Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+602: A hacktivist auxiliary versus a privateer. (CyberWire) River crossings by Ukraine aim at establishing bridgeheads over the Dnipro. Ukrainian hacktivists disrupt a Russian privateer. The SBU describes early hunt-forward missions conducted with US Cyber Command.
Russia-Ukraine war at a glance: what we know on day 603 of the invasion (the Guardian) Putin calls delivery of ATACMS long-range missiles ‘another mistake’ by US; Russian foreign minister arrives in North Korea ahead of expected Putin trip
Ukrainian forces cross Dnipro river in major tactical advance (The Telegraph) Analysts say ‘high-risk, high-reward’ amphibious operation may soon begin after bridgehead secured in Russian-held terrain
Putin calls US supply of ATACMS weapons to Ukraine ‘another mistake’ (the Guardian) Russia’s president makes first public comments since Ukrainian strikes on airfields in Russian-held territory
Biden has not supplied Ukraine with the war-winning ATACMS missile (The Telegraph) The US has sent an obsolete, shorter-ranged version
Russian foreign minister thanks North Korea for supporting its war in Ukraine (Reuters) Russian Foreign Minister Sergei Lavrov thanked North Korea for supporting the country's war efforts in Ukraine and pledged Moscow's "complete support and solidarity" for North Korean leader Kim Jong Un, Russia's foreign ministry said.
Lithuanian President Gitanas Nauseda warns of Ukraine support ‘fatigue’ during visit to Melbourne (Herald Sun) A visit to Melbourne by the leader of Lithuania has cemented closer ties with Victoria in fields like cyber security and fintech as he called for continuing support for Ukraine.
Russian-American journalist detained in Russia for violating foreign agents law (the Guardian) Alsu Kurmasheva reportedly detained due to Radio Free Europe coverage of Russia’s military mobilisation for Ukraine invasion
It’s Time for America to Join the International Criminal Court (Foreign Affairs) Holding Putin to account will require offering the court more than just intelligence.
Attacks, Threats, and Vulnerabilities
War Tests Israeli Cyber Defenses as Hack Attempts Soar (Bloomberg) With the Israel-Hamas war in its second week, cybersecurity experts are seeing an increasing number of hacker groups enter the fray seeking to sow chaos online. The damage so far has been limited.
These Israelis are fighting Hamas on the war’s emerging ‘deepfake’ cyberfront (Times of Israel) Generated by artificial intelligence, false footage of the Israel-Gaza war has been inundating media outlets around the world since the October 7 Hamas massacres
Hamas turns to social media to get its message out — and to spread fear (Washington Post) Unmoderated messaging services and gruesome video from a deadly Gaza hospital strike have helped Hamas prosecute its ‘video jihad’
Navigating the Mis- and Disinformation Minefield in the Current Israel-Hamas War (ZeroFox) In the age of digital media, conflicts are not limited to the battleground. Across the ongoing Israel-Hamas War, an information war rages on social media
U.S. says Israel ‘not responsible’ for Gaza hospital blast; Biden announces ‘unprecedented’ aid package in speech (Washington Post) In a statement Wednesday, White House spokeswoman Adrienne Watson said the current U.S. assessment, based on “overhead imagery, intercepts and open source information,” found that Israel was “not responsible” for the blast at the al-Ahli Hospital in Gaza.
Three clues the Ahli Arab Hospital strike came from Gaza (The Telegraph) Footage of the explosion, along with images of the aftermath, suggest the Israeli military may not have been responsible
Al-Ahli Arab hospital: piecing together what happened as Israel insists militant rocket to blame (the Guardian) Open-source information gives an idea of what happened at the hospital where hundreds were killed
Opinion Israel was judged guilty of bombing a Gaza hospital before the evidence was in (Washington Post) In their compelling new book, “Conflict: The Evolution of Warfare From 1945 to Ukraine,” retired Gen. David Petraeus and historian Andrew Roberts write: “There are currently five widely recognized dominions of warfare — land, sea, air, cyber and space — but it appears that a sixth should be added, namely information, which is more important now than ever before.”
