Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+621: Infiltration tactics require a trained force. (CyberWire) Hard war dissent in Russia excoriates President Putin's kind heart. Few outside Russia perceive this, but OK, then.
Netanyahu says Israel will have ‘overall security responsibility’ in Gaza after war (the Guardian) Prime minister rules out general ceasefire as Israel marks a month since Hamas attack
Four weeks on, horror lingers in Israel’s silent kibbutzim (the Guardian) Daily funerals bring little solace to a traumatised nation grieving for communities such as Kfar Aza, Ofakim and Sderot that took the brunt of the 7 October attack
A deadly cascade: how secret Hamas attack orders were passed down at last minute (the Guardian) Plan drawn up by handful of leaders was unknown to men who would carry it out until morning of attacks on Israel a month ago
‘I could never dream such a nightmare’: Gaza in grip of humanitarian disaster (the Guardian) UN official, medics and displaced people tell of overcrowding, panic and lack of essentials as bombardment continues
Israel’s cyber defense chief tells CNN he is concerned Iran could increase severity of its cyberattacks (CNN) After suspected Iranian hackers claimed a string of hacks on Israeli security cameras in the last two weeks, Israel’s cyber defense chief tells CNN he is “very concerned” that Iran could escalate its long-running covert battle with Israel in cyberspace with more serious and disruptive cyberattacks on Israeli infrastructure as the war between Israel and Hamas shows no sign of ending.
Maccabi Tel Aviv basketball team website comes under cyber attack (The Jerusalem Post) The website of the Maccabi Tel Aviv basketball team has come under cyber attack tonight according to reports f
The Digital Frontline of the Israel-Hamas Conflict Could Extend Long After the War (Inkstick) The conflict shows how entwined physical and cyber war is in contemporary conflict.
Five attack vectors that businesses should focus on in the wake of the Israel-Hamas war (SC Media) The tactics of cyberwarfare are spreading to corporate organizations – here’s what security teams should look for.
Even the Oppressed Have Obligations (The Atlantic) Not every act of resistance is justified.
Russia-Ukraine war: List of key events, day 622 (Al Jazeera) As the war enters its 622nd day, these are the main developments.
U.S., NATO to Suspend Participation in Landmark Cold War Arms Treaty (Wall Street Journal) The U.S. and its NATO allies served notice that they will suspend their participation in a 1990 treaty limiting conventional forces in Europe after Russia did the same.
Putin decides to stay in power until at least 2030, Kremlin sources say (The Telegraph) Vladimir Putin has decided to stay in power until at least 2030, according to Kremlin sources, as Russia continues to wage war against Ukraine.
Russia’s Second Front in Europe (Foreign Affairs) The West must stop Putin from provoking conflict in the Balkans.
Life on the frontline in Kherson: dodging shells, facing death and refusing to leave (the Guardian) Amid ceaseless bombardment, Kherson residents shop at the market, clean their homes, and document the horrors of war
Wagner Group. Beyond Accountability (МІПЛ) Torture and extrajudicial executions of Ukrainian prisoners of war, attacks on civilians, and seizure of critical infrastructure facilities in Ukraine. MIHR has collected evidence of the Wagner Group’s activities after the full-scale invasion of Russia.
“They just did it for fun”: Ukrainian survivors detail Wagner group horrors (Euromaidan Press) In Ukraine, the Wager mercenaries killed Ukrainian POWs and mounted their heads on poles, set them on fire after drenching in gasoline, and cut off ears and fingers during interrogations – or just for fun — says a new report by a human rights group.
SBU blocks 76 bot farms with 3 mln fake accounts since start of full-scale war (Interfax-Ukraine) During 2022-2023, the Security Service of Ukraine (SBU) blocked the activities of 76 bot farms operating on the territory of Ukraine and working on pro-Russian narratives, the Ukrainian intelligence service reported on Monday.
Attacks, Threats, and Vulnerabilities
Pwning Electroencephalogram (EEG) Medical Devices by Default (Trustwave) Overall Analysis of Vulnerability Identification – Default Credentials Leading to Remote Code Execution
DogeRAT: The Disturbing Malware Disguised as Your Favorite Apps (ISACA) DogeRAT malware reinforces the growing sophistication and multi-faceted nature of cyberthreats, through its camouflage techniques, social engineering components, and its ability to imperil privacy and financial security.
