Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+6734: FSB's LitterDrifter. (CyberWire) Privateers and hacktivist auxiliaries hit targets of opportunity connected with strategic objectives. Ukraine investigates cyber operations in support of alleged war crimes. Dissent and repression inside Russia.
Israel on brink of deal to free hostages and pause fighting (The Telegraph) Up to 50 people could be released soon as US-brokered negotiations with Hamas reach 'sensitive' phase
Hamas releases footage of elderly hostage's death (The Telegraph) Hamas has broadcast what appears to be the death of an elderly hostage kidnapped by the terror group.
Iran’s betrayal leaves Hamas with nowhere to go (The Telegraph) We have reached a pivotal moment in this conflict. The terrorist group is increasingly isolated, its defeat assured
TikTok faces fresh calls for ban over Hamas content (The Telegraph) Platform is under scrutiny once more as terrorist videos proliferate online
Sacha Baron Cohen accuses TikTok of ‘creating biggest anti-Semitic movement since Nazis’ (The Telegraph) Actor blames video app for encouraging hate amid struggle to control content
Here's how Akamai, Rapid7 and other Mass. firms are maintaining support for Israel employees (Boston Business Journal) Six weeks since Hamas' brutal attack on Israel, local firms say they're helping employees there with days off and care packages while remaining open for business.
The Rise in Email Phishing Attacks Amidst the Israel-Hamas Conflict (Avanan) Discover the rise in email phishing attacks amidst the Israel-Hamas conflict. Learn how threat actors are taking advantage of current events to deceive people and how Avanan protects users from these attacks.
Russia-Ukraine war live: wave of drone attacks on Kyiv for second night (Guardian) British MoD says heavy Russian losses at Avdiivka and little progress for either side; Russia claims attempted Ukrainian drone attack in Bogorodsky area
Watch: Ukraine's counter-offensive is over, but the war has only just begun | Defence in Depth (The Telegraph) Kyiv may be halting its push forward as winter approaches, but it will learn from its setbacks and come back stronger next time
Netherlands budgets $2.2 billion in military aid for Ukraine (Defense News) The aid will be provided through commercial procurement, in the form of supplies from stockpiles and through cooperation with international partners.
Secretary of Defense Lloyd J. Austin III Visits Ukraine (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III traveled to Ukraine to meet with Ukrainian leaders and reinforce the staunch support of the United States for Ukraine's fight for freedom.
American and allied military leaders discuss Ukraine weapons needs at new council (Stars and Stripes) The newly formed NATO-Ukraine Council is a format established by allies earlier this year to give Kyiv a larger voice on matters relating to its security.
Industry group rejects EU blame in missed ammo target for Ukraine (Defense News) Companies need more time and must honor existing export commitments first, a European lobbying group for defense contractors has claimed.
As Cargo Flights Leave Kaliningrad, Air Defence Systems Disappear (bellingcat) Satellite imagery shows that S-400 anti-air systems have been removed from their locations in Russia's Kaliningrad Region.
Vladimir Putin cannot keep funding his war for ever (The Economist) Russia needs more men and more weapons for a long war. But Putin is likely to postpone another wave of mobilisation until after the 2024 presidential election
Russia frees killers from prison to go to war and kill in Ukraine (Washington Post) Vladislav Kanyus, a young man from Kemerovo in southwestern Siberia, brutally killed his ex-girlfriend Vera Pekhteleva, torturing, suffocating and stabbing her for hours.
Pro-Kremlin Bloggers Say Anti-Semitic Rioters In Daghestan Are Getting Off Easy. Why? (RadioFreeEurope/RadioLiberty) Militant pro-Kremlin bloggers are up in arms over the low-level charges against suspects in an anti-Semitic riot in Daghestan. It’s not because they are concerned about anti-Semitism, experts say, but because they think the state is afraid of offending Muslims in the context of the Gaza war.
Decrypting Danger: Check Point Research deep-dive into cyber espionage tactics by Russian-origin attackers targeting Ukrainian entities (Check Point Blog) Highlights: Gamaredon, a distinct APT player in Russian espionage, stands out for its large-scale campaigns primarily targeting Ukrainian entities. The
Malware Spotlight - Into the Trash: Analyzing LitterDrifter (Check Point Research) Introduction Gamaredon, also known as Primitive Bear, ACTINIUM, and Shuckworm, is a unique player in the Russian espionage ecosystem that targets a wide variety of almost exclusively Ukrainian entities. While researchers often struggle to uncover evidence of Russian espionage activities, Gamaredon is notably conspicuous. The group behind it conducts large-scale campaigns while still primarily focusing […]
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine (Security Affairs) Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB.
