Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+572: Diplomacy at the UN, potential Russian DPRK cooperation in cyber ops. (CyberWire) President Zelenskyy makes his case at the UN (and to Washington) as Ukraine continues to advance in the south and Russia continues indiscriminate strikes against cities.
Russia-Ukraine war: List of key events, day 573 (Al Jazeera) As the war enters its 573rd day, these are the main developments.
Ukraine Says It's On 'Offense' Around Melitopol, Bakhmut As Drones Downed Far From Front Lines (RadioFreeEurope/RadioLiberty) Fighting continued in southern and eastern regions of Ukraine as Kyiv claimed to have downed dozens of Russian attack drones across the country overnight on September 18-19, but an air attack was blamed for a civilian death in the western city of Lviv.
Russia-Ukraine war at a glance: what we know on day 573 of the invasion (the Guardian) Two killed in overnight Russian attacks on Ukrainian cities; Zelenskiy to address UN general assembly in New York
Ukraine is poised for a gamechanging victory in Tokmak – but has just weeks to break the line (The Telegraph) Zelensky has described the fighting as “World war One with drones”. Now autumn rain could bring manoeuvre warfare to a grinding halt
How Ukrainian shock attacks could mark the beginning of the end of Russia's grip on Crimea (The Telegraph) Kyiv appears to be targeting Putin's naval assets to shift the balance of power in the air and at sea
Ukraine-Russia war: Russia scrambles fighter jet to intercept US patrol plane (The Telegraph) Russia scrambled an MiG-31 fighter jet to intercept a US navy plane that was approaching its airspace over the Barents Sea, its defence ministry says.
Evidence Suggests Ukrainian Missile Caused Market Tragedy (New York Times) Witness accounts and an analysis of video and weapon fragments suggest a Ukrainian missile failed to hit its intended target and landed in a bustling street, with devastating consequences.
Ukraine fires 6 deputy defense ministers as counteroffensive continues (Military Times) The reshuffling came with no explanation after the last defense minister resigned, dogged by reports of corruption within his ministry.
Russia Hails 'Similarity' Of China's Position On US, Ukraine (Barron's) Moscow and Beijing are closely aligned in their positions on the United States and resolving the Ukraine conflict, the Russian foreign ministry said following talks between their top diplomats on Monday.
Ukraine Revs Up Diplomatic Push With Defense Meeting In Germany, Zelenskiy At UN (RadioFreeEurope/RadioLiberty) U.S. Defense Secretary Lloyd Austin said ahead of a meeting of Ukrainian and allied defense ministers in western Germany on September 19 that Ukraine was making "steady" progress in its three-month-old counteroffensive against invading Russian forces.
Biden to press allies for Ukraine aid to beat back Russian invasion in U.N. speech (NBC News) Ukrainian President Volodymyr Zelenskyy will also make a cameo at the United Nations General Assembly meeting.
Political divide emerges on Ukraine aid package as Zelenskyy heads to Washington (AP News) Ukrainian President Volodymyr Zelenskyy’s visit to Washington this week comes at a critical time as Republican leadership in the House and Senate diverge on the best way to get more military and humanitarian aid over the finish line.
Opening Remarks by Secretary of Defense Lloyd J. Austin III at the 15th Ukraine Defense Contact Group (As Delivered) (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III delivered remarks at the opening of the 15th meeting of the Ukraine Defense Contact Group.
Secretary of Defense, Chairman of the Joint Chiefs to Meet Defense Leaders in Germany for Ukraine Defense Contact Group (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and Chairman of the Joint Chiefs of Staff Army Gen. Mark A. Milley will travel to Ramstein, Germany, to host an in-person meeting of the Ukraine Defense
Abrams tanks to enter Ukraine soon, Austin says at Ramstein meeting (Stars and Stripes) The M1 Abrams tanks provided by the U.S. soon will enter Ukraine and join the counteroffensive the country is mounting against Russia, U.S. Defense Secretary Lloyd Austin said.
Germany Plans Additional $428 Million in Military Aid to Ukraine (Bloomberg) Germany announced additional military support for Ukraine worth €400 million ($428 million), though the package does not include the bunker-busting Taurus cruise missiles the government in Kyiv has urgently requested.