GootBot - Gootloader's new approach to post-exploitation (Security Intelligence) IBM X-Force discovered a new variant of Gootloader — the "GootBot" implant. Learn more about this and how to combat it.
New ‘GootBot’ strain of Gootloader malware stokes ransomware fears (SC Media) Security researchers say this new strain of Gootloader leverages "stealthier" SEO-poisoning to trick people who regularly use contracts, legal forms, and other business documents.
Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518 (Rapid7) As of November 5, 2023, Rapid7 Managed Detection and Response (MDR) is observing exploitation of Atlassian Confluence in multiple customer environments, including for ransomware deployment.
Ransomware actor exploits unsupported ColdFusion servers — but comes away empty-handed (SC Media) Multiple LockBit knock-off attacks in September targeting obsolete software foiled, exposing tactics and tools.
Hackers' new favorite: CVE-2023-4911 targeting Debian, Ubuntu and Fedrora servers in the Cloud (Information Security Newspaper | Hacking News) Hackers' new favorite: CVE-2023-4911 targeting Debian, Ubuntu and Fedrora servers in the Cloud - Vulnerabilities - Information Security Newspaper | Hacking News
Technical analysis: Barracuda Email Security Gateway by Quentin Olagne (Vectra) On May 23rd, 2023, Barracuda announced a vulnerability (CVE-2023-2868) in their Email Security Gateway appliance that was being exploited in the wild as far back as October of 2022.
Researchers find sensitive personal data of US military personnel is for sale online (CNN) Sensitive personal information like the apparent home addresses and health conditions of thousands of active-duty US military personnel can be bought cheaply online from so-called data brokers, according to a study published Monday by Duke University researchers.
How foreigners can buy data on US military members, for the right price (POLITICO) New research funded by West Point exposes a U.S. security vulnerability, and what many see as a gap in federal law.
Report: Minecraft users targeted the most by desktop cyber threats (GamesIndustry.biz) Sign up for the GI Daily here to get the biggest news straight to your inboxCybersecurity firm Kaspersky's latest repor…
Data Brokers and the Sale of Data on U.S. Military Personnel (Tech Policy @ Sanford) Data Brokers and the Sale of Data on U.S. Military Personnel Risks to Privacy, Safety, and National Security By: Justin Sherman, Hayley Barton, Aden Klein, Brady Kruse, and Anushka Srinivasan...
Cerby Releases “Threat Briefing: Social Media Security and Elections Volume II,” Providing a Detailed Analysis of Security Gaps in Social Media Platforms (Cerby) The report delves into year-over-year trends and best practices to prevent password reuse attacks and account takeovers that can lead to widespread disinformation campaigns.
Threat Briefing: Social Media Security and Elections Volume II (Cerby) Cerby, the comprehensive access management platform for nonstandard applications, today announced its newest report, a year-over-year analysis and research into social media platforms Facebook, Twitter, Instagram, TikTok, and Youtube across six key security parameters.
DDoS attack revealed as cause of online service outage at public healthcare institutions (ZDNET) The attack brought down internet connectivity for several organization in Singapore.
Cybercriminals post third round of stolen hospital data on the dark web (Windsor Star) The criminals targeted the hospitals through TransForm Shared Service Organization, which runs technology systems for all five facilities.
There are reasons to be leery of House speaker’s porn-monitoring software, experts say (Washington Post) Covenant Eyes raises a host of privacy, abuse questions
Vulnerability Summary for the Week of October 30, 2023 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Microsoft Says Exchange 'Zero Days' Disclosed by ZDI Already Patched or Not Urgent (SecurityWeek) Microsoft says four Exchange ‘zero-days’ disclosed by ZDI have either already been patched or they don’t require immediate attention.
Trends
The State of Segmentation 2023 (Akamai) Overcoming deployment obstacles proves to be transformational
2024 Key Forecasts Report (ZeroFox) Get intelligence-driven data on cyber threat trends, priorities, and recommendations for 2024, plus a look-back on 2023 cyber threats. Download the report today.
Armis Research Finds One-Third of Global Organizations Experienced Multiple Security Breaches in Last 12 Months (Armis) 40% of assets remain unmonitored and pose the biggest threat to organizations globally.
