Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+538: More use of illegals as spies. (CyberWire) Ukraine continues its slow advance toward the Sea of Azov, and Russia continues missile strikes against civilians.
Russia-Ukraine war: List of key events, day 539 (Al Jazeera) These are the main developments as the Russian invasion of Ukraine enters its 539th day.
Russia-Ukraine war at a glance: what we know on day 539 of the invasion (the Guardian) Three killed in Russian strikes on Volyn; Russia raises interest rates to 12%
Russia unleashes a country-wide missile barrage on Ukraine (Military Times) The barrage came hours before Russian military officials and their counterparts from Asia, the Middle East and Africa gathered for a security conference.
At least four killed as Russia fires rockets into Ukrainian cities (the Guardian) Cruise missiles fired into Lutsk and Lviv during nighttime attack on eight regions of country
Ukraine Claims Strategic Town Recaptured As Counteroffensive Makes Progress In The South (RadioFreeEurope/RadioLiberty) Ukrainian forces have recaptured the southwestern Donetsk region town of Urozhayne, a key objective in Ukraine's bid to cut the so-called land bridge between the Russian-occupied parts of the Donetsk and Luhansk regions and the occupied Ukrainian Crimean Peninsula, a top official said on August 16.
Ukraine strikes back against Russia as world’s first drone war escalates (Atlantic Council) Recent drone attacks in Moscow and on Russian shipping in the Black Sea are an indication that Ukraine is becoming increasingly bold as it seeks to strike back in what is the world's first ever drone war, writes Marcel Plichta.
Russia's Summer Of Fires (RadioFreeEurope/RadioLiberty) A spate of fires and explosions, some affecting industrial complexes linked to the Kremlin's war effort, has rocked Russia in recent months. Here are some of the most significant.
Ukraine-Russia war: Civilians killed by Russian strikes near Polish border (The Telegraph) Three people were killed in Russian “precision” strikes on cities in western Ukraine near the Polish border.
How Ukraine changed its tactics to save its faltering counter-offensive (The Telegraph) Destroying Russian artillery, and long-range strikes on supply lines and logistical targets could help Zelensky break through enemy lines
Polish guards are in ‘hybrid warfare’ patrolling country’s dangerous border (The Telegraph) Guards equipped with machine guns and handcuffs as Belarusian soldiers assist with illegal migrant crossings
Latvia Beefs Up Belarus Border Protection Following 96 Illegal Crossing Attempts (RadioFreeEurope/RadioLiberty) The Latvian border guard service said on August 15 it had requested army and police assistance to guard the border with Belarus after registering 96 attempts to cross the border illegally in a 24-hour period.
Olaf Scholz inches closer to sending long-range missiles to Ukraine (The Telegraph) Germany is preparing to follow Britain, which was the first ally to send air-launched cruise missiles to Kyiv before the counter-offensive
The US Army is rushing to rearm its electronic warriors after watching Russia and Ukraine jam each other's drones (Business Insider) The battle being waged over Ukraine's airwaves is adding "urgency" to the US Army's own electronic-warfare programs, an Army official says.
A ‘Cyber Pearl Harbor’ is a myth—daily cyberattacks are the real problem (Fast Company) A decade after the Pentagon sounded the alarm over a large scaie debilitating digital hack, it turns out that the real threat is the constant stream of smaller assaults, this cybersecurity leader says.
War and Peace: How lessons learnt in cyber warfare can be applied to business (BCS, The Chartered Institute for IT) Tim Clark MBCS Tim talked with Charlie Bradbury, a public sector security strategy consultant with military experience. The discussed the war in Ukraine and its implications for future conflict and cyberwarfare.
German Embassy Lure: Likely Part of Campaign Against NATO Aligned Ministries of Foreign Affairs (EclecticIQ) EclecticIQ researchers identified two PDFs that are likely part of an ongoing campaign targeting Ministries of Foreign Affairs of NATO aligned countries.