Who’s Responsible for the Gaza Hospital Explosion? Here’s Why It’s Hard to Know What’s Real (WIRED) A flood of false information, partisan narratives, and weaponized “fact-checking" has obscured efforts to find out who’s responsible for an explosion at a hospital in Gaza.
‘Verified’ OSINT Accounts Are Destroying the Israel-Palestine Information Ecosystem (404 Media) The problem with profit and engagement driven misinformation from pseudo-OSINT accounts during the Israel-Palestine conflict is "unprecedented." One expert said after Musk's recent changes "all hell broke loose."
Israel floods social media to shape opinion around the war (POLITICO) Since Hamas’ attack, Israel has pushed dozens of online ads, including graphic videos, to millions of people to drum up support for its actions.
Government-backed actors exploiting WinRAR vulnerability (Google) Google's Threat Analysis Group analyzes recent state-sponsored campaigns exploiting the WinRAR vulnerability, CVE-2023-38831.
Google links WinRAR exploitation to Russian, Chinese state hackers (BleepingComputer) Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems.
Russia and China-backed hackers are exploiting WinRAR zero-day bug (TechCrunch) Google security researchers say hackers, including the notorious Russian hacking unit Sandworm, are exploiting the WinRAR zero-day bug.
State-sponsored APTs are leveraging WinRAR bug (Help Net Security) A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR.
More than 40,000 Cisco switches and routers could be infected (Washington Post) ‘I think we have a problem’ — a critical vulnerability has been exploited on a widespread level
Ransomware actor exploits unsupported ColdFusion servers—but comes away empty-handed (Sophos News) Multiple LockBit knock-off attacks in September targeting obsolete software foiled, exposing tactics and tools.
North Korea's Kimsuky Doubles Down on Remote Desktop Control (Dark Reading) The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.
Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps (The Hacker News) Korean hacking group Lazarus Group targets defense industry and nuclear engineers with fake job interviews, using trojanized VNC apps to steal data an
Kaspersky uncovers APT campaign targeting APAC government entities (Kaspersky) Kaspersky researchers have discovered a persistent campaign compromising a specific type of secure USB drive, used to provide encryption for safe data storage. Dubbed 'TetrisPhantom,' this espionage effort targets government entities in the Asia-Pacific region (APAC), and shows no discernible overlap with any known threat actor. These and other findings are detailed in Kaspersky’s new quarterly APT threat landscape report.
TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments (The Hacker News) A sophisticated campaign known as TetrisPhantom is targeting APAC government entities, covertly harvesting sensitive data via secure USB drives.
Atlassian Confluence Data Center and Server CVE-2023-22515 BAC Vulnerability Analysis and Exploitation (CYFIRMA) EXECUTIVE SUMMARY In an exclusive analysis conducted by the CYFIRMA Research team, a critical zero-day vulnerability, CVE-2023-22515, has been unveiled...
New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager (The Hacker News) A vulnerability in Synology's DSM has been revealed, allowing attackers to remotely hijack admin accounts.
Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability (SecurityWeek) Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198.
Exploring The Malicious Usage of QR Codes (SlashNext |) Discover the types of QR code threats, including quishing and QRLJacking. Learn why QR phishing is effective, how it exploits user trust and bypasses security filters.
Cybercriminals are Targeting Plastic Surgery Offices and Patients (IC3) The FBI is warning the public about cybercriminals who target plastic surgery offices, surgeons thereof, and patients to harvest personally identifiable information and sensitive medical records, to include sensitive photographs in some instances.
Recent NetScaler Vulnerability Exploited as Zero-Day Since August (SecurityWeek) Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August.
The forgotten malvertising campaign (Malwarebytes) A sophisticated threat actor has been using Google ads to deliver custom malware payloads to victims for months while flying under the radar.
D-Link Confirms Breach, Rebuts Hacker's Claims About Scope (Dark Reading) The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.
D-Link confirms data breach, but downplayed the impact (Security Affairs) Taiwanese manufacturer D-Link confirmed a data breach after a threat actor offered for sale on BreachForums stolen data.
D-Link Says Hacker Exaggerated Data Breach Claims (SecurityWeek) Hacker claims to have breached D-Link and is offering to sell stolen data, but the company says the claims are exaggerated.
