Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+545: Spinning food shortages to the BRICS. (CyberWire) Ukraine is urged to concentrate forces for its advance toward the Sea of Azov as it continues to make deliberate progress toward that objective.
Russia-Ukraine war: List of key events, day 546 (Al Jazeera) As the war enters its 546th day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 546 of the invasion (the Guardian) Ukrainians believed to have retaken south-eastern village of Robotyne; Putin tells Brics countries Russia could take Ukraine’s place as grain supplier
Ukraine blows up five jets ‘deep within Russian territory’ (The Telegraph) MoD says drone attacks included destruction of supersonic bomber at air base near St Petersburg 400 miles from border
Kyiv saboteurs were behind drone attacks on Russian air bases–report (Military Times) The attacks on Russian airfields on Saturday and Monday destroyed two Russian bombers and damaged two other aircraft, according to Ukrainska Pravda.
Ukraine has not reached a ‘stalemate’ against Russia: White House (The Hill) The White House on Tuesday said it did not assess that Ukraine has reached a stalemate in its defensive war against Russia, as reports from the battlefield detail Kyiv’s struggles to oust Moscow’s forces from dug-in positions on the front lines.
On the Front Line, Ukrainian Commanders Are Buoyed to Be on the Offensive (New York Times) Despite tough fighting and heavy casualties, Ukrainian commanders say their forces are in better shape now than just months ago, while Russian troops appear worse off.
Ukraine’s Forces and Firepower Are Misallocated, U.S. Officials Say (New York Times) American strategists say Ukraine’s troops are too spread out and need to concentrate along the counteroffensive’s main front in the south.
Ukraine’s army is running out of men to recruit, and time to win (The Telegraph) Victory may be in sight for Vladimir Putin
Opinion: What Russians think of the drone attacks on their country (CNN) In recent days, Russia has increasingly come under alleged Ukrainian drone attack. It seems the war is coming to Russia – but that doesn’t mean it will change Russian minds, writes Jade McGlynn.
Poland says Russia’s moving tactical nuclear weapons to Belarus (Military Times) Poland’s President Andrzej Duda says moving the weapons will shift the security architecture of the region and the entire NATO military alliance.
At a Much-Watched BRICS Summit, Putin Tries to Rally Support (New York Times) Leaders of Brazil, India, China and South Africa addressed other topics, but Russia’s president, unable to attend in person because he is wanted for war crimes, put the war in Ukraine at center stage in the meeting.
Manliness, Prestige and Cash: How Military Service Is Sold on Russian TV (New York Times) The Times tracked several months of Russian state messaging in the Kremlin’s effort to recruit soldiers.
What the 1939 Molotov-Ribbentrop Pact tells us about today’s war in Ukraine (Atlantic Council) Putin's rehabilitation of the Nazi-Soviet pact shows that only credible security guarantees will protect Ukraine from Russian aggression.
Putin weaponizes history with new textbook justifying Ukraine invasion (Atlantic Council) A new Kremlin-approved history textbook for Russian schoolchildren offers an unapologetically imperialistic view of Russia's past while attempting to justify the current invasion of Ukraine, writes Taras Kuzio.
Why Putin’s Russia cannot accept its borders (Atlantic Council) Vladimir Putin's attempts to justify the invasion of Ukraine as a just war to reunite historically Russian lands reflect the expansionist ideology at the heart of modern Russia's imperial identity, write Glenn Chafetz and John Sipher.
Kremlin Flacks Tease Next ‘Global’ Targets of Putin’s Wrath (The Daily Beast) Russian lawmakers and pro-Kremlin news stars have taken to live television to bet on the next international crisis Putin is eyeing after Ukraine.
Belarus dictator Lukashenka must face justice for role in Russia’s Ukraine war (Atlantic Council) It is time for a serious conversation on how to hold Belarusian dictator Alyaksandr Lukashenka accountable for his participation in Russia’s brutal full-scale invasion of Ukraine, writes Katie LaRoque.
Americans’ support for helping Ukraine remains strong. Just look at the polls. (Atlantic Council) Polling uncovering Americans' views of US aid to Ukraine should embolden US politicians to continue to advocate for Kyiv’s victory over the Russian invaders.
Ukraine’s Military Hacked by Russian Backed USB Malware (Ophtek) The news footage may focus on military strikes, but, behind the war in Ukraine, cyberattacks are being utilised as a major weapon by Russia. Government-backed cyberattacks are nothing new, and they will continue to be utilized as part of global espionage campaigns for the foreseeable future. However, while these attacks are unlikely to be aimed […]
Attacks, Threats, and Vulnerabilities
Smoke Loader Drops Whiffy Recon Wi-Fi Scanning and Geolocation Malware (SecureWorks) Learn how threat actors could use the geolocation data to track compromised systems.