Why improve Ukraine’s deep-strike capability? (Defense News) Some NATO members have decided that providing deep-strike weaponry is important for Ukraine’s defense and worth any risk of escalation.
The ramifications of spyware targeting a Russian journalist (Washington Post) Last week, we brought you the story of a prominent Russian journalist, Galina Timchenko, who researchers said had a phone that was infected with spyware. On Monday, I sat down with journalists from her news organization, Meduza, and with an expert from Access Now, which helped uncover the infection, to discuss additional elements of the unprecedented development.
Russia-Ukraine conflict forces DOD to revise assumptions about cyber's impact in war (DefenseScoop) While DOD officials still believe cyber will have a role in conflict, it just might not be the role they previously expected after having observed the Russia-Ukraine war.
The war in Ukraine and systemic cyber exposures present challenges for global insurance market (Interfax-Ukraine) Oleg Parashchak, CEO Finance Media, Editor-in-Chief Insurance TOP, Forinsurer & Beinsure Media
Russian and North Korea artillery deal paves the way for dangerous cyberwar alliance (EconoTimes) Russia is currently firing some 14 million shells a year in Ukraine. They are only manufacturing 2 million. The Ukrainians, on the other hand, are firing around 2.5 million shells a year, but are also struggling to source...
Putin Nationalizes Printing Houses Transferred To Nobel Prize-Winning Editor (RadioFreeEurope/RadioLiberty) Russian President Vladimir Putin has signed a decree nationalizing printing presses that the previous foreign owner had transferred to a Nobel Prize- winning opposition editor.
Ukrainian Deputy PM Says First Vessel Departs Chornomorsk With Grain Via 'Temporary Corridor' (RadioFreeEurope/RadioLiberty) Ukrainian Deputy Prime Minister Oleksandr Kubrakov said on September 19 that one of two bulk carriers has left the Ukrainian Black Sea port of Chornomorsk with 3 tons of wheat in the first major test of Kyiv's new scheme to encourage grain exports from its seaports.
Thousands Of Ukrainian Civilians Reportedly Imprisoned By Russia
(RadioFreeEurope/RadioLiberty) International monitoring organizations estimate thousands of Ukrainians have been illegally held prisoner and deported by Russian forces since the beginning of the full-scale attack on Ukraine in February 2022. Their families fight for scraps of information while witnesses recount civilian arrests.
Russia Sentences First Woman For Skipping Mobilization Call-Up (RadioFreeEurope/RadioLiberty) A Russian court has for the first time sentenced a woman to prison for failing to report for active duty following the Kremlin’s call-up of reserves last year.
Prigozhin's Widow Officially Changes Name Following Mercenary's Death (RadioFreeEurope/RadioLiberty) The widow of Yevgeny Prigozhin, the mercenary who died in an unexplained plane crash in August two months after leading an unsuccessful mutiny, has officially changed her last name, the RBK news agency reported, citing registration data.
Attacks, Threats, and Vulnerabilities
Kuwait's finance ministry says cyber attack hits one of its systems (Reuters) Kuwait's finance ministry said on Monday that one of its systems had suffered a cyber attack in the early morning but that the ministry continued to work normally.
More than 50 Colombian state, private entities hit by cyberattack -Petro (Reuters) More than 50 Colombian state entities and private companies were hit by a cyber attack last week, Colombian President Gustavo Petro told journalists in New York.
Colombia Mulls Legal Action Against US Firm Targeted In Cyber Attack (Barron's) Colombia said Monday it was considering legal action against a US firm that provides web hosting services targeted in a recent cyberattack that downed dozens of government websites.
Colombia mulls legal action against US firm targeted in cyber attack (ETTelecom.com) Cyber Attack: Bogota accused the firm, IFX Networks, of having been negligent in the attack that affected at least 32 key websites such as the justice, health and culture ministries, several hospitals and the stock market authority.
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement (Trend Micro) While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation.
Chinese hackers have unleashed a never-before-seen Linux backdoor (Ars Technica) SprySOCKS borrows from open source Windows malware and adds new tricks.
Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets | Deep Instinct (Deep Instinct) The Deep Instinct Threat Lab has discovered a new operation against Azerbaijanian targets. The operation is not associated with a known threat actor, and the operation was instead named because of their novel malware written in the Rust programming language.
Rust Implant Used in New Malware Campaign Against Azerbaijan (Hackread) A new malware campaign targeting Azerbaijani targets has been discovered.
Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token (Microsoft Security Response Center) As part of a recent Coordinated Vulnerability Disclosure (CVD) report from Wiz.io, Microsoft investigated and remediated an incident involving a Microsoft employee who shared a URL for a blob store in a public GitHub repository while contributing to open-source AI learning models.
Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages (SecurityWeek) Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
Microsoft AI researchers accidentally exposed terabytes of internal sensitive data (TechCrunch) Microsoft AI researchers accidentally exposed tens of terabytes of sensitive data, including private keys and passwords, while publishing a storage bucket
Microsoft leaks 38TB of private data via unsecured Azure storage (BleepingComputer) The Microsoft AI research division accidentally leaked dozens of terabytes of sensitive data starting in July 2020 while contributing open-source AI learning models to a public GitHub repository.
Microsoft AI Researchers Accidentally Exposed Big Cache of Data (Bloomberg) Wiz found more than 30,000 Microsoft Teams messages exposed. Microsoft quickly removed exposed data after being alerted.
FBI hacker USDoD leaks highly sensitive TransUnion data (Security Affairs) Researchers from vx-underground reported that FBI hacker 'USDoD' leaked sensitive data from consumer credit reporting agency TransUnion.
TransUnion Involved in Potential Hacking Incident (Gov Info Security) Credit reporting agency TransUnion may be the subject of a hacking incident leading to a data breach after a hacker apparently stole information of 58,505 customers
Hackers demand $15 million ransom from TransUnion after cracking "password" password (Hot for Security) International credit bureau TransUnion says that hackers managed to breach a
server operated by its South African division, and gained access to the personal
information of individuals.
Death By a Billion Bots (Netacea) Uncover the accumulating business cost of malicious automation in this report from Netacea, gleaned from a major industry survey on the true impact of bot attacks.
Latest evolution of ‘pig butchering’ scam lures victim into fake mining scheme (Sophos News) Liquidity mining scam puts cruel new spin on Chinese cryptocurrency fraud, with a dash of AI chat
The Clorox Company FORM 8-K (US Securities and Exchange Commission) On Aug. 14, 2023, The Clorox Company (the “Company” or “Clorox”) announced that it had identified unauthorized activity on some of its Information Technology (IT) systems and took immediate steps to stop and remediate the activity, including taking certain systems offline. The Company implemented its business continuity plans and began manual ordering and processing procedures shortly thereafter at a reduced rate of operations. The Company is operating at a lower rate of order processing and has recently begun to experience an elevated level of consumer product availability issues.
Clorox Warns of Product Shortages Following Cyberattack (Wall Street Journal) The bleach and cleaning-wipe maker said that it believes the cyberattack is now contained but that it will cause a material impact to current-quarter financial results.
Clorox warns of product shortages, profit hit from August cyberattack (The Street) An August cyber attack, now contained, has led to an 'elevated level of consumer product availability issues" at consumer brands giant Clorox.
Can't find the right Clorox product? A recent cyberattack is causing some shortages (USA Today) Certain Clorox products may be harder to come by as the company deals with the aftermath of a cybersecurity attack.
Clorox warns of product shortages after cyberattack (Fox Business) Clorox is the latest company to disclose the details of a cyber attack it faced last month that hindered its operations and will impact its quarterly earnings.
As flu season looms, hackers force a shortage of Clorox products (Fortune) Company warns it "cannot estimate how long it will take to resume fully normalized operations.”
Hackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta says (Reuters) Hackers who breached casino giants MGM Resorts International and Caesars Entertainment in recent weeks also broke into the systems of three other companies in the manufacturing, retail, and technology space, a security executive familiar with the matter said.
I Gambled in MGM's Hacked Casinos (404 Media) At the Aria, Bellagio, and MGM Grand, evidence of the massive ransomware hack is everywhere, if you're looking for it.
