Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+658: Maximalist rhetoric from the Kremlin. (CyberWire) Russia increases cyber and kinetic strikes against civilians and infrastructure as winter closes in. The SVR undertakes a cyber campaign against software supply chains.
Gaza a ‘living hell’ after heavy winter rains drench makeshift tents (the Guardian) Conditions deteriorate amid floods, escalating food shortages and waves of disease
Israeli ministers block Mossad head’s effort to restart Gaza hostage talks (the Guardian) Relatives of the abductees say they are shocked, as reports say David Barnea was stopped from visiting Qatar
Gaza Cybergang | Unified Front Targeting Hamas Opposition (SentinelOne) Cluster of threat groups continues on trajectory to consolidate with shared victims, TTPs and evolving malware.
Russia-Ukraine war: List of key events, day 659 (Al Jazeera) As the war enters its 659th day, these are the main developments.
Ukrainian Civilians Endure Russian Missile Barrage, Cyberattack (Wall Street Journal) Ukrainian leaders say Russia is trying to hit residential areas as the war’s front line turns to a bloody stalemate.
Ukraine faces heavy attack from air and cyberspace while Zelenskyy in US presses for more funding (AP News) Local officials say Ukraine has came under heavy attack from the air and from cyberspace. Officials said Tuesday that nearly 600 Russian shells, rockets and other projectiles rained down on the southern Kherson region.
Putin says there will be no peace in Ukraine until his goals, still unchanged, are achieved (AP News) Russian President Vladimir Putin says his objectives with the Ukraine war remain unchanged, with 617,000 Russian soldiers currently there.
In Annual News Conference, Putin Says His War Aims Have Not Changed (New York Times) The Russian leader has been responding to questions for over four hours. He suggested that Western support for Ukraine was drying up and also gave his first comments about Evan Gershkovich, an American reporter detained in Russia.
Ukraine-Russia war live: Putin denies having body double (The Telegraph) Vladimir Putin denied he has a body double during a marathon phone-in press conference broadcast on Russian television.
Ukraine war latest: Critical texts appear on screen behind Putin as he takes questions; his 'twin' makes debut (Sky News) Vladimir Putin answered questions from reporters and Russia civilians in a marathon end-of-year conference in Moscow. It was the first time since the invasion of Ukraine that he has taken questions from Western journalists.
Putin Is Testing NATO’s Resolve at the Finnish Border (World Politics Review) Finland blamed Russia for a sudden surge in migrants at the border, accusing Russia of launching a form of “hybrid warfare.”
Dismayed by Moscow’s war, Russian volunteers are joining Ukrainian ranks to fight Putin’s troops (AP News) When Russia’s invasion of Ukraine ignited into war, back in Moscow, a young Russian who now goes by the name of Karabas was plunged into despair. Shocked by images of what was happening to Ukrainians in Russian-occupied areas, he decided to act — against Russia, his home and country.
There Is a Path to Victory in Ukraine (Foreign Affairs) The delusions and dangers of defeatist voices in the West.
EU leaders hope to face down Viktor Orbán over Ukraine funds veto (the Guardian) Hungarian prime minister has threatened to block extra €50bn and also Ukraine’s EU membership plans
Norway to provide more air defense systems to Ukraine (Defense News) Due to the urgent need for more systems, Norway will supply equipment from its own reserves.
The Most Consequential Act of Sabotage in Modern Times (The Atlantic) The destruction of the Nord Stream pipeline curtailed Europe’s reliance on Russian gas. But who was responsible?
Cyber Diplomacy and Russia’s War in Ukraine (RealClear Defense) Why the Department of State’s ‘Tech Diplomacy’ Rework Needs a Wartime Reboot
Russian Cyber Actors are Exploiting a Known Vulnerability with Worldwide Impact (National Security Agency/Central Security Service) The National Security Agency (NSA), Federal Bureau of Investigation (FBI), and co-authoring agencies warn that Russian Foreign Intelligence Service (SVR) cyber actors are exploiting a publicly known
CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793 (Cybersecurity and Infrastructure Security Agency | CISA) Today, CISA—along with the U.S. Federal Bureau of Investigation (FBI), National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC)—released a joint Cybersecurity Advisory (CSA), Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally.
