Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+575: Black Sea Fleet struck. (CyberWire) As Russia resists Ukraine's push to expand its breakthrough in the Surovikin Line, Ukrainian missile strikes hit the Black Sea Fleet's headquarters in occupied Sevastopol.
Russia-Ukraine war at a glance: what we know on day 576 of the invasion (the Guardian) One killed in Russian attack on Kherson; a second grain ship departs from Ukraine’s Chornomorsk seaport as country attempts to re-start Black Sea exports
WSJ News Exclusive | Ukraine Sends First Armored Vehicles Through Breach in Russian Defenses (Wall Street Journal) Kyiv is seeking to expand the limited breakthrough in the southeast at a pivotal moment in its counteroffensive.
Watch: Ukrainian heavy armour breaches Surovikin line of Russian defences (The Telegraph) Drone footage shows Kyiv forces penetrating Moscow’s main defensive line in the Zaporizhzhia region
Ukraine-Russia war latest: Ukrainian armoured vehicles cross Russia’s main defensive line (The Telegraph) Ukraine’s armoured vehicles appear to have punched through Russia’s main defensive line of mines, barriers and trenches on the southern front.
Ukraine missile strike hits Russia’s Black Sea Fleet headquarters, kills 1 serviceman (Federal News Network) Russia says Ukraine carried out a missile strike on the main headquarters of its Black Sea Fleet, killing one service member. Images on social media Friday showed large plumes of smoke over the…
Russian War Report: Black Sea military operations approach NATO countries' waters (Atlantic Council) Zelenskyy expresses frustration at the UN, Russia seems unlikely to block YouTube, and the US drops new sanctions.
Ukraine has won a massive naval victory without having a navy (The Telegraph) Russia's hold over Sevastopol is slipping, with huge implications for the Black Sea Fleet
Exclusive: Ukraine's special services 'likely' behind strikes on Wagner-backed forces in Sudan, a Ukrainian military source says | CNN (CNN) Speaking to CNN, a Ukrainian military source described the operation as the work of a “non-Sudanese military.” Pressed on whether Kyiv was behind the attacks, the source would only say that “Ukrainian special services were likely responsible.”
Zelenskyy tells United Nations: Russia is committing genocide in Ukraine (Atlantic Council) Ukrainian President Volodymyr Zelenskyy told the UN this week that Russia is committing genocide in Ukraine. Efforts to legally prove genocidal intent will likely focus on the genocidal rhetoric of Putin and other Russian leaders, writes Taras Kuzio.
Russia-Ukraine War: Zelensky Thanks Americans in Emotional Speech to End Washington Visit (New York Times) “There is not a soul in Ukraine that does not feel gratitude to you, America,” the Ukrainian president said after a long day of lobbying Congress for more aid and a meeting with President Biden.
Zelenskyy delivers upbeat message to US lawmakers on war progress as some Republican support softens (AP News) President Volodymyr Zelenskyy worked to shore up U.S. support for Ukraine on a whirlwind visit to Washington on Thursday, delivering an upbeat message on the war’s progress while facing new questions about the flow of American dollars that for 19 months have helped keep his troops in the fight against Russian forces.
Zelensky tells US he will ‘lose the war’ without their support (The Telegraph) Embattled president met senators at private meeting, as Republicans move to block further aid
Zelenskiy secures $325m in new US aid even as Republican support wanes (the Guardian) Ukraine president delivers upbeat message on war progress during second White House visit since Russian invasion
Biden: First US Abrams tanks to arrive in Ukraine next week (The Hill) The first U.S. Abrams tanks allocated for Ukraine will arrive there next week, President Biden said during a White House meeting with Ukrainian President Volodymyr Zelensky.
Biden Administration Announces Additional Security Assistance for Ukraine (U.S. Department of Defense) President Biden announced, the Defense Department is sending an additional security assistance package to meet Ukraine's critical security and defense needs.