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks (The Hacker News) Russian cyber espionage group linked to the FSB are using a USB worm called LitterDrifter to target Ukrainian organizations.
Remarks by Assistant Secretary Graham Steele at the Federal Insurance Office and NYU Stern Volatility and Risk Institute Conference on Catastrophic Cyber Risk and a Potential Federal Insurance Response (U.S. Department of the Treasury) As Prepared for DeliveryGood afternoon. My name is Graham Steele, and I am the Assistant Secretary for Financial Institutions at the Treasury Department. It’s my pleasure to help conclude this Treasury FIO-NYU conference on catastrophic risk and a potential federal insurance response. A number of people are responsible for making today’s event a success.
Russian analysts point finger at China, North Korea over cyber activity (Record) Despite the countries' warm relationship, Russia is being targeted by North Korean and Chinese state hacking groups, a cybersecurity firm connected to Rostelecom claims.
How Pro-Ukrainian Hackers Have Undermined Russia's War Every Step Of The Way (WorldCrunch) Authorities in Moscow continue to struggle to stem the tide of data breaches from hackers inside and outside Ukraine, who have been one of the unsung heroes in the resistance to the Russian invasion.
Ukraine says it has evidence of 109,000 Russian war crimes (POLITICO) Top prosecutor says Kyiv wants to document and prosecute “each and every incident.”
The Moscow Times, Noted For Its English Coverage Of Russia, Is Declared 'Foreign Agent' (RadioFreeEurope/RadioLiberty) The Russian Justice Ministry on November 17 added The Moscow Times, an online newspaper popular among Russia's expatriate community, to its list of “foreign agents.”
How Lukashenka's Government Subjugated Belarus's Already Weak Judiciary
(RadioFreeEurope/RadioLiberty) Lawyers say the last vestiges of judicial independence and defense advocacy have been destroyed since the brutal crackdown on dissent by Belarusian strongman Alyaksandr Lukashenka following pro-democracy protests in 2020.
Attacks, Threats, and Vulnerabilities
Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools (SecurityWeek) Bug hunters uncover over a dozen exploitable vulnerabilities in tools used to build chatbots and other types of AI/ML models.
Govt warns against Dead Glyph Backdoor cyber threat (The Express Tribune) Issues advisory to all ministries, divisions, depts to adopt precautionary measures
NetSupport RAT: The RAT King Returns (VMware Security Blog) For years, threat actors have been using legitimate software for illegitimate or malicious purposes. One such software is NetSupport Manager – a remote control application used for remote systems management. In recent years, however, threat actors have repurposed this software as … Continued
NoEscape gang continues to use DDoS to pressure reluctant victims to negotiate (Databreaches.net) Over on SuspectFile, Marco A. De Felice reports that the NoEscape ransomware gang is threatening to release 1.5 TB of data from PruittHealth Network. De Felice...
Are DarkGate and PikaBot the New QakBot? (Cofense) The threat landscape is constantly evolving. Learn about the new DarkGate & PikaBot malware that has surged in activity and why it should be taken seriously.
DarkCasino joins the list of APT groups exploiting WinRAR 0day (Security Affairs) The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831.
New SEO#LURKER Attack Campaign: Threat Actors Use SEO Poisoning and Fake Google Ads to Lure Victims Into Installing Malware (Securonix) An ongoing SEO poisoning/malvertising campaign leveraging WinSCP lures along with a stealthy infection chain lures victims into installing malware (alongside the legitimate WinSCP software). Attackers are likely leveraging dynamic search ads which let threat actors inject their own malicious code while mimicking legitimate sources like Google search pages.
Ransomware Gang LockBit Revises Its Tactics to Get More Blackmail Money (Insurance Journal) LockBit, the prolific ransomware gang that has launched attacks recently on Boeing Co. and Industrial Commercial Bank of China Ltd., among others, has
Hackers Are Exploiting a Flaw in Citrix Software Despite Fix (Bloomberg) Citrix Bleed was exploited before company flagged it. LockBit gang among those said to be abusing the flaw.
Medusa ransomware gang claims Toyota Financial Services hack (Security Affairs) Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company.
CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack (SecurityWeek) Toyota Financial Services has been hit by a ransomware attack that may have involved exploitation of the CitrixBleed vulnerability.
Yamaha and WellLife Network confirm cyber incidents after ransomware gang claims attacks (Record) A ransomware group that has been exploiting a vulnerability in Citrix products posted both companies to its leak site.