PDF lures aimed at NATO countries contain a Russian clue (Record) Documents that appear to be from a Germany embassy contain malware, including a strain with Russian roots called Duke.
Recent Intel Report Reveals New Starlink Vulnerabilities, Increasing Concerns About the Future of Global Satellite Internet (The Debrief) Intel report reveals how Russian military intelligence have created custom malware to exploit Starlink security vulnerabilities.
Russia slaps Reddit, Wikipedia with fines (Cybernews) A court in Moscow fined Reddit and Wikimedia Foundation, which owns Wikipedia, for refusing to delete “banned content” about Russia’s war in Ukraine.
Ukraine hits out at giving Putin land in return for Nato membership (The Telegraph) Suggestion by top official that Kyiv could cede territory is angrily dismissed on a day of further casualties to Russian missile strikes
Zelensky Called Him a Criminal. Now Ukraine Calls Him for Guns and Ammo. (New York Times) In its hunt for weapons, Ukraine has rolled back anticorruption rules and turned to people once seen as relics of an anything-goes era.
Interview: War Journalist Says 'Nothing Will Change In Russia Until It's Defeated In Ukraine' (RadioFreeEurope/RadioLiberty) Jonathan Littell has covered Russian wars in Chechnya, Georgia, and now in Ukraine. The French-American journalist says the West's failure after those earlier conflicts to take harsher measures signaled to the Kremlin it could do "anything it wanted in their backyard without anyone really caring."
The rouble crash is Putin’s moment of truth (The Telegraph) Russia now faces a currency slide and drastic monetary tightening at the same time
Cargo Ship Leaves Ukraine's Odesa Port Despite Russian Blockade (RadioFreeEurope/RadioLiberty) A cargo ship has left the Ukrainian Black Sea port of Odesa in a test of what the Ukrainian government has described as a temporary "humanitarian corridor" to allow commercial ships to leave its ports despite a Russian blockade.
Three suspected Russian spies arrested by counter-terror police (The Telegraph) The trio, all Bulgarian nationals and said to have lived in the UK for years, have been charged with identity offences
Investigative News Outlet Reports On Alleged Poisoning Of Russian Journalists, Activist Living Outside Russia (RadioFreeEurope/RadioLiberty) The investigative news outlet The Insider has revealed alleged attempts to poison two Russian journalists and a civil activist who have fled the country.
Russia Labels Warsaw-Based Group For A Free Russia As 'Undesirable Organization' (RadioFreeEurope/RadioLiberty) The Russian Prosecutor-General's Office on August 16 recognized the Warsaw-registered group For A Free Russia, which assists Russian citizens who face persecution at home and seek asylum abroad, as "an undesirable organization."
Former Minister Of Russia's Komi Republic Flees To United States To Avoid Conscription (RadioFreeEurope/RadioLiberty) The former agriculture minister of Russia's northern Komi Republic, Denis Sharonov, has fled to the United States to avoid conscription to the war in Ukraine.
A cherished weekend flea market in the Ukrainian capital survives despite war (AP News) The Pochaina neighborhood in the Ukrainian capital comes alive every weekend as hundreds of people flock to its famous flea market, looking for finds.
Attacks, Threats, and Vulnerabilities
Emerging hacking group Team NWH Security targets Bangladeshi banks and military (Cybersecurity Connect) A relatively obscure hacking collective has gone on a DDoS rampage targeting two banks and the navy and air force of Bangladesh.
Ministry warns of data security risks after US agencies identified behind cyberattack on Wuhan Earthquake Monitoring Center (Global Times) China's Ministry of State Security (MSS) on Wednesday warned of data security risks after recent reports identified US intelligence agencies were behind a cyberattack on Wuhan Earthquake Monitoring Center.
China accuses U.S. intelligence agencies as source behind Wuhan cybersecurity attack (ZDNET) Chinese officials say the July attack on Wuhan Earthquake Monitoring Center targeted sensitive data and revealed a complex malware typically used by U.S. intelligence agencies.
