Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+566: Ukrainian drones and missiles hit naval units in Sevastopol. (CyberWire) Ukraine strikes Russian naval units. The US Department of Defense issues a cyber strategy informed by the experience of Russia's war against Ukraine.
Live Briefing: Russia Invades Ukraine (RadioFreeEurope/RadioLiberty) RFE/RL's Ukraine Live Briefing gives you the latest developments on Russia's ongoing invasion, Western military aid, global reaction, and the plight of civilians. The Live Briefing presents the latest developments and analysis, updated throughout the day.
Russia-Ukraine war: List of key events, day 567 (Al Jazeera) As the war enters its 567th day these are the main developments.
Russia-Ukraine war live: Moscow has ‘no option’ but to win in Ukraine, defence minister says (the Guardian) Sergei Shoigu says his forces maintain ‘active defence’ as Kim Jong-un prepares to leave after talks with Vladimir Putin
A Crimea shipyard is on fire after a Ukrainian attack that damaged 2 ships and injured 24 people (AP News) Russian authorities say a Ukrainian attack on a strategic shipyard in Crimea wounded 24 people, damaged two ships undergoing repairs and caused a fire at the facility.
Ukraine launches missile attack on Crimea (BBC News) Ten missiles and three unmanned boats were used to attack the home of Russia's Black Sea fleet, Moscow says.
Russia Admits Two Warships Damaged In Apparent Ukrainian Attack On Occupied Crimea (RadioFreeEurope/RadioLiberty) Two Russian military vessels have been damaged in an apparent large-scale Ukrainian strike on a ship-repair base in Russian-occupied Crimea as Kyiv reported another barrage of Russian drones had struck port infrastructure in the Odesa region.
North Korea's Kim vows full support for Russia at summit with Putin at a Far East spaceport (AP News) North Korean leader Kim Jong Un vowed support for Russia’s “just fight” during a summit with President Vladimir Putin that the U.S. warned could lead to a deal to supply ammunition for Moscow’s war in Ukraine.
North Korea's Kim meets Putin at Russian space center (Nikkei Asia) Moscow promises to help Pyongyang develop rockets
Kim Tells Putin That Russia Has North Korea's 'Full And Unconditional Support' (RadioFreeEurope/RadioLiberty) Russian President Vladimir Putin held talks on September 13 with North Korean leader Kim Jong Un, who offered his country's "full and unconditional support" to defend what he said was Russia's security interests, in an apparent reference to Moscow's full-scale invasion of Ukraine.
Vostochny cosmodrome: the remote Russian spaceport hosting Kim and Putin (the Guardian) Leaders meet at far-eastern base, which most recently hosted ill-fated launch of Luna-25 spacecraft
Kim pledges to back Putin’s ‘sacred struggle’ during rare summit (Washington Post) North Korean leader Kim Jong Un called his country’s relations with Russia his top priority and pledged full support to President Vladimir Putin and his government amid the war in Ukraine, as the leaders met Wednesday for the first time in four years at a space facility in Russia’s far east.
Ukraine-Russia war live: Britain is provoking us to strike Ukrainian nuclear plant, claims Putin (The Telegraph) Britain is trying to provoke Russia into launching an attack on a Ukrainian nuclear power station, Vladimir Putin has claimed.
Russia seeks to legitimize occupation of Ukraine with sham elections (Atlantic Council) In early September, Russia staged sham parliamentary elections in occupied regions of southern and eastern Ukraine as Moscow attempted to legitimize its earlier illegal annexation of five Ukrainian provinces.
Ukraine's Antonov turns to drones in response to Russian invasion (Reuters) Ukraine's Antonov is expanding in drone making, a presentation by the country's umbrella defence group seen by Reuters shows, as it diversifies its core cargo plane business in response to Russia's invasion.
US expected to decide soon on long-range missiles for Ukraine (Atlantic Council) ATACMS missiles would greatly increase Ukraine’s ability to strike the logistical networks supporting Russia's invasion and would make it increasingly difficult for Putin’s army to operate inside Ukraine, writes Benton Coblentz.
