Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+601: ATACMS used against Russian military targets. (CyberWire) ATACMS's success is seen as an instance of Russian intelligence failure.
Russia-Ukraine war: List of key events, day 602 (Al Jazeera) As the war enters its 602nd day, these are the main developments.
WSJ News Exclusive | Ukraine Fires ATACMS Missiles at Russian Forces for the First Time (Wall Street Journal) The U.S. missiles have been secretly sent to Ukraine in recent days. The move marked the first time that the U.S-provided weapons have been used in the conflict.
Ukraine uses US-provided long-range ATACMS missiles against Russian forces for the first time (AP News) The United States has quietly delivered the long-range ballistic missiles Ukraine said it urgently needed, and Ukraine has started using them on the battlefield against Russia.
Ukraine 'destroys Russian helicopters in Berdyansk and Luhansk' (BBC News) Special forces say they hit nine aircraft at bases in occupied Berdyansk and Luhansk.
US long-range ATACMS missiles 'fired for first time' at Russian helicopters (The Telegraph) Ukrainian forces used American-supplied ATACMS missiles for the first time on Tuesday in attacks against two air bases in Russian-occupied territory.
Ukraine announces it’s received, and fired, US long-range missiles (Defense News) Ukraine is now using long-range U.S. missiles, known as ATACMS, on the battlefield.
Ukraine receives potentially game-changing long-range US missiles (Atlantic Council) Ukraine has finally received long-range ATACMS missiles from the United States and has begun deploying them against Russian targets, Ukrainian President Volodymyr Zelenskyy announced on October 17.
Inside Biden’s Reversal on Sending Long-Range Missiles to Ukraine (New York Times) The story is more complex than a caricature in Washington that President Biden is cautious to a fault, and says no until the pressure is insurmountable.
Inside Biden’s decision to secretly send longer-range U.S. missiles to Ukraine (POLITICO) Top officials were worried that Kyiv's offensive wasn't going well. So they had an idea.
Ukraine's special forces use daring raids and distraction tactics in bid to free Crimea (CNN) A swarm of Ukrainian jet skis races across the ocean under pitch black skies, visible only from the infra-red camera of a drone watching from above. They slow down as they approach the shore to avoid detection and hurry onto dry land.
The state of Russia's war on Ukraine as it nears 2024 (Atlantic Council) The current fighting season is still far from over in Ukraine, but it is already clear that the war unleashed by Putin in February 2022 will continue into the coming year, writes Mykola Bielieskov.
Ukraine’s neglected Danube region is a crucial front in the war with Russia (Atlantic Council) Ukraine's Danube ports are at the heart of efforts to bypass Russia's Black Sea naval blockade but years of neglect have left the Bessarabia region unprepared to play a key wartime role, writes Michael Druckman.
North Korea may be sending arms to Russia for Ukraine war, images suggest (Washington Post) Russian ships linked to military transport networks have collected cargo from North Korea and delivered it to an apparent Russian military port on multiple occasions over the past two months, according to new satellite images providing the clearest evidence yet that Pyongyang may be helping Moscow’s war effort.
Xi Jinping welcomes ‘dear friend’ Putin in Beijing (Telegraoh) The leaders have a shared vision for a new international order to counter the US and other democratic nations
Mutual praise, buzzwords plus a few walkouts: Xi and Putin meet in Beijing (the Guardian) Vladimir Putin lauded the success of ‘our Chinese friends’ at global forum, while Xi Jinping spoke out against international sanctions and ‘decoupling’
Russia-Ukraine war live: Moscow’s State Duma votes to revoke ratification of nuclear test ban treaty (the Guardian) Lower house of Russia’s parliament responds to push by Putin, but says it would not resume nuclear testing unless US does
Russia wants to isolate its internet, but experts warn it won’t be easy (Record) As Russia’s war with Ukraine drags on, the Kremlin has doubled down on its efforts to take control of the internet on its own turf.
Finland faces growing Russian online threat, Finnish security services say (the Guardian) Official at Finnish intelligence service says espionage attempts have increased since Ukraine invasion
Defending Ukraine from Russian cyber attacks was ‘hand-to-hand combat’: Mandiant exec. (Yahoo News) At Semafor’s Securing the Digital Future event, Mandiant's Sandra Joyce illustrated how cybersecurity experts defended Ukraine from relentless Russian cyber attacks in the early days of the invasion.
Attacks, Threats, and Vulnerabilities
Hamas Hijacked Victims’ Social Media Accounts to Spread Terror (New York Times) The use of hostages’ Facebook, Instagram and WhatsApp accounts to livestream attacks and issue death threats is a new tactic, experts said.
Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine (ComputerWeekly.com) Hacktivists have launched hundreds web defacement attacks against targets in Israel following the devastating attack by Hamas on Israeli civilians on 7 October 2023. Over 100 hacktivists launched over 500 attacks on web sites in Israel in the week following Hamas’ attack on party-goers in Kibbutz Re’im close to the Gaza border. The Hamas incursion, which led to 1,300 deaths was followed by a wave of defacement attacks Israeli websites to show support for Gaza and Palestine, according to researchers at Cambridge University. The hacking spree followed a similar patt
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict (Infosecurity Magazine) Hacktivists claim DDoS attacks against Israeli websites as cybersecurity experts urge caution in believing these cyber-criminals’ claims
Israel-Hamas war illuminates trouble with political hacking groups (Axios) The war between Israel and Hamas is reminding governments just how difficult it is to control politically motivated hacking groups.
ISRAEL GAZA CONFLICT : THE CYBER PERSPECTIVE (CYFIRMA) EXECUTIVE SUMMARY Various hacktivist groups have targeted critical infrastructure, government agencies, and organizations in both Israel and Palestine. The attacks...
Blast kills hundreds at Gaza hospital; Hamas and Israel trade blame, as Biden heads to Mideast (AP News) A massive blast hit a Gaza City hospital packed with wounded and other Palestinians seeking shelter, killing hundreds of people, the Hamas-run Health Ministry said.
In deadly day for Gaza, hospital strike kills hundreds (Reuters) Gaza's health ministry spokesman said an Israeli air strike on Tuesday killed hundreds of people at a hospital in the Palestinian enclave, but Israel said a Palestinian barrage had caused the blast.
What we know so far about the deadly strike on a Gaza hospital (Al Jazeera) Palestinian officials say at least 500 people were killed in an Israeli air raid on Al-Ahli Arab Hospital in Gaza.
Bodies of civilians pile up outside hospital as blame game threatens stability in Middle East (The Telegraph) IDF has claimed that Palestine Islamic Jihad group was behind hospital attack as protesters storm the Israeli embassy in Jordanian capital
Israel-Hamas latest news: 'Direct your outrage’ at Hamas over hospital bombing, says Israeli PM (The Telegraph) Prime Minister Benjamin Netanyahu said that the “entire world” should feel “outrage” at Hamas over the bombing of a Gaza hospital that killed hundreds.
Gaza's doctors struggle to save hospital blast survivors as Middle East rage grows (AP News) Doctors in Gaza City have performed surgery on hospital floors often without anesthesia in a desperate bid to save badly wounded victims of a massive blast that killed civilians sheltering in a nearby hospital.
Social Media Users Accuse Facebook and Instagram of Suppressing Pro-Palestinian Posts (New York Times) Meta has cautioned that some content might be temporarily suppressed or suspended as it sifts through millions of posts spreading across its platforms.
Hamas' social media following has skyrocketed since its attack. America is powerless to stop it (CNN) Hamas is barred from most social media platforms. But its following has surged on popular messaging app Telegram since its October 7 terror attack on Israel.
Community Notes and war crimes (Conspirador Norteño) X's community fact checking system has thus far been inadequate in multiple ways at addressing the flood of online misinformation regarding the Israel-Hamas war
Tracking Cellphone Data by Neighborhood, Israel Gauges Gaza Evacuation (New York Times) The Israeli military says the tracking and the call to evacuate are to preserve as many civilian lives as possible during an expected ground invasion, even as deadly airstrikes continue.
Chilean government warns of Black Basta ransomware attacks after customs incident (Record) The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday.
TV advertising sales giant affected by ransomware attack (Record) Ampersand — co-owned by Comcast Corporation, Charter Communications and Cox Communications — confirmed it had dealt with a ransomware incident but declined to say when the attack occurred or whether a ransom would be paid.
Qubitstrike - An Emerging Malware Campaign Targeting Jupyter Notebooks (Cado Security) Cado Security Labs researchers have discovered a new cryptojacking campaign targeting exposed Jupyter Notebooks.
D-Link breach exposes customer information (Computimg) Taiwanese networking equipment vendor D-Link has confirmed a data breach that exposed personal information of customers and employees. The breach apparently occurred after a phishing attack led to an employee granting the attacker access to D-Link's internal network.
