Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+579: Phishing for drone operators. (CyberWire) Russia continues to strike Ukrainian cities, especially the grain storage facilities in Odesa, as Ukrainian forces expand their salient in Russian lines.
Russia-Ukraine war: List of key events, day 580 (Al Jazeera) These are the main developments as the war enters its 580th day.
Russia-Ukraine war at a glance: what we know on day 580 of the invasion (the Guardian) Russia again strikes at Ukraine’s port and grain infrastructure; border crossing with Romania closed following drone attack
Ukraine makes ‘tactical breakthrough’ after breaching Russian defences (The Telegraph) Military analysts said Kremlin divisions were actively defending against assaults, one of which broke through in Zaporizhzhia
Ukraine Situation Report: Landmark Odesa Hotel Pummeled By Missile Barrage (The Drive) The large seaside hotel was supposedly vacant for some time when it was targeted in a mass Russian aerial barrage.
Russian Black Sea Fleet Commander Killed In Sevastopol Attack, Kyiv Says (RadioFreeEurope/RadioLiberty) Ukraine's military on September 25 said the commander of Russia's Black Sea Fleet was killed along with 33 other naval officers in Ukraine's September 22 attack on the fleet headquarters in Russian-annexed Crimea city of Sevastopol.
Russian Black Sea fleet commander killed in Crimea, Ukraine claims (the Guardian) Ukrainian military says attack that apparently killed Viktor Sokolov was timed to coincide with meeting of naval officials
Ukraine’s Military Claims to Have Killed the Head of Russia’s Black Sea Fleet (New York Times) Ukraine’s special forces said new information revealed that an attack last week in Crimea killed the commander of the Black Sea Fleet, a claim that could not be verified.
Russia Seeks to Show Commander Is Alive After Ukraine Claimed His Killing (New York Times) A day after Ukraine claimed to have killed the commander of Russia’s Black Sea Fleet, Russian state media broadcast footage of the admiral, Viktor Sokolov, in a meeting of defense officials.
Russia's Black Sea Fleet commander among 34 killed in a missile strike in Crimea, Ukraine claims (AP News) Ukrainian officials say the missile that blasted the Crimean headquarters of Russia’s navy last week killed 34 officers, including the fleet commander, though it provided no evidence to support its claim.
Zelenskiy Says The First U.S. Abrams Tanks Arrived In Ukraine (RadioFreeEurope/RadioLiberty) Ukraine received its first shipment of U.S.-made Abrams tanks that it says will strengthen its counteroffensive against Russian troops in the east after Moscow continued to attack port facilities in the southern city of Odesa destroying key grain storage facilities.
What to know about M1 Abrams tanks and why they matter to Ukraine (Washington Post) One of the United States’ most advanced battle tanks has arrived in Ukraine, where the M1 Abrams is expected to be used in the country’s counteroffensive against Russia.
Ukraine-Russia war: First US Abrams tanks arrive in Ukraine (The Telegraph) The first batch of US Abrams tanks have arrived in Ukraine in a move that Kyiv hopes will precipitate a counteroffensive “breakthrough”.
Ukraine live briefing: First U.S.-supplied M1 Abrams tanks arrive in Ukraine (Washington Post) The first batch of U.S.-provided M1 Abrams tanks has arrived in Ukraine, President Volodymyr Zelensky said Monday — nine months after President Biden reversed course by committing to send 31 of the advanced battle tanks. U.S. military officials have said the deliveries would be gradual but that they expected them all to arrive in the coming weeks.
The Pressure Is On: Biden Has a Year To Pull Out a Success in Ukraine (The New York Sun) Everyone knows that a reasonable compromise is hovering over the war between Ukraine and Russia, so why are there no negotiations?
It’s Time for the West to Embrace Ukraine’s Way of War, Not Doubt It (Institute for the Study of War) Ukrainian forces have adapted. Ukraine’s military decision-making is sound. Now is not the time for Western doubt but for the West to embrace Ukraine’s way of war and commit to sustaining Ukraine’s initiative on the battlefield.
Opinion: Ukraine’s bumpy road ahead just got rockier | CNN (CNN) The goodwill accumulated among the forces of democracy for Ukraine and its courageous president may be running dry, writes David A. Andelman. But the US and its allies must under no circumstances allow that to happen, he says.