Retail Organizations Attacked by Ransomware Increasingly Unable to Halt an Attack in Progress, Sophos Survey Finds (GlobeNewswire News Room) Only 26% of Surveyed Organizations Stopped Cybercriminals from Encrypting Their Data in a Ransomware Attack This Is the Lowest Rate of Disruption in 3...
Ransomware Attacks Have Doubled Over the Past Two Years, According to Akamai Research (PR Newswire) Akamai Technologies (NASDAQ: AKAM), the cloud company that powers and protects life online, today released a new report highlighting the...
85% of people worry about online disinformation, global survey finds (the Guardian) UN announces plan to tackle phenomenon as survey finds people worry particularly about impact on elections
Marketplace
Travelers to Acquire Cyberinsurance Firm Corvus for $435 Million (SecurityWeek) Property and casualty insurance giant Travelers will acquire cyber insurance firm Corvus for approximately $435 million.
Lumen wins $110 million contract from Defense Information Systems Agency (PR Newswire) Lumen Technologies (NYSE: LUMN) recently won an approximately $110 million contract from the U.S. Defense Information Systems Agency (DISA) to...
Risk Ledger secures £6.25m to prevent cyber attacks on the supply chains of nation’s largest enterprises (Yahoo Finance) Organisations have been laser focussed on protecting their own networks, applications, physical premises and people against cyber security attacks but have neglected their exposure to suppliers. In...
Myrror Security Emerges from Stealth with $6M Seed Round to Prevent Attacks on the Software Development Process with AI-Backed Binary-to-Source Analysis Technology (PR Newswire) Myrror Security, a pioneer in application security for organizations using open-source packages, launched today with $6M in seed funding from...
Palo Alto to Acquire Talon, Intensifying Competition in Cloud Data Security (SecurityWeek) Technology powerhouse Palo Alto Networks is officially on a billion-dollar shopping spree in the cloud data security space.
WSJ News Exclusive | Intel in Lead to Get Billions for Secure Defense-Chip Facilities (Wall Street Journal) Intel is the leading candidate to potentially receive billions of dollars in government funding for secure facilities producing microchips for U.S. military and intelligence applications.
Splunk layoffs hit senior workers in San Francisco, Silicon Valley (Silicon Valley Business Journal) The layoffs are part of a more than 500-person global restructuring the company is making ahead of its acquisition by Cisco.
Growing Cybersecurity Demand Opportunity to Create More Racially Inclusive Workforce (PR Newswire) African Americans make up only 9.2% of cybersecurity analysts.(1) This lack of representation is not merely unfortunate, it presents...
Coalfire Appoints Tom Galizia as President (PR Newswire) Coalfire, an industry-leading cybersecurity services and solutions company, today announced the appointment of Tom Galizia as president. This...
Zscaler Accelerates AI Innovations with Appointments of Two Prominent Tech Industry Disruptors (Yahoo Finance) Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, reinforces its investments in Artificial Intelligence (AI) with the appointments of two of the industry’s top innovation and tec
Former DHS/NSA Official Stewart Baker Decides He Can Help NSO Group Turn A Profit (Techdirt) NSO Group used to have everything going for it. It had plenty of customers and plenty of leeway to sell to some of the worst governments in the world. Then everything changed. A leaked list of malw…
Cindy Zhou Joins KnowBe4 as Chief Marketing Officer (KnowBe4) Award winning cybersecurity CMO to lead global marketing, public relations, and sales development efforts for KnowBe4
SpyCloud Appoints New Vice President of Federal to Oversee Growth of Government Practice (Business Wire) Bill Cull brings over 20 years of experience scaling high-growth companies expanding their foothold in the public sector
CareFirst BlueCross BlueShield Appoints Roberto Suárez as Chief Information Security Officer (CareFirst) Today, CareFirst BlueCross BlueShield (CareFirst), the largest not-for-profit health plan in the mid-Atlantic region, announced Roberto (Rob) Suárez as its new Vice President and Chief Information Security Officer (CISO).
Onspring Promotes Nichole Windholz to Chief Information Security Officer (PR Newswire) Onspring, a no-code GRC software platform, announced today the promotion of Nichole Windholz to the role of Chief Information Security Officer...