Biden Meets With Ukraine President, as U.S. Sends $325M Arms Package (U.S. Department of Defense) The U.S. announced it will send an additional security assistance package for Ukraine as Ukrainian President Volodymyr Zelenskyy concluded his second visit to Washington.
Biden pledges more support for Ukraine’s defence as he announces new arms package (The Independent) Mr Zelensky is meeting with the US president after a trip to Capitol Hill
Readout of Secretary of Defense Lloyd J. Austin III's Meeting With Ukrainian President Volodymyr Zelenskyy (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III met with Ukrainian President Zelenskyy to reaffirm the steadfast U.S. support for Ukraine.
Austin Assures Zelenskyy of American Support for Ukraine (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III highlighted "his personal commitment and involvement and working with international leaders on that front," Pentagon Press Secretary Air Force Brig. Gen. Pat
Zelenskyy delivers upbeat message to US lawmakers on war progress as some Republican support softens (AP News) Ukrainian President Volodymyr Zelenskyy has delivered an upbeat message to U.S. lawmakers and President Joe Biden in a whirlwind visit to Washington.
Pentagon exempts Ukraine operations from potential government shutdown (POLITICO) The decision means that training on American tactics and equipment can move forward uninterrupted if lawmakers don’t reach a funding deal by the end of the month.
Will Zelenskyy's Washington visit help deliver ATACMS for Ukraine? (Atlantic Council) The White House is worried about the counteroffensive, but it has held off on supplying Ukraine the missiles that would help make a breakthrough.
With Zelenskyy in town, White House still a no on ATACMS long-range missiles for Ukraine (Breaking Defense) The Biden administration said the long-range weapons are not "off the table," but no decision has been made.
Zelensky, in a Chat With Sun Columnist, Emerges as Serious, Smart, Pragmatic — and Understandably Worried About American Backing for Ukraine (The New York Sun) The leader’s goal is for America’s support for his country’s defense against Russia to be bipartisan.
Opinion Ukraine aid is hanging by a thread (Washington Post) As Washington turns its focus toward the 2024 presidential campaign, U.S. aid to Ukraine is becoming increasingly vulnerable to partisan politics and the culture wars.
Europe is on the verge of surrendering Ukraine to Putin (The Telegraph) Poland has given Kyiv all it can. With the war dragging on, doubt is beginning to creep in
Grain spat drags Ukraine's ties with ally Poland to lowest point since start of Russian invasion (AP News) A dispute about whether Ukrainian grain should be allowed to enter the domestic markets of Poland and other European Union countries has pushed the tight relationship between Kyiv and Warsaw to its lowest point since Russia invaded Ukraine last year.
Ukraine complains to WTO about Hungary, Poland and Slovakia banning its food products (AP News) Ukraine is filing a complaint at the World Trade Organization against Hungary, Poland and Slovakia after they banned grain and other food products coming from the war-torn country.
Ukraine faces a long war. A change of course is needed (The Economist) Its backers should pray for a speedy victory—but plan for a long struggle
Azerbaijan claims full control of breakaway region and holds initial talks with ethnic Armenians (AP News) Azerbaijan regained control of its breakaway region of Nagorno-Karabakh in a deadly two-day military offensive and held initial talks with representatives of its ethnic Armenian population on reintegrating the area into the mainly Muslim country.
No One Could Have Predicted Russia’s Military Failure in Ukraine (World Politics Review) Pre-war predictions about Russia’s war on Ukraine were inaccurate, raising the question: Why are we often wrong about how a war will go?
The Black Box of Moscow (Foreign Affairs) The West Struggles to Understand Russia—But Can Still Help Ukraine Win.
Russian soldiers deliberately kill Ukrainian kids, new film says (POLITICO) Terror against civilians is part of Russian military strategy, experts say.