Singtel refutes reports that its system upgrade caused Optus outage (ZDNET) While confirming a software upgrade was carried out on its Singtel Internet Exchange backbone network, the carrier denies this was the root cause of the massive outage suffered by its Australian subsidiary Optus.
Bloomberg Crypto X account snafu leads to Discord phishing attack (BleepingComputer) The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack.
Avalanche DEX Trader Joe thwarts phishing attempt, details here (AMBCrypto) Security concerns briefly affected Trader Joe, a major DEX on Avalanche, leading to a temporary impact on volumes and price.
'Don't click' warning issued to bank account holders (Wales Online) Bank account holders have been told of an attack which works by silently 'hijacking' your clicks and could empty your account
Rightway Healthcare Announces Data Breach Affecting Davis Polk and Okta Employees (JD Supra) On November 13, 2023, Davis Polk & Wardell, LLP (“Davis Polk”) filed a notice with the Attorney General of Vermont discussing a third-party data...
Multiple colleges, K-12 schools facing outages after cyberattacks (Record) North Carolina Central University is investigating a cyberattack this week, as are school districts in Michigan, Oregon and Atlanta.
Nearly 2 Million Turkish Citizens Affected in Vaccination Data Breach (SafetyDetectives) A hacker released 1.9 million lines of data related to Turkish vaccinations, potentially exposing the information of almost 2 million citizens.
The SafetyDetect
Current and former public service, RCMP, military members affected by data breach, federal government warns (CTVNews) The federal government is warning current and former public service employees and members of the RCMP and Canadian Armed Forces their personal and financial information for as early as 1999 may have been accessed in a data breach.
Paying ransom for data stolen in cyberattack bankrolls further crime, experts caution (CBC Radio) Organizations are finding themselves on the receiving end of cyberattacks, including ransomware, where they're under pressure to pay hackers for access to their stolen data. Despite the potential interruptions, experts say ceding to attackers' demands isn't always the solution.
From High Life Hackers to National Menace: The Rise and Fall of Digital Bandits 'ACG' (404 Media) Hackers 'ACG' popped champagne and bought sports cars. Then the group and its associates ushered in a bold new era of crime where anything is possible.
How "Scattered Spider" owns SSO and identity in its hacks (The Stack) The group "register their own MFA tokens [and] add a federated identity provider to the victim’s SSO tenant and activate automatic account linking..."
This is how people break into accounts in the name of online KYC (News Track) In the digital age, the convenience of online services comes hand in hand with the lurking threat of cybercrimes. One such sinister trend th..|News Track
Infamous Hackers in History (Medium) Throughout history, several notorious hackers have left an indelible mark on the digital landscape, shaping the evolution of cyber…
Trends
2024, the year of elections (The Cloudflare Blog) We want to ensure that all groups working to promote democracy around the world have the tools they need to stay secure online
Companies Are Tracking You Online: Data Privacy & Why It Matters (Trend Micro News) What Is Data Privacy? How Do Companies Use Personal Data? How Do We Protect Our Identity and Personal Info?
Fake Online Stores See A 135% Spike As Black Friday And Holiday Shopping Approaches | Netcraft (Netcraft) As Black Friday (and Cyber Monday) approaches, the annual online sales phenomenon shows no sign of slowing down, and neither do cybercriminals looking to ta ...
The Changing Cyber Threat Landscape Southeast Asia (CYFIRMA) EXECUTIVE SUMMARY This Southeast Asia Cyber Threat Landscape Report provides a comprehensive overview of the evolving cybersecurity landscape in the...
Software engineers battle management retaliation for reporting wrongdoing (Cybernews) Systematic ongoing failures affect software engineers and, therefore, the computer systems used by broader society, Scottish software auditing company Engprax has found
Most Americans View Conspiracy Theories as Dangerous, Despite Nearly 50% Believing Alien Visits Were Covered Up by the Government (Business Wire) Overwhelmingly majority believe misinformation an existential threat to society; with AI and social media viewed as substantial areas of concern heading into the election.
Marketplace
SonicWall's MSSP acquisition is its first in over a decade (Register) CEO Bob VanKirk makes near-20-year partnership official, teases big things coming to EMEA
AT&T Forms Joint Venture for Managed Cybersecurity Business (Data Breach Today) AT&T will split its managed cybersecurity services practice from its core connectivity business by standing up a joint venture with Chicago-area investor WillJam
OpenAI announces leadership transition (OpenAI) Chief technology officer Mira Murati appointed interim CEO to lead OpenAI; Sam Altman departs the company. Search process underway to identify permanent successor.