Nothing is off table to get Ukraine into EU, says president of bloc’s parliament (the Guardian) Exclusive: Roberta Metsola warns ‘pushing the can down the road’ will fuel nationalism and the far right
The Evidence of Russian New START Treaty Cheating is Growing (Real Clear Defense) While Russia has “suspended” its observance of the New START Treaty (clearly in violation of the Treaty), it nonetheless claims that it is continuing to observe its limitations. However, in its annual 2023 report on the New START Treaty, the U.S. Department of State was unable to certify Russian compliance with the numerical limitations of the Treaty.
Antisemitism charges swirl after Putin denigrates Zelensky’s Jewish roots (Washington Post) Russian President Vladimir Putin earlier this month let loose a fresh tirade against Ukrainian President Volodymyr Zelensky, who is Jewish and many of whose relatives were killed by the Nazis.
From playgrounds to parade grounds: Russian schools are becoming increasingly militarized | CNN (CNN) Russia’s playgrounds are becoming parade grounds. At schools from the Pacific to the Black Sea, children in nursery grade don uniforms and take part in marching practice. Older kids are being taught how to dig trenches, throw grenades and shoot with real ammunition.
‘I just want justice’: Ukrainians struggle with hidden war crime of sexual violence (the Guardian) Thousands of adults and children may have survived Russian sexual assaults but few have come forward and far fewer have seen any punishment
Russia, Ukraine, and the Future Use of Strategic Intelligence (National Defense University Press) Before Russia’s unprovoked February 2022 invasion of Ukraine, the United States and the United Kingdom undertook an aggressive public and private information campaign to attempt to achieve two
Threat Labs Security Advisory: New STARK#VORTEX Attack Campaign: Threat Actors Use Drone Manual Lures to Deliver MerlinAgent Payloads (Securonix) Securonix Threat Labs Security Advisory: New STARK#VORTEX Attack Campaign: Threat Actors Use Drone Manual Lures to Deliver MerlinAgent Payloads
Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals (The Hacker News) Ukrainian military hit by a phishing campaign using drone manuals as bait to deliver a Go-based open-source post-exploitation toolkit called Merlin.
British Army general says UK now conducting ‘hunt forward’ operations (Record) Lt. Gen. Tom Copinger-Symes speaks with The Record about the U.K.'s new National Cyber Force (NCF) and his outlook for conducting offensive cyber operations outside of Britain.
Bermuda premier says 'sophisticated and deliberate' cyberattack hobbles government services (AP News) A major cyberattack has hobbled government operations in Bermuda, and officials are struggling to restore service.
Bermuda Public Services Remain Disrupted After Cyber Attack (Insurance Journal) Bermuda is working to restore public services that were halted after last week's "sophisticated and deliberate" cyberattack on its government systems, the
Attacks, Threats, and Vulnerabilities
ZenRAT: Malware Brings More Chaos Than Calm (Proofpoint) Key Takeaways Proofpoint identified a new malware called ZenRAT being distributed via fake installation packages of the password manager Bitwarden. The malware is specifically targeting Windows u...
Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks (SecurityWeek) Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.
Luxury Hotels Major Target of Ongoing Social Engineering Attack (Cofense) Uncover the details behind a sophisticated phishing campaign targeting high-end hotels. Learn how social engineering tactics are used to bypass security infrastructure and deploy information stealer malware.
State-owned insurer hit with cyber attack (Insurance Business Magazine) Black hat group demanding a ransom
PhilHealth won't pay 'ransom' after cyber attack (GMA News Online) State health insurer Philippine Health Insurance Corporation (PhilHealth) on Monday said it would not pay the $300,000 or approximately P17 million ransom that cyber hackers demanded in exchange for the stolen data from their website.
Hong Kong crypto firm hit by $200 million hack (Reuters) Hackers stole around $200 million from crypto firm Mixin early on Saturday, the company said on social media platform X on Monday, in what researchers say is the largest crypto theft so far this year.
Mixin Network suspends operations following $200 million hack (BleepingComputer) Mixin Network, an open-source, peer-to-peer transactional network for digital assets, has announced today on Twitter that deposits and withdrawals are suspended effective immediately due to a $200 million hack the platform suffered on Saturday.
Mixin Platform Suspends Deposits, Withdrawals After $200M Security Breach (Decrypt) Initial reports from PeckShield suggest that Mixin lost millions in various cryptocurrencies including Bitcoin, Ethereum, and DAI.
