Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+588: Drone strikes and naval redeployment. (CyberWire) Russia tightens its control over its own information space as its control of the Black Sea is increasingly contested.
Russia-Ukraine war: List of key events, day 589 (Al Jazeera) As the war enters its 589th day, these are the main developments.
Russia-Ukraine war at a glance: what we know on day 589 of the invasion (the Guardian) US to transfer seized Iranian weapons to Ukraine; dozens of Ukrainian drones attack Russian regions
Ukraine-Russia war: Dozens killed in 'brutal' missile strike on Kharkiv memorial service (The Telegraph) At least 49 people, including a six-year-old boy, were reportedly killed by a Russian missile strike on a memorial service in Kharkiv.
Ukraine 'strikes Russia's most advanced air defence system' (The Telegraph) Ukraine claims to have struck Moscow’s most advanced air defence system in a drone attack on mainland Russia.
Russia foils major Ukraine drone attack amid concerns on Kyiv supplies (C4ISRNet) The attack appeared to be Kyiv’s largest single cross-border drone assault reported by Moscow since it launched its invasion 20 months ago.
In Ukraine, explosive DIY drones give an intimate view of killing (Washington Post) The unblinking eye of the Ukrainian surveillance drone spotted attractive prey: eight Russian soldiers entering a fortified, well-camouflaged dugout.
Watch: Ukrainian special forces use jet ski raid to ‘plant flag in Crimea’ (The Telegraph) Russia’s defence ministry claims its air force prevented ‘attempt to penetrate the territory’ launched in the dead of night
How British Storm Shadow missiles are defining a new phase in Ukraine’s war (The Telegraph) A new missile campaign is threatening Russian forces in Crimea - and it could get worse
UK says Russia plotting to sabotage Ukrainian grain vessels with sea mines (the Guardian) Based on ‘declassified intelligence’, UK says Russia targeting civilian shipping on approaches to Black Sea ports
Russia plans naval base in Abkhazia, triggering criticism from Georgia (Reuters) Russia has signed a deal for a permanent naval base on the Black Sea coast of the breakaway Georgian region of Abkhazia, the Izvestiya newspaper reported, prompting criticism from Georgia which said the move was a "gross violation" of its sovereignty.
Opinion | Ukraine Needs Weapons, Not Debates Over Which Ones (Wall Street Journal) No arms are perfect, and Kyiv’s supporters shouldn’t make the perfect the enemy of the good.
US sending seized Iranian munitions to Ukraine (Defense News) The transfer comes as prospects of further Ukraine aid look bleak in Congress
Chaos in House Leads Biden to ‘Worry’ About Flow of Ukraine Aid (New York Times) The president said he would make a major address soon to lobby for uninterrupted support for Ukraine.
Progressive activists bring Ukraine war protests to congressional offices (The Hill) More than 50 progressive activists marched across Capitol Hill on Wednesday to protest the war in Ukraine and call on lawmakers to push the Biden administration to negotiate an end to the war.
Most ‘aid to Ukraine’ is spent in the US. A total shutdown would be irresponsible. (Breaking Defense) A lot of money considered to be "aid to Ukraine" is actually spent in the US. In this op ed, Mark Cancian argues that eliminating that funding would be bad business for both Ukraine and American interests.
AI Chatbots Are Learning to Spout Authoritarian Propaganda (WIRED) Regimes in China and Russia are rushing to repress what chatbots can say. It's an early warning about a new frontier of online censorship.
Cyber Operations as Crimes at the International Criminal Court (Lieber Institute--West Point) Over the past several years, Russia has been accused of carrying out a significant number of cyber operations against Ukraine. Some of these might amount to crimes within the jurisdiction of the International Criminal Court (ICC). Other rogue States could also carry out harmful cyber operations in the near future.