A statement from Microsoft Chairman and CEO Satya Nadella (The Official Microsoft Blog) As you saw at Microsoft Ignite this week, we’re continuing to rapidly innovate for this era of AI, with over 100 announcements across the full tech stack from AI systems, models, and tools in Azure, to Copilot. Most importantly, we’re committed to delivering all of this to our customers while building for the future. We...
A timeline of Sam Altman’s ouster from OpenAI and Microsoft appointment (Reuters) Following a surprise ouster, OpenAI co-founder and former CEO Sam Altman joined Microsoft as the head of artificial intelligence research along with the ChatGPT maker's former President Greg Brockman and other staff.
Sam Altman leaves OpenAI: Everything you need to know (Computing) It's been a hectic few days for ChatGPT-maker OpenAI. Here's what's what now the dust has had a chance to settle.
OpenAI Employees Threaten to Quit Unless Board Resigns (Wall Street Journal) More than 500 employees have threatened to resign from the company if the current board doesn’t resign and reinstate former CEO Sam Altman.
Sam Altman to Join Microsoft Following OpenAI Ouster (Wall Street Journal) After Altman’s bid to return to the AI company was unsuccessful, Microsoft said that he would lead a new advanced AI research team at the tech giant.
Dozens of Staffers Quit OpenAI After Sutskever Says Altman Won’t Return (The Information) Dozens of OpenAI staffers internally announcedthey were quitting the company Sunday night, said a person with knowledge of the situation,after board director and chief scientist Ilya Sutskever told employees that fired CEO Sam Altman would not return. The moves could hamper the company's ability ...
OpenAI appoints new boss as Altman joins Microsoft in Silicon Valley twist (Reuters) Sam Altman is discussing a possible return even as he considers launching a new AI venture. His firing angered current and former employees, and prompted worries over an upcoming $86 billion share sale.
Emmett Shear Becomes Interim OpenAI CEO as Altman Talks Break Down (The Information) Sam Altman won’t return as CEO of OpenAI, despite efforts by the company’s executives to bring him back, according to co-founder and board director Ilya Sutskever. After a weekend of negotiations with the board of directors that fired him Friday, as well as with its remaining leaders and top ...
Who is Emmett Shear, OpenAI's new interim CEO replacing Sam Altman? (Reuters) ChatGPT-maker OpenAI has named ex-Twitch boss Emmett Shear as its interim chief executive officer after the startup ousted former head Sam Altman in a move that rocked the tech industry.
Microsoft Eyes Seat on OpenAI’s Revamped Board (The Information) Microsoft, OpenAI’s biggest backer, is considering taking a role on the board if ousted CEO Sam Altman’s returns to the ChatGPT developer, according to two people familiar with the talks. Microsoft could either take a seat on OpenAI’s board of directors, or as a board observer without voting ...
OpenAI board in discussions with Sam Altman to return as CEO (The Verge) Altman is “ambivalent” and wants governance changes.
OpenAI ‘Optimistic’ It Can Bring Back Sam Altman, Greg Brockman (The Information) OpenAI is “optimistic” it can bring back Sam Altman, Greg Brockman and other key employees who departed in the wake of Altman’s sudden firing on Friday, Chief Strategy Officer Jason Kwon told staffers in a memo Saturday night, according to people with knowledge of the situation. Executives will ...
OpenAI Investors Trying to Get Sam Altman Back as CEO (Wall Street Journal) OpenAI’s investors are making efforts to bring back Sam Altman, the chief executive who was ousted Friday, said people familiar with the matter.
Altman, Brockman Arrive at OpenAI Headquarters as Execs Push to Reinstate Them (The Information) Two days after OpenAI’s board of directors fired him, Sam Altman joined executives at the company’s San Francisco headquarters Sunday as they pushed the board to reinstate him and other recently departed executives, said a person with knowledge of the situatioin. Interim CEO Mira Murati earlier ...
OpenAI’s Rivals Rush to Poach Staff After Altman Ouster (The Information) For at least a brief moment, OpenAI's rivals caught a lucky break. After spending the last year racing to catch up to the ChatGPT developer’s lead, OpenAI competitors learned the jaw-dropping news: the startup’s board had pushed out Altman. By Sunday it looked like the reprieve would be ...
No "malfeasance" behind Sam Altman's firing, OpenAI memo says (Axios) Sam Altman's firing as OpenAI CEO was not the result of "malfeasance or anything related to our financial, business, safety, or security/privacy practices" but rather a "breakdown in communications between Sam Altman and the board," per an internal memo from chief operating officer Brad Lightcap seen by Axios.