Caesars Informational Website (Caesars Entertainment) Caesars Entertainment (“Caesars”) recently identified suspicious activity in its IT network resulting from a social engineering attack on an outside IT support vendor used by the Company.
Cadence Bank Confirms MOVEit Data Breach Compromised Customer Information (JD Supra) On September 15, 2023, Cadence Bank (“Cadence”) filed a notice of data breach with the Attorney General of Montana after discovering that MOVEit, a...
CISA Adds Eight Known Exploited Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Security Patches, Mitigations, and Software Updates
Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products (SecurityWeek) Fortinet has released patches for a high-severity cross-site scripting vulnerability impacting its enterprise firewalls and switches.
Trends
CYFIRMA Industry Report : CONSUMER GOODS AND SERVICES - CYFIRMA (CYFIRMA) EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry- driven statistics of global industries, covering one sector...
State of Cybersecurity 2021 (CompTIA) The latest cybersecurity research from CompTIA explores cybersecurity policy, processes, people and products
New Research Finds Cyberattacks Against Critical Infrastructure on the Rise, State-affiliated Groups Responsible for Nearly 60% (Business Wire) 60% of incidents result in operational disruption, driving the need for proactive OT defenses and incident response
Marketplace
European cyber insurance startup Stoïk raises $10.7 million and expands to Germany (TechCrunch) French startup Stoïk offers a cyber insurance product to small and medium companies — a bit like Coalition in the U.S. And things have been working
Tesserent shareholders favour Thales acquisition (ARN) The majority of Tesserent shareholders have voted in favour of Thales Australia’s proposed $176 million acquisition of the cyber security provider.
Palo Alto becomes the first dedicated cyber security vendor with Telstra, providing business customers with market leading cyber security solutions. (WebWire) Global security company Palo Alto Networks (NASDAQ: PANW) and Australia's largest telecommunications company Telstra (ASX: TLS) have partnered to deliver an enhanced suite of cyber security products and services for Telstra's Australian and global business customers. Palo Alto Networks becomes the first dedicated cyber security company to be named a technology alliance partner supporting the Telstra enterprise customer segment, servicing customers across more than 200 countries and...
Palo Alto Networks Strengthens Presence in Taiwan With Cloud Infrastructure Investment (Fast Mode) Palo Alto Networks Strengthens Presence in Taiwan With Cloud Infrastructure Investment
Cybersecurity Expert Rick Howard Joins Cyware's Advisory Board (Business Wire) Cyware, the leading provider of threat intelligence management, security collaboration, and cyber fusion solutions, is pleased to announce the addition of renowned cybersecurity expert, Rick Howard, to its advisory board. Mr. Howard brings with him a wealth of experience and expertise that will play a pivotal role in guiding the company's strategic initiatives and technological advancements.
Scott Windfelder Promoted to Chief Revenue Officer at SafeGuard Cyber (Business Wire) SafeGuard Cyber, a pioneering force in security and compliance solutions for communication-based threats, is delighted to announce the elevation of Scott Windfelder to the position of Chief Revenue Officer.
Products, Services, and Solutions
Vectra AI Platform Now Available for Purchase on the CrowdStrike Marketplace (GlobeNewswire News Room) New CrowdStrike Marketplace delivers one-stop shop to reduce risk and cybersecurity stack complexity on the Falcon platform...
Apptio Completes Integration with Oracle Cloud Infrastructure to Extend Multi-Cloud Capabilities to FinOps Practitioners (Business Wire) Integration enables FinOps practitioners to optimize costs across major cloud platforms
Incode Technologies and MaxBet Transform Player Onboarding with AI Identity Verification (PR Newswire) Incode Technologies Inc., the global leader in next-generation identity solutions, today announced a game-changing partnership with MaxBet, a...
EnGenius, WAV and MBSI WAV Join Forces in Strategic Distribution Partnerships (PR Newswire) EnGenius Technology, a global leader in cloud-powered connectivity solutions, is thrilled to announce strategic distribution partnerships with...
G2 Recognizes Sectigo as a Leader for Certificate Lifecycle Management and SSL/TLS in Fall Grid Report (GlobeNewswire News Room) Sectigo®, a global leader in automated Certificate Lifecycle Management (CLM), and...