Ukraine Making 'Great Strides' But More Hard Work Before Accession, EU Says (RadioFreeEurope/RadioLiberty) Ukraine has made "great strides" to join the European Union since being granted candidate status in 2022, but full accession is a merit-based process and hard work lies ahead, the head of the bloc's executive said in her annual speech.
Will the West Abandon Ukraine? (Foreign Affairs) Kyiv must prepare for a possible change of heart in America and Europe.
“Building Resilience”: U.S. returns from second defensive Hunt Operation in Lithuania (U.S. Cyber Command) U.S. Cyber Command’s Cyber National Mission Force recently concluded their second defensive hunt operation to Lithuania, building upon relationships and experiences from their previous deployment to
Pentagon’s new cyber strategy takes lessons from offensive ops, Russian invasion of Ukraine (Record) The Defense Department on Tuesday unveiled an unclassified summary of its latest cyber strategy that serves as a modest update to its predecessor from 2018.
China, Russia will use cyber to sow chaos if war starts, Pentagon says (C4ISRNet) The strategy describes China as a “broad and pervasive” cyber espionage threat and Russia as a malign online influence.
Ukraine Calls on Industry for Expertise in the Cyber War with Russia (Government CIO) A top Ukrainian intelligence official on the front lines of the cyber war with Russia describes the threat to critical infrastructure and where to go from here.
In first, Russian journalist hacked with Pegasus (Washington Post) The iPhone of a prominent Russian journalist whose news outlet President Vladimir Putin has effectively outlawed was infected with Pegasus spyware earlier this year, researchers said.
Ukraine Invasion’s Influence on Global Online Ad Fraud (Anura) Anura and the University of Delaware release of a comprehensive white paper that outlines the effects of the Russian invasion of Ukraine on global digital ad fraud revealing a noteworthy decrease in global fraudulent activity following the attack.
Russian Invasion Causes Sharp Decline in Online Ad Fraud | Anura.io (Anura) The profound impact of the Russian invasion in Ukraine extends to societies worldwide, influencing both online advertising placement and advertising fraud.
Moldova Expels Director Of Russia's Sputnik State News Agency (RadioFreeEurope/RadioLiberty) Moldovan authorities have expelled the director of Russia's Sputnik state news agency in Moldova, Vitaly Denisov, saying he poses a national security threat.
Latvia, Estonia Ban Entry For Vehicles With Russian Registration (RadioFreeEurope/RadioLiberty) Latvia and Estonia have announced decisions to ban the entry of vehicles with Russian license plates from non-EU countries.
Ukrainian Intel Detains Soldier in Kyiv Accused of Spying for Russia (Kyiv Post) Ukrainian counterintelligence has detained a soldier who allegedly passed on information about thermal power plants and other potential infrastructure targets to Russia.
Poland won’t reopen its border to Ukrainian grain imports, PM says (POLITICO) Ban on imports to five eastern member countries is due to expire on Friday.
'Merchant Of Death' Viktor Bout Wins Seat In Local Russian Legislature (RadioFreeEurope/RadioLiberty) Viktor Bout, the convicted gun runner who spent nearly a decade in a U.S. prison before being sent back to Russia in a prisoner swap, has won a seat in a regional legislature, officials said.
Ukraine’s small Jewish community is thriving (The Economist) After centuries of discrimination
Trade unions refuse to back motion condemning Russia’s invasion of Ukraine (The Telegraph) Space for debate 'has been shut down', says representative for Fire Brigade body, as conference also warned of imperialism 'on both sides'
Attacks, Threats, and Vulnerabilities
Insurance Information Bureau Of India Hit by Ransomware Attack: Russian Hackers Demand $250,000 As Ransom (The420CyberNews) NEW DELHI: In a shocking turn of events, the Insurance Information Bureau of India (IIB) fell victim to a ransomware attack on April 2, 2023. The attack left nearly 30 server systems encrypted, rendering the agency’s data inaccessible. Initially, IIB officials chose to keep the attack under wraps. However, as the severity of the situation […]
Ransomware attack hits Sri Lanka government (Register) Running unsupported and unpatched versions of Exchange Server will do that to a country
Malware distributor Storm-0324 facilitates ransomware access (Microsoft Security) The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors.