Altman Sought Billions For Chip Venture Before OpenAI Ouster (Bloomberg) Altman was fundraising in the Middle East for new chip venture. The project, code-named Tigris, is intended to rival Nvidia.
Who Is Mira Murati, OpenAI’s New Interim CEO? (WIRED) Mira Murati was elevated from OpenAI’s CTO to its interim leader after CEO Sam Altman was ousted Friday. Like all the company’s leaders she believes that artificial general intelligence is within reach.
The culture clash behind OpenAI's CEO firing (Axios) The boardroom drama behind the firing of OpenAI CEO Sam Altman reflects a deep cultural rift among the creators of Silicon Valley's hottest new technology.
Many Details of Sam Altman’s Ouster Are Murky. But Some Things Are Clear. (New York Times) Everything seemed to be going his way. Then his time at OpenAI was over.
Sam Altman’s Sudden Exit Sends Shockwaves Through OpenAI and Beyond (WIRED) Microsoft’s Satya Nadella is reportedly “furious” following Altman's dramatic departure from OpenAI Friday. Meanwhile, OpenAI’s president and three senior researchers have resigned.
OpenAI Board Pressed by Some Investors to Restore CEO (Bloomberg) Possible outcome is that board resigns as soon as this weekend. Altman has been considering new venture, but open to returning.
OpenAI Investors Plot Last-Minute Push With Microsoft To Reinstate Sam Altman As CEO (Forbes) A day after OpenAI’s board of directors fired former CEO Sam Altman in a shock development, investors in the company are plotting how to restore him in what would amou...
OpenAI’s $86 Billion Share Sale in Jeopardy Following Altman Firing (The Information) A planned sale of OpenAI employee shares that would value the startup at about $86 billion on paper hangs in the balance after the sudden firing of CEO Sam Altman and a slew of top executive departures. The tender offer, which Thrive Capital is leading, has not yet closed but has been in its ...
Sam Altman’s ouster puts a new twist into OpenAI’s complicated relationship with Microsoft (GeekWire) OpenAI CEO Sam Altman was as bullish as ever about artificial intelligence and the ChatGPT maker’s latest advances when he spoke Thursday at the Asia-Pacific Economic Cooperation (APEC) Summit in San Francisco.
OpenAI Co-Founder Altman Plans New Venture (The Information) Sam Altman, the recently ousted CEO of OpenAI, has been telling investors that he is planning to launch a new venture, according to a person familiar with the matter. Former OpenAI president Greg Brockman is expected to join the effort and the project is still in development, the person said. ...
Ousted OpenAI C.E.O. Makes Plans for New Artificial Intelligence Company (New York Times) Sam Altman, who was forced out of his company on Friday afternoon, was quickly moving to create another company with another OpenAI executive who quit on Friday.
Who is Ilya Sutskever, the man at the center of OpenAI’s leadership shakeup—and why is he so worried about AI superintelligence going rogue? (Fortune) The OpenAI chief scientist has been key to the company’s success—and is increasingly worried about AI safety.
What Sam Altman’s Firing Means for the Future of OpenAI (WIRED) Sam Altman made OpenAI into a powerhouse by adding a profit-seeking arm to its utopian mission. After the board rejected his vision, the company’s remaining leaders must figure out a new path forward.
Sam Altman Is Out at OpenAI; Mira Murati Will Be Interim CEO (Wall Street Journal) Board says Altman wasn’t being ‘consistently candid in his communications’
OpenAI’s Board Pushes Out Sam Altman, Its High-Profile C.E.O. (New York Times) Mira Murati, who previously served as chief technology officer, has been named interim chief executive.
OpenAI CEO Sam Altman ousted, shocking AI world (Washington Post) Altman’s pursuit of profits and his growing ambitions to build a world-spanning consumer business triggered concerns among some OpenAI employees
OpenAI abruptly fires CEO Sam Altman -- days after Microsoft briefly blocked access to ChatGPT over "security and data" concerns (The Stack) Altman was "not consistently candid in his communications with the board, hindering its ability to exercise its responsibilities. The board no longer has confidence in his ability to continue leading OpenAI.”
Sam Altman fired as CEO of OpenAI (The Verge) Mira Murati will be the interim CEO.
Details emerge of surprise board coup that ousted CEO Sam Altman at OpenAI (Ars Technica) Microsoft CEO Nadella "furious"; OpenAI President and three senior researchers resign.
Sam Altman responds after OpenAI sacks him (ET CIO) Altman's dismissal caught the tech world by surprise, with rumors rife on social media as to the cause of the sudden sacking.