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally (Joint Cybersecurity Advisory) The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard—are exploiting CVE-2023-42793 at a large scale, targeting servers hosting JetBrains TeamCity software since September 2023.
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 | FortiGuard Labs (Fortinet Blog) FortiGuardLabs discovered a new APT29 campaign which includes TeamCity exploitation and GraphicalProton malware. Learn more.…
Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare (Dark Reading) Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch.
CISA: Russian hackers target TeamCity servers since September (BleepingComputer) CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity servers in widespread attacks since September 2023.
Russian foreign intelligence service spotted exploiting JetBrains vulnerability (Record) Agencies in the U.S., U.K. and Poland said the hacking group tracked as APT29 or Cozy Bear was exploiting a software vulnerability previously used by hackers attributed to North Korea's government.
CISA Warns of Russian Hackers Targeting JetBrains Software (BankInfoSecurity) The Cybersecurity and Infrastructure Security Agency released an advisory Wednesday warning that a Russian military intelligence unit has been actively exploiting a
Russian hacker group claims responsibility for Kyivstar cyberattack (The Kyiv Independent) A Russian hacker attack claimed responsibility for the recent cyberattack against Ukraine's leading phone operator, Kyivstar, the Security Service of Ukraine (SBU) reported on Dec. 13.
Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Ukrainian Telecom (WIRED) A hacker group calling itself Solntsepek—previously linked to Russia’s notorious Sandworm hackers—says it carried out a disruptive breach of Kyivstar, a major Ukrainian mobile and internet provider.
Kyivstar Cyber-Attack – Everything We Know So Far (KyivPost) Kyivstar CEO Oleksandr Komarov told Kyiv Post the attack had been “an enormous hit” on the company’s infrastructure but a “best-case scenario” would see services resume today.
Ukrainian cells and Internet still out, 1 day after suspected Russian cyberattack (Ars Technica) Hackers tied to Russian military take responsibility for hack on Ukraine's biggest provider.
Kyivstar starts restoring voice services -CEO (Reuters) Ukraine's top mobile phone operator Kyivstar started restoring voice services to some clients on Wednesday after its networks were knocked out by a major cyber attack, its CEO Oleksandr Komarov said, with data and other services to follow.
Hackers damaged some infrastructure of Ukraine’s Kyivstar telecom company (Record) Kyivstar CEO Oleksandr Komarov said the incident managed to destroy some of its functions. The company has been slowly restoring services.
U.S. officials were ‘furious’ about leaks exposing Ukraine war concerns (Washington Post) When U.S. officials were busy resupplying Ukraine’s depleted forces in the spring for what was expected to be a coming counteroffensive against entrenched Russian troops, the Pentagon sprung a leak.
MI6 chief thanks Russian state television for its 'help' in encouraging Russians to spy for the UK (AP News) The head of Britain's foreign intelligence agency has thanked Russian state television for encouraging Russians to spy for the U.K. after it broadcast part of a speech he gave calling on Russians to join hands with British intelligence.
Associate Says No Sign Of Navalny In Moscow Detention Centers (RadioFreeEurope/RadioLiberty) The former head of Aleksei Navalny's Anti-Corruption Foundation, Ivan Zhdanov, said on December 13 that associates of the Russian opposition leader were unable to find him in Moscow pretrial detention centers and his whereabouts remain unknown.
Attacks, Threats, and Vulnerabilities
Lumen finds and disrupts malicious botnet targeting critical networks in U.S. and Asia (PR Newswire) In a major win for national security, Black Lotus Labs, the threat research and intelligence arm of Lumen Technologies (NYSE: LUMN), discovered...