Products, Services, and Solutions
Coalition Launches Active Cyber Insurance in Australia (Business Wire) With Capacity Provided by Allianz Australia, the Company Brings a New, Comprehensive Digital Risk Management Solution to the Market to Help Businesses Improve Cyber Defences
New KnowBe4 PhishER Plus Integrates With CrowdStrike Falcon Sandbox (KnowBe4) New KnowBe4 PhishER Plus Integrates With CrowdStrike Falcon Sandbox
Sumo Logic Launches Fully Unified Data Collection for all Logs, Metrics, and Traces on Kubernetes Infrastructure Monitoring (Yahoo Finance) Sumo Logic, the SaaS Log Analytics Platform to enable reliable and secure cloud-native applications, today announced the availability of its HELM Chart V4 feature to fully unify data collection as part of its continued commitment to OpenTelemetry (OTel). Organizations can now package, configure and deploy applications and services on Kubernetes clusters with OpenTelemetry as a default to simplify the collection of metrics,
Cerbos Hub Helps Developer, Product and Security Teams Easily Manage Authorization, a Top 10 API Security Risk (GlobeNewswire News Room) Today at KubeCon + CloudNativeCon North America, Cerbos, the leading stateless authorization...
Norm awarded CREST Accreditations (Norm) Norm, the award-winning managed security service provider has been awarded CREST Accreditations for its CSIRT and SOC-based services
Titania Launches Evidence-based PCI DSS 4.0 Compliance Reporting (EIN News) New capability prevents unauthorized access to cardholder data environments
Radware Expands Relationship with a Leading Asia-Pacific Government Technology Office to Provide Application Delivery and Security Services (GlobeNewswire News Room) Multimillion-dollar deal to support growing user base and secure delivery of government services...
New ThreatX Capabilities Empower Security Teams to Correlate & Block Threats to APIs from the Edge to Runtime (Business Wire) Associating security events at the network edge with operational environments enables CISOs, analysts to identify and mitigate risk to running APIs and applications
Uptycs Provides Industry’s First Unified Supply Chain and Runtime Security for Kubernetes (GlobeNewswire News Room) New Capabilities Further DevSecOps Excellence by Aligning and Simplifying How Developers and SecOps Work Together to Secure K8s from Code to Runtime...
LastPass and Acronis Partner to Help MSPs Streamline Password Management for Managed Service Providers (Business Wire) Integration is the first and only password management offering on Acronis’ Cyber Protect Cloud Solutio
Eclypsium Launches Guide to Supply Chain Security for Enterprise Infrastructuree (Eclypsium) The Guide is first in the industry to offer supply chain risk intelligence for IT infrastructure, including endpoints, servers, network devices, and cloud infrastructure products Portland, OR – November 7, 2023 – Eclypsium®, the digital supply chain security company protecting critical hardware, firmware, and software, today announced the industry’s first solution that measures the risk […]
Lumu Unveils Lumu for MSPs Lite, a SecOps Platform Built to Fuel MSP Growth (ACCESSWIRE News Room) Lumu for MSPs Lite is a no-cost, self-service platform, designed to empower MSPs to establish and expand their SecOps practices with ease and efficiency
TCS Launches New Gen AI-Powered Cyber Insights Platform on Amazon Security Lake (TCS) Tata Consultancy Services Helps Clients Seamlessly Fuse Security Data Residing in Diverse Cyber-Security Systems and Cloud Environments to Proactively Detect and Address Potential Threats.
Malwarebytes Launches ThreatDown to Empower Resource Constrained IT Organizations with a Powerful and Easy-to-Use Endpoint Security Platform (Malwarebytes Press Center) New ThreatDown Security Advisor enables IT teams and MSPs with prioritized and actionable security steps for immediate threat investigation and remediation ...
Keyfactor Teams Up With e92plus to Expand Partner Network (Keyfactor) Keyfactor signs UK distributor to accelerate global reach and help modern enterprises protect their IoT devices and establish digital trust at scale.
IRONSCALES Fall 2023 Release Expands Platform Capabilities to Fight Surging QR Code Attacks and Accelerate Cyber Awareness (Business Wire) Enterprise email security leader releases advanced machine learning (ML) protection for image-based and QR code phishing attacks and auto-pilot for phishing simulation testing.