Russia sanctions add to insurance financial crime issues (Insurance Business Magazine) Financial watchdog continues to see 'problems'
Is Future Escalation in Cyber Conflict a Foregone Conclusion? (OODA Loop) Here we present analysis relevant to cyber conflict including the potential of spillover into non combatants and provide insights on the relevance of recent Russian statements.
Russian cyberattack thought to be cause of government IT system crash – Premier (Royal Gazette) A suspected cyberattack from Russia could have been the cause of a breakdown in government IT systems, it emerged this afternoon.
David Burt revealed that at least one other country was also believed ...
Anti-corruption progress in Ukraine and Moldova is vital for EU integration (Atlantic Council) Ukraine and Moldova stand at a crossroads as both countries seek to strengthen their institutions to stamp out corruption and accelerate their integration with Europe, writes Olivia Yanchik.
Ukraine Allows Russia-Related Words To Be Written In All Lowercase (RadioFreeEurope/RadioLiberty) Ukraine's National Commission of Language Standards has allowed for all letters in "Russia," "Russian Federation," "Russian Empire," "Moscow," and other related words to be written in lowercase.
Thousands Of Russians In Latvia To Be Told To Leave (RadioFreeEurope/RadioLiberty) Around 3,500 Russian citizens in Latvia will receive letters from the migration authority this week asking them to leave the country.
Suspected Russian spies to be charged with conspiracy to conduct espionage (The Telegraph) The five defendants will appear at Westminster Magistrates’ Court on September 26
IRS, Dutch and UK experts teach Ukrainian law enforcement how to catch sanctions evaders (Record) The three countries completed their latest training session with Ukrainian law enforcement officers in an effort to help them trace cryptocurrency and blockchain transactions.
Russia temporarily bans export of petrol and diesel to stabilise domestic market (the Guardian) Four former Soviet states excepted from the ban, which has been prompted by railway bottlenecks and weakness of rouble
The West won’t seize Russia’s reserves any time soon. Here’s what it can do with the funds instead. (Atlantic Council) Frozen Russian assets could be invested profitably, with the goal of creating an annuity for Ukraine of at least two billion dollars a year.
Ukraine’s wartime resilience portrayed on stage in Washington (Atlantic Council) Ukraine's remarkably resilient response to Russia's full-scale invasion has captured the world's imagination and has now inspired a quirky stage adaptation by Kyiv-born playwright Sasha Denisova, writes Jacob Heilbrunn.
Attacks, Threats, and Vulnerabilities
Cyber Soft Power | China's Continental Takeover (SentinelOne) China-aligned threat actors are increasingly involved in strategic intrusions in Africa, aiming to extend the PRC's influence across the continent.
New threat intel effort to study 'undermonitered' regions (CyberScoop) Cyber operations in Africa and Latin America need more attention from the threat intelligence industry, the organizers of the effort argue.
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes (We Live Security) ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
Iranian Nation-State Actor OilRig Targets Israeli Organizations (Hacker News) Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in 2021 and 2022.
Iran cyberattack targets Israelis, leaking personal information (The Jerusalem Post) Personal information leaked by the hackers included photos of ID cards and resume files, among other information.
Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit (SentinelOne) Sophisticated threat actor deploys high-end malware utilizing the LuaJIT platform to backdoor telcos in Europe, Middle East and South Asia.
New 'Sandman' APT Group Hitting Telcos With Rare LuaJIT Malware (SecurityWeek) New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign.
Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor (Dark Reading) The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.
‘Sandman’ hackers backdoor telcos with new LuaDream malware (BleepingComputer) A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'
GOLD MELODY: Profile of an Initial Access Broker (Secureworks) Read how Secureworks Counter Threat Unit analysis indicates that the GOLD MELODY threat group acts as an initial access broker (IAB) that sells access to compromised organizations for other cybercriminals to exploit.
'Gold Melody' Access Broker Plays on Unpatched Servers' Strings (Dark Reading) A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.
Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers (The Hacker News) Gold Melody, the financially motivated cyber group, is selling access to compromised organizations for ransomware attacks.
Ransomware Roundup - Retch and S.H.O. (Fortinet Blog) This week’s issue of the ransomware roundup covers Retch and S.H.O ransomware, which are likely used to target consumers due to their low ransom demand. Learn more.…
What banks need to know about Snatch ransomware (American Banker) Two federal agencies recently released a warning about a strain of ransomware called Snatch, which has adopted the successful tactics of other variants.
Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack (The Hacker News) "Free Download Manager" software site was breached in 2020, and a Ukrainian hacker group distributed malware.
Music and Malicious Behavior - Six Warnings Signs to Look out For (DomainTools) Whether you’re a Swiftie or part of the Bey Hive, someone may be out there trying to exploit your love of music. We’re running through the six warning signs to look out for
Hikvision Intercoms Allow Snooping on Neighbors (Dark Reading) The intercoms are used in thousands of apartments and offices across the world, and they can be used to spy on targets through the other devices they connect to.
TransUnion statement regarding some limited online activity alleging that data obtained from multiple entities, including TransUnion, will be released. (TransUnion) TransUnion is aware of some limited online activity alleging that data obtained from multiple entities, including TransUnion, will be released. Immediately upon discovering these assertions, we partnered with outside cybersecurity and forensic experts to launch a thorough investigation. At this time, we and our internal and external experts have...
TransUnion denies it was hacked, links leaked data to 3rd party (BleepingComputer) Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data allegedly stolen from the company's network.
Nansen Warns Of Potential Phishing Attacks Following Vendor Security Incident Exposing Customer Data (CryptoSlate) Nansen crypto analytics platform reports customer data breach, prompts swift response
U says hackers may have stolen decades of student, worker data (MPR News) University of Minnesota officials on Thursday acknowledged that a data breach initially reported last month exposed personal information on students, potential students and employees from 1989 to 2021, including Social Security numbers.
Data breach at University of Minnesota may have involved personal information dating back to 1989 (FOX 9 Minneapolis-St. Paul) A recent data breach at the University of Minnesota potentially compromised the security of private information, according to a press release.
U of M data breach may have compromised student info going back to 1989 (MinnPost) Plus: Minnesota Supreme Court to hear Trump on ballot case; Stillwater Prison water complies with standards; drought covers more than a quarter of the state; Twins playoff tickets go on sale; and more
MGM Resorts computers back up after 10 days as analysts eye effects of casino cyberattacks (AP News) MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the U.S.
MGM Restores Casino Operations 10 Days After Cyberattack (Dark Reading) The lost revenue due to downtime for gaming and hotel bookings is difficult to ballpark.
MGM Resorts computers back up after being down 10 days due to casino cyberattacks (CBS News) MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the U.S. That's 10 days after a cyberattack led it to shut down digital systems.
MGM says its recovered from cyberattack, employees tell different story (Cybernews) MGM Resorts says all its hotels and casinos are now “operating normally” in the wake of last week’s debilitating cyberattack – but some MGM workers say behind the scenes tells quite a different story of massive amounts of lost employee data and an employer keeping them in the dark.
'Power, influence, notoriety': The Gen-Z hackers who struck MGM, Caesars (Reuters) About a year ago, the U.S. security firm Palo Alto Networks began to hear from a flurry of companies that had been hacked in ways that weren't the norm for cybercriminals.
MGM vs. Caesars: Cybersecurity Expert Rates Hacking Responses (Casino.org) Caesars paid. That’s one of the few important things we know so far about the two recent cyberattacks on the two largest casino operators in Las Vegas.
What The MGM Resorts Attack Can Teach Small Businesses About Cybersecurity (Forbes) On Sunday 10th September, Vegas giants MGM Resorts fell victim to a cyberattack. Established ransomware groups have claimed responsibility for the attack.