Over 40,000 admin portal accounts use 'admin' as a password (BleepingComputer) Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks.
Hacker leaks millions more 23andMe user records on cybercrime forum (TechCrunch) The same hacker who leaked stolen 23andMe user data two weeks ago published new data that appears to have been stolen from the genetic testing service.
Hacker leaks millions of new 23andMe genetic data profiles (BleepingComputer) A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum.
Flagstar latest of 60 banks affected by MoveIt breaches (American Banker) The bank suffered its third breach in three years, this time by virtue of a vulnerability in Progress Software's file-transfer system. But Flagstar is only one of many such victims.
PhilHealth estimates 13 to 20 million members affected by data breach (INQUIRER.net) An estimated 13 to 20 million individual data had been leaked due to the ransomware attack on the Philippine Health Insurance Corporation (PhilHealth), the state insurance
City of Harlingen recovering from cyberattack (KRGV) Phone services were restored Monday after the city of Harlingen was hit by a cyberattack that caused phone and internet services to be knocked out across all city departments.
Russian hackers linked to Harlingen cyber attacks (KVEO-TV) HARLINGEN, Texas (ValleyCentral) — The City of Harlingen confirmed its data system cyber attack originated from Russia. According to Gabe Gonzalez, Harlingen City Manager, the cyber attack encrypte…
Data breach sees two internal RGP folders become visible to Borders & Coastguard officers (GBC) Gibraltar News, GBC News, Latest Gibraltar News
Security Patches, Mitigations, and Software Updates
Microsoft disables bad spam rule flagging all sent emails as junk (BleepingComputer) Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies (BCC) of outbound emails mistakenly flagged as spam.
Trends
GuidePoint Research and Intelligence Team’s (GRIT) 2023 Q3 Ransomware Report Examines the Continued Surge of Ransomware Activity (GuidePoint) Latest Quarterly Ransomware Analysis from GuidePoint Security’s Threat Intelligence Team Highlights Increased Threats and Observed Groups
CISOs’ biggest worry in new role is inaccurate data on security posture (Panaseer) The 2024 Security Leaders Peer Report looks at the conundrum many CISOs are facing surrounding the purpose and value of security controls data in supporting critical business decisions.
The evolution of deception tactics from traditional to cyber warfare (Help Net Security) Cyber warfare and attackers pose a constant threat, evolving their tactics as state-sponsored actors and individual cybercriminals adapt.
Horizons of identity security - Report | SailPoint (SailPoint) See where your organization is on the identity journey and learn next steps with information on technology advances that will shape the future of identity.
Top Threats to Cloud Computing: Pandemic 11 Deep Dive (CSA) Threat models of the LastPass breach, Dropbox breach, Uber breach, and more, analyze the relevant cloud computing vulnerabilities and threats.
Marketplace
Israeli Cybersecurity Startups: Impact of a Growing Conflict (Dark Reading) For Israeli startups and those closely linked to the country, the deepening crisis in the Middle East following the deadly Hamas attacks of Oct. 7 pose a fraught mix of complications.
Major cyber attack could cost the world $3.5 trillion -Lloyd's of London (Reuters) A major cyber attack on a financial services payments system could lead to global losses of $3.5 trillion, with much of it not covered by insurance, commercial insurance market Lloyd's of London (SOLYD.UL) said on Wednesday.
Major Cyber Attack Could Cost Global Economy $3.5 Trillion: Lloyd's (Insurance Journal) A cyber attack on a major financial services payments system could result in widespread business disruptions, potentially costing the global economy $3.5
Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion (Record) Researchers found that a global attack would shave off trillions in gross domestic product over a five-year period, with the United States the worst hit, followed by China and Japan.
Australian data encryption cybersecurity startup CipherStash raises $3M (SiliconANGLE) Australian data encryption cybersecurity startup CipherStash raises $3M - SiliconANGLE
Prove Identity raises $40 million to boost its digital identity solutions (Help Net Security) Prove Identity announced a $40 million funding round. The funds will be used to launch new commerce enablement and fraud-fighting use cases
Zygon raises $3M in seed funding to create security solutions for the SaaS era (Business Wire) Founded by three French American experts in data protection and AI, Zygon comes out of stealth mode to release an automated solution to manage companies’ security posture at the scale of SaaS.