Routers Roasting on an Open Firewall: the KV-botnet Investigation (Lumen) The Black Lotus Labs team at Lumen Technologies is tracking a small office/home office (SOHO) router botnet that forms a covert data transfer network for advanced threat actors. We are calling this the KV-botnet, based upon artifacts in the malware left by the authors. The botnet is comprised of two complementary activity clusters,
Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet (SecurityWeek) Malware hunters have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers and linked it to a Chinese APT targeting US critical infrastructure.
China warns of geographic info data breaches, affecting transport, military (Reuters) China said it found foreign geographic information software could be compromising confidential and sensitive data in key sectors including its military, and warned security departments to conduct in-depth checks to stem any further breaches.
Silent, Yet Powerful Pandora hVNC, The Popular Cybercrime Tool That Flies Under the Radar (SlashNext) Pandora hVNC remote access trojan (RAT) has been advertised on cybercrime forums since 2021, but has received little attention from the cybersecurity community.
Malvertisers zoom in on cryptocurrencies and initial access (Malwarebytes) Threat actors are increasingly placing malicious ads for Zoom within Google searches.
New hacker group GambleForce targets government and gambling sites in Asia Pacific using SQL injections (Group-IB) Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has discovered a previously unknown threat actor codenamed GambleForce (tracked under the name EagleStrike GambleForce in Group-IB’s Threat Intelligence Platform).
This is how to protect your computers from LogoFAIL attacks (ZDNET) This obnoxious constellation of firmware attacks takes over computers. Here's which devices are vulnerable and what you can do to protect them.
New Apache Struts 2 Vulnerability Allows for RCE (Gridinsoft Blog) Apache Struts 2 Vulnerability has a critical CVE score and needs to install updates to prevent remote code execution.
LockBit ransomware now poaching BlackCat, NoEscape affiliates (BleepingComputer) The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams.
Zimperium's 2023 Mobile Banking Heists Report Finds 29 Malware Families Targeted 1,800 Banking Apps Across 61 Countries in the Last Year (PR Newswire) Zimperium, the only mobile-first security platform for mobile devices and mobile apps, today released its annual Mobile Banking Heists Report,...
'Marvel's Wolverine' Held Hostage For $2 Million By Hackers (Inside the Magic) Marvel's upcoming solo Wolverine project has been stolen by hackers and ransomed for upwards of $2 million.
Insomniac Games Hacked By a Ransomware Attack, Data Surrounding Marvel's Wolverine Surfaces Online (Wccftech) Insomniac Games, the famous studio behind Marvel's Spider-Man franchise and many other titles, has been reportedly hacked.
Uncertainties continue to surround Coin Cloud hack (SC Media) Bankrupt Bitcoin ATM firm Coin Cloud had its systems claimed to be hacked by unknown threat actors last month but questions remain about the true nature of the intrusion, according to TechCrunch.
DonorView exposes 1M records for unknown time frame (Register) Trusted by major charities, DonorView publicly exposed children’s names and addresses, among other data
Ascension Providence warns cyberattack on contractor may have compromised patient info (Waco Tribune-Herald) Ascension Providence is warning that ransomware attacks on a contractor’s networks in September might have exposed personal information of some Waco-area patients of the health care provider.
District court in Switzerland ‘victim of a cyber attack’ (Record) The court in the German-speaking district of March said the cyberattack is still impacting operations.
GRIT Ransomware Report: November 2023 (GuidePoint Security) November 2023 closed with an increase in posted ransomware victims relative to a quieter October, but in keeping with an overall higher rate of victims consistent since March.
Security Patches, Mitigations, and Software Updates
ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability (SecurityWeek) ICS Patch Tuesday: Siemens and Schneider Electric address dozens of vulnerabilities affecting their industrial products.
Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday (Infosecurity Magazine) Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw
Google is rolling out new protections for our location data (Washington Post) The changes will gradually take effect through the next year
Trends
Cybersecurity: 5 Trends That Will Transform The Company/Hacker Relationship in 2024 (Community) Before the explosive growth of AI, cybersecurity was the tech area transforming the most and at a breakneck pace. The popularity of AI has done anything but replace security as a priority. Instead, AI is propelling security forward even faster. In 1995, th...