Attacks, Threats, and Vulnerabilities
Deepfakes in Slovakia Preview How AI Will Change the Face of Elections (Bloomberg) Given the proliferation of AI deepfakes in the recent Slovakian election, it’s getting harder to tell who’s talking. But first…
North Korea goes phishing in South’s shipyards (Register) Kim Jong-un looks at industry's progress with green eyes, says South Korea's spy agency
North Korea's Lazarus Group upgrades its main malware (Register) LightningCan evades infosec tools in new and interesting ways
Mirai Botnet's New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught (NSFOCUS, Inc.) Several new Mirai variant families were widely deployed in September 2023, among which hailBot, kiraiBot and catDDoS are the most active.
Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown (Cisco Talos Blog) The threat actors behind the Qakbot malware have been conducting a campaign since early August 2023 in which they have been distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails.
Attackers Exploiting Atlassian Confluence Software Zero-Day (Bank Info Security) Hackers have weaponized a zero-day in a popular workspace collaboration tool to create administrator accounts and gain unrestricted access to their on-premises
Hundreds of malicious Python packages found stealing sensitive data (BleepingComputer) A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 downloads.
Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day (SecurityWeek) Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.
CVE: Zero-Day Privilege Escalation in Confluence Server & Data Center (Rapid7) On 10/4/2023, Atlassian published a security advisory on CVE-2023-22515, a privilege escalation vulnerability affecting Confluence Server & Data Center.
HUMAN Disrupts Digital Supply Chain Threat Actor Scheme Originating from China (HUMAN) HUMAN Security, Inc. announced it has disrupted a key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices, sold to end users through major retailers originating from repackaging factories in China.
Trojans All the Way Down: BADBOX and PEACHPIT (Human) BADBOX is a complex, interconnected series of fraud schemes, the scale of which is virtually invisible from the surface.
Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware (The Hacker News) From DragonEgg to LightSpy: Discover the hidden links between Android and iOS spyware, exposing a sophisticated network of surveillance.
'Looney Tunables' Bug Opens Millions of Linux Systems to Root Takeover (Dark Reading) The flaw poses a significant risk of unauthorized data access, system alterations, potential data theft, and complete takeover of vulnerable systems, especially in the IoT and embedded computing space.
Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions (The Hacker News) New Linux vulnerability (CVE-2023-4911) named Looney Tunables found in the GNU C library's dynamic loader. Exploitation could lead to root privileges.
Coming from inside the building: dark web recruitment of malicious insiders (CSO Online) Cybersixgill’s report details how cybercriminals recruit insiders to perform scans that are harder to track across several industries including telecom, financial services and government.
Lorenz ransomware embroiled in its own two-year data leak (Register) Data leakers become data leakees
Exposing Infection Techniques Across Supply Chains and Codebases (Trend Micro) This entry delves into threat actors' intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
Overlapping Components in the Shadows of Fraud Data (Fiverity) Financial fraud is a multifaceted challenge that requires both vigilance and data-driven intelligence. At FiVerity, our latest research reveals intriguing connections between confirmed fraud cases across multiple financial institutions. This post aims to help financial fraud analysts unpack the nuances of fraud types, detection methods, and the power of data-driven insights for effective prevention.
Lyca Mobile Services Significantly Disrupted by Cyberattack (SecurityWeek) International mobile network operator Lyca Mobile says a cyberattack has significantly disrupted its services in many countries.
Cyberattack on British telecom Lyca prevented customers from making calls, topping up (Record) The company began investigating after it became aware that customers were problems buying minutes and making calls.
Lyca Mobile Confirms Cyber Attack, Investigating Ransomware Possibility (Hackread) Lyca Mobile confirms a cyber attack impacting all markets except the US, Australia, Ukraine, and Tunisia.
Clorox Security Breach Linked to Group Behind Casino Hacks (Bloomberg) ‘Scattered Spider’ was tied to recent attacks on MGM, Caesars. Clorox announces that attack reduced sales and profit.
Clorox Warns of a Sales Mess After Cyberattack (Wall Street Journal) Cleaning giant says quarterly sales will drop at least 23% and it will post a deep loss after intrusion disrupted its business.
Sony confirms data breach impacting thousands in the U.S. (BleepingComputer) Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.
Sony sent data breach notifications to about 6,800 individuals (Security Affairs) Sony Interactive Entertainment has notified current and former employees and their family members about a data breach.