Harmonic Security launches to help organizations use generative AI safely (Business Wire) Raises $7m to mitigate against ‘wild west’ of unregulated AI apps harvesting company data
Cybersecurity M&A Roundup for First Half of October 2023 (SecurityWeek) More than a dozen cybersecurity-related M&A deals were announced in the first half of October 2023.
Google and Other Alphabet Units Laid Off Staff as Industry Resumes Cost Cuts (The Information) Google and its parent company Alphabet has quietly laid off staff, spokespeople for the conglomerate said, as tech firms continue to tighten their belts following a marked slowdown in business growth. Divisions such as Google News, Alphabet’s healthcare analytics subsidiary Verily and ...
HPE North America layoffs, new hires come as part of 'specialty-led hunting' transformation (CRN) HPE is implementing a new ‘specialty-led hunting’ go-to-market model that includes the hiring of new sales specialists
Amentum Awarded $326.9 Million C5ISR Research Contract Driving Advanced and Emerging Technologies for the U.S. Army (Business Wire) Amentum has been awarded a five-year contract with a maximum value of $326.9 million by the U.S. Army to continue its important work on command, control, communication, computers, cyber, intelligence, surveillance and reconnaissance (C5ISR) systems. Amentum will engineer, integrate and test advanced prototype technologies and systems. The Army is managing the program out of the Aberdeen Proving Grounds in Maryland.
MSAB wins significant business in North America (MSAB) MSAB wins significant business in North America MSAB (Micro Systemation AB, publ), a world-leading company in digital forensics, receives an order of 10 MSEK from a federal authority in North America. “It is gratifying that we receive a substantial order already two weeks into the fourth quarter and, on the important North American market,” says Peter […]
Microsoft and Cyber Security Agency of Singapore deepen collaboration to share intelligence and jointly tackle cybercrime (Microsoft) Multi-year partnership builds on strength in policy, innovation and transnational collaboration to secure Singapore’s future
API Security Trailblazer Salt Security Bolsters Leadership Team to Propel Global Growth and Innovation (PR Newswire) Salt Security, the leading API security company, today announced that Matt Quarles and Michael Callahan have joined the company as Chief...
Rubrik Appoints Ismail Elmas as Group Vice President of International Business (GlobeNewswire News Room) Former Zscaler GVP joins to help drive international business pipeline and advance Rubrik’s mission to secure the world’s data...
Living Security Announces New Channel Partner Program 2023 (Living Security) Living Security announced today the launch of its channel partner program and the appointment of Peter Streips as Vice President of Channel Sales.
Products, Services, and Solutions
ConnectWise Provides More Endpoint Protection Options for ConnectWise MDR (ConnectWise) ConnectWise, a leading provider of software solutions and services for technology solution providers (TSPs), today announced that ConnectWise MDR™ (managed detection and response) seamlessly integrates with SentinelOne EDR (endpoint detection and response), giving TSPs the choice to use Bitdefender’s EDR, Microsoft Defender for Business, SentinelOne EDR, or ConnectWise. ConnectWise MDR customers can now leverage and combine leading EDR solutions with the ConnectWise SOC Services™ (Security Operations Center), delivering greater levels of threat research, detection, and remediation.
AuditBoard Announces AI and Analytics Capabilities (Business Wire) Purpose-built extensions allow Audit, Risk, and Compliance teams to leverage transformative automation and data insights to manage risk more efficiently.
Thales Brings Passwordless Authentication to Enterprise (Thales) Thales FIDO Bio Smart Card - a passwordless authentication via fingerprint offers a secure & quick way for users to access applications with just their fingerprint.
IOActive Becomes a Founding Provider for New Framework from Open Compute Project Foundation to Improve Data Center and Cloud Security Posture (IOActive) Newly launched Security Appraisal Framework and Enablement program elevates security standards for data center providers and device manufacturers
Cyber Monks, Mastercard Unveil New Cyber Marketplace (Channel Futures) Cyber Monks and Mastercard have launched a new cyber marketplace that aims to simplify the acquisition of cybersecurity solutions.