Clorox yet to fully recover from August cyber attack, confirms impact on financials (teiss) American cleaning products giant Clorox said it is still in the process of recovering from a cyber attack it suffered in August that affected its daily predations.
Pharm-Pacc Announces Files Notice of Data Breach Leaking Patients’ SSNs and PHI (JD Supra) On September 14, 2023, Pharm-Pacc filed a notice of data breach with the Attorney General of Montana after discovering that an unauthorized party...
Cyberattack impacts some Air Canada workers (iHeart) Air Canada is reporting a cyber attack impacting some of its workers.
Air Canada says hackers accessed limited employee records during cyberattack (Record) Canada’s largest airline announced a data breach this week that involved the information of employees, but said its operations and customer data was not impacted.
CISA Adds One Known Exploited Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-41179 Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
Security Patches, Mitigations, and Software Updates
Apple emergency updates fix 3 new zero-days exploited in attacks (BleepingComputer) Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core (Cybersecurity and Infrastructure Security Agency CISA) Drupal has released a security advisory to address a vulnerability affecting multiple Drupal versions. A malicious cyber actor could exploit this vulnerability to take control of an affected system.
Atlassian Releases September Security Bulletin (Cybersecurity and Infrastructure Security Agency CISA) Atlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products. A malicious cyber actor could exploit some of these vulnerabilities to take control of an affected system.
ISC Releases Security Advisories for BIND 9 (Cybersecurity and Infrastructure Security Agency CISA) The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain (BIND) 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions.
CISA Releases Six Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) CISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-264-01 Real Time Automation 460 Series
ICSA-23-264-02 Siemens Spectrum Power 7
ICSA-23-264-03 Delta Electronics DIAScreen
ICSA-23-264-04 Rockwell Automation Select Logix Communication Modules
ICSA-23-264-05 Rockwell Automation Connected Components Workbench
ICSA-23-264-06 Rockwell Automation FactoryTalk View Machine Edition
Trends
NightDragon, Diligent Report Finds Gap in Cyber Experience in S&P500 Board Rooms (Benzinga) Report endorsed by industry leaders indicates need for boards of directors to improve competency and literacy around cyber risk SAN FRANCISCO, Sept. 21, 2023 /PRNewswire/ -- Cybersecurity has increasingly become a topic
Ransomware hit usually costs PH firm about $1M, says Fortinet (INQUIRER.net) MANILA -A Philippine company usually spends about P55 million or about $1 million to resolve a single data breach and pay off ransom to regain system access, according to cybersecurity company
Op-Ed: Ransomware and extortion attempts show no signs of slowing down (Cybersecurity Connect) Ransomware groups, advanced persistent threats (APTs), and commodity attackers continue to compromise global businesses at scale, showing no signs of abating.
Marketplace
NATO seeks cyber threat intelligence solutions - Intelligence Community News (Intelligence Community News) On September 21, the North Atlantic Treaty Organization (NATO) issued a market survey for cyber threat intelligence. Responses are due by October 16 at 5:00 p.m. Central European Summer Time (CEST).
Cisco’s Splunk Deal Shows Allure of AI in Cybersecurity (Wall Street Journal) The $28 billion acquisition of Splunk by Cisco Systems could create a titan among cybersecurity providers, but such deals can be a mixed blessing for cyber chiefs, experts say.
Most organizations want security vendor consolidation (Security Intelligence) In the face of rising operational complexity paired with cyber risks, 75% of organizations want to consolidate their cybersecurity vendors.
Wanted: another 3mn cyber professionals (Financial Times) Ever greater demand for security staff is increasing wage inflation and skills gaps
CISA Publishes New Cybersecurity Career Awareness Challenges (Cybersecurity and Infrastructure Security Agency) Individuals interested in cybersecurity can interactively explore a career pathway
Optiv Co-Founder Dan Burns Joins Balance Theory Board of Directors (PR Newswire) Balance Theory, the leading cybersecurity ecosystem management platform, today welcomes Dan Burns, co-founder and former CEO of Optiv, to the...