Ransomware access broker steals accounts via Microsoft Teams phishing (BleepingComputer) Microsoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams phishing attacks to breach corporate networks.
China caught with its malware in another nation's power grid (Register) 'Obtaining a disruptive capability could be one possible motivation behind this surge in attacks'
LokiBot Phishing Malware Baseline (Cofense) Get the latest information on one of the most common phishing malware families out there, LokiBot. Learn more about how it works and its expanding capabilities.
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats (Cybersecurity and Infrastructure Security Agency CISA) Today, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats, techniques, and trends.
Contextualizing Deepfake Threats to Organizations (US Department of Defense) Threats from synthetic media, such as deepfakes, present a growing challenge for all users of modern technology and communications, including National Security Systems (NSS), the Department of Defense (DoD), the Defense Industrial Base (DIB), and national critical infrastructure owners and operators.
China-Linked Hackers Breached a Power Grid—Again (WIRED) Signs suggest the culprits worked within a notorious Chinese hacker group that may have also hacked Indian electric utilities years earlier.
Free Download Manager site redirected Linux users to malware for years (BleepingComputer) A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
Beware: MetaStealer Malware Targets Apple macOS in Recent Attacks (The Hacker News) Beware, Mac users! MetaStealer, a new info-stealer malware, is targeting macOS. Learn how it's posing as prospective clients to trick victims into lau
Save the Children International hit with cyberattack, but says operations weren’t impacted (Record) The global charity organization Save the Children International confirmed that it was recently hit with a cyberattack after a ransomware group claimed to have breached the organization’s systems.
Airbus investigates data leak allegedly involving thousands of suppliers (Record) The European aerospace giant Airbus said on Tuesday that it is investigating a cybersecurity incident following reports that a hacker posted information on 3,200 of the company’s vendors to the dark web.
MGM Resorts: Slot machines go down in cyber-attack on firm (BBC News) Customers also report problems with payments and check-in as IT systems go down at MGM Resorts' hotels.
MGM Resorts Hotel, Betting Operations Disrupted by Cyber Incident (Wall Street Journal) Guests can still get into their Las Vegas hotel rooms.
MGM Resorts Cyberattack Hobbles Las Vegas Strip Operations (Dark Reading) Hospitality behemoth struggles to recover following a Sunday cyber incident that looks a lot like a ransomware attack.
US casino giant MGM Resorts battles 36-hour outage after cyber attack (Computer Weekly) Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos
$13 billion MGM Resorts in severe cybersecurity incident (The Stack) "We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems."
Hospital Sisters Health System restores health record access (Herald-Review.com) Patients can again use MyChart to schedule appointments.
Data breach disclosed by Canadian Nurses Association (SC Media) The Canadian Nurses Association has confirmed being impacted by a data breach in April after the Snatch ransomware gang exposed 37GB of stolen data earlier this month, reports The Record, a news site by cybersecurity firm Recorded Future.
Exploring the World of AI Jailbreaks (SlashNext) Examine the strategies employed to jailbreak systems and discover how users are pushing ethical boundaries to fully exploit AI chatbots' capabilities.
CISA Adds Two Known Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Security Patches, Mitigations, and Software Updates
CISA Releases Three Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-255-01 Hitachi Energy Lumada APM Edge
ICSA-23-255-02 Fujitsu Software Infrastructure Manager
ICSA-23-143-03 Mitsubishi Electric MELSEC Series CPU module (Update)
September 2023 Security Updates (Microsoft Security Response Center) This release consists of the following 59 Microsoft CVEs:
Microsoft Releases September 2023 Updates (Cybersecurity and Infrastructure Security Agency CISA) Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s September 2023 Security Update Guide and apply the necessary updates.
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits (SecurityWeek) Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.
Microsoft Patch Tuesday: Two zero-days addressed in September update (Computing) Microsoft has released its September 2023 Patch Tuesday update, resolving multiple security vulnerabilities found in its product offerings.