Radiflow Partners with Cyolo to Secure OT Networks Against Unauthorized Device Access (automation.com) <p>“Having a central point of entry allows us to better understand OT network activity,” said Ilan Barda, co-founder and CEO of Radiflow.</p>
ZeroFox Wins “Incident Response Solution of the Year” 2023 CyberSecurity Breakthrough Award (GlobeNewswire News Room) Company recognized for innovative, recently-enhanced incident response solutions that will be on display at the NetDiligence Cyber Risk Summit in Beverly...
The Quilt Increases Cyber Protection and Connectivity Access for Its Member Agencies With GTT (GlobeNewswire News Room) The Quilt increases cyber protection and connectivity access for its member agencies with GTT benefiting schools, universities and community organizations...
Trend Micro Container Security Evolution Saves SOC Teams Up to Two Weeks of Time Per Incident (Trend Micro) Businesses reduce cloud security risks with latest addition to centralized platform
NetSPI Enhances Social Engineering Penetration Testing Solutions During Cybersecurity Awareness Month (NetSPI) Latest updates from offensive security leader address how organizations can better protect themselves against the sophisticated techniques behind modern-day phishing attacks
QuSecure Launches New Program to Enable Partners to Capitalize on Rapidly Growing Post-Quantum Cryptography Opportunity (Business Wire) Channels Veteran Stuart Oliver Named to Lead New Global Partner Program to Equip Partners with Ability to Grow Revenue by Selling Industry’s Leading Post-Quantum Cryptography Solution
Huntress Expands Managed Security Offerings to Identity Protection with New MDR for Microsoft 365 (GlobeNewswire News Room) Powerful New Solution Provides SMBs with Enhanced Protection Against Costly Business Email Compromise (BEC) and Account Takeover Attacks (ATO)...
Orca Security Integrates with Google Workspace to Strengthen Visibility and Security (Business Wire) Expanding on its Partnership with Google Cloud, Orca Now Provides Comprehensive Coverage and Mission-Critical Analysis for Google Cloud Estates
Mastercard uses AI to sharpen payment resiliency (Finextra Research) With the relentless demand on banks to maintain consumer trust in an ever-evolving payments landscape, Mastercard has launched a new suite of enhanced solutions using game-changing AI to help them make good on the promise of ‘always-on’ payments.
Strider Technologies Announces Generative AI Search Capability (PR Newswire) Strider Technologies, Inc. ("Strider"), the leading provider of strategic intelligence, today announced Spark AI, a new generative AI-powered...
Druva Supercharges Autonomous Protection With Generative AI (Druva) Data resiliency pioneer launches Dru, the industry’s first AI copilot for backup, to increase productivity and support better IT decision-making
ABS Consulting and Dragos Expand Strategic Partnership to Strengthen OT Defenses (ABS Group) This strategic partnership will build on the companies’ existing work together, further integrating Dragos’ world-class OT cybersecurity technology with ABS Consulting’s award-winning OT risk management expertise.
Technologies, Techniques, and Standards
How to Protect Against Evolving Phishing Attacks (National Security Agency/Central Security Service) The National Security Agency (NSA) and U.S. partners have released a new report describing the latest techniques in phishing attacks and the defenses organizations can deploy against them.
CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance (Cybersecurity and Infrastructure Security Agency | CISA) Today, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One.
Phishing Guidance: Stopping the Attack Cycle at Phase One (US Department of Defense) Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks.
Phishing: What’s in a Name? (Cybersecurity and Infrastructure Security Agency | CISA) Recent news is filled with stories of companies being compromised, a pattern that goes back years, if not decades. The compromises might lead to attackers deploying ransomware, or other types of malicious activity like the theft of intellectual property and customer data. Stories of these compromises often start the same way, namely through a tactic called phishing.
Cybersecurity Awareness Month 2023 Blog Series | Updating Software (NIST) It’s week three in our Cybersecurity Awareness Month blog series!
NIST provides solid guidance on software supply chain security in DevSecOps (CSO Online) Key recommendations from the NIST’s latest guidance and why they are relevant to modern organizations developing and delivering software.