China teases imminent exposé of seismic US spying scheme (Register) Again labels America a hacker empire over alleged backdoors found in earthquake monitoring kit
Major Energy Company Targeted in Large QR Code Campaign (Cofense) Discover why malicious actors are leveraging web3 services, QR codes, and other tactics to gain access to valuable data for a major energy company
Raccoon Stealer malware returns with new stealthier version (BleepingComputer) The developers of Raccoon Stealer information-stealing malware have ended their 6-month hiatus from hacker forums to promote a new 2.3.0 version of the malware to cyber criminals.
2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability (SecurityWeek) A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor.
Hacking ATMs by exploiting flaws in ScrutisWeb ATM fleet software (Security Affairs) Researchers found several flaws in the ScrutisWeb ATM fleet monitoring software that can expose ATMs to hack. Researchers from the Synack Red Team found multi flaws (CVE-2023-33871, CVE-2023-38257, CVE-2023-35763 and CVE-2023-35189) in the ScrutisWeb ATM fleet monitoring software that can be exploited to remotely hack ATMs. ScrutisWeb software is developed by Lagona, it allows to […]
Patch Now: OpenNMS Bug Steals Data, Triggers Denial of Service (Dark Reading) Monitoring platform is trusted by Cisco, Savannah River Nuclear Solutions, and others in CISA's critical infrastructure Sectors, say Synopsys researchers.
Massive EvilProxy Phishing Attack Campaign Bypasses 2FA, Targets Top-Level Executives (TechRepublic) This attack sent approximately 120,000 phishing emails to organizations worldwide with the goal to steal Microsoft 365 credentials.
How I Accidentally Uncovered a Crypto Mining and Investment Fraud Network (vpnMentor) Recently, a friend of mine who is a novice crypto investor reached out to me asking if I could look into a company that promotes crypto mining and investment. The website promised
How & Why Cybercriminals Fabricate Data Leaks (Dark Reading) A closer look at the nature of fake leaks can provide guidance on how to effectively mitigate associated risks.
Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware (SecurityWeek) Hudson Rock has identified credentials for hacker forums on roughly 120,000 computers infected with information stealers.
Increase in Companies Falsely Claiming an Ability to Recover Funds Lost in Cryptocurrency Investment Scams (IC3) The FBI warns of an increase in cryptocurrency recovery schemes, which exploit victims who lost cryptocurrency to fraud, scams, and theft. In 2022, victims reported losing more than $2.5 billion in cryptocurrency investment frauds1 alone, according to the FBI Internet Crime Complaint Center (IC3).
LinkedIn Accounts Under Attack (Cyberint) Cyberint has observed an alarming emerging trend - an ongoing and successful hacking campaign is targeting LinkedIn accounts. Here's what you need to know.
LinkedIn faces surge of account hijacking (Computing) Hackers take over accounts with weak security, change the email to a rambler.ru address, reset the password and implement 2FA to lock out the genuine account holder.
LinkedIn accounts hacked in widespread hijacking campaign (BleepingComputer) LinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons or ultimately hijacked by attackers.
Clorox takes servers offline, notifies law enforcement after ‘unauthorized activity’ (Record) Cleaning product giant Clorox announced a cybersecurity incident this week that forced it to take several systems offline.
FBI warns of increasing cryptocurrency recovery scams (BleepingComputer) The FBI is warning of an increase in scammers pretending to be recovery companies that can help victims of cryptocurrency investment scams recover lost assets.
Even more UK cops step forward with data leak confessions (Register) Norfolk and Suffolk constabularies admit to accidentally including raw crime data in FoI responses
Norfolk and Suffolk police: Victims and witnesses hit by data breach (BBC News) The data includes descriptions of domestic assaults, sexual offences and hate crimes, police say.
Norfolk and Suffolk Police data breach: Data of victims and witnesses included in FOI responses (Sky News) The data was hidden from anyone opening the files, but should not have been included, according to the forces.