$70 Million Loss After Data Breach of CoinEx Crypto Exchange, Services Temporarily Suspended (CPO Magazine) A hack of crypto exchange CoinEx’s hot wallets has led to a loss of about $70 million in assorted asset types. The data breach was reportedly caused by compromised private keys and some independent security analysts have noted clues that point to North Korea’s Lazarus group, though CoinEx’s team may have a different read on the situation as the exchange is offering the culprits a “bug bounty” for return of the funds.
Another Security Breach in DeFi Space: Mixin Network Faces $200 Million Loss (CryptoMode) In the aftermath of the breach, the Mixin team promptly communicated the compromise of their Network's cloud service database.
3.4M people affected by Ontario pregnancy and newborn care registry data breach (CP24) An Ontario government agency that manages data about pregnancy and newborn children in the province says the personal health information of about 3.4 million people was impacted by a data breach.
BORN Ontario child registry data breach affects 3.4 million people (BleepingComputer) The Better Outcomes Registry & Network (BORN), a healthcare organization funded by the government of Ontario, has announced that it is among the victims of Clop ransomware's MOVEit hacking spree.
900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse (SecurityWeek) Nearly 900 US schools are impacted by the MOVEit hack at the educational nonprofit National Student Clearinghouse.
Clearinghouse Gets An F- Grade For Data Breach Affecting Nearly 900 US Schools (HotHardware) The threat actor seemingly got away with student data such as names, social security numbers, birthdates, and more from 890 different schools associated with the Clearinghouse.
Six Additional Companies Impacted by Sovos Compliance Data Breach Related to MOVEit Vulnerability (JD Supra) On September 22, 2023, Sovos Compliance LLC (“Sovos”) filed another notice of data breach on behalf of multiple companies affected by a data breach at...
Hackers say Sony is refusing to pay up after cyberattack (Tech Monitor) Ransomedvc, the group behind the alleged breach, says it will offer information stolen in the Sony cyberattack for sale on the dark web.
Product leasing giant warns that sensitive information was stolen during cyberattack (Record) Progressive Leasing is investigating a cyberattack and said there had been no “major” operational impacts to its services.
Scattered Spider "bites" in Las Vegas - Panda Security (Panda Security Mediacenter) Caesars Entertainment has been hit by a cyber-attack that compromised the sensitive personal information of many loyalty program customers.
Fake celebrity photo leak videos flood TikTok with Temu referral codes (BleepingComputer) TikTok is flooded with videos promoting fake nude celebrity photo leaks used to push referral rewards for the Temu online megastore.
Dallas doles out $8.5M to remediate May ransomware attack (Security | TechTarget) The City of Dallas released a report titled "Ransomware Incident: May 2023 Incident Remediation Efforts and Resolution" that shed light on the May attack.
Trends
2023 Security Budget Benchmark Summary Report (IANS) Download a summary version of IANS’ 2023 Security Budget Benchmark Report to find cross-industry key compensation information for CISOs.
Research Reveals 80% of Applications Developed in EMEA Contain Security Flaws (Veracode) Veracode’s State of Software Security 2023 Report Finds Software Security Lagging in EMEA, with Almost 20% of Applications Containing ‘High Severity’ Flaws
GMO GlobalSign Survey of Enterprises and SMBs Finds Many Unprepared for PKI Automation (GlobalSign) Top Certificate Authority finds that automation presents significant technical, compatibility, security and expertise challenges for a large swath of organizations
Healthcare Organizations Experience 279% Increase in Business Email… (Abnormal) Email attacks like BEC against the healthcare industry are on the rise in 2023. Protect yourself with sophisticated cloud-native email security.
New IDC Cybersecurity Report Signals End of SOAR Era As Enterprises and Vendors Shift to Hyperautomation (Torq) IDC examines how Torq Hyperautomation “predicts security gaps, proactively assesses the network, and ultimately secures it” by delivering “visibility and control of all environments for all processes and role players”...
NETSCOUT Threat Intelligence Report (NETSCOUT) The unprecedented events of 2020 led to an enormous and extended upswing in innovation for threat actors. And it's not going away anytime soon. From adaptive DDoS attack strategies to an explosion of new DDoS attack vectors, threat actors thrive on rapid innovation. Here's the latest on our constantly changing threat landscape.
Marketplace
Arlington Capital to buy Exostar from Thoma Bravo (PE Hub) Exostar is a secure collaboration and risk management service provider.