How to respond to false breach claims (CSO Online) Cyber criminals will try to take advantage of unprepared organizations and claim they have infiltrated their systems when they have not. Here is how to validate and respond to false breach claims.
What To Do About Misinformation in the Upcoming Election Cycle? (The Information) We are 14 months out from our first ‘AI’ presidential election. Everyone knows that this is going to be a misinformation disaster. How bad will it be? This cycle is going to make 2016’s issues with “Russian bot farms” look downright quaint. Unlike the techno-fever-dream of the risk posed by ...
Regulations are still necessary to compel adoption of cybersecurity measures (ZDNET) Guidelines and tools designed to help organizations strengthen their cyber posture will be rendered useless if rules aren't in place to ensure such practices are adopted.
Cyber risks and operational resilience: getting prepared − speech by Elisabeth Stheeman (Bank of England) Given at the London School of Economics
Navy Unveils New National Cyber Range to Bolster Defense Cybersecurity (Southern Maryland News Net) The Naval Air Warfare Center Aircraft Division (NAWCAD) cut the ribbon on the Department of Defense's newest National Cyber Range at Naval Air Station Patuxent River on Oct. 16, 2023.
Design and Innovation
Elon Musk’s Main Tool for Fighting Disinformation on X Is Making the Problem Worse, Insiders Claim (WIRED) X is promoting Community Notes to solve its disinformation problems, but some former employees and people who currently contribute notes say it’s not fit for that purpose.
X now requires community fact checks to include sources (Engadget) X will now require its volunteer contributors to include sources on every community note they write.
Cost of Spam (MA.TT) Twitter/X is testing charging users $1/year with the idea that will keep out bots and spam. It’s an appealing idea, and charging definitely does introduce a “proof of work” that wasn’t there before, but the history of the web shows this is not really a big deterrent.
How AI can help close IoT’s growing security gaps to contain ransomware (VentureBeat) Nation-state attackers are increasingly hitting unprotected IoT sensors essential to infrastructure and manufacturing.
Tongue Twisted: Adams Taps AI to Make City Robocalls in Languages He Doesn’t Speak (THE CITY - NYC News) New York City law requires public documents and announcements be made available in a wide range of languages, but the mayor’s computer-assisted pretending raises alarms for some ethics experts.
How Meta and AI companies recruited striking actors to train AI (MIT Technology Review) Hollywood actors are on strike over concerns about the use of AI, but for as little as $300, Meta and a company called Realeyes hired them to make avatars appear more human.
Academia
UC Berkeley’s Citizen Clinic Receives Support from Google Cybersecurity Clinics Fund - CLTC UC Berkeley Center for Long-Term Cybersecurity (CLTC) CLTC and the UC Berkeley School of Information (I School) have received $500,000 in grant funding and support from Google’s Cybersecurity Clinics Fund to support the expansion of Citizen Clinic, a public interest cybersecurity clinic.
Marshall Receives National Recognition For Cyber Defense Education (West Virginia Public Broadcasting) Marshall University’s designation extends through 2028 and is expected to help attract more students to fill a current shortage of skilled cybersecurity labor positions.
Legislation, Policy, and Regulation
India uses widespread internet blackouts to mask domestic turmoil (Washington Post) During times of civil unrest and political turmoil, authorities around the world frequently cut access to the internet to control their populations and throttle the flow of information. The militaries in Sudan and Myanmar pulled the plug when they carried out armed coups in 2021. Iran flipped the switch when protesters flooded the streets following the death a year ago of a young woman, Mahsa Amini, in police custody.
Justice Department Announces Court-Authorized Action to Disrupt Illicit Revenue Generation Efforts of Democratic People’s Republic of Korea Information Technology Workers (US Department of Justice) On Oct. 17, pursuant to a court order issued in the Eastern District of Missouri, the United States seized 17 website domains used by North Korean information technology (IT) workers in a scheme to defraud U.S. and foreign businesses, evade sanctions and fund the development of the Democratic People’s Republic of Korea (DPRK) government’s weapons program.
Five Eyes intelligence chiefs warn on China's 'theft' of intellectual property (Reuters) The Five Eyes countries' intelligence chiefs came together on Tuesday to accuse China of intellectual property theft and using artificial intelligence for hacking and spying against the nations, in a rare joint statement by the allies.