Sam Altman was raising a VC fund when OpenAI fired him (Semafor) People familiar with the matter also said he was in good spirits in the days before the company's board said it "no longer has confidence in his ability to continue leading OpenAI."
Altman Decision Looms as Sequoia, Tiger Negotiate Behind Scenes (The Information) OpenAI co-founder Sam Altman could make a decision as soon as Saturday evening on whether to return to the startup he co-founded, after some major investors urged the board that fired him to reverse the decision, according to people familiar with the discussions. In order to return, the members ...
Before OpenAI Ousted Altman, Employees Disagreed Over AI ‘Safety’ (The Information) OpenAI’s ouster of CEO Sam Altman on Friday followed internal arguments among employees about whether the company was developing artificial intelligence safely enough, according to people with knowledge of the situation. Such disagreements were high on the minds of some employees during an ...
Microsoft Has ‘Utmost Confidence’ in OpenAI Following Sam Altman Ouster (The Information) OpenAI Interim CEO Mira Murati on Friday told staff in a companywide meeting that its relationship with Microsoft—its biggest outside source of capital and computing power—was stable following the sudden firing of CEO Sam Altman, according to people with knowledge of the meeting. Microsoft CEO ...
Internal memo: Amazon will cut ‘several hundred’ Alexa jobs as it ends unspecified initiatives (Geekwire) In-depth Amazon coverage from the tech giant’s hometown, including e-commerce, AWS, Amazon Prime, Alexa, logistics, devices, and more.
Apple and Disney Among Companies Stopping Ads On X (Wall Street Journal) The move follows other major advertisers that have stepped back from the platform after Elon Musk posted that an antisemitic social-media post was ‘the actual truth.’
Disney, Comcast, Lionsgate pull ads from X over antisemitic posts (Washington Post) Apple is reportedly also among the companies ending their advertising on Elon Musk’s platform, formerly known as Twitter
Apple ‘suspends ads on Twitter’ after White House accuses Musk of spreading anti-Semitism (The Telegraph) This is not the first time the billionaire has come under fire for his views
Musk Defends Himself on X After Antisemitic Furor Deepens (Bloomberg) The billionaire complains of hundreds of ‘bogus’ media reports. Musk’s endorsement of post triggered a growing controversy.
Elon Musk to file ‘thermonuclear lawsuit’ as advertisers desert X (the Guardian) Social media firm boss says he will sue media watchdog that said ads were being placed alongside antisemitic content
SEC Leak Reveals Sudden $17.7 Trillion Bitcoin ETF ‘Update’—Sparking Crypto Price Surge (Forbes) The bitcoin price has more than doubled over the last 12 months, propelling bitcoin and crypto back into the limelight...
Paladin Capital Group promotes Ken Pentimonti to Managing Director (PR Newswire) Paladin Capital Group, the multi-stage investor specialising in cyber and advanced technology, is delighted to announce that Kenneth Pentimonti...
Products, Services, and Solutions
Contrast Security Announces New Certification Program for Partners (Contrast Security) Contrast announces its Certification Program designed to empower partners with the knowledge needed to deliver the highest level of AppSec to customers.
Strider Technologies and Scale AI Establish Strategic Partnership to Support Federal Government Agencies (Strider Intel) Partnership will enable federal agencies to leverage Strider’s unique data assets and Scale AI’s Donovan platform to enrich government data holdings to drive critical economic and national security missions.
VicOne and Block Harbor Deliver Integrated Workflow-Based Cybersecurity System (Dark Reading) VicOne, an automotive cybersecurity solutions leader, today introduced the first joint solution with Block Harbor since announcing its investment in the company earlier this year.
NCC Group is a Proud Participant in the Microsoft Security Copilot Partner Private Preview (NCC Group) NCC Group today announced its participation in the Microsoft Security Copilot Partner Private Preview. NCC Group was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.
Noventiq Joins Microsoft Intelligent Security Association, Strengthening Its Commitment to Cybersecurity (Business Wire) Noventiq Holding PLC, a leading global digital transformation and cybersecurity solutions and services provider, announced that it is joining the Microsoft Intelligent Security Association (MISA).
Mastercard doubles down on effort to detect and tackle crypto fraud with AI tie-up (CNBC) Mastercard told CNBC exclusively Monday it's partnered with Feedzai, a regulatory technology platform, to improve monitoring and blocking of fraud in crypto.