Products, Services, and Solutions
Fortress Information Security and NetRise Collaborate to Secure Software Supply Chains for Critical Industries (Fortress Information Security) Fortress Information Security (Fortress) and NetRise today partnered to offer a new, innovative Software Bill of Materials (SBOM) transparency solution to secure software supply chains and meet evolving regulatory requirements for software transparency.
LogicGate Revolutionizes Compliance Management with Launch of Automated Evidence Collection Feature for Risk Cloud Platform (PR Newswire) LogicGate, a leading provider of Governance, Risk, and Compliance (GRC) solutions through its Risk Cloud® platform, announced today the...
BlueVoyant Expands Offerings to Establish the Only Comprehensive Third-Party Cyber Risk Management Solution (PR Newswire) BlueVoyant, a cybersecurity company that illuminates, validates, and remediates internal and external risk, today announced the release of new...
Contrast Security Integrates with AWS Security Hub to Empower Organizations to Effectively Manage and Mitigate Security Risks (Contrast Security) The integration of Contrast Assess with AWS Security Hub offers a comprehensive, proactive security management approach.
Palo Alto Networks Recognized as a Leader in Zero Trust Platform Providers (Palo Alto Networks) "Palo Alto Networks' Zero Trust Framework encapsulates the need to enable and protect a hybrid workforce."
Jumio Named a Representative Vendor in Fifth Consecutive Gartner® Market Guide for Identity Verification (Business Wire) The Market Guide discusses growing concerns about AI-enabled attacks using deepfakes, offers comprehensive market recommendations for security and risk management leaders responsible for identity and access management and fraud detection
Keysight and Synopsys Partner for IoT Device Cybersecurity (Business Wire) Synopsys Defensics® fuzz testing software embedded into Keysight’s IoT Security Assessment solution
Leading Financial Institution Chooses SSH’s PrivX for Operational Efficiency and Cybersecurity | GlobeNewswire by notified (Kommunikasjon) A leading global financial institution has selected PrivX as its privileged access management (PAM) solution. The customer is one of the largest and most important financial institutions in the world. This is third major new significant lighthouse customer for PrivX in the USA.
Deep Insight Results: 2023 MITRE Engenuity ATT&CK Evaluations for Enterprise (Deep Instinct) The results are in! In this blog post we’ll outline the results of the 2023 MITRE Engenuity ATT&CK Evaluations for Enterprise and cover the following: What the ATT&CK Evaluations are and what it means for enterprises; The tactics, techniques, and procedures (TTPs) employed by Turla to perform an attack; How Deep Instinct’s platform prevents Turla attacks and protects your organization.
Technologies, Techniques, and Standards
Every Network Is Now an OT Network. Can Your Security Keep Up? (SecurityWeek) If you’ve been putting off redesigning your IT-OT security systems, now is the time to make it a priority.
Cyberattack survival: Incident response planning for retail business (Security) Without warning a cyber attack strikes an online business. How do you ensure operations continue? Incident response planning.
DHS Wants Feds to Streamline Cyber Incident Reporting (MSSP Alert) An upgraded system to report incidents will help the government chart a path to better identify trends in cyber incidents and improve organizations’ ability to prevent, respond and recover from attacks, officials said.
HHS Updates Security Risk Assessment Tool to Help With HIPAA Security Rule Compliance (Thomson Reuters Tax & Accounting News) HHS has announced an updated version of its interactive Security Risk Assessment (SRA) Tool. The SRA Tool, first developed in 2014, is designed to help health care providers conduct a security risk assessment as required by the HIPAA Security Rule.
What Does Socrates Have to Do With CPM? (Dark Reading) It's time to focus on the "P" in cybersecurity performance management.