IT solutions company EBS rebrands and offers Cyber Incident Response (Brand Spur) Cyber threats are prevalent in different technology
Tenable Recognized as a Leader in OT Security in Latest GigaOm Radar Report (IT Voice | IT in Depth) Tenable®, the Exposure Management company, today announced it has been named a ‘Leader’ in the GigaOm Radar for Operational Technology (OT) Security. GigaOm Radar reports provide forward-looking an…
Hackers Say They've Breached "All Sony Systems", Threaten To Sell Stolen Data (TheGamer) Hackers are threatening to sell data from Sony, saying it has gained access to "all" of its systems.
Dashlane Deepens Senior Leadership Bench to Further Accelerate Strategic Growth and Product Expansion (Dashlane) Dashlane welcomes four experienced security and technical leaders to support its continued growth and expansion of product offerings.
SonicWall adds key piece to channel leadership transformation: names new Chief Marketing Officer Christine Bartlett (SonicWall) SonicWall, a world-leading cybersecurity, partner-first business for more than 30-years, announced today that Christine Bartlett will serve as its Senior Vice President and Chief Marketing Officer (CMO). Bartlett will oversee the global marketing team, with responsibility for building the global brand and driving partner marketing.
Megan Lueders Joins Sonatype as Chief Marketing Officer (GlobeNewswire News Room) Respected Marketing Veteran Brings 20 Years of Experience in Driving Transformation and Growth B2B Tech Companies...
Products, Services, and Solutions
Axiad's Certificate-Based Authentication for IAM Now Available in AWS Marketplace (PR Newswire) Axiad, a leading provider of organization-wide passwordless orchestration, today announced its Certificate-Based Authentication (CBA) for...
EPS Releases New Switch Erasure Update with Power Automation (Extreme Protocol Solutions) Extreme Protocol Solutions (EPS), leading-edge developer of Enterprise Data Erasure software, announced today that their flagship erasure software, XErase will now include an update that controls programmable power supplies enabling up to 24 switches to be erased simultaneously and completely automating the process for all modern switches.
Zyxel announces WiFi 6-enabled security firewalls for small- and medium-sized business networks (Help Net Security) Zyxel Networks adds WiFi 6 to USG FLEX firewall series to improve security and protection for small- and medium-sized business networks.
Radware Defends World Leading Data Center Provider and Operator from Volumetric DDoS Attacks (Yahoo Finance) Diverts large volumes of web traffic and reduces time to protectionMAHWAH, N.J., Sept. 26, 2023 (GLOBE NEWSWIRE) -- Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, announced it is providing DDoS protection for one of the top 20 leading data center providers and operators in the world. As part of a million-dollar agreement, the industry leader selected Radware’s Cloud DDoS Protection Service to mitigate and prevent volumetric assaults. In the face
Titania Nipper Release Simplifies Federal Agencies’ Ability to Prioritize and Remediate NIST SP 800-53 Non-Compliances (EIN Presswire) Titania’s software solution equips agencies with a critical capability lacking in more than 80 percent of federal government organizations
Delinea Secret Server Introduces MFA Enforcement at Depth to Meet New Cyber Insurance Requirements (PR Newswire) Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced an update to Secret Server,...
Next Extends Visibility & Controls for Leading AI Tools (Next DLP) Next DLP addresses data protection challenges across an extensive list of generative AI tools by extending visibility & adaptive controls.
BlueVoyant Welcomes Seasoned Tech Executive as Chief Product Officer (PR Newswire) BlueVoyant, a cybersecurity company that illuminates, validates, and remediates internal and external risks, today announced the addition of...
IBM NS1 Connect: How IBM is delivering network connectivity with premium DNS offerings (IBM Blog) IBM NS1 Connect will leverage the power of DNS to deliver fast, reliable connectivity for applications and websites across the globe.
Baffle Unveils First and Only Solution for Data Security and Compliance with Generative AI (Baffle) With Baffle Data Protection for AI, companies can protect their private data while accelerating GenAI projects SANTA CLARA, Calif. — Sept 26, 2023 — Baffle, Inc. today unveiled the first and only solution for securing private data for use in generative AI (GenAI) projects that integrates seamlessly with existing data pipelines. With Baffle Data Protection…
Broadcom Partners with Google Cloud to Strengthen Gen AI-Powered Cybersecurity (GlobeNewswire News Room) Symantec combines global threat intelligence with Google Cloud’s gen AI expertise to simplify threat analysis and protect against sophisticated cyber...