UK police data breach exposes victim information (CSO Online) Disclosure occurred within Freedom of Information (FOI) responses issued by law enforcement agencies.
MOVEit data breach hits 134,000 Bay Staters (Axios) Some 134,000 Massachusetts residents may have had their personal information stolen in a data breach involving a widely used file-transfer software, state officials and UMass Chan Medical say.
Massachusetts health officials warn of data breach affecting more than 134,000 people, state says (Boston 25 News) Massachusetts health officials are warning residents of a “global security incident” affecting the personal information of more than 134,000 people, state officials said Tuesday.
Health officials say 134,000 people in Massachusetts affected by data breach (NBC Boston) The Executive Office of Health and Human Services said that exposed data varies by person, but in each case includes the person’s name and at least one other piece of information like date of birth, mailing address, protected health information like diagnosis and treatment details, Social Security number and financial account information.
Discord.io Temporarily Shuts Down Amid Breach Investigation (Dark Reading) The platform plans to revamp its website code and conduct "a complete overhaul" of its security practices.
PwC Audit Client Gets Added to the List of Companies That Have to Send Out Letters to Customers About a Data Breach (Going Concern) "The job of auditing Popular requires, due to its nature, that Popular share client information," said a data breach notice sent to customers
Cyberattack hits national Multiple Listing System provider, affects Cape agents (Boston.com) The real estate listing service, MLS, experienced a cyberattack, leaving many systems unusable to customers.
Suburban DC school district responds to cyberattack (Record) Officials from Prince's Georges County Public Schools in Maryland said an incident affected a few thousand user accounts, but key business and information systems were still running.
Security Patches, Mitigations, and Software Updates
CISA Releases Two Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released two Industrial Control Systems (ICS) advisories on August 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-227-01 Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon
ICSA-23-227-02 Rockwell Automation Armor PowerFlex
Zoom revises terms again to say it doesn’t use customer data to train AI models (Record) Zoom has updated its terms of service (TOS) again to remove language about using content collected from its communication app to train artificial intelligence models, following a barrage of criticism from users and privacy advocates.
Trends
CrowdStrike report shows ID attacks and keyboard activity monitoring on the rise (APDR) CrowdStrike announced the release of the CrowdStrike 2023 Threat Hunting Report. The company’s sixth annual edition of the report, which covers attack trends and adversary tradecraft observed by CrowdStrike’s elite threat hunters and intelligence analysts, revealed a massive increase in identity-based intrusions, growing expertise by adversaries targeting the cloud, a 3x spike in adversary use of legitimate remote monitoring and management (RMM) tools, and a record low in adversary breakout time.
Bribery and Corruption Concerns Drive 650% Increase for Regtech AI - African Eye Report (African Eye Report) A new study from Juniper Research, the foremost experts in fintech, has found that the total number of KYC checks for banking, conducted using AI, will reach almost 175 million globally by 2028; up from just over 23 million in 2023. The demand for regtech solutions is increasing across not only financial services, but also industries […]
6 things you may have missed at Hacker Summer Camp (Security Boulevard) Tens of thousands of the world’s top cybersecurity pros descended on Las Vegas last week for the annual Hacker Summer Camp, with hundreds of sessions spread over three events. Taking it all in is an impossible task.
Dig Security State of Cloud Data Security 2023 Report Finds Exposed Sensitive Data in More Than 30% of Cloud Assets (PR Newswire) Dig Security, the cloud data security leader, today released findings from its first-ever State of Cloud Data Security 2023 Report. The...
The rise of the tech ethics congregation (MIT Technology Review) In a world where tech has become a transcendent force, people are always looking for guidance.
Marketplace
What could your company do with $2M? (DataTribe) This is the last week for teams to submit an application for the $2M DataTribe Challenge. The application window is open through Friday, October 30th. The DataTribe Challenge brings together the best entrepreneurs in the world to looking to disrupt cybersecurity and data science. DataTribe selects three finalists that split $20,000 in prize money and one winner that could receive up to $2 million in seed capital.