AWS warns of ‘ShellTorch’ issue affecting code related to AI models (Record) Researchers with Israeli firm Oligo published information about three critical issues with TorchServe, a part of the PyTorch project overseen by Amazon and Meta. The code helps companies build AI models into their businesses.
Global CRM Provider Exposed Millions of Clients’ Files Online (vpnMentor) Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained over 3 million records. The documents
Recent control system cyber cases can impact safe facility operation (Control Global) Internet Protocol network hacks and ransomware may not be able to be stopped, according to recent cases with Johnson Controls and Bentley-Nevada
Security Patches, Mitigations, and Software Updates
Apple emergency update fixes new zero-day used to hack iPhones (BleepingComputer) Apple released emergency security updates to patch a new zero-day security flaw exploited in attacks targeting iPhone and iPad users.
Apple releases iOS 17.0.3 to address iPhone 15 overheating issues (Computing) Update includes crucial bug fixes, security enhancements, and optimisations for improperly configured apps.
Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day (SecurityWeek) Atlassian confirms that “a handful of customers” were hacked via a remotely exploitable flaw in Confluence Data Center and Server instances.
New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks (SecurityWeek) Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models.
Cisco Releases Security Advisories for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
New Gmail protections for a safer, less spammy inbox (Google) Today, we’re announcing new requirements for bulk senders that will help keep Gmail safer and more spam-free.
The New Requirements for Email Delivery at Gmail - Valimail (Valimail - DMARC SaaS Platform) Google announced new changes coming to Gmail. Learn about all the requirements you need to meet to keep sending mail to Gmail inboxes.
Trends
AI in Cybersecurity (Enea) Findings from of a Worldwide AI Survey Reveals Survey on the Fears, Hopes and Plans of Cybersecurity Professionals
Half of Cybersecurity Professionals Report Increase in Cyber-Attacks
(Infosecurity Magazine) New research by ISACA has found that the cybersecurity skills gap is contributing to businesses' cybersecurity preparedness
Unveiling the Arsenal: Exploring Attacker Toolsets and Tactics (WithSecure) As organizations strengthen their defenses, attackers adapt, employing increasingly sophisticated toolsets to fly under the radar and achieve their objectives. Understanding these malicious toolsets and their distinct objectives is important in safeguarding against cyber threats.
Ransomware Dwell Time Hits Low of 24 Hours (Secureworks) In just 12 months the median dwell time identified in the annual Secureworks State of the Threat Report has freefallen from 4.5 days to less than one day.
2023 State of the Threat Report (Secureworks) Cyber threats have taken over 2023 and they show no sign of stopping. In this report, we explore some of the most recent, hard-hitting cyberattacks.
Accenture’s Cyber-Resilient CEO Report (Accenture) How confident CEOs are taking charge of cybersecurity
Service Leadership, Inc., a ConnectWise Solution, Unveils Annual IT Solution Provider Compensation Survey (GlobeNewswire News Room) Proprietary IT Industry Report Provides TSPs Compensation Data ...
Microsoft — most impersonated brand in 2023 (AtlasVPN) According to data presented by the Atlas VPN team, Microsoft was the most impersonated brand in 2023, accounting for 4.31% of phishing attempts.
Marketplace
Cyber Security M&A, Industry Reports, News & Funding Roundups (Pinpoint Search Group) Get the latest Cyber Security M&A reports from Pinpoint Search Group. Need help with your teams recruiting process? Contact us today about our custom executive search.
Cyber investor Cyberstarts unveils robust $480m opportunity fund (FinTech Global) Cyberstarts, a VC firm explicitly focusing on early-stage cybersecurity businesses, has secured a notable $480m for an opportunity fund.
BlackBerry to separate IoT and cybersecurity businesses, plans IPO (Reuters) Canadian technology company BlackBerry , said on Wednesday it would separate its Internet of Things (IoT) and cybersecurity business units and target a subsidiary initial public offering for the IoT business next fiscal year.