XLoader's Latest Trick | New macOS Variant Disguised as Signed OfficeNote App (SentinelOne) Notorious botnet and infostealer XLoader makes a return to macOS with a new dropper and malware payload.
New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App (The Hacker News) Beware macOS users! A sneaky variant of the XLoader malware hides inside an app called "OfficeNote."
MacOS version of info-stealing XLoader gets an upgrade (Record) A previous macOS-oriented version of XLoader had some limitations. Researchers say the info-stealer now can run on more machines while potentially dodging detection.
Luna Grabber Malware Hits Roblox Devs Through npm Packages (Hackread) The campaign, which began at the start of August 2023, revolves around malicious packages impersonating the legitimate noblox.js, a popular Node.js Roblox API wrapper.
Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset (Infosecurity Magazine) ESET's investigation also revealed that certain Spacecolon versions contain Turkish strings
Legitimate software tainted in attacks on Hong Kong organizations, report says (Record) Symantec says it found abuse of the legitimate Cobra DocGuard software by a previously unknown advanced persistent threat (APT) group that it's labeling as Carderbee.
The Secret Weapon Hackers Can Use to Dox Nearly Anyone in America for $15 (404 Media) Most Americans have very little choice but to provide their personal information to credit bureaus. Hackers have found a way into that data supply chain, and are advertising access in group chats used by violent criminals who rob, assault, and shoot targets.
Discord Malware and TOWINAP ("The Only Way Is Nuke and Pave") - DomainTools | Start Here. Know Now. (DomainTools) In the PC gaming community via Discord, can your computer come back from a malware infection? This article explores the obstacles of cleaning a system versus TOWINAP (The Only Way Is Nuke And Pave)
Smart light bulbs could give away your password secrets (Naked Security) Cryptography isn’t just about secrecy. You need to take care of authenticity (no imposters!) and integrity (no tampering!) as well.
TP-Link Smart Bulb Vulnerabilities Expose Households to Hacker Attacks (SecurityWeek) Vulnerabilities in the TP-Link Tapo L530E smart bulb and accompanying mobile application can be exploited to obtain the local Wi-Fi password.
Scraped data of 2.6 million Duolingo users released on hacking forum (BleepingComputer) The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.
Ivanti warns of new actively exploited MobileIron zero-day bug (BleepingComputer) US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.
Cyber-Attack on Australian Utility Firm Energy One Spreads to UK Syste (Infosecurity Magazine) Australian utility company Energy One confirmed it had taken steps to limit a cyber-attack affecting its corporate systems
Unpacking the MOVEit Breach: Statistics and Analysis (Emsisoft) How many organizations were affected by the MOVEit attack? This post looks at the statistics, and how we may be able to prevent similar attacks in future.
MOVEit Exploitation Fallout Drives Record Ransomware Attacks (Infosecurity Magazine) Ransomware attacks hit record levels in July 2023, driven by the Clop gang’s exploitation of the MOVEit vulnerability, according to NCC Group’s Threat Intelligence team.
Cisco's Duo Security suffers major authentication outage (Register) Provides complete security by not letting anyone login
Authentication slowness or failure to load Duo Prompt on DUO1 (Duo Security) The issue causing authentication failures on DUO1 has been fully resolved. All authentications are working as expected.
Ongoing Duo outage causes Azure Auth authentication errors (BleepingComputer) Cisco-owned multi-factor authentication (MFA) provider Duo Security is investigating an ongoing outage that has been causing authentication failures and errors starting three hours ago.
Ransomware infection wipes all CloudNordic servers (Register) IT outfit says it can't — and won't — pay the ransom demand
Cyberattack on Belgian social service centers forces them to close (Record) Charleroi, Belgium, says facilities will only be open “except for absolute emergencies."
Major Mississippi hospital system takes services offline after cyberattack (Record) One of the largest hospital systems in Mississippi was forced to take several internal services offline after a cyberattack that began last week.
University of Minnesota reports possible breach of "sensitive data" (CBS News) Few details were immediately available, but U officials say that they "became aware that an unauthorized party claimed to possess sensitive data allegedly taken from the University's systems" late last month.
University of Minnesota investigating a data breach, notified law enforcement (Star Tribune) University officials said affected data is from 2021 and earlier, but didn't describe the scope.