Adobe Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system.
Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) (Help Net Security) September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities: CVE-2023-26369, CVE-2023-36761, and CVE-2023-36802.
Adobe fixed actively exploited zero-day in Acrobat and Reader (Security Affairs) Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild.
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks (BleepingComputer) Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks.
Apple Releases Security Updates for iOS and macOS (Cybersecurity and Infrastructure Security Agency CISA) Apple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device.
SAP Security Patch Day for September 2023 (Onapsis) SAP released new and updated security patches for its September 2023 SAP Patch Day. Read a comprehensive summary and how Onapsis contributed.
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now (The Hacker News) Google releases patch for a new Chrome zero-day vulnerability (CVE-2023-4863) that's being exploited in the wild.
Critical Google Chrome Zero-Day Bug Exploited in the Wild (Dark Reading) The security vulnerability could lead to arbitrary code execution by way of application crashing.
Zero-day affecting Chrome, Firefox and Thunderbird patched (Computer) Mozilla on Tuesday patched an actively exploited zero-day bug affecting the Firefox browser and Thunderbird email client.
Trends
Industry’s Largest Survey Finds Enterprises Realize 2X ROI on Observability (Business Wire) Findings from 1,700 technical professionals across 15 countries revealed 58% YoY growth of full-stack observability and adoption of unified platform doubled year-over-year
Ransomware attacks hit record level in UK, according to neglected official data (Record) Numbers from a forgotten British government database reveal the persistent rise of ransomware.
India becoming target of increased cybersecurity attack, says report by Palo Alto Networks (Business Today) Due to the increased cyberattacks, Indian organizations have also started tweaking their budgets to spend on cybersecurity, the report said.
Marketplace
SecurityBridge and Protect4S are Joining Forces (SecurityBridge) SecurityBridge, a leading provider of cybersecurity solutions for SAP customers, acquired Dutch SAP security specialist Protect4S.
AuthMind raises seed funding for its identity SecOps platform (TechCrunch) AuthMind, a Maryland-based startup that aims to help businesses protect themselves from identity-related cyberattacks, today announced that it has raised
The Small Idea With a Big Impact on the Cybersecurity Talent Gap (Security Boulevard) The cost of cybercrime is expected to reach $8 trillion globally this year, yet the scarcity of security talent is becoming more pronounced. With more
WSJ News Exclusive | EY Unveils Fruits of $1.4 Billion Artificial-Intelligence Investment (Wall Street Journal) Consulting firm EY said it recently completed a $1.4 billion investment into artificial intelligence, the latest among a series of peers to make a billion-dollar announcement regarding the rapidly developing technology.
IronNet considers bankruptcy after it furloughs most workers (Cybersecurity Dive) The furloughs will effectively end most of the cybersecurity firm’s operations unless it can find additional sources of liquidity.
Cross Industry Customer Growth and Multi Solution Uptake Powers Armis’ Business Momentum (Armis) Armis today announced it has achieved 80% customer growth in just the first 6 months of its fiscal year, ending July 2023.
Public Affairs Veteran Brian Hale Joins Booz Allen (Business Wire) Booz Allen Hamilton (NYSE: BAH) announced today that Brian Hale has joined the firm as vice president of public relations. Hale brings more than 25 years of experience working as a strategic communications leader across federal law enforcement, national intelligence agencies, and the private sector.
Panaseer appoints Marc Moësse as Chief Product Officer (Panaseer) Marc Moësse joins Panaseer as the company's first CPO to drive product innovation and continued growth in Continuous Controls Monitoring (CCM). London,
Building companies means building careers: why I joined Cloudflare as Chief People Officer (The Cloudflare Blog) We're excited to introduce Michele Yetman as Cloudflare's new Chief People Officer
IANS Research Appoints Mark Clauss Chief Product Officer to Support Outstanding Company Growth (PR Newswire) IANS Research, a Boston-based cybersecurity research and advisory firm, today announced it has expanded its executive team with the appointment...