Bitdefender Completes Acquisition of Horangi Cyber Security (Bitdefender) Transaction Expands Bitdefender Product and Services Portfolio with Cloud Infrastructure Entitlement Management, Cloud Security Posture Management and Security Consulting Services
OX Security Receives Strategic Investment From IBM Ventures (Dark Reading) OX Security, a supply chain security solution and founding member of the Open Software Supply Chain Attack Reference (OSC&R), announced today that it received an investment from IBM, the leading hybrid cloud and AI company and the parent company of Red Hat, the world's leading provider of enterprise open source solutions.
Gallant Capital Partners Invests in Cybersecurity Firms DynTek and rSolutions to Support Growth and Innovation (PR Newswire) Gallant Capital Partners ("Gallant"), a Los Angeles-based investment firm, announced that it has completed a strategic growth investment in...
Thoma Bravo Extends Closing Date on ForgeRock Deal to Forestall Antitrust Review (Middle Market) Thoma Bravo has agreed to extend its closing date on a $2.3 billion acquisition of ForgeRock Inc. to give the U.S. Justice Department an additional week to decide whether to challenge the deal in court, according to Bloomberg News.
Kandji Named to Forbes’ Next Billion-Dollar Startup List 2023 (GlobeNewswire News Room) Apple Device Management and Security Platform Recognized as Top Venture-Backed Startup with the Potential to Reach Unicorn Status...
ReversingLabs’ path to success: Staying true to customers and the product was key (Security Boulevard) Cybersecurity is a lucrative industry, with the market‘s revenue expected to reach $162 billion by the end of this year. But, as history has shown, plentiful capital does not always translate into market success.
RisX LLC, a Boutique Cybercompliance and IT Advisory Firm, Receives Certification by the Women’s Business Enterprise National Council (GlobeNewswire News Room) RisX LLC, a boutique cybercompliance and IT advisory firm, is proud to announce national certification as a...
David Tulip: 'Talent shortage has been real - but things are changing now' (CRN) We speak to a channel veteran about his opinion on the talent shortage, the challenges and opportunities it provides
GCA and Cyber Security Canada to join forces working together to reinforce Canada's digital infrastructure (Global Cyber Alliance) The Global Cyber Alliance (GCA) and Cyber Security Canada NFP are thrilled to announce a ground-breaking partnership. The collaboration is designed to intensify the fight against escalating cybersecurity threats and reinforce Canada’s digital infrastructure.
Lockheed Martin continues strong partnership with Women in CyberSecurity (WiCyS) (PR Newswire) Since 2018, Lockheed Martin has been a WiCyS Tier 1 strategic partner that focuses on year-round engagement, especially encouraging...
Eclypsium Expands Leadership Team With New Executive Hires, Reinforcing Commitment to Supply Chain Security (Eclypsium) Portland, OR – August 15, 2023 – Eclypsium®, the supply chain security company protecting critical hardware, firmware, and software products and technologies, today announced the addition of two new executives to the company’s leadership team. The appointment of John Ewert as Chief Financial and Operating Officer and Chris Radosh as Vice President of Business Development […]
Rubrik Appoints Jesse Green as Vice President of Sales for the Americas (GlobeNewswire News Room) Former MongoDB executive joins to help accelerate growth and help continue building momentum for data security leader...
Products, Services, and Solutions
KnowBe4 Launches New National Cybersecurity Awareness Month Resource Kit (KnowBe4) KnowBe4 Launches New National Cybersecurity Awareness Month Resource Kit
Mandiant Releases Scanner for Citrix ADC Bug (Decipher) Mandiant has released a scanner to identify appliances that have been compromised through exploitation of CVE-2023-3519.
SandboxAQ Collaborates with More Than 30 Universities, Corporations and Educational Organizations to Expand AI and Quantum Training (PR Newswire) SandboxAQ today announced it has formed relationships with more than 30 major universities and other educational organizations and has...