Zscaler Partners with Imprivata and CrowdStrike to Announce New Zero Trust Security Solution for Healthcare Organizations (GlobeNewswire News Room) End-to-End Threat Protection, Visibility, and Traceability Capabilities Provide Role-Based Controls to Protect Against Growing Ransomware Threats Against...
Vade Expands AI-Powered Security Capabilities to Web Browsing (Vade Secure) New remote browser isolation add-on guards against zero-day threats and user compromise from email-based links.
Black Kite - Black Kite Added to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Products List (CDM APL) (Black Kite) Black Kite, the leader in third-party cyber risk intelligence, today announced that it has been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program’s approved products list (APL) under the risk assessment capabilities.
Exiger Unveils 1Exiger, A Comprehensive New UX Designed to Make Supply Chain Management Simple, Intuitive and Accessible (PR Newswire) Exiger, the SaaS company revolutionizing the way corporations, government agencies and banks manage supply chains, today announced the launch...
BlueVoyant Partners with Qualys to Launch Comprehensive Vulnerability Identification Service - VISIBL for Qualys (PR Newswire) BlueVoyant, a globally recognized cybersecurity services company, has announced an exciting partnership with Qualys, a leading provider of...
Immuta's Integration with Databricks Unity Catalog is Now Generally Available (PR Newswire) Immuta, a data security leader, today announced the general availability of its integration with Databricks Unity Catalog, which enables...
Privacera’s Integration with Collibra Creates End-to-End Data Governance (Privacera) Integration fully-governs data through automation, fine-grained controls, data classification and policy enforcement to secure data and improve transparency.
Specops Software Launches Continuous Scanning Capabilities for Breached Password Protection (Business Wire) New functionality will crack down on unsafe or reused passwords to protect businesses in real-time
Ping Identity's New Solution Propels a Passwordless Future for Better Customer Experiences - Sep 19, 2023 (Ping Identity) Ping Identity, leading provider of seamless and secure digital experiences, has announced the availability of PingOne for Customers Passwordless, a cloud solution that helps enterprises accelerate...
Guesty Chooses AU10TIX for Identity Verification and Fraud Prevention (PR Newswire) AU10TIX, a global technology leader in identity verification and management, today announced that Guesty, the leading property management...
NETSCOUT Defends Customers From Cyberattacks With Automated, Real-Time Traffic Analysis, Global Threat Intelligence, and ML-Based Mitigation (Business Wire) Adaptive DDoS Protection for Arbor TMS Dramatically Improves Dynamic Distributed Attack Detection Including Carpet Bombing
Salt Security Strengthens CrowdStrike Partnership with New Integration (PR Newswire) Salt Security, the leading API security company, today announced it has expanded its partnership with CrowdStrike by integrating the Salt...
Open Systems Introduces OT Firewall to Secure Critical Infrastructures (Business Wire) Firewall solution enables organizations to embrace Industry 4.0 without sacrificing security
Technologies, Techniques, and Standards
Attacking Hostile Battle Networks (RealClearDefense) Today digital technology pervades the world’s militaries. Their lifeblood is now digitised information circulating through their force structures and used for warfighting and force management.
CISA Sponsors Hack the Building 2.0 Hospital Competition (Cybersecurity and Infrastructure Security Agency) The Cybersecurity and Infrastructure Security Agency (CISA) and the National Centers of Academic Excellence in Cybersecurity (NCAE-C) are sponsoring the Hack the Building 2.0, Hospital Edition competition at the Maryland Innovation and Security Institute (MISI) in Columbia, Md. from Sept. 18 – 22. The NCAE-C program is managed by the National Security Agency (NSA) in partnership with CISA and the Federal Bureau of Investigation (FBI).
6 Actions CEOs Must Take During a Cyberattack (Harvard Business Review) Many have warned over the years of the growing cyber threats and some have offered thoughtful advice for how to strengthen an organization’s protection and resilience. Three questions can help determine whether enough has been done: First, have you participated in a cyber tabletop exercise recently? Second, do you have the contact information of your chief information security officer saved somewhere other than your work phone or computer? (Remember, if your company’s networks suffer a ransomware attack, your work devices may be inaccessible.) Third, do you know your point of contact in government in case of a cybersecurity incident?