Products, Services, and Solutions
Cybersixgill Significantly Streamlines Cyber Threat Intelligence Reporting With New Investigation Report Builder (Cybersixgill) Cybersixgill introduced today its new Investigation Report Builder, an enhancement to its cyber threat intelligence (CTI) Investigative Portal designed to significantly ease the burden of reporting for threat and SOC analysts, threat hunters, and MSSPs.
Digital Businesses Can Become ‘Trust Certified’ with New Badge from Telesign (GlobeNewswire News Room) Telesign’s Trust Certified Badge Provides a New Seal of Confidence for Consumers Wishing to Do Business with Brands that Demonstrate the Highest Standards...
GroupSense Makes Security Intelligence Available to Service Providers (PR Newswire) GroupSense, a digital risk protection services company, today announced that it has made its security intelligence available to managed service...
SECNAP’s Latest Innovation, CloudJacketXi – Comprehensive Cybersecurity Protection for SMBs to Mid-Market Enterprises (Business Wire) SECNAP’s new CloudJacketXi™ platform unifies AI, machine- learning, and human expertise to provide enterprise-grade cybersecurity at a cost accessible to SMBs and Mid-Market Enterprises.
Semperis and NTT DATA Protect Identity Systems Before, During and After Cyberattacks (Semperis) NTT DATA’s global clients will benefit from end-to-end ITDR solutions with Semperis’ comprehensive ITDR platform.
New Skybox Security release includes enhanced attack path analysis (SiliconANGLE) Cybersecurity management platform company Skybox Security Inc. today announced the next generation of its Continuous Exposure Management Platform that includes advancements to its Attack Surface and Vulnerability Management solutions.
CrowdStrike Announces Falcon Complete for Service Providers (CrowdStrike) CrowdStrike extends elite MDR and response capabilities to global network with the announcement of Falcon Complete for Service Providers.
Cowbell Partners with Zywave, Expanding the Distribution of its Industry-Leading Cyber Insurance (PR Newswire) Cowbell, a leading provider of cyber insurance for small- and medium-sized enterprises (SMEs), today announced its partnership with Zywave, an...
CISO Global Deepens Capabilities with Integrated Threat Intelligence Feed (CISO Global) Global cybersecurity provider unveils Threat Informed, a new proprietary capability that captures and analyzes data posted to darknets Scottsdale, Ariz. September 13, 2023 – CISO Global (NASDAQ: CISO), an industry leader as a managed cybersecurity and compliance provider, is expanding its capabilities by deepening its threat intelligence feed and incorporating it into existing services. Named […]
Claroty Unveils New Vulnerability & Risk Management Capabilities to Supercharge Risk Reduction for Cyber-physical Systems (PR Newswire) Claroty, the cyber-physical systems (CPS) protection company, today announced enhancements to its SaaS platforms' vulnerability and risk...
CI Spark - Code Intelligence’s New LLM-Powered AI-Assistant Accelerates Software Security Testing By 15X (Code Intelligence) Code Intelligence announced CI Spark, a new LLM-powered AI-assistant for software security testing. Initial results show an acceleration of test creation by 15X.
Armis launches Armis Centrix™, the AI-powered Cyber Exposure Management Platform (Armis) Armis Centrix™ is a seamless, frictionless, cloud-based platform that proactively secures all your assets, remediates vulnerabilities, blocks threats and protects your entire attack surface.
Varonis Announces Salesforce Shield Integration for Unprecedented Data Security (GlobeNewswire News Room) Industry-leading Data Security Platform adds Salesforce Shield integration to enhance its world-class Salesforce security solution...
Technologies, Techniques, and Standards
CISA offers free security scans for public water utilities (BleepingComputer) The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has announced it is offering free security scans for critical infrastructure facilities, such as water utilities, to help protect these crucial units from hacker attacks.
Free Cyber Vulnerability Scanning for Water Utilities (Cybersecurity and Infrastructure Security Agency CISA) Drinking water and wastewater systems are an essential community lifeline. It is important to protect your system from cyberattacks to maintain its vital operations.