Technologies, Techniques, and Standards
Piloting New Ground: Expanding Scalable Cybersecurity Services to Protect the Broader Critical Infrastructure Community (Cybersecurity and Infrastructure Security Agency | CISA) In recent years, cyber attacks have intensified in both volume and impact–affecting the day-to-day operations of organizations across our nation’s critical infrastructure sectors. When most Americans consider the cyber-physical impact of attacks on critical infrastructure, they may recall when a ransomware attack on Colonial Pipeline’s corporate network led to a disruption of fuel supplies to gas stations along the East Coast.
CISA launches pilot program offering ‘cutting-edge’ services to critical infrastructure orgs (Record) The U.S. government is offering “cutting-edge cybersecurity shared services” to critical infrastructure organizations that need it most.
Cloud Security Alliance announces new zero-trust security credential (CSO Online) The first authoritative certificate aims to set standards and promote best practices for hot security technology.
NIST’s International Cybersecurity and Privacy Engagement Update – Trade Missions, Workshops, and Translations (NIST) Our Cybersecurity Awareness Month
Businesses that eliminate passwords report better security outcomes (Security Magazine) New research shows organizations using passwordless technologies experience the fewest phishing attacks, are more productive and achieve greater levels of employee satisfaction.
‘I employ a lot of hackers’: how a stock exchange chief deters cyber-attacks (the Guardian) Six Group, which operates the Swiss and Spanish bourses, is a target for cyberwarfare and must be on guard, its boss says
Inside the Race to Secure Formula 1’s Las Vegas Grand Prix (WIRED) Beyond the blinding speeds and sharp turns on new terrain, the teams at this weekend’s big F1 race are preparing for another kind of danger.
Is your LinkedIn profile revealing too much? (We Live Security) How much contact and personal information do you share in your LinkedIn profile and who can see it? Here’s why less may be more.
Five Golden Tips to protect against online shopping scams (Tech Advisor) Scammers’ efforts to trick and defraud online shoppers are becoming increasingly sophisticated. With these tips you should be able to spot and avoid them.
Cybercrime expert offers safety tips for online holiday shopping (Virginia Tech) The holiday shopping season is ramping up and unfortunately, so are criminals looking to take advantage of your urge to get discounted prices. Each year these scams seem to be more sophisticated, making them harder to sport. Virginia Tech cybercrime expert Katalin Parti shares these tips to help you avoid falling victim.
Design and Innovation
Users Can't Speak to Viral AI Girlfriend CarynAI Because CEO Is in Jail for Arson (404 Media) “CarynAI being down has really caused an uproar within my community,” Caryn Marjorie said.
“Hallucinating” AI models help coin Cambridge Dictionary’s word of the year (Ars Technica) Cambridge: "When an artificial intelligence hallucinates, it produces false information."
Ethereum exec defends privacy tactics amid security debate By Investing.com (Investing.com) Ethereum exec defends privacy tactics amid security debate
Research and Development
Cryptographers Solve Decades-Old Privacy Problem (Nautilus) We are one step closer to fully private internet searches.
What is quantum advantage? A quantum computing scientist explains an approaching milestone marking the arrival of extremely powerful computers (The Conversation) Several companies have made quantum computers, but these early models have yet to demonstrate quantum advantage: the ability to outstrip ordinary supercomputers.
UC Berkeley Researchers Propose an Artificial Intelligence Algorithm that Achieves Zero-Shot Acquisition of Goal-Directed Dialogue Agents (MarkTechPost) Large Language Models (LLMs) have shown great capabilities in various natural language tasks such as text summarization, question answering, generating code, etc., emerging as a powerful solution to many real-world problems.
Academia
When ransomware hits hospitals, how do you protect patients? UCSD researchers seek ways to mitigate harm (San Diego Union-Tribune) New center will study health care impacts of cyber attacks and find ways to improve resiliency when medical centers are hit
Legislation, Policy, and Regulation
The case for a Cyber Force (Australian Defence Magazine) Major General Murray Thompson, head of Defence Information Communications Technology Operations, wonders if it’s not time for a review to create a new force to operate in the cyber domain | Max Blenki...
White House to update recently released cybersecurity strategy (SC Media) White House Office Federal Chief Information Security Officer and Deputy National Cyber Director Chris DeRusha said the Biden administration is already reexamining the implementation plan for its recently published national cybersecurity strategy, CyberScoop reports. "Were already working on version 2.0," said DeRusha, who described the document as...
DOD Announces Release of 2023 Strategy for Operations in the Information Environment (U.S. Department of Defense) The 2023 DOD Strategy for Operations in the Information Environment will improve the Department's ability to plan, resource, and apply informational power toward integrated deterrence, campaigning,
Pentagon turns to press flacks and academics to help fight information wars (The Washington Times) A new U.S. approach to waging information warfare operations states that military and civilian defense organizations will rely on Pentagon public affairs officials with support from academics and non-government organizations to counter Chinese and Russian disinformation.