Pleas for vigilance over alarming identity theft scam (News.com.au) The government agency has cautioned unsuspecting Aussies over an elaborate identity theft scam targeting people in the wake of the new financial year.
“Snakes in airplane mode” – what if your phone says it’s offline but isn’t? (Naked Security) WYSIWYG is short for “what you see is what you get”. Except when it isn’t…
Morris Hospital informs 248,000 patients of data breach (Healthcare Finance News) The hospital has arranged for identity theft resolution services to be available to potentially affected patients at no charge.
Cybercriminals publish personal details of thousands of donors to Australian charities on the dark web (ABC) The Cancer Council, Canteen and Fred Hollows Foundation have confirmed donor information has been published on the dark web after a telemarketer was hacked.
Mysterious Cyberattack Shuts Down Yet More Telescopes For Weeks (IFLScience) It's pretty clear what they're after.
St Helens Council hit by suspected Ransomware cyber attack (St Helens Star) ST HELENS Council is investigating a potential "cyber incident".
Brazil's Biggest Escort Service Suffered a Massive Data Breach (Website Planet) Recently, security researcher Jeremiah Fowler discovered and reported to WebsitePlanet about two non-password protected databases containing over 18
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog (The Hacker News) Critical security flaw in Adobe ColdFusion has been added to CISA's Known Exploited Vulnerabilities catalog.
CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability
CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
Security Patches, Mitigations, and Software Updates
CISA Releases Four Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released four Industrial Control Systems (ICS) advisories on August 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-234-01 Hitachi Energy AFF66x
ICSA-23-234-02 Trane Thermostats
ICSA-23-234-03 Rockwell Automation ThinManager ThinServer
ICSA-23-138-02 Mitsubishi Electric MELSEC WS Series (Update A)
Trends
Not Your Grandparents’ Fraud: Millennials More than 4 Times as Likely than the Elderly to Experience Fraud (GlobeNewswire News Room) 2023 Telesign Trust Index Reveals Changing Demographics Around Online Fraud...
Compromised Secrets: Nearly 25 Percent of Developers Have Experienced a Data Breach (Business Wire) Now generally available, Bitwarden Secrets Manager delivers end-to-end encryption for developer secrets and machine-to-machine credentials
OT Under Greater Scrutiny in Global Cybersecurity Regulatory Environment (Cyber Defense Magazine) By Dr. Terence Liu, CEO, TXOne Networks Highly publicized cyberattacks have focused governments globally on re-examining and bolstering their cybersecurity regulations and policies, and it’s not just information technology (IT) under heightened scrutiny. The Colonial
New Report Quantifies Hospitals’ IoT and IoMT Cybersecurity Risk (GlobeNewswire News Room) “Total Cost of Ownership Analysis on Connected Device Cybersecurity Risk” details the challenges that hospital systems now face, and the increasingly...
Threat Actors Get Creative with Building Block Style Attacks, Finds HP (GlobeNewswire News Room) Insider knowhow helps attackers evade detection and bypass security policies...
HP Wolf Security Threat Insights Report Q2 2023 | HP Wolf Security (HP Wolf Security) Don’t let cyber threats get the best of you. Read our post, HP Wolf Security Threat Insights Report Q2 2023, to learn more about cyber threats and cyber security.
Threat Insights Report Q2 - 2023 (HP Wolf Security) Each quarter our security experts highlight notable malware campaigns, trends and techniques identified by HP Wolf Security.
Deep Instinct Study Finds Significant Increase in Cybersecurity Attacks Fueled by Generative AI (Deep Instinct) Deep Instinct, the prevention-first cybersecurity company that stops unknown malware pre-execution with a purpose-built, AI-based deep learning (DL) framework, released the fourth edition of its Voice of SecOps Report. The research – “Generative AI and Cybersecurity: Bright Future or Business Battleground?” – was conducted by Sapio Research and surveyed over 650 senior security operations professionals in the US, including CISOs and CIOs.
Barracuda XDR Insights: How AI learns your patterns to protect you (Barracuda) In the first half of 2023, Barracuda Managed XDR collected almost a trillion customer IT events, among which it detected and neutralized thousands of high-risk incidents.
Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders (Sophos News) A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace
Dwell Time—Time From the Start of an Attack to When It’s Detected—Shrinks to 8 Days in the First Half of 2023, Sophos Finds (GlobeNewswire News Room) It Takes Less Than a Day for Attackers to Reach Active Directory—Companies' Most Critical Asset The Vast Majority of Ransomware Attacks Occur Outside of...
