sites over the weekend, aimed at unauthenticated code execution.
As Many As 700,000 Turkish TikTok Accounts Were Hacked Before The Country’s Presidential Election (Forbes) A UK security agency warned TikTok about the exploited vulnerability more than a year earlier, but the company chose not to fix it.
Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns (Ars Technica) The exploited code-execution flaws are the kind coveted by ransomware and nation-state hackers.
New critical Citrix ADC and Gateway flaw exploited as zero-day (BleepingComputer) Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "strongly urges" to install updated versions without delay.
Citrix alerts users to critical vulnerability in Citrix ADC and Gateway (Computing) The vulnerability is already under active attack
Adobe, Microsoft and Citrix vulnerabilities draw warnings from CISA (Record) Issues in Adobe's ColdFusion product, a serious Microsoft bug and three vulnerabilities affecting Citrix software prompted the federal agency to take action this week.
Analysis of Storm-0558 techniques for unauthorized email access (Microsoft Security) On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues.
Google exposes intelligence and defense employee names in VirusTotal leak (Record) A list of 5,600 of the malware repository’s customers was uploaded, accidentally, to the platform itself, Der Spiegel reported. Google said it took the document down within an hour.
CISA orders govt agencies to mitigate Windows and Office zero-days (BleepingComputer) CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks.
Major government hack a wake-up call for agencies (The Hill) The global cyberattack that targeted a number of federal agencies should be seen as a wake-up call for the government, as the constant threat of cyberattacks for both the public and private sector …
The tail of the MOVEit hack may be longer than we realize (SC Media) A significant minority of victims disclosed thus far do not appear to be direct users of MOVEit Transfer and had their data stolen via a third-party provider.
Victims of Cyberattack on File-Transfer Tool Pile Up (Wall Street Journal) Data breaches through Progress Software’s MoveIt tool are rippling out to companies that don’t themselves use the product.
Dark Web Threats Against The Banking Sector › Searchlight Cyber (Searchlight Cyber) The report uses Searchlight Cyber's proprietary intelligence to demonstrate how banks are targeted by cyber criminals on the dark web and explains how banks can use this information to improve their cyber defense.
Job Scams Using Bioscience Lures Target Universities | Proofpoint US (Proofpoint) Key Takeaways
Proofpoint identified a series of campaigns using fraudulent job offers to target university students.
The lures mostly purported to be related to bioscience and health entities.
The campaigns began as early as March 2023 and continued through June 2023.
The threat actor tried to entice recipients to have a video call about the role, with the ultimate objective of the campaigns to likely to conduct advance fee fraud (AFF).
Overview
As layoffs impact thousands of people across many different industries, thre
Web of Deception: Online Scams to Avoid in 2023 | Security.org (Security.org) In today’s digital age, much of what is valuable to us hides behind passwords and usernames. While we might feel like our accounts are secure behind our screens, there are hackers and scammers who are eager to access our information. We conducted research into how about familiar American adults are with new types of internet …
Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware (BleepingComputer) Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation.
SophosEncrypt: Researchers expose new ransomware abusing the Sophos name (Computing) The executable uses 'Sophos' in the ransom notice and the '.sophos' extension for encrypted files
From Colonial Pipeline to JBS, how ransomware gangs negotiate ransom payments (Fast Company) No fewer than 8 out of 10 organizations paid a ransom at least once in 2022. Despite the frequency of ransomware attacks and the large sums being paid as bailouts, the exact negotiation tactics for ransom payments rarely make the news.
Iron ore giant Fortescue Metals targeted by Russian ransomware group (the Guardian) Australian mining company confirms hack occurred on 28 May but data disclosed ‘was not confidential in nature’
TOMRA Cyberattack update 2 (Tomra) In reference to the release on 17 July 2023 regarding an extensive cyberattack against TOMRA affecting some of the company’s data systems. To contain the attack, we immediately disconnected selected services and have since disconnected others. A team of internal and external resources is working around the clock to resolve the situation, and affected systems will remain offline until it is safe to open them. No new hostile activities have been detected.
Recycling giant Tomra hit with cyberattack (Computing) Norwegian recycling company Tomra has disconnected and isolated certain systems after an "extensive" cyberattack.
Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware (SecurityWeek) A threat actor’s real identity was uncovered after they infected their own computer with an information stealer.
VirusTotal Data Leak Exposes User Info, Including Intel Agencies' Data (HackRead) The news was initially reported by The Standard and German news magazine Der Spiegel, who claim the data leak is authentic.
Dating app spills 340GB of steamy data and 260,000 user profiles (SC Media) Over a quarter million users of 419 Date – Chat & Flirt had their customer data exposed to the internet via a misconfigured Amazon Web Server.
Imagine360 Suffers Third-Party Data Breach, 112K Impacted (Health IT Security) Imagine360 disclosed a third-party data breach to HHS involving its file-sharing platform, Citrix, resulting in exposed Social Security numbers and PHI.
No, the IRS is not sending emails to taxpayers about a third round of economic impact payments (verifythis.com) The IRS does not contact taxpayers through email and stimulus checks are no longer being issued in 2023. This is a phishing scam.
Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour (WeLiveSecurity) There is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud.
The Estée Lauder Companies Inc. Provides Information on Cybersecurity Incident (Business Wire) The Estée Lauder Companies Inc. (NYSE: EL) has identified a cybersecurity incident, which involves an unauthorized third party that has gained access to some of the Company’s systems.
Security Patches, Mitigations, and Software Updates
Citrix Releases Security Updates for NetScaler ADC and Gateway (Cybersecurity and Infrastructure Security Agency CISA) Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467) affecting NetScaler ADC and NetScaler Gateway. An attacker can exploit one of these vulnerabilities to take control of an affected system. According to Citrix, CVE-2023-3519 is being exploited on unmitigated appliances.
Adobe Releases Security Updates for ColdFusion | CISA (Cybersecurity and Infrastructure Security Agency CISA) Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion. An attacker can exploit some of these vulnerabilities to take control of an affected system.
CISA Releases Seven Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Trends
DDoS threat report for 2023 Q2 (The Cloudflare Blog) Q2 2023 saw an unprecedented escalation in DDoS attack sophistication. Pro-Russian hacktivists REvil, Killnet and Anonymous Sudan joined forces to attack Western sites. Mitel vulnerability exploits surged by a whopping 532%, and attacks on crypto rocketed up by 600%.
Research Reveals Significant Disconnect Between Security Operations Teams and the Effectiveness of Threat Detection Tools in Preventing Cyber Attacks (GlobeNewswire News Room) 90% of SOC analysts believe their current threat detection tools are effective, despite 97% reporting they fear of missing a relevant security event...
50 countries ranked on how they use, store, and share traveler data (Comparitech) With travel steadily returning to some kind of ‘normal’ following the pandemic, nations around the world are preparing for large numbers of tourists. But, have you ever considered how “private” our travels are? We voluntarily give personal data away at each desired destination in order to travel there, but what happens to all of those […]
SANS report: Companies underutilizing comprehensive API security tools (Akamai) API discovery and testing is slow, despite risks
API Security Survey Reveals Most Companies Not Yet Using API-Specific Controls (Akamai) Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released the results of a new survey of application security professionals on what they view as the top security risks related to Application Programming Interfaces (APIs).
New Research Reveals Critical Infrastructure Employees Are More Likely to Detect and Report Phishing and Malicious Emails (PR Newswire) Hoxhunt, the market leader in security behavior change, today released the findings of its latest research, the 'Human Cyber-Risk Report:...
Marketplace
CISO Global Acquires Veteran-Owned SB Cyber Technologies (PR Newswire) CISO Global, Inc. (NASDAQ: CISO), an industry leader as a managed cybersecurity and compliance provider announced that it has acquired SB Cyber...
Graylog Acquires Resurface.io’s API Security Solution (Business Wire) Strengthens Threat Detection and Incident Response Portfolio to address Growing API Threats
Cyber Security Startup PingSafe Launches from Stealth with $3.3M to Outsmart Attackers (Business Wire) PingSafe helps companies target their biggest cloud security challenges, providing coverage for exploitable vulnerabilities.
HolistiCyber Appoints Lord Jonathan Evans to Its Advisory Board (citybiz) Leading cybersecurity services and technology company HolistiCyber announces the appointment of Lord Jonathan Evans, former Director General of the British Security Service MI5,... Read More
Dave Reed Joins YL Ventures as Chief Financial Officer (GlobeNewswire News Room) Veteran VC finance expert brought on as full time CFO and strategic growth advisor to YL Ventures portfolio founders...