Okta Buys Personal Password Manager Uno to Service Consumers (Gov Info Security) Okta bought a password manager founded by a former Google engineer and backed by Andreessen Horowitz to get a foothold in the consumer identity market. Okta was
Chertoff Group Arm to Buy Trustwave From Singtel for $205M (Bank Info Security) The private equity arm of former Secretary of Homeland Security Michael Chertoff's advisory firm agreed to purchase MDR vendor Trustwave for $205 million. The deal
Elliott Is Exploring Sale of Technology Company Gigamon (Bloomberg) Gigamon makes tools similar to Splunk, which Cisco is buying. Private company could be valued at more than $2 billion.
Thales closes deal on Tesserent, strengthening its global cybersecurity business (Thales Group) Thales has today finalised the acquisition of Tesserent, one of Australia and New Zealand's largest cybersecurity companies, following Tesserent shareholders’ approval of the implementation of the binding Scheme and other required regulatory approvals. In a significant win for Australia’s sovereign cyber capability, this acquisition also reflects Thales's tremendous growth in its international cyber footprint, one of its most dynamic areas of development.
MEF Launches LATAM Executive Council to Drive Network Transformation (GlobeNewswire News Room) Council will bring important regional insight to MEF’s world-class Board and Technology Advisory Board to inform strategy, and priorities in LATAM....
Aqua Named CyberSecurity Company of the Year (Aquasec) 6th Annual International CyberSecurity Breakthrough International Awards Program Recognizes the Best Information Security Products and Companies
U.S. Navy Awards Sev1Tech $45 Million Contract for Logistics IT Support (Business Wire) Sev1Tech to provide services for the Program Executive Office for Manpower, Logistics, and Business Solutions’ portfolio of essential branch operations
Why Shares of CrowdStrike, Zscaler, and Cloudflare Got Tattooed Today (The Motley Fool) Rising long-term bond yields crushed high-growth stocks, despite favorable commentary from analysts.
Rapid7 opens new office and security operations center as it expands to Prague (Seeking Alpha) Rapid7 expands operations to Prague, opening a new office and security operations center to enhance global Managed Detection and Response services.
The Cyber Guild Celebrates the 'Who's Who' of Cybersecurity at Annual VIP Awards Reception (PR Newswire) The Cyber Guild held their third annual VIP Celebration and Awards ceremony on the evening of October 3 at the Army Navy Country Club,...
Secure Yeti Appoints Jayson E. Street as Chief Adversarial Officer to Spearhead Cybersecurity Empowerment (Dark Reading) Secure Yeti, a leading global cybersecurity firm, proudly announces the appointment of renowned hacker Jayson E. Street as its first Chief Adversarial Officer.
Myrna Soto Joins Huntress’ Board of Directors (Yahoo Finance) Armed with deep expertise in cybersecurity and understanding of the SMB market, Soto brings more than two decades of leadership experience to Huntress
Orca Security Appoints Oded Edri as Chief Financial Officer (Business Wire) Global Finance Executive Brings Decades of Operational & IPO Experience to Help Lead Company’s Next Phase of Growth; Arie Teter Promoted to Chief Product Officer
ReliaQuest announces appointment of executive Paul Shoukry to Board of Directors (ReliaQuest) ReliaQuest, the force multiplier of security operations, announced today that Paul Shoukry, Chief Financial Officer of Raymond James Financial, will join its Board of Directors.
Products, Services, and Solutions
Coalfire Revolutionizes the FedRAMP® Authorization Journey (PR Newswire) Coalfire, an industry-leading FedRAMP (Federal Risk and Authorization Management Program) advisory and assessment organization, today granted...
Secure Identity Alliance Joins Forces with the Identity Defined Security Alliance (PR Newswire) Secure Identity Alliance (SIA), the global non-profit association representing public and private actors and organizations across the secure...
Bitdefender Partners with prpl Foundation to Strengthen Customer Premise Equipment Security (Bitdefender) Partnership Delivers Cybersecurity Expertise Critical for Driving Standardized and More Secure Customer Premise Equipment Solutions to the Market
BastionZero and Docker Unveil OpenPubkey Integration to Enhance Software Supply Chain Security at DockerCon 2023 (GlobeNewswire News Room) Cryptographic protocol and Linux Foundation open source project selected to amplify container security with zero trust passwordless authentication....