Marketplace
SpyCloud Raises $110 Million Growth Round Led by Riverwood Capital to Accelerate Identity Threat Protection (Business Wire) SpyCloud provides businesses with automated prevention of the top attack vectors used by sophisticated criminals, preventing the most costly targeted attacks. This growth round will drive further global expansion and accelerate authentication bypass prevention to protect digital identities as passkeys and passwordless authentication adoption grows.
Thoma Bravo Completes Acquisition of ForgeRock; Combines ForgeRock into Ping Identity (PR Newswire) Thoma Bravo and ForgeRock today announced the completion of Thoma Bravo's acquisition of ForgeRock in an all-cash transaction valued at...
After Vice’s Downfall, Top Journalists Start Their Own Tech Publication (New York Times) They are joining a recent boom of publications owned and operated by the reporters and editors themselves.
Cemtrex Announces Share Repurchase Program for Series 1 Preferred (GlobeNewswire News Room) Cemtrex Announces Share Repurchase Program for Series 1 Preferred Brooklyn, N.Y., August 23, 2023 --...
Broadcom CEO Hock Tan says $2B investment coming to VMware once acquisition closes (Silicon Valley Business Journal) Broadcom CEO Hock E. Tan vows to "immediately" invest more in its new subsidiary to boost R&D efforts and boost the deployment of VMware's technology.
Ping Identity Recognized as an Overall Leader in 2023 KuppingerCole Access Management Report (News Release Archive) Ping Identity, provider of seamless and secure digital experiences, announced it has been named a leader in the 2023 KuppingerCole Leadership Compass report for Access Management for the fourth...
Aqua Security Named a Market Champion in KuppingerCole Software Supply Chain Security Leadership Compass (GlobeNewswire News Room) Company placed in leader segment across all three categories: market, product and innovation...
Palo Alto Networks CEO eyes $200B market, predicts real-time security shift (SDxCentral) “What we think lies ahead is the need for security to stop bad actors midflight, real time, as it's happening,” the Palo Alto CEO said.
Microsoft is now a cybersecurity titan. That could be a problem. (Tech Monitor) Microsoft has fought to position itself as a global leader for cybersecurity, but it’s also battling its own security demons.
Seasoned Telecommunications Executive, Ken Dixon, Joins Qrypt’s Board of Advisors (Business Wire) Qrypt, the pioneering quantum-secure encryption company, announced today the appointment of Ken Dixon, the CEO of Tillman FiberCo LLC, to its Board of Advisors (BoA). Dixon brings more than 30 years of experience in the telecommunications industry, including over two decades in senior leadership at Verizon.
MITRE appoints Deborah Youmans as CIO (Help Net Security) MITRE appoints Deborah Youmans as CIO for advancing cross-functional, cross-sponsor engagement through new systems and technologies.
Censys Appoints New Channel Leader to Drive Its Channel-First Strategy (PR Newswire) Today, Censys, the leading internet intelligence platform for threat hunting and exposure management, announced impressive channel momentum one...
CISO Global Names Industry Veteran Gary Perkins as Chief Information Security Officer (CISO Global) Former Chief Information Security Officer of British Columbia Joins Global Firm Scottsdale, Ariz. August 23, 2023 – CISO Global (NASDAQ: CISO), an industry leader as a managed cybersecurity and compliance provider, has named Gary Perkins Chief Information Security Officer. In his new role, Perkins will spearhead cybersecurity strategies and risk management initiatives within the company. […]
Products, Services, and Solutions
State of Trust Insights: The 2023 Security SaaS Leaderboard (TrustCloud) TrustCloud is proud to present the 2023 Security SaaS Leaderboard – a list of the most popular vendors for security-related programs.
SecureAuth Announces New Channel Partnerships with IDMWORKS and Opkalla (SecureAuth) Strategic Partnerships to Drive Further Market Expansion of SecureAuth’s Arculix A Passwordless Continuous Authentication Solution
ColorTokens Joins Forces with Altron Arrow to Deliver Comprehensive Zero Trust Solutions in South Africa (PR Newswire) /PRNewswire/ -- ColorTokens Inc., a leading provider of Unified Zero Trust Platform, today announced that it has partnered with Altron Arrow, a leading...
NormCyber achieves ISO 27001:2022 accreditation (Norm Cyber) NormCyber achieves ISO 27001:2022 accreditation, reinforcing its commitment to information security.
Delinea's Latest Release Accelerates Time to Value for DevOps Secrets Management with Updated Policy Editor (PR Newswire) Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced new features for DevOps...