3 Ways Threat Actors Will Kick Off the New Year, According to Corvus Intel (Corvus) Indicators of emerging threats drawn from a blend of claims data and external threat intelligence
Detectify Research Continues to Reveal Pitfalls in Established Security Methods and Uncovers Top Vulnerabilities from 2023 (Detectify) State of EASM Report from Best-in-Class Player Reveals Shortcomings with CVE-overreliance and Flaws in Security Scoring Systems
State of External Attack Surface Management (EASM) (Detectify) External Attack Surface Management insights from Detectify's customer base. Our research analyzes data from 235 companies and organizations, including large enterprises and mid-market companies from across a range of industries, including Banking & Financial Services, the Public Sector, Internet Software & Services, Consumer Packaged Goods, Media & Gaming. 361,028 vulnerabilities were found across the attack surfaces of our sample.
AI dominates cybersecurity megatrends for 2024: Report (CSO Online) Three defining concerns associated with the security of AI include trust in AI, ethical application of AI, and cybersecurity of AI, according to the SIA research for cybersecurity megatrends in 2024.
How Millennials and Gen-Z are Thinking About Fraud (American Express) American Express Trendex Reveals How Millennials and Gen-Z are Thinking About Fraud
The Most Festive and Fraudulent Time of the Year (Business Wire) New Infobip Survey Reveals Alarming Data on Americans' Perception of Holiday Season Cybersecurity
Marketplace
Townsend Security Calls It Quits (IT Jungle) After 40 years in business, Townsend Security will cease operations at the end of the month, the company’s principal, Patrick Townsend, announced last week. “It has been my honor to serve you and work with you for these many years, and I know that our security solutions have kept many safe from harm,” he wrote.
Xalient acquires Grabowsky, a leading digital identity specialist in Europe, accelerating its global leadership position (GlobeNewswire News Room) Global identity and access management (IAM), security, and network transformation specialist Xalient is pleased to...
Rypplzz Raises $3M in Seed Funding to Scale Its Disruptive Geospatial Technology Platform (PR Newswire) Rypplzz, creators of Interlife®, a multi-patented geo-location platform, today announced that it has raised $3 million in seed funding, led by...
Palo Alto closing on $100 billion valuation as entire cyber ecosystem flourishes (CTech) The company founded by Nir Zuk is trading at a record value for a cybersecurity company, and Check Point and CyberArk are also at all-time highs. Although the cybersecurity sector as a whole is growing due to the increase in the scope of attacks and the change in regulations in the US, many Israeli companies are specifically benefitting due to their work with large organizations that are less affected by interest rates and their focus on comprehensive solutions
Apple’s Security Fix Won’t Move Cybersecurity Stocks. Here's What Will. (Barron's) It could be another good year for Palo Alto, Zscaler, CrowdStrike, and other cybersecurity names, according to Wedbush analysts.
Forward Networks Named to Fortune Magazine 2023 Cyber 60 List (PR Newswire) Forward Networks announced today that it has been named to the Fortune Magazine 2023 Cyber 60 List. Fortune compiled this prestigious list of...
Cribl Recognized in Fortune’s Inaugural CYBER60 List of Top Private Cybersecurity Companies (Cribl) Cribl Newsroom contains the latest news, announcements, and perspectives from Cribl relating to the technology industry.
Gem Included in the Inaugural Fortune Cyber 60 List of the Fastest-Growing Companies in Cybersecurity (PR Newswire) Gem Security, the cloud detection and response (CDR) company, today announced that it was recognized in the inaugural Fortune Cyber 60 list of...
Jack Berkowitz joins Securiti as its Chief Data Officer (Business Wire) Previously the CDO of ADP, Berkowitz brings deep expertise in enabling Safe use of Data & AI in large-scale environments
Securonix Appoints Biju Muduli as Chief Marketing Officer (Business Wire) Global Cybersecurity Marketing Executive Brings Extensive Hypergrowth Enterprise Software Leadership Experience to Unified Defense SIEM Leader
Sources: Tanium COO-CFO Leaves Company Suddenly, Despite IPO Plans On Horizon (CRN) Eric Brown, who was in the dual roles of chief operating officer and chief financial officer, left Tanium last week, sources close to the company told CRN. Brown's exit comes as the company looks to lay the groundwork for an initial public offering.