Threat Spotlight: How bad bot traffic is changing (Barracuda) Once used primarily by search engines, bots now have a variety of uses — both good and bad. The good bots are primarily search engine crawlers and other similar bots used for aggregating or monitoring content.
SpyNote Android malware spreads via fake volcano eruption alerts (BleepingComputer) Android malware 'SpyNote' was seen in an Italy-focused campaign that uses a phony 'IT-alert' public alert service website to infect visitors.
‘Etherhiding’ Blockchain Technique Hides Malware in WordPress Sites (Dark Reading) The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers.
Critical Vulnerabilities Expose Weintek HMIs to Attacks (SecurityWeek) Weintek has patched critical and high-severity vulnerabilities found in its cMT series HMIs by industrial cybersecurity firm TXOne.
Phishing-as-a-Service Strox Lets Hackers Phish any Brand by Submitting its Logo (GBHackers on Security) The ever-evolving world of cybercrime has given birth to a disturbing phenomenon – Phishing-as-a-Service (PhaaS), sends shivers of cybersecurity experts is Strox.
AI Chatbots Can Guess Your Personal Information From What You Type (WIRED) The AI models behind chatbots like ChatGPT can accurately guess a user's personal information from innocuous chats. Researchers say the troubling ability could be used by scammers or to target ads.
Researchers warn of increased malware delivery via fake browser updates (Help Net Security) ClearFake is likely operated by the threat group behind the SocGholish "malware delivery via fake browser updates" campaigns.
Twitter glitch allows CIA informant channel to be hijacked (BBC News) US spies and informants could have been directed to hostile nations through a CIA mistake made on X.
Active Exploitation of Cisco IOS XE Zero-Day Vulnerability (Rapid7) On October 16, Cisco’s Talos group released a blog on an active threat campaign exploiting CVE-2023-20198, a zero-day vuln in Cisco IOS XE software.
Hackers Using Remote Admin Tools To Compromise Organizations With Ransomware (GBHackers on Security) Cybercriminals behind the AvosLocker ransomware attack employed a tactic of infecting organizations through Open-Source Remote Administration Tools.
Security Patches, Mitigations, and Software Updates
Phosphorus Releases Mitigation Solutions for Critical Cisco IOS XE Zero-Day Vulnerability (GlobeNewswire News Room) Phosphorus is releasing new security features to help organizations discover, assess and mitigate any devices exposed to Cisco's IOS XE zero-day....
CISA Releases Two Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) Mitek (NASDAQ: MITK) is pleased to announce the appointment of Gillian Channer as the Vice President of Identity Product Management. With a distinguished career spanning product management, business operations, and technology thought leadership, Gillian brings a wealth of experience and industry insight to her new role.
Google Authenticator synchronization raises MFA concerns (Security | TechTarget) Google's Authenticator app was updated this year with a new synchronization feature for MFA codes, but experts warn of potential risks.
Trends
Cookies Study: 40% of Americans Blindly Accept Internet Cookies, But Most Don't Know What They Do (All About Cookies) Internet cookies are vital to the internet, but many people don't know what they do. We surveyed 1,000 U.S. adults to find out how much people know, and more.
Netskope Threat Labs: Highest Percentage of Cybercrime Activity Originates in Russia, While China is Most Geopolitically Motivated (Netskope) New research uncovers most popular techniques and motivators used by adversaries in 2023
Top Adversary Tactics and Techniques (Netskope) This edition of the Netskope Cloud and Threat Report focuses on the tactics and techniques that were most commonly used against Netskope customers in 2023.
Highest percentage of cybercrime activity originates in Russia: Netskope Report - ETCIO SEA (ETCIO.com) Netskope found that the top criminal adversary groups were based in Russia and Ukraine, and the top geopolitical threat groups were based in China.
2023 State of the Threat Report (Secureworks) Cyber threats have taken over 2023 and they show no sign of stopping. In this report, we explore some of the most recent, hard-hitting cyberattacks.
The State of Zero Trust Security 2023 | Okta (Okta) It’s official: Zero Trust has gone mainstream. In just two years, adoption of this modern security framework has more than doubled, with 61% of organizatio...
Looking into TUT’s tomb: the universe of threats in LATAM (Virus Bulletin) Like in the excavation of the tomb of Pharaoh Tutankhamun, a.k.a. King Tut, the threat landscape in Latin America is shrouded in mystery, mostly because the evolution of malicious campaigns in the region doesn’t get much attention.
2023 AT&T Cybersecurity Insights Report: Focus on Manufacturing (AT&T Cybersecurity) Based on the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem, this report focuses on manufacturing companies worldwide. It explains how edge comput
The Righteous Moraliser - a new kind of insider threat (Computing) The risk of insider threats has long been high on the agenda of information security professionals.