DoControl Strengthens CrowdStrike Partnership with Availability for Purchase on the CrowdStrike Marketplace (PR Newswire) DoControl, the leading SaaS Security Platform (SSP), announced that it has expanded its partnership with CrowdStrike by making its SSP...
Android and iOS Users Can Now Create and Save Passkeys With Dashlane (Dashlane) Google released the first Android 14 developer, which contains changes that enable third-party apps like Dashlane to manage passkeys.
Okta Launches Passkey Support to Help Enterprises Unlock a Passwordless Future (Okta) Okta, Inc. (NASDAQ: OKTA), the leading independent Identity partner, announced support for passkeys in ...
Okta Launches Identity Threat Protection with Okta AI for Real-Time Detection and Response (Okta) Okta, Inc. (NASDAQ: OKTA), the leading independent Identity partner, announced Identity Threat Protecti...
Appfire Participates in Data Privacy Framework Program | Appfire (Appfire) Appfire has been included on the Data Privacy Framework participants’ list, maintained by the International Trade Administration within the US Department of Commerce.
New Real-Time Metrics Features Offer Enhanced Observability | Azion (Azion Technologies) Upgraded functionality will provide enhanced observability for applications, with powerful real-time visualization into performance, availability and security
Frontegg Receives Record Number of G2 Badges & Enters the Leaders Quadrant for CIAM Main Grid (Yahoo Finance) Based on strong user reviews, Frontegg was rated #1 in the CIAM Momentum Grid and entered the Leaders Quadrant in the CIAM Main Grid.
Cycode Recognized as the Best Application Security Solution by the 2023 Tech Ascension Awards (GlobeNewswire News Room) Cycode, the leading ASPM platform for code to cloud, has been named the Best Application Security Solution in the 2023 Tech Ascension Awards....
Opus Security Wins 2023 CyberSecurity Breakthrough Award (GlobeNewswire News Room) Recognized as Security Orchestration Solution of the Year...
Armis Announces Expanded Partnership with CrowdStrike (Armis) The Armis and CrowdStrike integration provides customers comprehensive, real-time exposure management capabilities to see, secure, protect and manage all critical assets.
Versa Networks Again Receives Highest Product Score for Large Global WAN Use Case in 2023 Gartner® Critical Capabilities for SD-WAN Report (Business Wire) Versa Networks Also Ranked Second Highest for the WAN for Small Branches Use Case, On-Premises Security Sensitive WAN Use Case, and Cloud-First WAN Use Case
AU10TIX Wins 7th Annual CyberSecurity Breakthrough Award for "Overall ID Management Solution Provider of the Year" (PR Newswire) AU10TIX, a global technology leader in identity verification and management, today announced that it has been named "Overall ID Management...
Halcyon Expands Channel Network to Better Deliver Ransomware Prevention and Protection (Business Wire) Ransomware Resilience Leader Expands Partner Ecosystem to Address More Cybersecurity Use Cases
American Express is First Card Issuer to Pilot Facial and Fingerprint Recognition (American Express) American Express is First Card Issuer to Pilot Facial and Fingerprint Recognition for Safer Online Checkouts
Technologies, Techniques, and Standards
CISA and NSA Release New Guidance on Identity and Access Management | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA and the National Security Agency (NSA) published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address risks that threaten critical infrastructure and national security systems.
What is Elliptic Curve Cryptography (ECC)? (Sectigo® Official) Sectigo® explains what elliptic curve cryptography (ECC) is, how it works, the benefits of this type of cryptography, the downsides & more.
Companies want to spend more on AI to defeat hackers, but there's a catch (CNBC) AI's impact on data breaches, and employee misuse of AI, play major roles in the cybersecurity budget planning process.
3 Ways to Build a Security-Minded Culture While Working Remote (GovTech) In a post-COVID environment, maintaining a cohesive culture of teamwork — and cybersecurity — can be a challenge, but there are strategies leaders can use ensure staff stay engaged.
Data never dies: The immortal battle of data privacy (Security Intelligence) When someone dies, that data becomes the responsibility of the estate; but what happens to the privacy rights around that information?