Immersive Labs Unveils Enterprise-Class Cyber Skills and Resilience Platform for the Entire Organization (Business Wire) New ‘Workforce Exercising’ Solution Extends the Immersive Labs Platform to Allow Leaders to Build and Prove Cyber Resilience Across All Levels and Roles
IRONSCALES Announces AWS Marketplace Availability, Expanding Email Security Solutions to AWS Partners and Customers (Business Wire) The leading email security platform is now available on AWS Marketplace enabling simplified procurement and fast deployment through one of the world’s leading cloud providers
Baffle Unveils First and Only Solution for Data Security and Compliance with Generative AI (GlobeNewswire News Room) Baffle, Inc. today unveiled the first and only solution for securing private data for use in generative AI (GenAI) projects....
Banyan Security Introduces Groundbreaking Zero Trust Clientless Solution for Secure Remote Access in the Healthcare Industry (GlobeNewswire News Room) Banyan Security announces a Zero Trust Clientless solution to address the healthcare sector's need to provide secure access to applications and...
Blue Mantis Partners with InnoVets® to Deliver Advanced Cybersecurity and IT Education, Training and Mentorship Program to Military Veterans Transitioning to the Workforce (Blue Mantis) GreenPages has been named as one of the world’s premier managed service providers in the prestigious 2023 Channel Futures MSP 501 rankings.
Bacula Announces Fully Integrated Backup and Recovery Module for OpenStack (News Direct) New capability allows for highly customizable protection of OpenStack environments, introducing high security, scalability and centralized enterprise backup from one vendor, to drive IT costs down
Telesign Expands its Messaging Platform with the Introduction of Transactional Email (Telesign) Integration of transactional email into Telesign’s omnichannel Messaging and Verify APIs serves to further enhance customer communications
Exabeam Showcases Latest AI-Driven Security Operations Advancements at Spotlight23 (Business Wire) Cybersecurity leader features threat detection, investigation, and response (TDIR) innovations at sixth annual users conference
XM Cyber Launches Exposure Management Service (EMS) (PR Newswire) XM Cyber, the leader in hybrid cloud exposure management, today announced the launch of the company's Exposure Management Service (EMS). This...
Technologies, Techniques, and Standards
Your Online Account May Have Been Breached? Don’t Just Sit There. Do Something. (Wall Street Journal) Too many people respond with a shrug and maybe change their password. That’s asking for trouble.
CISA task force aims to improve supply chain security with new hardware standards (Nextgov.com) The Hardware Bill of Materials Framework looks to standardize how vendors and customers communicate about the capabilities and use of hardware systems.
Want to learn what’s in your hardware? CISA has an idea for that. (Washington Post) The idea of a hardware ingredients list takes a step ahead
Fact Check: With MITRE Turla Testing, Your Results May Vary (BlackBerry) BlackBerry Fact Check alarms are sounding as vendors set their hype meters to maximum volume to claim “victory” in the recent MITRE ATT&CK® Evaluations. Facts are among the first casualties. Read on for a few to bear in mind as you navigate this latest post-MITRE hype-fest.
[New research] Do longer passwords protect you from compromise? (Specops Software) New Specops research looks into the data around longer passwords. Learn how they boost cybersecurity and where hackers can get around them.
VPN Trust Initiative: VPN Trust Seal Accreditation Program Launch (News Direct) Accreditation program provides a clear public indicator that participating VPN providers follow established best practices
Phasing Out GPS Reliance in U.S. Military Operations: An Imperative in the Face of Emerging Threats (Real Clear Defense) The United States' military reliance on the Global Positioning System (GPS) poses significant vulnerabilities in the face of emerging threats from adversarial nations like Russia, China, and North Korea. At the moment, Europe is witnessing a conventional war between two nations. In this context, the role of technology, particularly navigation systems, has emerged as a decisive factor for military success.
Keeper Security Releases Cybersecurity Disasters Survey: Incident Reporting & Disclosure (PR Newswire) Keeper Security, the leading provider of cloud-based zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys,...
Cybersecurity Disasters Survey - Incident Reporting & Disclosure (Keeper® Password Manager & Digital Vault) Download the Cybersecurity Disasters Survey: Incident Reporting and Disclosure to gain insight into cyber disaster incidents, reporting and recovery.
Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats (Help Net Security) Amid increasing cyber threats, organizations must equip their cybersecurity teams with the skills to swiftly detect and halt attacks.
Research by EMA and ProcessUnity Proves Positive Business Value of a Risk-Based Approach to Cybersecurity (Business Wire) Data from CyberGRX Exchange reveals upward trend of companies tracking portfolio-wide third-party risks and control gaps
Your Boss’s Spyware Could Train AI to Replace You (WIRED) Corporations are using software to monitor employees on a large scale. Some experts fear the data these tools collect could be used to automate people out of their jobs.
Post-Quantum Cryptography Coalition Launches (MITRE) Community of Cybersecurity Organizations to Accelerate Adoption of Post-Quantum Cryptography in Commercial & Open-Source Technologies
Design and Innovation
How the Cult of the Dead Cow plans to save the internet (CyberScoop) The "original hacking supergroup" is trying to design tools to rebuild the internet from the ground up.
A Tricky New Way to Sneak Past Repressive Internet Censorship (WIRED) With the number of internet blackouts on the rise, cybersecurity firm eQualitie figured out how to hide censored online news in satellite TV signals.
ChatGPT Can Now Talk to You—and Look Into Your Life (WIRED) ChatGPT inches closer to feature parity with the seductive AI assistant from Her, thanks to an upgrade that adds voice and image recognition to the chatbot.
If you wouldn’t take advice from a parrot, don’t listen to ChatGPT: Putting the tool to the test (VentureBeat) How does ChatGPT deliver when it comes to cybersecurity advice? One security expert found the bot's responses both helpful and harmful.
AI is here. What Does it Mean for Your Workforce? (Immersive Labs) AI can either strengthen or weaken your cybersecurity posture. Read this post to learn more about the role of AI in cybersecurity.
Academia
Maine Department of Labor to Announce the Launch of University of Maine at Augusta Cybersecurity and IT Registered Apprenticeship Program (PR Newswire) On September 28th from 1-3pm ET, the Maine Department of Labor (MDOL) and its Commissioner, Laura Fortman, will announce the launch of the...
Legislation, Policy, and Regulation
Deepfakes can cause geopolitical rifts. State should fund detection of manipulated videos (ThePrint) Deepfakes have the ability to swing elections, erode public trust. Two ways to combat them are detection & provenance. Its looming threat necessitates proactive State intervention.
The Cyber Threat to Nuclear Non-Proliferation (Default) Targeting nuclear enterprises in a condition of competition could lead to global geostrategic instability.
The invisible war: Interception, espionage, and the need for enhanced national security David Wiseman David Wiseman (Edge in Singapore) In the dynamic landscape of Singapore’s digital age, the need for robust cybersecurity and trusted, secure communications has never been more pronounced. As cyber threats and mobile ‘wire-tapping’ tactics evolve alarmingly, traditional defence measures fall short, requiring a paradigm shift in our approach.
U.S. Blacklists 28 Entities From China, Russia and Other Countries, Citing National Security Risks (Wall Street Journal) The Commerce Department dialed up pressure on foreign actors that could undermine American national security interests.
Welcome to Cyber Realism: Parsing the 2023 Department of Defense Cyber Strategy (War on the Rocks) Released to the public on Sept. 12, the Department of Defense’s 2023 Cyber Strategy differs from its predecessors in its lack of bold new buzzwords. The
Litigation, Investigation, and Law Enforcement
GDPR – four simple letters which struck fear into every organisation across Europe in 2018 (The Irish News) ENFORCED by the Information Commissioner’s Office (the ICO), the General Data Protection Regulations (GDPR), introduced five years ago, brought with it new legal rights for individuals, increased accountability for organisations and significantly larger fines.
Nigerian National pleads guilty to participating in a millionaire BEC scheme (Security Affairs) A Nigerian national pleaded guilty to wire fraud and money laundering through business email compromise (BEC).
MGM Resorts warns customers of fraud as it faces class action lawsuits (Cybersecurity Dive) The plaintiffs claim the company was negligent for failing to protect customer data despite prior warnings about previous attacks.
Google hid evidence by training workers to avoid words monopolists use, DOJ says (Ars Technica) "We don't 'lock up'... our customers," and "we do not 'leverage' anything."
FBI Agents Are Using Face Recognition Without Proper Training (WIRED) The FBI makes heavy use of face recognition services like that of controversial startup Clearview AI, but 95 percent of the agents using them haven’t completed training on the technology.