KSOC launches industry's first AI-powered Cloud-Native Identity Threat Detection Platform (EIN Presswire) Helping overburdened security and engineering teams uncover malicious insiders and attackers trying to access critical cloud infrastructure
Snyk Unveils New Vulnerability Intelligence Solution with ServiceNow to Provide Comprehensive Insights Into Software Supply Chain Risk | Snyk (Snyk) Snyk, the leader in developer security, today announced a new joint solution with ServiceNow, giving software engineers vulnerability intelligence into their software bill of materials (SBOMs). With this new solution, Snyk Vulnerability Intelligence for SBOM, developers will now have end-to-end visibility of vulnerabilities in their full software supply chain as they move from ideation to deployment. The combination of Snyk’s leading security intelligence with the Now Platform® will help keep enterprises worldwide more secure overall.
Varonis Expands Microsoft Exchange Online Protection to Prevent Sensitive Email Exposure (Varonis) Unprecedented coverage for Microsoft 365 helps organizations reduce their email attack surface, stop data exfiltration, and control generative AI risk
AttackIQ Flex Helps Organizations Improve Security Posture with Free Testing and Advanced Adversary Emulations (AttackIQ) Latest updates empower organizations of all sizes to proactively test their security.
Axiad Joins the AWS Partner Network (PR Newswire) Axiad, a leading provider of organization-wide passwordless orchestration, today announced its Axiad Cloud product suite has successfully...
Elon Musk Announces Grok, a ‘Rebellious’ AI With Few Guardrails (WIRED) xAI, Elon Musk’s new company, claims to have built a powerful language model with cutting-edge performance in just two months.
Technologies, Techniques, and Standards
CISA Published When to Issue VEX Information | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today, CISA published When to Issue Vulnerability Exploitability eXchange (VEX) Information, developed by a community of industry and government experts with the goal to offer some guidance and structure for the software security world, including the large and growing global SBOM community.
Media Advisory: CISA to Hold Election Day Briefings for Members of the Media (Cybersecurity and Infrastructure Security Agency) The Cybersecurity and Infrastructure Security Agency (CISA) will host a pair of telephonic background briefings for members of the media on Tuesday, November 7 to provide updates from the field on the security and resilience of the 2023 elections.
On Election Day, CISA and Partners Coordinate on Security Operations (Cybersecurity and Infrastructure Security Agency) Today many elections are taking place across the country at the state, local and municipal levels.
Bridging the IT Skills Gap Through SASE: A Path to Radical Simplification and Transformation (Cisco Blogs) Over half of organizations struggle to fill key IT roles. SASE helps scale a lean IT model to work smarter, more efficiently, and carve time to focus on new innovations.
Meet the Never-Updaters: Why Some People Refuse to Download New Software (Wall Street Journal) Love of the status quo or fear of unknown issues? Some phone and computer users are holding on to earlier OS versions for dear life.
Design and Innovation
Pentagon’s DIU soliciting tools for ‘cyber hunt’ (DefenseScoop) DIU released a solicitation for the Advanced Rapid Analysis of Cyber Hunt Network Infrastructure Data (ARACHNID) program.
Chatbots May ‘Hallucinate’ More Often Than Many Realize (New York Times) When summarizing facts, ChatGPT technology makes things up about 3 percent of the time, according to research from a new start-up. A Google system’s rate was 27 percent.
Research and Development
NTT Research CIS Lab Director Receives Fourth Test-of-Time Award (Business Wire) Dr. Brent Waters Honored for 2013 Breakthrough Paper on Software Obfuscation; NTT Cryptographers Deliver Two Papers at FOCS 2023 Conference
World's first commitment scheme (NTT | Nippon Telegraph and Telephone Corporation) Tokyo - November 6, 2023 - NTT Corporation (NTT) is the first company in the wor...
Huawei and Tencent spearhead China's hold on cybersecurity patents (Nikkei Asia) Chinese companies account for 6 of top 10 in field while IBM remains No. 1
Academia
DOE hosting simulated cyberattack for students (CyberScoop) Office of Cybersecurity, Energy Security, and Emergency Response hosting a competition scenario “focused on hardening and defending a distributed energy resources management company,” DOE official says.
Legislation, Policy, and Regulation
Charting China’s Climb as a Leading | Recorded Future Global Cyber Power (Recorded Future) Chinese state-sponsored cyber operations have transformed, emerging as a more mature, stealthy, and coordinated threat than in previous years.