Medcrypt and NetRise Announce Partnership to Revolutionize Medical Device Security with Full Software Bill of Materials Creation and Management (Netrise) Software Bill of Materials (SBOM) lifecycle management to empower device makers to identify and address the security risks of their medical devices.
Forescout Joins MISA and Announces Integration With Microsoft Sentinel (Dark Reading) Forescout, a global cybersecurity leader, today announced integrations with Microsoft Sentinel as part of a broader initiative to support the Microsoft Security portfolio.
INE Marks 20 Years of IT Training Excellence (GlobeNewswire News Room) INE , a global leader in lab-centered cybersecurity, networking, and cloud training, is celebrating its 20th...
Appdome and Bugcrowd Collaborate to Strengthen Cyber Security Defense for Mobile Application Adoption and Delivery IT Voice | IT in Depth (IT Voice) Bugcrowd Joins Appdome’s Mobile App Defense Project Appdome, the one-stop shop for mobile app defense, announced that Bugcrowd, the only multi-solution crowdsourced cybersecurity platform, jo…
LRQA Nettitude Among First to Earn CREST Application Security Accreditation (Yahoo Finance) LRQA Nettitude strengthens its reputation as a trusted cybersecurity service provider, being one of the first accredited under the new CREST OWASP Verification Standard (OVS). SINGAPORE - Media OutReach - 22 August 2023 - LRQA Nettitude has achieved a significant milestone by becoming one of the initial few companies accredited against the CREST OWASP Verification Standard (OVS). In doing so, LRQA Nettitude have become the sole organisation worldwide to hold a full range of CREST accreditation
Proofpoint Wins Best Data Security Solution of the Year at SC Awards 2023 (GlobeNewswire News Room) Market-leading information protection platform honored with SC Award for second consecutive year...
Salt Security API Protection Platform Wins "Best API Security Solution" in Prestigious 2023 SC Awards (PR Newswire) Salt Security, the leading API security company, today announced that the Salt Security API Protection Platform has won the "Best API Security...
Cellebrite Supercharges Corporate Investigative Capabilities with New SaaS Offering (GlobeNewswire News Room) Cellebrite DI Ltd. (Nasdaq: CLBT), a global leader in...
Auvik Adds Jenne as a Strategic Partner to Deliver Network Management and SaaS Monitoring Solutions (Business Wire) Auvik teams with leading technology services brokerage to help small and mid-sized businesses meet network visibility challenges
Talon Cyber Security Unveils Digital Experience Capabilities to Deliver Industry Leading End-User Experiences for Modern Organizations (Talon Cyber Security) New Capabilities Empower IT Teams with Advanced Insights to Bolster Productivity Across the Enterprise Tel Aviv, Israel – August 23, 2023 – Talon Cyber Security, the leader in enterprise browser technology, today announced new digital experience capabilities available in the Talon Enterprise Browser. The capabilities arm IT teams with advanced metrics on device, application, and...
Buoyant Announces Linkerd 2.14 with Improved Enterprise Multi-cluster, Gateway API Conformance, and more (PR Newswire) Buoyant, creator of Linkerd, today announced the release of Linkerd 2.14 with improved support for multi-cluster deployments on shared...
Concentric AI Announces Multi-Lingual Support to Address Growing Global Demand for its Leading Data Security Posture Management Solution (Business Wire) Large Language Models which Power Concentric AI’s DSPM Solution Now Support Security Needs for Data in German, Spanish, Italian, French, and Dutch Languages
Zerto Expands Relationship with AWS, Offering Zerto In-Cloud Disaster Recovery Solution in AWS Marketplace (Zerto) Zerto has joined the AWS ISV Accelerate program to bring continuous data protection to AWS customers worldwide BOSTON – August 22, 2023 – Zerto, a Hewlett Packard Enterprise company, has announced it has expanded its relationship with Amazon Web Services (AWS), offering Zerto In-Cloud in AWS Marketplace and joining the AWS Independent Software Vendor (ISV) […]
Salt Security Partners with API Testing Leaders to Bring Best-of-breed Capabilities to API Security (PR Newswire) Salt Security, the leading API security company, today announced the Salt Technical Ecosystem Partner (STEP) program, making it easier and...