What Are the Three Pillars of Observability? (CrowdStrike) The three pillars of observability provide different insights into the health and functions of systems in cloud and microservices environments.
Design and Innovation
How humans can absorb artificial intelligence biases (Open Access Government) Research at Deusto University reveals that people can inherit artificial intelligence biases, potentially leading to systemic errors
Bing Is Generating Images of SpongeBob Doing 9/11 (404 Media) Microsoft's Bing Image Creator lets beloved characters fly planes toward tall buildings, illustrating the struggles of generative AI models have with copyright and filtering.
Research and Development
ARPA-H Invests $50M in Six Projects to Secure Health Data (Meritalk) The Advanced Research Projects Agency for Health (ARPA-H) is investing millions into projects that make advancements in technologies that protect the security of health data, the agency announced last week.
Using Deep Learning to Secure The CAN Bus From Advanced Intrusion Attacks (Semiconductor Engineering) A technical paper titled “CANShield: Deep Learning-Based Intrusion Detection Framework for Controller Area Networks at the Signal-Level” was published by researchers at Virginia Tech and others. “As modern vehicles become... » read more
Legislation, Policy, and Regulation
Coalition to give NGOs free access to cybersecurity services to protect against attacks (Record) The CyberPeace Institute announced Wednesday it will set up a portal with a coalition of cyber response teams to help non-governmental organizations, or NGOs, in the Netherlands protect themselves from cyberattacks.
Red Cross officials want civilian hackers to follow rules amid war. Here’s why. (Washington Post) The Red Cross tries to get a handle on civilian hackers amid the Russia-Ukraine war
DHS cyber boss talks China threats, fed’s AI plan and CISO outreach (SC Media) Iranga Kahangama, assistant secretary for Cyber, Infrastructure, Risk and Resilience at DHS, shares candid views on cybersecurity at InfoSec World 2023.
US Commerce head backs legislation to address TikTok, threats (Reuters) U.S. Commerce Secretary Gina Raimondo supports legislation giving the Commerce Department new tools to address foreign adversary-owned app information concerns, she said on Wednesday.
Treasury plots departmentwide contract to streamline cybersecurity services (FedScoop) The PROTECTS contract will focus on supporting the department's security operations center (SOC) functions with core services like SOC architecture, engineering, deployment, and management, incident management, vulnerability management, and more.
'It’s going to be huge': Cyber Command gains new authorities to hire & buy (Breaking Defense) Granted by Congress in the 2022 defense bill, the new authorities let Cyber Command handle matters traditionally reserved for the armed services.
New SEC Cyber Rules to Push Publics and Their Third Parties to Strengthen Programs (PR Newswire) Following the Securities and Exchange Commission's (SEC) adoption of new rules for cybersecurity risk management, strategy, governance, and...
Threat of US Government Shutdown Fuels Concerns About Cyber Vulnerabilities (VOA) Some cybersecurity firms warn cyberattacks against US government targets spiked in the weeks before a shutdown was averted
Litigation, Investigation, and Law Enforcement
Belgian intelligence service scrutinising Alibaba's presence at Liege airport (Reuters) Belgian officials are looking into risks around the presence of China's Alibaba Group Holding at a cargo airport in the city of Liege, the country's intelligence service VSSE said in a statement on Thursday.
School shooting hoaxes have terrorized kids across U.S. Who’s behind it? (Washington Post) Snow crunching under their feet, breaths coming quickly, the officers grabbed their duty rifles and ran toward Nouvel Catholic Central High School.
Menendez’s alleged sharing of information with Egypt risked lives of US embassy staff, ex-US official says (the Guardian) Former diplomat said senator’s allegedly corrupt actions could have put embassy staff in the sights of Egyptian intelligence
BREAKING: Blackbaud To Pay $49.5M To End States' Data Breach Probe (Law360) Blackbaud Inc. has agreed to pay $49.5 million to resolve claims brought by 49 states and the District of Columbia over the software company's security practices and its response to a 2020 ransomware attack that affected thousands of its customers, the parties said Thursday.