Cymulate Adds Cybersecurity Industry Veteran to Board of Directors (Cymulate) Cymulate, the leader in exposure management and security validation, announced today that Lee Weiner, former Chief Innovation Officer at Rapid7, has joined the Cymulate board of directors. The Cymulate board contains leaders across the cybersecurity
Products, Services, and Solutions
Semperis Is Now an Approved Software Vendor with the Texas Department of Information Resources, Furthering Its Reach in the Public Sector Market (Semperis) We protect the world’s largest and most complex environments from cyberattacks, data breaches, and operational errors. Read our press release "Semperis Is Now an Approved Software Vendor with the Texas Department of Information Resources, Furthering Its Reach in the Public Sector Market " to learn more.
Keysight 400GE Network Cybersecurity Test Platform Validates Fortinet’s Hyperscale DDoS Defense Capabilities (Business Wire) Scalable test platform generates both legitimate and malicious traffic at multi-terabit, hyperscale volumes, realistically emulating DDoS attack mitigation of carrier-grade network loads
Visa Provisioning Intelligence Launches to Combat Token Fraud (Business Wire) New Visa service deploys machine learning-based model to help predict probability of token fraud before it happens.
Swiss Red Cross Selects Omada Identity Cloud for SaaS IGA Provider (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), today announced the Swiss Red Cross will use Omada...
Why we leverage elite hackers to improve our product security (Community) When 88 elite hackers join forces, you know the security of the technology is being put to the test. Dec. 12, 2023 Chris Holt, Bug Bounty, Intel “I’m so confident in how we look for potential vulnerabilities and the critical response to any identified that I would put the power of our product securi...
Secureworks and SentinelOne® Deliver Trailblazing Global Joint Go-To-Market Program to Decrease Cyber Risk (PR Newswire) Secureworks (NASDAQ: SCWX), a global leader in cybersecurity, today announced a joint go-to-market program with SentinelOne (NYSE:S), a global...
NATO Selects IBM to Further Enhance Alliance's Cybersecurity Resilience (IBM Newsroom) IBM signed a contract with the NATO Communications and Information Agency (NCI Agency) to help strengthen the Alliance's cybersecurity posture with improved security visibility and asset management across all NATO enterprise networks.
Leidos wins $700 million NSA technology contract (PR Newswire) Leidos (NYSE: LDOS), a FORTUNE® 500 science and technology leader, was recently awarded a new prime contract to provide prototype and...
Cofense Adds Vishing Simulation to its Popular PhishMe® Email Security Awareness Training (Security Boulevard) Cofense, the leading provider of email security awareness training (SAT) and advanced phishing detection and response (PDR) solutions, today announced a first-of-its-kind, fully managed and customizable vishing security solution. This new Cofense solution trains employees to identify and report vishing threats that bypass a company’s secure email gateways The post Cofense Adds Vishing Simulation to its Popular PhishMe® Email Security Awareness Training appeared first on Cofense.
Unveiling VISS: a revolutionary approach to vulnerability impact scoring (Zoom Blog) To help reshape the vulnerability assessment and incident response landscape, we are thrilled to announce the general availability of our innovative
Bitdefender Launches Scamio, a Powerful Scam Detection Service Driven by Artificial Intelligence (Bitdefender) New Complimentary Chatbot Service Helps Detect and Verify Attempts of Online Fraud Delivered Over Email, Text Messaging, Messaging Applications, and Social Media
Sonar Announces Secrets Detection (Sonar) Sonar Announces Secrets Detection in SonarQube, SonarCloud and SonarLint to Significantly Reduce Risk of Sensitive Data Exposure and Compromise in Code
SHI Joins DTEX Global Partner Program to Meet Increasing Worldwide Demand for Proactive Insider Risk Management Solutions (Business Wire) Leading IT solutions provider selects DTEX InTERCEPT™ to expand global access to next-generation insider threat management capabilities for its clients
Secure Code Warrior’s Agile Learning Platform Empowers Netskope Developers to Code Cloud Solutions at Scale (Business Wire) Netskope partners with Secure Code Warrior to reimagine secure code education and accelerate software development
Cathay Chooses Aryaka for Major Global SASE Deployment (PR Newswire) Aryaka®, a leader in Unified SASE solutions, today announced Cathay as its newest customer. Cathay, a leading premium travel lifestyle brand,...