US, South Korea and Japan to form council to counter North Korean cyber threats (NK News) The U.S., South Korea and Japan will establish a new forum to coordinate responses to illicit North Korean cyber operations that fund its nuclear program, Seoul’s presidential office announced Monday. The Office of National Security said in a press release that the high-level trilateral consultative body will seek to strengthen “practical joint response capabilities” against […]
Four Recommendations to Improve the Cyber Resilience Act - Information Technology Industry Council (ITI) EU legislators are preparing for the next round of trilogue negotiations on the EU Cyber Resilience Act (CRA), which has the important goal of improving cybersecurity across the European single market.
Siemens, Ericsson warn EU cybersecurity rules may disrupt supply chains (Reuters) Electronics makers Siemens , Ericsson and Schneider Electric , along with industry group DigitalEurope warned on Monday that onerous proposed EU rules targeting cybersecurity risks of smart devices could disrupt supply chains on a scale similar to during the pandemic.
Siemens, Ericsson warn against EU cyber security rules (iTnews) May disrupt supply chains.
Rogue AIs' risk to humanity now demonstrated, claim researchers (Computing) The potential for AI bots to deceive their makers is great enough that they could become a "catastrophic" risk to humanity, researchers claimed at the UK AI Safety Summit last week.
Technical myths shouldn't stop progress (Computing) The pull towards AI seems as inevitable as the tide, but like a tsunami could mean chaos and destruction. Avoiding that outcome requires guiding, not blocking.
White House mobilizes bold push for responsible adoption of AI (PWC) The Biden administration issued its long-awaited executive order (EO) on artificial intelligence (AI). The order is the government’s biggest step toward regulating the fast-moving technology. It calls for new standards, funding, training and enforcement to mitigate AI risks, while also paving the way for the technology's widespread adoption.
50 countries ranked on their child data protection legislation (Comparitech) Where does your country rank when it comes to online data protection for children? Find out in this unique report.
Surveillance Bill Draft Would Require Warrant for FBI Searches (Bloomberg Law) A bill to reauthorize a controversial US surveillance tool currently set to expire at the end of this year is likely to include a warrant requirement for electronic searches by law enforcement under section 702 of the Foreign Intelligence Surveillance Act, according to sources who have seen a draft of the bill.
Litigation, Investigation, and Law Enforcement
Govt bans Mahadev, 21 illegal betting apps; cyberattacks against India spike (Economic Times) Controversial betting app Mahadev is among 22 illegal betting apps that the government ordered to be blocked on Sunday, following an investigation and raids by the Enforcement Directorate (ED). This and more in today’s ETtech Morning Dispatch.
Judge unseals FTC complaint against Kochava alleging ‘staggering’ data broker practices (Record) The unsealed complaint alleges Kochava illegally obtains and sells a shocking amount of highly sensitive information about consumers including their mobile device IDs, yearly income, app usage, and nearly real-time geolocation within 10 meters.
EU's Breton tells TikTok CEO to 'spare no effort' against disinformation (Reuters) TikTok must "spare no effort" to counter the spread of disinformation on the short video sharing app, EU industry chief Thierry Breton told the company's CEO on Monday, as the European Union steps up its efforts to curb the powers of Big Tech.
Google’s App Store Power Goes on Trial (Wall Street Journal) The legal fight with Epic Games is the latest challenge over agreements the search company struck with mobile phone makers.
Amazon Lost $700,000 To A Criminal Refund Gang (Court Watch) Court records and online research reveal how a highly professionalized industry uses malicious insiders at Walmart and fake shipping labels to get high-end items for practically free.
OFAC Settles with daVinci Payments for $206,213 Related to Apparent Violations of Multiple Sanctions Programs (US Department of the Treasury) Swift Prepaid Solutions, Inc. d/b/a daVinci Payments (daVinci), a financial services and payments firm based in Buffalo Grove, Illinois, has agreed to remit $206,213 to settle its potential civil liability for 12,391 apparent violations of OFAC sanctions on Crimea, Iran, Syria, and Cuba.
Singapore’s DBS Takes a Hit from Money-Laundering Affair (Wall Street Journal) DBS is financially exposed to the tune of around S$100 million to a recent money-laundering scandal in the city-state, its CEO said.