Products, Services, and Solutions
Corsha Awarded Contract with the Office of the Secretary of Defense Manufacturing Technology Program through unique Point of Need Challenge (Corsha) Corsha awarded new contract to address the cybersecurity limitations that forward-operating bases face in austere environments by providing zero-trust network access
Rubrik Unveils Integration with Microsoft 365 Backup to Boost Cyber Resilience and Recovery (GlobeNewswire News Room) New integration provides comprehensive management of Microsoft 365 and expands Microsoft 365 Backup offering...
Veeam Partners with Microsoft to Bring New Data Protection and Ransomware Recovery Capabilities to Veeam Backup for Microsoft 365 (Veeam Software) Veeam Partners with Microsoft to Bring New Data Protection and Ransomware Recovery Capabilities to Veeam Backup for Microsoft 365
Contrast Security Empowers Snap Finance to Enhance its Application Security Program and Consolidate Vulnerability Management with a Unified Security Platform (Contrast Security) The growing digital-finance company uses Contrast’s Secure Code Platform to streamline vulnerability identification and remediation, elevating application security and reducing risk.
BloodHound Enterprise from SpecterOps Available to Government Agencies through Palantir FedStart Offering (PR Newswire) Palantir Technologies Inc. (NYSE: PLTR) today announced a new partnership with SpecterOps to provide the government sector with SpecterOps'...
Skyhawk Brings its Powerful Generative AI Threat Detection to Amazon GuardDuty (GlobeNewswire News Room) Enables security teams to identify real threats and respond faster to the right GuardDuty findings, with a higher level of response automation and...
Runecast 6.6: Introducing Agentless Scanning & SaaS version (Runecast) Get results in minutes with our AI-powered security platform
ReasonLabs Expands Identity Protection Offering with RAV Online Security for Microsoft Edge Users (PR Newswire) ReasonLabs, the cybersecurity pioneer equipping families and individuals with the same level of cyber protection used by Fortune 500 companies,...
First SaaS-Based Data Masking & Tokenization Solution | Fortanix (Fortanix) Discover Fortanix's SaaS-based Data Masking and Tokenization Solution powered by Confidential Computing, reducing data breaches and ensuring compliance.
LimaCharlie Unveils SecOps Cloud Platform (Business Wire) Platform simplifies procurement, integration and deployment of sought-after security tools and solutions
Google's AI Red Team: the ethical hackers making AI safer (Google) Last month, we introduced the Secure AI Framework (SAIF), designed to help address risks to AI systems and drive security standards for the technology in a responsible manner.To build on this momentum, today, we’re publishing a new report to explore one critical capability that we deploy to support SAIF: red teaming. We believe that red teaming will play a decisive role in preparing every organization for attacks on AI systems and look forward to working together to help everyone utilize AI in a secure way.
Technologies, Techniques, and Standards
Paying ransoms to hackers is a mistake, Australia's new cybersecurity coordinator says (ABC) Australia's newly minted cybersecurity coordinator pleads with companies not to pay ransoms, saying doing so risks making the nation a rich target for cybercrime.
CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly (Cybersecurity and Infrastructure Security Agency) Access to New Logging by Default Will Enhance Cyber Defense and Incident Response
NEW BLOG | International Engagement – Brussels & Beyond (National Institute of Standards and Technology (NIST)) International engagement is an integral part of many ongoing NIST efforts, including the Journey to the Cybersecurity Framework (CSF 2.0) update, our update to the digital identity guidelines, and increasing awareness of the NIST Privacy Framework and IoT cybersecurity work.
The Biden administration is tackling smart devices with a new cybersecurity label (The Verge) Look for the “Cyber Trust” label on IoT devices next year.
Consumer Reports: White House proposal for national labeling system for connected products would boost security, privacy and transparency (CR Advocacy) WASHINGTON, DC – The White House hosted an event today for the official launch of a national labeling system for consumer connected devices. Consumer Reports…
An “Energy Star” Label for Cyber Is Moving Forward - R Street Institute (R Street Institute) Imagine a bad actor accessing the camera feed of a home video camera, or a smart appliance like an oven turning on remotely. These are two of many concerning realities—yet security around Internet of Things (IoT) devices remains absent from most Americans’ minds. Even for those who are aware of the threat, protection is a...