FCC Tightens Telco Rules to Combat SIM-Swapping (SecurityWeek) With cyberattacks rising, new FCC rules will require wireless carriers to notify customers of any SIM transfer requests
The FCC says new rules will curb SIM swapping. I’m pessimistic (Ars Technica) SIM swaps and port-out scams are a fact of life. New rules aren't likely to change that.
FTC Proposes New Cyber Disclosure Rule After Prison Hack (Bank Info Security) Global Tel*Link, a major telecommunications provider for state and federal prison systems, will be required to notify the FTC and consumers of future security
CISA aims to make executives sign off on security of software sold to government (Federal News Network) The Cybersecurity and Infrastructure Security Agency is attempting to make cybersecurity a high-level issue for companies by only allowing top executives to sign off on a new secure software attestation form that will be used across the federal government.
The United States has a new cyber czar — for a little while, anyway (Record) Drenan Dudley, currently ONCD's deputy for strategy and budget, will take over the office temporarily with the departure of Kemba Walden, its acting director.
Cyber Solarium leader pushes to ensure continuity in national cyber director job (Federal News Network) The National Cyber Director’s job is about to be vacant, and Sen. Angus King (I-Maine) is pushing to get Harry Coker confirmed ASAP.
Litigation, Investigation, and Law Enforcement
The Cybersecurity Lawsuit That Boards Are Talking About (New York Times) An S.E.C. lawsuit against a software company hacked by Russian state actors in 2020 could affect how companies handle cybersecurity risks.
WhatsApp malware suit against NSO to stay in US (Luxembourg Times) Spyware company has several entities registered in Luxembourg
Polish court discovers secret cryptomining rigs hidden throughout building (Record) The high-powered cryptocurrency mining rigs were hidden in a ventilation duct and beneath a raised floor and were powered by electricity from the court’s mains supply.
UK Privacy Watchdog Pursues Clearview AI Fine After Reversal (Gov Info Security) Britain's privacy watchdog on Friday said it will continue fighting to impose a fine on Clearview AI for allegedly violating the privacy rights of Britons after a
United States v. Jesse E. Kipf (US Attorney's Office for the Eastern District) Jesse E. Kipf of Somerset, Kentucky, has been charged with computer fraud stemming from data breaches he conducted on a number of state and corporate networks. Kipf obtained credentials to access the private networks of these public and private entities, and through such access, was able to view state constituent and business client personally identifying information. Kipf was also charged with attempting to sell the credentials he used to access these protected networks
A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says (Forbes) A hacker told the FBI earlier this year that he sold access to the personal data of Marriott hotel customers on a Russian forum, according to a search warrant obtained...
Hotel Hacker Faked His Own Death by Hacking Into State Death Record Systems: FBI (The Messenger) A man who was arrested for hacking database of Marriott Hotels faked his own death to possibly avoid getting caught by authorities.
US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website (SecurityWeek) Wisconsin teenager Joseph Garrison has admitted in court to launching a credential stuffing attack on a betting website.
US teen pleads guilty to his role in credential stuffing attack on betting site (Security Affairs) US teenager Joseph Garrison pleads guilty to carrying out a credential-stuffing attack on a betting website.
Israeli man sentenced to 80 months in prison for providing hacker-for-hire services (Security Affairs) An Israeli hacker has been sentenced to 80 months in prison in the US for his role in a massive spear-phishing campaign
2 Environmentalists Who Were Targeted by a Hacking Network Say the Public Is the Real Victim (SecurityWeek) Two environmentalists who were targeted by a hacking network run by an Israeli man say the public is the real victim
Alleged Extortioner of Psychotherapy Patients Faces Trial (KrebsOnSecurity) Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out…
Europol and Eurojust support Czech and Ukrainian police in taking down multi-million euro voice phishing gang | Europol (Europol) As a result of this investigation, six suspects were already arrested in Ukraine and four in the Czech Republic in April this year. Locations in Czechia (Domazlice, Rokycany and Plzen) and Ukraine (Dnipropetrovsk) were searched during the raids, including the homes of the accused, vehicles and call centres.Mobile phones, SIM cards and computer equipment were seized during the crackdown.The criminal...
OPM watchdog flags cybersecurity concerns for USPS health care marketplace (Federal News Network) The Office of Personnel Management faces a tight deadline to set up a new health insurance marketplace for Postal Service employees and retirees to enroll in new plans, starting next year.