MongoDB Announces General Availability Of End-To-End Data Encryption Technology (MongoDB) MongoDB Queryable Encryption enables organizations to meet the strictest data-privacy requirements by providing first-of-its-kind, end-to-end data encryption
EY Launches Intelligent Extended Detection Response Solution to Combat Cyber Threats (MSSP Alert) EY IXDR is a service providing 24x7 threat monitoring, detection and response on an open XDR platform to slash response time down to minutes.
Argo Edge from CISO Global Successfully Sustains More than 125,000 Cyberattacks at DEF CON (PR Newswire) Newly Launched AI-Powered Security Solution Tested by Thousands of Hackers Under Real-World Conditions; Platform Learned from Each Cyberthreat to Continuously Improve
Versa Networks Named a Leader in Zero Trust Edge Solutions Research Report by Leading Industry Analyst Firm (Business Wire) Versa’s AI/ML-powered Unified SASE Platform Scored Highest in Current Offering Category; Also Received Highest Possible Scores in Management, Vision, and Innovation Criteria
Blues Expands Global IoT Connectivity Solutions in EMEA (PR Newswire) Blues, a leader in connected Internet of Things (IoT) technology enabling data-driven solutions, announced today that it has expanded business...
Semperis Launches Security-Centric Active Directory Migration and Consolidation Solution to Accelerate AD Modernization and Reduce Customers’ Attack Surfaces (Business Wire) Semperis appoints AD modernization services expert Michael Masciulli to lead Semperis’ security-centric Active Directory migration and consolidation offering, distributed through partners
AvePoint Elevates Control Suite with Introduction of AvePoint EnPower (GlobeNewswire News Room) Advanced capabilities improve SaaS management across Microsoft 365 and Power Platform, driving operational efficiency and automated governance...
Aqua Security Named the Platform Leader in Innovation in GigaOm Radar Report for Cloud Security Posture Management (CSPM) (GlobeNewswire News Room) Aqua outranks competitors as the most innovative platform play with its novel technology...
Technologies, Techniques, and Standards
How to prevent and prepare for a cyber catastrophe (Security Intelligence) Ransomware and data leaks are inconvenient and costly. But is your organization prepared for a cyber incident that leads to mass casualties?
Pentagon’s vulnerability disclosure program developing expansion plans to cover more contractors (Federal News Network) Melissa Vice, the director of the Department of Defense’s Vulnerability Disclosure Program, said the 12-month voluntary pilot with defense contractors found vendors faces similar challenges as the…
3 Major Email Security Standards Prove Too Porous for the Task (Dark Reading) Nearly 90% of malicious emails manage to get past SPF, DKIM, or DMARC, since threat actors are apparently using the same filters as legitimate users.
Three Factors That Weaken Data Classification—and Lead to Data Breaches (Capterra) Learn why some companies experience fewer data breaches and how it might be tied to their data management practices that help mitigate human errors and behaviors.
Three Steps To Effective Cybersecurity Harmonization (Forbes) Bad cyber actors have been particularly active this year.
2023 Edge Ecosystem: Focus on Sled (AT&T Cybersecurity) Based on the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem, this report focuses on state and local government, and higher education in the US.
Federal CISO doubles down on phishing-resistant MFA following Lapsus$ review (Federal News Network) Chris DeRusha doubled down on the requirement in the federal zero trust strategy for agencies to use phishing-resistant multifactor authentication.
US Army set to test combined cyber, jamming, signal intelligence tool (C4ISRNet) TLS-BCT is designed to provide smaller Army formations a means to understand their surroundings and disrupt networks and advanced electronics.
Design and Innovation
Italian team wins Space Force's first on-orbit Hack-A-Sat contest (Breaking Defense) The five finalists in the Hack-A-Sat 4 contest competed in nine different challenges, seven of them involving hacking into the Moonlighter CubeSat built by The Aerospace Corporation and Space Systems Command as a on-orbit cybersecurity testbed.