Design and Innovation
Zero-Knowledge Cryptography Offers A Solution To The Dangers Of Corporate Surveillance (Forbes) Out data online is used for purposes and in ways outside of our control. A new technology called zero-knowledge cryptography offers a solution to that problem.
Legislation, Policy, and Regulation
DOD Releases 2023 Cyber Strategy Summary (U.S. Department of Defense) The cyber strategy is the baseline document for how the DOD is operationalizing the priorities of the 2022 National Security Strategy, 2022 National Defense Strategy and the 2023 National
New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense) DoD "will prioritize technologies that can confound malicious cyber actors and prevent them from achieving their objectives in and through cyberspace," according to an unclassified summary.
New DOD cyber strategy notes limits of digital deterrence (DefenseScoop) The 2023 DOD cyber strategy, for the first time, has been informed by real-world operations by both the U.S. and others.
New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense) DoD "will prioritize technologies that can confound malicious cyber actors and prevent them from achieving their objectives in and through cyberspace," according to an unclassified summary.
Bipartisan push to ban deceptive AI-generated ads in US elections (Reuters) Two Democratic and two Republican U.S. senators on Tuesday introduced legislation to ban the use of artificial intelligence that creates content that falsely depicts candidates in political advertisements to influence federal elections.
Customs and Border Protection Says It Will Stop Buying Smartphone Location Data (404 Media) For years, journalists and lawmakers have investigated CBP and other agencies’ purchase of smartphone location data without a warrant. Now CBP says it will stop using such data at the end of the month.
Written Testimony of Rob Strayer Executive Vice President of Policy Information Technology Industry Council (ITI) (United States Senate Committee on Commerce, Science, & Technology Subcommittee on Consumer Protection, Product Safety and Data Security) Hearing on the Need for Transparency in Artificial Intelligence
Space Force prototypes new 'integrated' Deltas for readiness boost (Breaking Defense) The two new Integrated Mission Deltas will be responsible for all aspects of electronic warfare and positioning, navigation and timing.
Space Force needs more cyber operators for weapons systems, chief says (Defense One) Protecting weapons platforms is a primary concern for Space Operations Command, says its vice commander.
A Deep Dive Into The SEC's Materiality Trigger For Cybersecurity Incident Disclosures (MarketScreener) The U.S. Securities and Exchange Commission adopted final rules relating to cybersecurity disclosure on July 26, 2023, which will take effect on December 18, 2023. As we outlined in a prior post,...
Litigation, Investigation, and Law Enforcement
‘A Monopolist Flexing’: U.S. Blasts Google’s Tactics as Antitrust Trial Opens (New York Times) In opening statements for the government’s first monopoly trial of the modern internet era, Google defended itself and said people had many choices for online search.
Recent Cyber-Related False Claims Act Activity Signals Contractors and Universities Should Examine Their Cybersecurity Practices and Brace for an Uptick in Enforcement (The National Law Review) In recent weeks, there has been an uptick in news of cyber-related False Claims Act (“FCA”) activity. For example, on September 1, 2023, the court unsealed a qui tam lawsuit agai
Musk may have violated FTC privacy order, new court filing shows (Washington Post) The Justice Department makes the accusation in its response to a motion from X asking that the consent decree be dismissed
Former Twitter executives: Privacy and security practices deteriorated under Musk (CyberScoop) Former employees say Elon Musk's acquisition of Twitter may have caused the company to violate a consent order with the FTC.
Israel investigates potential breach of lawmakers’ phones (Record) More than a dozen members of the Yesh Atid political party, including the Israeli opposition leader Yair Lapid, had their WhatsApp accounts temporarily blocked, sparking concerns about a potential intrusion.
UK businesses could escape data breach fines if they engage with NCSC over cyber incidents (Record) British organizations that suffer a data breach may face lower fines if — instead of attempting to conceal the incident — they proactively report and engage with the country’s cybersecurity agency, according to a new agreement between the agency and the country’s data protection regulator.
One Coin co-founder sentenced to 20 years and fined $300 million (The Block) OneCoin founder Karl Sebastian Greenwood was sentenced to 20 years in prison for his part in the OneCoin fraud.