White House teams with Amazon, Google and Qualcomm on cybersecurity labels for gadgets (CNBC) Internet-connected devices like refrigerators, TVs and microwaves could bear the U.S. Cyber Trust Mark shield if they meet cybersecurity requirements.
White House unveils cybersecurity labeling program for smart devices (C4ISRNet) U.S. Cyber Trust Mark initiative to be overseen by the Federal Communications Commission, with voluntary industry participation.
US Cyber Trust Mark program positive move but might lead to false sense of security, says GlobalData (GlobalData) US Cyber Trust Mark program positive move but might lead to false sense of security, says GlobalData
[New Data] Block These Top Keyboard Walk Patterns Found in Compromised Passwords (Specops Software) Specops Software analyzed an 800 million password subset of the larger Breached Password Protection database to find the top keyboard walk patterns in compromised password data.
Design and Innovation
Defense Innovation Board pushes ‘Oasis’ fund for promising technology (C4ISRNet) The funding would help transition technology from startups and commercial companies to Defense Department procurement programs.
Legislation, Policy, and Regulation
Rival US Lawmakers Mobilize to Stop Police From Buying Phone Data (WIRED) A bill to prevent cops and spies from buying Americans’ data instead of getting a warrant has a fighting chance in the US Congress as lawmakers team up against surveillance overreach.
The National Cybersecurity Strategy Implementation Plan: A CSI Markup (DFRLab) Read CSI's markup of the Implementation Plan for the 2023 US National Cybersecurity Strategy alongside CSI staff, fellows, and experts for commentary on the document and what it means for the Strategy.
Get serious about data, US intelligence leaders tell agencies (Defense One) ODNI’s new three-year plan aims to turn data-gathering from afterthought to key asset.
Litigation, Investigation, and Law Enforcement
The United States Adds Foreign Companies to Entity List for Malicious Cyber Activities - United States Department of State (United States Department of State) Today, the U.S. government added four foreign commercial spyware entities to the Entity List for engaging in activities contrary to the national security or foreign policy interests of the United States. Intellexa S.A. in Greece, Intellexa Limited in Ireland, Cytrox AD in North Macedonia, and Cytrox Holdings Crt in Hungary were added to the Entity […]
Commerce Adds Four Entities to Entity List for Trafficking in Cyber Exploits (Bureau of Industry and Security) Today, the Commerce Department’s Bureau of Industry and Security (BIS) added four entities, Intellexa S.A. in Greece, Cytrox Holdings Crt in Hungary, Intellexa Limited in Ireland, and Cytrox AD in North Macedonia to the Entity List for trafficking in cyber
exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide.
European Spyware Firms Threaten Digital Security and Privacy, U.S. Says (Wall Street Journal) The Biden administration bans Cytrox and Intellexa from receiving U.S. technology amid rising concern over hacking tools
U.S. Adds Firms In Hungary, North Macedonia To Entity List For Malicious Cyberactivities (RadioFreeEurope/RadioLiberty) The U.S. government has added four commercial spyware operations to the Entity List, severely restricting them from doing business with U.S. firms.
U.S. blacklists spyware companies, citing security threats (Washington Post) Intellexa and Cytrox were added to a federal ‘entity list’ that prohibits American companies from engaging in certain trade activities with them
California Attorney General Announces Investigative Sweep Focused on Employment-Related Data (cyber/data/privacy insights) On July 14, 2023, the office of the California attorney general announced an investigative sweep of “large California employers” to request “information on the companies’ compliance with the California Consumer Privacy Act (CCPA) with respect to the personal information of employees and job applican
New Cyber Fraud Enforcement Unit will fight illegal online activity in Florida (FOX 13 Tampa Bay) Florida Attorney General Ashley Moody announced the state's first ever Cyber Fraud Enforcement Unit, aimed at fighting illegal online activity in Florida.
Odessa City Council Announces Criminal Investigation into Online Data Breach (The Texan) Hundreds of documents have been taken via accounts belonging to the former city attorney and at least one other former employee.