Marketplace
Prove Identity Snags $40M Funding for ID Verification Tech (SecurityWeek) Startup with roots in the ecommerce mobile payments space raises $40 million for digital identity verification and authentication technology.
Darwinium Raises $18 Million to Accelerate Global Adoption of its Edge-based Digital Security and Fraud Prevention Platform (Business Wire) Led by U.S. Venture Partners, Darwinium’s Series A brings its total funding to $26 million, positioning it to capitalize on the demand for its disruptive approach to curbing online fraud
Anonybit Raises $3 Million for Biometric Authentication Platform (SecurityWeek) Anonybit has raised $3 million in seed funding extension for its biometric authentication and data protection solutions.
Tines Report Finds More than Half of Security Professionals Likely To Switch Jobs Next Year (PR Newswire) Tines, the trusted leader in smart, secure workflows, published the 2023 Voice of the SOC report, which examines job satisfaction and workloads...
Nozomi Networks Celebrates 10 Years of Innovation in OT and IoT Cybersecurity (Nozomi Networks) Extensive history of successful innovation continues to challenge the norm and drive better cybersecurity for industrial and critical infrastructure worldwide
ReliaQuest Founder and CEO Honored by Goldman Sachs for Entrepreneurship (Business Wire) Brian Murphy Among the Most Exceptional Entrepreneurs at 2023 Builders and Innovators Summit
Mitek Appoints Technology Veteran Gillian Channer as Vice President of Identity Product Management (Business Wire) Mitek (NASDAQ: MITK) is pleased to announce the appointment of Gillian Channer as the Vice President of Identity Product Management. With a distinguished career spanning product management, business operations, and technology thought leadership, Gillian brings a wealth of experience and industry insight to her new role.
Illumio Names Ben Verghese as Chief Technology Officer (GlobeNewswire News Room) Promotion to CTO comes as the Zero Trust Segmentation market experiences exponential growth...
Cyware Appoints Boyar Naito as Senior Director of Partnerships and Business Development (Business Wire) Cyware, the leader in threat intelligence management, security collaboration, and orchestrated response, is pleased to announce the appointment of Boyar Naito as its new Senior Director of Partnerships and Business Development. Naito, with his extensive experience in the tech space, will provide invaluable guidance for Cyware’s business growth and partnerships.
James Wallace Appointed Chief Legal Officer & General Counsel at Forcepoint G2CI (GovCon Wire) Looking for the latest GovCon News? Check out our story: James Wallace Appointed Chief Legal Officer & General Counsel at Forcepoint G2CI. Click to read more!
Iron Bow Names Don Cook as Vice President of Sales for SLED (Business Wire) Iron Bow Technologies, the leading technology solutions provider to government, education, commercial, and healthcare markets, today announced seasoned industry sales leader, Don Cook, as its new Vice President of Sales for state and local governments and educational institutions (SLED).
CrowdStrike hires Sophos’ Andrew Goodlace to lead A/NZ channel (ARN) Cyber security vendor CrowdStrike has hired Sophos’ regional director Andrew Goodlace to lead its Australia and New Zealand channel.
Tenable Names Cybersecurity Expert Meg O’Leary Chief Marketing Officer (Tenable®) Tenable®, the Exposure Management company, today announced the appointment of Meg O’Leary as chief marketing officer (CMO).
Products, Services, and Solutions
Prisma Cloud: Darwin Release Introduces Code-to-Cloud Intelligence (Palo Alto Networks Blog) Prisma Cloud delivers full cloud security to address risks throughout the application lifecycle and prevent breaches with innovations in the latest release.
Palo Alto Networks Revolutionizes Cloud Security With Industry-First Integrated Code to Cloud Intelligence (Palo Alto Networks) Prisma Cloud's "Darwin" release simplifies cloud security and improves productivity and collaboration across code, infrastructure and runtime security for developers, operations and security teams...
Kaspersky and TSplus partner to create cyber immune solutions for remote workers (ETCIO.com) Kaspersky and TSplus will also take the opportunity to demonstrate their collaborative success to representatives of enterprises, governments, and the academic community in order to raise awareness and establish the demand for Cyber Immune solutions.