CISA, NFL, and Local Partners Conduct Cybersecurity Exercise in Preparation for Super Bowl LVIII | CISA (Cybersecurity and Infrastructure Security Agency CISA) The Cybersecurity and Infrastructure Security Agency (CISA), the National Football League (NFL), Allegiant Stadium, and Super Bowl LVIII partners held a tabletop exercise this week to explore, assess, and enhance cybersecurity response capabilities, plans, and procedures ahead of Super Bowl LVIII.
Design and Innovation
Trend Micro Launches Internal AI Contest to Drive Innovation (PR Newswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced that thousands of its employees will...
Legislation, Policy, and Regulation
GCA granted with Special Consultative Status by UN ECOSOC (Global Cyber Alliance) This accreditation granted by the United Nations marks a step forward in our mission to reduce cyber risk.
UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies (SecurityWeek) British lawmakers approved an ambitious but controversial new internet safety law with wide-ranging powers.
US, UK strike data transfer agreement (CyberScoop) The European Commission approved a similar data transfer agreement with the United States in July.
Cyber experts say CISA should bolster threat hunting, visibility across federal networks (Federal News Network) Lawmakers are paying close attention to how CISA revamps its flagship federal cyber programs, like Continuous Diagnostics and Mitigation.
FTC consumer protection chief puts data brokers on notice (Washington Post) A top Federal Trade Commission official is slated to fire a warning shot against the data broker industry on Thursday, speaking out in a key address against a “fever” by companies to scoop up and trade consumers’ personal information with little or no regard for their privacy or well-being.
Cyber attacks reveal uncomfortable truths about US defenses (C4ISRNet) It should be recognized that cybersecurity systems can be just as flawed as the systems they protect, the author says.
GEN Nakasone Offers Insight into Future of Cybersecurity and SIGINT (National Security Agency/Central Security Service) GEN Paul M. Nakasone, Commander of U.S. Cyber Command (USCYBERCOM), Director of NSA, and Chief of the Central Security Service (CSS), offered insight into what the future of cybersecurity and signals
EDITORIAL | Participation needed in cybersecurity plan (Star Tribune) Public entities operating in Minnesota should opt in to new state effort intended to protect private data and information.
Maryland Guard, Estonian Partners Focus on Cyber Defense (National Guard) The Maryland Air National Guard partnered with Estonia’s Cyber Command Sept. 17-20 to host the cybersecurity exercise Baltic Blitz 23. About 30 Airmen from the 175th Wing,
Biden-Harris Administration Launches First CHIPS for America Funding Opportunity (U.S. Department of Commerce) As part of Implementing the Bipartisan CHIPS and Science Act, Department of Commerce Seeks Applications to Revitalize Domestic Semiconductor Industry and Bring Supply Chains Back to the U.S.
Litigation, Investigation, and Law Enforcement
Poland investigates OpenAI over privacy concerns (Reuters) A Polish watchdog is investigating Microsoft-backed OpenAI over a complaint that its ChatGPT chatbot breaks European Union data protection laws known as the GDPR, it said.
SEC cyber disclosure rules put CISO liability under the spotlight (Legal Dive) Corporate officers can also be held personally liable for how they respond to data security issues, including through lawsuits from investors.
India's biggest tech centers named as cyber crime hotspots (Register) Global tech companies' Bharat offices attract the wrong sort of interest
Courts Strike a Blow Against White House's Social Media Censorship (Newsweek) A federal appeals court delivered a win for free speech last week, rebuking the White House and several agencies.
Menacing marketeers fined by ICO for 1.9M cold calls (Register) Five businesses facing half a million in collective penalties for illegally phoning folk registered with TPS
State and Justice Dept. contractor charged with spying for Ethiopia (Washington Post) A Maryland man of Ethiopian descent, Abraham Teklu Lemma, is accused of passing on classified national defense information about a region where soldiers battled rebels
US govt IT worker accused of leaking top secrets (Register) National defense files can earn you $55K … and espionage charges