Metaverse poses serious privacy risks for users, report warns (Record) Metaverse technology doesn't work without gathering and processing vast quantities of personal and bodily data, notes NYU's Stern Center for Business and Human Rights.
Why critical infrastructure owners should think like hackers (Australian Financial Review) Critical infrastructure operators need to adopt an adversarial mindset and be far more vigilant for threats, especially from supply chains.
Design and Innovation
Companies Explore Ways to Safeguard Data in the Age of LLMs (Dark Reading) Generative AI models are forcing companies to become creative in how they keep employees from giving away sensitive data.
Legislation, Policy, and Regulation
FBI chief says China has bigger hacking program than the competition combined (Reuters) Beijing has a cyberespionage program so vast that it is bigger than all of its major competitors combined, Federal Bureau of Investigation Director Chris Wray told a conference on Monday.
Solarium Commission wants action on stalled cybersecurity recommendations (CyberScoop) The influential commission has seen nearly 70% of its initial recommendations to improve cybersecurity implemented.
U.S. Senators Introduce Bills to Enhance Rural Cybersecurity (GovTech) The Cybersecurity for Rural Water Systems Act and the Food and Agriculture Industry Cybersecurity Support Act would address vulnerabilities in agricultural systems and help farmers and ranchers prevent and respond to cyber threats.
U.S. Senators Elizabeth Warren, Roger Marshall, Joe Manchin, and Lindsey Graham Expand Coalition for Bipartisan Bill Cracking Down on Crypto’s Use in Money Laundering, Drug Trafficking, Sanctions Evasion (Sierra Sun Times) Digital Asset Anti-Money Laundering Act Closes Loopholes and Combats Money Laundering, Ransomware Attacks, Sanctions Evasion, Drug Trafficking, Elder Fraud, and Other Illicit Financial Activities Using Crypto
ONCD Working on ‘Playbook’ for Cybersecurity in Procurement (MeriTalk) The Office of the National Cyber Director (ONCD) is creating a playbook that aims to clarify, facilitate, and encourage incorporation of cybersecurity into the Federal grant process.
White House grapples with harmonizing thicket of cybersecurity rules (CyberScoop) The regulatory road to harmonizing regulations for 16 critical infrastructure sectors is long and treacherous.
Portugal's telecom watchdog working with operators to bar Huawei (Reuters) Portugal's telecom watchdog said on Monday it is working with operators to implement a high-level resolution which effectively bars Huawei's equipment from the country's 5G mobile networks, despite legal objections from the Chinese company.
House Committee Leaders Urge Sanctions Against China's Huawei, SMIC (Executive Gov) Looking for the latest Government Contracting News? Read about House Committee Leaders Urge Sanctions Against China's Huawei, SMIC.
Litigation, Investigation, and Law Enforcement
Twelfth Meeting of the Law Enforcement Coordination Group Focuses on Countering Hizballah’s Global Terrorist, Financial, and Procurement Networks (United States Department of State) The U.S. Departments of State and Justice led the Law Enforcement Coordination Group (LECG), which convened in Europe on September 12-13 for a regional meeting focused on Hizballah’s destabilizing activities in the Western Hemisphere. Governments from across North, South, and Central America participated in this session, along with Israel and Europol. The LECG was established […]
Court blocks California’s online child safety law (The Verge) The law was criticized for potentially privacy-eroding flaws.
One of the FBI’s most wanted hackers is trolling the U.S. government (TechCrunch) Russian hacker Mikhail Matveev is making T-shirts featuring his FBI most wanted poster, and asking his followers if they want to buy merch.
SEC, Covington end legal fight over client names, but dispute isn't over (Reuters) The U.S. Securities and Exchange Commission and law firm Covington & Burling on Monday resolved a lawsuit challenging the regulator’s demand for the names of clients caught up in a data breach, but one Covington client is planning to continue the legal battle on its own.
Firm Sued After Waiting to Inform Individuals Their Information Was Leaked (The Recorder) This complaint was first surfaced by Law.com Radar.