Datadobi Accelerates Channel Momentum with StorageMAP, the Premier Platform for Unstructured Data Management (Datadobi) Newly Enhanced DatadobiDriven Program Achieves Milestone with Over 1,000 Certified. Appoints Ron Wagner, Director of Global Channel Strategy and Partner Business Development
Android and iOS Users Can Now Create and Save Passkeys With Dashlane (Dashlane) Google released the first Android 14 developer, which contains changes that enable third-party apps like Dashlane to manage passkeys.
Parallels Enhances Automation and Security Capabilities, Optimizes End-User Computing Solution for Enterprise Environments (GlobeNewswire News Room) Latest updates to Parallels RAS double down on easier deployments, workload provisioning and automation, security, and user experience — enabling cost...
Keeper Security Protects Against Supply Chain Attacks with New Open Source Project (PR Newswire) Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged...
Guardforce AI Has Secured a Three-Year Contract with a Leading Japanese Retailer for its End-to-End Cash Management Solution Including Guardforce Digital Machine in Thailand (GlobeNewswire News Room) Guardforce AI Co., Limited (“Guardforce AI” or the “Company”) (NASDAQ: GFAI, GFAIW), an integrated...
AirPak taps ThetaRay to strengthen its AML programme (Paypers) Remittance services provider across Central America AirPak has partnered with Israel-based AI-driven transaction monitoring solution ThetaRay.
Optery Releases API Enabling Businesses to Embed Its Award-Winning Personal Data Removal Software Into Their Applications (GlobeNewswire News Room) Optery helps businesses provide automated, continuous data broker scanning and privacy opt outs to protect their customers from digital and physical...
Urban Outfitters Inc. Partners with Brivo to Enhance Employee and Visitor Security Across National Distribution Centers (EIN News) Company Integrates Brivo Cloud-Based Access Control to Remotely Secure Assets Across the Country
Nyriad Unveils Storage-as-a-Service (STaaS) Offering that Provides Game-Changing Simplicity and Flexibility (Nyriad) Nyriad today announced the launch of UltraIO-as-a-Service, an on-premise Storage-as-a-Service (STaaS) offering tailored to meet the ever-increasing data management demands of modern enterprises.
Checkmarx Announces Technology Partner Program to Enable the Industry's Most Extensible, Code-to-Cloud Enterprise AppSec Ecosystem (PR Newswire) Checkmarx, the industry leader in cloud-native application security for the enterprise, today announced its Checkmarx Technology Partner...
Technologies, Techniques, and Standards
The FAIR Institute Launches "HowMaterialisThatHack.org" to Help Risk Officers, Shareholders, and Insurance Carriers Assess "Materiality" for High-Profile Hacks (PR Newswire) Today, at its annual FAIR Conference, the FAIR Institute announced the launch of 'How Material Is that Hack', an online resource dedicated to...
NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics (SecurityWeek) NSA has released Elitewolf, a repository of intrusion detection signatures and analytics for OT environments.
NIST to issue cyber updates, introduce new security controls (Nextgov.com) The changes, which are open to public comment, focus on user identity management and protecting cryptographic keys, among other security protocols.
CISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency (Cybersecurity and Infrastructure Security Agency | CISA) The Cybersecurity and Infrastructure Security Agency (CISA) collaborates with public safety, national security, and emergency preparedness communities to enhance seamless and secure communications to keep America safe, secure, and resilient. Any interruption in communications can have a cascading effect, impacting a public safety agency’s ability to deliver critical lifesaving services to the community.
CISA ramps up efforts to shift cybersecurity responsibilities onto software developers (Nextgov.com) The nation’s cyber defense agency released new guidance alongside 17 domestic and international partners.
The Pentagon is running out of time to get zero trust right (C4ISRNet) A successful zero trust transition demands more than technological prowess—it requires a reorientation of mindset and strategy.
New Research from ESG and Mend.io Reveals Key Best Practices for Application Security Effectiveness (Mend) New research sponsored by Mend.io and conducted by TechTarget’s Enterprise Strategy Group (ESG) found application security programs struggle to scale to meet the demand brought about by rapid development.
Former NSA Director: AI is ‘double-edged sword’ for cybersecurity (The Hill) Mike Rogers, former director at the National Security Agency, said during a Tuesday event that artificial intelligence is a “double-edged sword” from the government cybersecurity perspective, bring…
ISA MLM-38A ‘Identifying Control System Cyber Incidents’ has been issued (Control Loop) The International Society of Automation has approved MLM 38A, “Identifying Control System Cyber Incidents”–why is this important?