‘Cyber shields’ government strategy could spell trouble for law firms (Lawyers Weekly) While the government’s plan to develop six “cyber shields” to build a multi-layered defence against attacks is well-meaning, it could have negative implications
Costa Rica releases cybersecurity strategy f... (BNamericas.com) Also, Mexico spectrum auction largely flops while Peru proposes a regulatory review for MVNOs and more.
UK guidance on communication interception sanctions (EU Sanctions) The UK has published guidance on the interception and monitoring prohibitions in UK sanctions on Russia, Belarus, Myanmar (Burma), Iran, Syria and Venezuela. This guidance relates to the meaning of 14 terms used in the schedules, including: Deep Packet Inspection Network Interception Radio Frequency monitoring Network satellite and jamming Remote infection Speaker recognition Pattern recognition and pattern profiling Remote forensics Semantic processing WEP and WPA code breaking... ...
Practical advice for contractors dealing with new cybersecurity rules (Federal News Network) Two tough new rules from the Federal Acquisition Regulation Council are coming, but originating with the Cybersecurity and Infrastructure Security Agency. They have to do with contractor incident…
Even war has rules — why none for espionage? (Harvard Gazette) Berkman Klein Center affiliate points up the need for a legal framework to govern peacetime intelligence operations.
Maryland Air Guard, Estonian Partners Focus on Cyber Defense (Air National Guard) AMARI AIR BASE, Estonia - The Maryland Air National Guard partnered with Estonia’s Cyber Command Sept. 17-20 to host the cybersecurity exercise Baltic Blitz 23. About 30 Airmen from the 175th Wing,
Pentagon moves closer to picking leader for top cyber job (Record) The U.S. Defense Department has received the findings of a months-long outsider study into creating a lead cyber policy chief position, with several candidates for the job emerging.
Litigation, Investigation, and Law Enforcement
Bipartisan lawmakers demand answers on crypto’s role in financing Hamas attacks on Israel (The Hill) A bipartisan group of lawmakers demanded answers from the Biden administration Tuesday about the role cryptocurrency played in financing the Palestinian militant group Hamas’s surprise attack…
Finland Charges Psychotherapy Hacker With Extortion (SecurityWeek) Finland charged a hacker, accused of the theft of tens of thousands of records from psychotherapy patients, with over 21,000 counts of extortion.
What CISOs Should Exclude From SEC Cybersecurity Filings (Dark Reading) Should CISOs include only known information in the SEC filings for a material security incident, or is there room to include details that may change during the investigation?
Dutch Consumer Group Sues Amazon Over Data Tracking (Wall Street Journal) Consumer-rights body SDBN has filed a lawsuit against the tech company that mirrors a previous penalty, this time aiming to win damages for consumers.
State of Hawaii Announces $49.5 Million Multistate Settlement with Software Company Blackbaud for Data Breach (Governor of Hawaii) Attorney General Anne E. Lopez and Hawaiʻi Office of Consumer Protection Executive Director Mana Moriarty announced today that Hawaiʻi, along with 49 other attorneys general, has reached a […]
Former Navy IT Manager Sentenced to over 5 Years in Prison for Hacking a Computer Database, Stealing over 9,000 People’s Identities, and Selling the Information for $160,000 in Bitcoin (US Department of Justice) Former Navy IT Manager Marquis Hooper, 32, of Selma, California, was sentenced today to five years and five months in prison for hacking a computer database that contained personally identifiable information and selling it.
Ex-Navy IT head gets 5 years for selling people’s data on darkweb (BleepingComputer) Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens' personally identifiable information (PII) and selling it on the dark web.
Apple Fired App Store Staff After Finding Improper Dealings with Game Developers (The Information) Apple fired at least five employees who worked in the company’s App Store in China following an internal probe into business misconduct, according to people with direct knowledge of the situation. Apple found infractions such as unsanctioned contact with mobile game developers or consultants ...
Clearview AI wins appeal to overturn $10 million UK privacy fine (Record) A U.K. tribunal determined that facial recognition company Clearview AI's activities were 'beyond the material scope' of Europe's General Data Protection Regulation.