Data Theorem CNAPP Earns 2023 Cybersecurity Excellence Award for Demonstrated Leadership Protecting APIs and Software Supply Chains (Data Theorem) Cloud Secure Honored for Industry-First ML-Based Hacker Toolkits and Visualizations to Improve Discovery of Data Breaches in First-Party APIs and Third-Party Software Supply Chain Assets
Technologies, Techniques, and Standards
NIST issues guidance on a mathematical approach to data privacy (Nextgov.com) The draft document provides a system for adopting a differential privacy framework, and the agency is currently seeking feedback to ensure quality.
New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence (SecurityWeek) Major software vendors sign on to a new security initiative to create trusted best practices for artificial intelligence deployments.
NSA, CISA call on software developers, suppliers to improve open source software management practices (Federal News Network) New guidance from lead cybersecurity agencies and industry partners provides both individual developers and large companies with software supply chain security best practices…
MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure (SecurityWeek) MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices.
CISA Goes Live With Secure Cloud Business Applications Google Workspace, Seeks External Feedback (Executive Gov) Looking for the latest Government Contracting News? Read about CISA Goes Live With Secure Cloud Business Applications Google Workspace, Seeks External Feedback.
Why is CISA not addressing the PLCs in the Unitronics PLC attack? (Control Global) The IRGC attack could be wider spread, as Unitronics PLCs may be rebranded and appear as different manufacturers and companies
AI is a board issue: perspectives from Belgium (Lexology) Artificial intelligence (AI) is a focus of rapidly developing activity in all sectors of the economy and at all points in the supply chain. The…
Washington Utility Districts Prepare for the Worst as Hacks Persist (GovTech) The Chelan and Douglas County public utility districts are locking in specific security measures as cybersecurity breaches continue to target critical infrastructure across the country and state.
Inside the Troll Army Waging Trump’s Online Campaign (New York Times) A team of meme-makers has been flooding social media with pro-Trump posts riddled with sexist and racist tropes. Donald Trump is cheering them on.
Design and Innovation
ChatGPT Creator OpenAI to Pay Politico Parent for Using Its Content (Wall Street Journal) The deal is a significant milestone as media firms push for compensation for the use of their content in AI tools.
Research and Development
'Mind reading' cap turns thoughts into text during trials (Computing) Researchers in Australia manage to turn brain activity into text
Legislation, Policy, and Regulation
Cyber industry leaders debate AI threat in Parliament (Business Matters) Key figures from the UK’s cyber industry gathered in the Houses of Parliament last night to discuss the challenges posed by cyber threats and the rise of A to UK national security and the economy.
UK Home Office is ignoring the risk of 'catastrophic ransomware attacks,' report warns (Security Affairs) A Joint Committee on the National Security Strategy (JCNSS) warns of the high risk of a catastrophic ransomware attack on the UK government.
FCC Approves Major Updates to Data Breach Notification Rules (GovInfoSecurity) The FCC approved new guidelines that note how data breaches "have only grown in frequency and severity" since the commission adopted its privacy
Divided FCC Votes To Tighten Data Breach Notification Rules (Media Post) The FCC on Wednesday voted 3-2 in favor of regulations imposing new obligations on telecoms that experience data breaches.
FCC Adopts Updates to Data Breach Rules, Sets Up Privacy Battle (Bloomberg Law) The Federal Communications Commission adopted data breach rules changes Wednesday that broaden the definition of what one is and the scope of who must be notified in the event of one.