Academia
Back to school security against ransomware attacks on K-12 and colleges (BleepingComputer) As we get back to school, K-12 and colleges are increasingly at risk from ransomware and data theft attacks. Learn more from Specops Software on the steps IT teams at education institutes can take to protect their care orgs from disruption and stolen data.
Legislation, Policy, and Regulation
The AI Power Paradox (Foreign Affairs) Can States Learn to Govern Artificial Intelligence—Before It’s Too Late?
Presidential Election candidates urged to guard against foreign interference, cybersecurity threats (CNA) Singapore is not immune to foreign interference, which undermines political sovereignty and harms social cohesion, said MHA, CSA and ELD.
CISA Closing in on Final Cyber Guidelines for Microsoft, Google Cloud (Meritalk) The Cybersecurity and Infrastructure Security Agency (CISA) has led a handful of identity security initiatives over the past year, and, according to a CISA official, is closing in on finalized guidance on recommended cybersecurity configuration baselines for select cloud products – like Microsoft 365 and Google Workspace.
White House hosts roundtable on harmful data broker practices (CyberScoop) The roundtable coincides with an announcement from the CFPB that it will be issuing proposed rules reining in data brokers.
CFPB to crack down on data brokers, Chopra says at White House event (CNBC) The CFPB announced the proposed rules at a White House event focused on data brokers in the age of AI.
SEC cybersecurity rules shape the future of incident management (Help Net Security) The SEC adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose risk information.
Chamber of Commerce urges SEC to delay cyber rule implementation (Cybersecurity Dive) The SEC has “chosen speed over accuracy” while ignoring important business community concerns in pushing out the new regulations, the U.S. Chamber of Commerce says.
Litigation, Investigation, and Law Enforcement
‘Real and growing threat’: Almost every state government body hit in cyberattack surge (The Age) Ninety per cent of Victorian government agencies were targeted in cyber attacks last year, exposing critical services to serious disruption, a new report shows.
Voting machine hacking plot figures into Trump indictment (Nextgov.com) A plot allegedly hatched by lawyer Sidney Powell to use stolen data to rewrite the results of the Georgia vote in the 2020 election is a key piece of the fourth indictment of former President Donald Trump.
Trump faces 13 counts in Georgia indictment; 18 others charged (Washington Post) Former president Donald Trump and 18 others were criminally charged in connection with efforts to overturn Joe Biden’s 2020 win in Georgia.
Here’s who else was charged in Georgia (other than Trump) (Washington Post) Rudy Giuliani, Mark Meadows, John Eastman and Sidney Powell are among the 18 others who were indicted
Former senior FBI official pleads guilty to illegally assisting Putin ally (Washington Post) Former high-ranking FBI official Charles McGonigal pleaded guilty Tuesday in federal court to conspiring to violate U.S. sanctions and to laundering money by secretly working on behalf of a Russian oligarch he had been tasked with investigating.
Former FBI Agent Charles McGonigal Pleads Guilty to Helping Russian Oligarch (Wall Street Journal) Former counterintelligence chief said he accepted secret payments from sanctioned billionaire Oleg Deripaska.
Former high-level FBI official pleads guilty in connection to scheme working for sanctioned Russian oligarch (CNN) The former head of counterintelligence for the FBI’s New York field office pleaded guilty Tuesday to one count of conspiracy in connection to a scheme working for a sanctioned Russian oligarch in 2021.
FTC Charges Experian with Spamming Consumers Who Signed Up for Company Accounts with Marketing Emails They Couldn’t Opt Out Of (Federal Trade Commission) The Federal Trade Commission will require Experian Consumer Services, which offers consumers access to their Experian credit information, to pay $650,000 to settle charges i
FTC accuses Experian of spamming customers with no way out (Record) The credit reporting giant didn't offer consumers an "unsubscribe" option on emails that were essentially marketing communications, the FTC says.
Watchdog: ‘Hate speech,’ other ‘derogatory’ discussions littered intel message apps (Washington Post) Watchdog identifies ‘systemic’ misuse of U.S. spies’ chatrooms