Design and Innovation
DigiCert Global Study: Preparing for a Safe Post-Quantum Computing Future (DigiCert) DigiCert released the results of a global study exploring how organizations are addressing the post-quantum computing threat and preparing for a safe post-quantum computing future. Key findings reveal that while IT leaders are concerned about their ability to prepare in the timeframes needed, they are hampered by obstacles which include lack of clear ownership, budget and executive support.
Preparing For A Quantum-Safe Future (DigiCert) Quantum computing poses an unprecedented threat to data security. Organizations must overcome several barriers on the path to preparing for a safe post-quantum computing future.
A ‘Godfather of AI’ Calls for an Organization to Defend Humanity (WIRED) Yoshua Bengio’s pioneering research helped bring about ChatGPT and the current AI boom. Now he’s worried AI could harm civilization and says the future needs a humanity defense organization.
Research and Development
New Tech and Cyber Threats Drive Sweeping $9 Billion JADC2 Development Effort (Defense Security Monitor) Over $9 billion will be spent into the next decade on the Joint All-Domain Command and Control (JADC2) program, a sweeping R&D effort of the U.S. Air Force, Army, and Navy. While there are man…
DatChat Receives Notice of Allowance for its Patent Application "Technology Platform for Providing Secure Group-Based Digital Access to Sets of Digital Assets" (GlobeNewswire News Room) Technology will Power Its New Interactive
Academia
Augusta University recognized for cybersecurity efforts with the prestigious CSO50 Award (Jagwire) Augusta University was recently recognized with the 2023 CSO50 Award, given to organizations and individuals for their exceptional cybersecurity and thought leadership contributions to the field.
Legislation, Policy, and Regulation
Interoperability and rule of law underline government strategies in tackling cyber threats (Gov Insider) High-level panels at Singapore International Cyber Week (SICW) 2023 highlighted the need to build greater synergy across different systems and establish rules and norms to instill greater confidence among citizens of an inclusive digital transformation.
They Supported Air Strike Victims. Then They Were Doxed and Arrested (WIRED) Myanmar’s military junta is increasing surveillance and violating basic human rights. The combination of physical and digital surveillance is reaching dangerous new levels.
Pro-SAC Digital Offensive (Myanmar Witness) Doxxing and arrests against social media users following the deadly Kanbalu airstrikes
The US Just Escalated Its AI Chip War With China (WIRED) The American government has tightened its restrictions on exports of chips and chipmaking equipment, closing loopholes that let Chinese companies access advanced technology.
Five Eyes intelligence chiefs warn of ‘sharp rise’ in commercial espionage (Record) Speaking on the same stage for the first time, the agency heads presented five principles they wanted businesses to adopt to keep staff and information secure.
Allied Spy Chiefs Warn of Chinese Espionage Targeting Tech Firms (New York Times) F.B.I. officials say more than half of Chinese spying efforts aimed at stealing technology occurs in Silicon Valley.
Mandia: China replaces Russia as top cyber threat (CyberScoop) Beijing's growing sophistication in cyberspace is making China an increasingly potent adversary, according to Kevin Mandia.
Lone senator stymies cyber legislation in Senate (Washington Post) For much of the last few years, Congress has delivered a bevy of bipartisan cybersecurity bills to the president’s desk.
Federal Cyber Chief Tells Agencies to Tap Brakes on AI (Wall Street Journal) Federal agencies have pitched more than 1,000 use cases for generative artificial intelligence, but the U.S. government’s cybersecurity chief wants risks associated with the technology properly addressed before they can press ahead.
Federal Report Proposes Harmonization of Divergent Cyber Incident Reporting Regimes (JD Supra) On September 20, 2023, the U.S. Department of Homeland Security released a report outlining the varied and sometimes conflicting reporting...
Cyber experts applaud White House cybersecurity plan (Security Intelligence) The Biden Administration has released its plan for implementing the new national cybersecurity strategy.
Litigation, Investigation, and Law Enforcement
Sovereign Immunity Is Alive and Well, Even After a Cyberattack (JD Supra) As highlighted in the Data Security Incident Response Report, government entities such as universities, medical centers, public utilities and...
Delete-your-data laws have a perennial problem: Data brokers who fail to register (Record) Laws requiring data brokers to register with state governments are not protecting the public the way they should, experts say, because enforcement has been inadequate.
Colorado Court OKs Use of Google Search Data in Murder Case (Bloomberg) Ruling is first test of legality of keyword search warrants. Suspect had been found to Google the address 14 times.
Tech CEO Sentenced to 5 Years in IP Address Scheme (KrebsOnSecurity) Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan's sentencing comes nearly two years after he pleaded guilty to using an elaborate network…