FBI Guidance to Victims of Cyber Incidents on SEC Reporting Requirements: FBI Policy Notice Summary (FBI) A summary of the FBI’s Policy Notice regarding cyber victim requests to delay SEC-mandated public disclosures is, as follows:
DOJ and FBI Announce Guidance on Seeking Delays in SEC 8-K Filings for Cyber Incidents (JD Supra) On December 12, 2023, the Department of Justice (DOJ) issued guidelines for companies to follow in requesting that the Attorney General authorize...
Materiality Definition Seen as Tough Task in New SEC Cyber Rules (Wall Street Journal) Companies must have clearly defined processes for evaluating the impact of a cyberattack.
SEC Cyber Rules Loom Over Public Companies (Wall Street Journal) Listed companies must publicly report material cyberattacks starting Dec. 18.
Feds brace for implementation of SEC cyber disclosure rules (Record) Set to go into effect on December 18, the new rules requires public companies to disclose cyber incidents no later than four business days after they determine the intrusion will have a material impact on operations.
State Dept.’s Fight Against Disinformation Comes Under Attack (New York Times) The Global Engagement Center has become the focus of Republican-led criticism that the U.S. government coerces social media platforms into removing offensive content.
Section 702 surveillance doesn’t belong in the NDAA (Defense One) The controversial spying power doesn’t actually expire for more than four months.
Lindy Cameron, head of UK NCSC, to leave cyber agency for diplomatic posting (Record) The departure from NCSC comes early for Lindy Cameron, who had been expected to stay in her role until 2025.
Litigation, Investigation, and Law Enforcement
MICROSOFT CORPORATION, Plaintiff, against- DUONG DINH TU, LINH VAN NGUYEN, and TAI VAN NGUYEN, Defendants. (United States District Court for the Southern District of New York) Plaintiff Microsoft Corporation (“Microsoft”), by and through its attorneys at Cahill Gordon & Reindel LLP, brings this action against Defendants Duong Dinh Tu, Linh Van Nguyen (a/k/a Nguyen Van Linh), and Tai Van Nguyen (collectively, “Defendants”), alleging as follows...
Microsoft seizes domains used to sell fraudulent Outlook accounts (BleepingComputer) Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group (Storm-1152) that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals.
Microsoft seizes infrastructure of top cybercrime group (CyberScoop) Relying on a court order, the tech giant seized websites belonging to a top purveyor of fraudulent Microsoft accounts.
Microsoft disrupts cybercrime operation selling fraudulent accounts to notorious hacking gang (TechCrunch) Microsoft has seized the infrastructure of Storm-1152, a cybercrime gang providing hacking services to other groups
Dutch Watchdog Sues Adobe Over Mass Collection of Citizen Data (Hackread) Hidden Code, Hidden Profits – Tracked Before You Click – SDBN Takes Adobe to Court Over Alleged Illegal Tracking of Dutch Cizitens.
UK defence ministry fined for Afghan data breach during Taliban takeover (Reuters) The British data regulator said on Wednesday it had fined the defence ministry for a series of email data breaches that revealed details of over 265 Afghans who were seeking relocation to Britain after the Taliban took control of Afghanistan.
French police arrests Russian suspect linked to Hive ransomware (BleepingComputer) French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments.
Russian national with alleged Hive ransomware ties arrested in Paris (Record) According to police, the suspect served as a “banker” for Hive affiliates, helping them manage stolen funds.
Apple now requires a judge's consent to hand over push notification data (Reuters) Apple (AAPL.O) has said it now requires a judge's order to hand over information about its customers' push notification to law enforcement, putting the iPhone maker's policy in line with rival Google and raising the hurdle officials must clear to get app data about users.
Cisco defeats Centripetal patent case that led to $2.75 bln award (Reuters) A federal judge in Virginia has rejected cybersecurity company Centripetal Networks' patent infringement claims against Cisco Systems (CSCO.O) in a multi-billion-dollar fight over network-security technology.