Styra Announces New Capabilities for Enterprise OPA Users, Making its Enterprise-Grade Decision Engine Source Available (Business Wire) Enterprise OPA continues to reduce infrastructure costs and increase authorization performance while giving customers more agility to meet their unique needs
Technologies, Techniques, and Standards
CISA, NSA, and NIST Publish Factsheet on Quantum Readiness (Cybersecurity and Infrastructure Security Agency CISA) Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography (PQC), to inform organizations—especially those that support Critical Infrastructure—of the impacts of quantum capabilities, and to encourage the early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap.
Quantum Readiness: Migration to Post-Quantum Cryptography (CISA | NSA | NIST) The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST) created this factsheet to inform organizations — especially those that support Critical Infrastructure — about the impacts of quantum capabilities, and to encourage the early planning for migration to postquantum cryptographic standards by developing a Quantum-Readiness Roadmap
CISA, NIST, NSA Urge Organizations to Prep for Post-Quantum Cryptography Migration (Executive Gov) Looking for the latest Government Contracting News? Read about CISA, NIST, NSA Urge Organizations to Prep for Post-Quantum Cryptography Migration.
Verizon Business 2023 Payment Security Report: Insights to reduce payment security complexity (Verizon) With the largest change to payment security standards looming, Verizon Business provides guidance on how organizations can best navigate.
2023 Payment Security Report Insights (Verizon) Learn best practices for simplifying and securing your payment data with new insights from our experienced PCI assessment experts—we’ll help you take charge of your compliance program performance.
Cyber Security: As hacks increase, law firms should guard their weak spots (Business of Law Digest) Cyber Security: As hacks increase, law firms should guard their weak spots By Carl Mazzanti Law firms are increasingly getting attention from a group they
Tigera's State of Calico Open Source: Usage & Adoption Report Reveals Top Container Networking and Security Priorities in 2023 (PR Newswire) Tigera, provider of the industry's only active security platform for containers and Kubernetes, today released findings from its 2023 State of...
Academia
CSA Academy Collaborates with the U.S Cybersecurity and Infrastructure Security Agency to Launch the Inaugural Singapore-Industrial Control Systems Cybersecurity 301 Course (CSA) Singapore’s CSA Academy has joined hands with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to organise the inaugural Singapore-Industrial Control Systems Cybersecurity 301 (SG-ICS301) course which is held alongside the Operational Technology Cybersecurity Expert Panel (OTCEP) Forum 2023. The four-day course will provide Operational Technology (OT) cybersecurity training to around 40 participants from Singapore, ASEAN, Bangladesh and Maldives.
Legislation, Policy, and Regulation
Controversial Cybercrime Law Passes in Jordan (Dark Reading) The increase in cyberattacks against the Middle East in the last few years has pressured Jordan and other nations to better secure their infrastructures.
Changes to UK Surveillance Regime May Violate International Law (Just Security) Proposed changes to the UK Investigatory Powers Act 2016 may violate international human rights law.
Request for Information on Cyber Regulatory Harmonization; Request for Information: Opportunities for and Obstacles To Harmonizing Cybersecurity Regulations (Federal Register) The Office of the National Cyber Director (ONCD) invites public comments on opportunities for and obstacles to harmonizing cybersecurity regulations, per Strategic Objective 1.1 of the National Cybersecurity Strategy. ONCD seeks input from stakeholders to understand existing challenges with...
ONCD extends deadline for comments on new sector cybersecurity requirements (FedScoop) Industry, academics and nonprofits now have until Oct. 31 to respond to the call for evidence.
The Senate’s Defense-Policy Bill Looks for Threats in the Rear-View Mirror (Real Clear Defense) The upper house orders up an investigation of the 2020 SolarWinds hack while saying all but nothing about AI.
A Divorce Between the Navy and Cyber Command Would Be Dangerous (War on the Rocks) Frustrated by reports of the U.S. Navy’s underperformance in cyber operations, Congress has made an unusual request. The Fiscal Year 2023 National Defense
A Young Congressman Is Sounding Alarms About Election Security. We Should Listen to Him. (The Messenger) Chris Deluzio, a House Democrat from Pennsylvania, wants tougher oversight of election technology companies and a different approach to fighting social media lies
Litigation, Investigation, and Law Enforcement
A win for Biden administration's cyber agenda in court (Washington Post) Judge rules favorably on Treasury sanctions of crypto service
A Pennsylvania court says state police can't hide how it monitors social media (AP News) Pennsylvania’s Supreme Court handed civil liberties advocates a victory, ruling that state police can't hide from the public its policy governing how it monitors social media.
Knicks suing Raptors over former employee allegedly taking proprietary information, per report (CBSSports.com) Former Knicks employee Ikechukwu Azotam now works for the Raptors