Ukraine at D+351: Russia's build-up, Ukraine's targeting. (CyberWire) Russia's massive build-up for an anniversary offensive proceeds. It's preceded by more missile strikes against Ukrainian targets.
Russia-Ukraine war: List of key events, day 352 (Al Jazeera) As the Russia-Ukraine war enters its 352nd day, we take a look at the main developments.
Themes and Failures of Russia’s War Against Ukraine (Recorded Future) Insikt Group examines Russia’s hybrid warfare themes over the past year, illuminating its strategic miscalculations and strategies to overcome its shortfalls.
Russia prepares 2,000 tanks and 300,000 troops for ‘huge invasion’ in Donbas (The Telegraph) The attack is expected to coincide with the one-year anniversary of Vladimir Putin's launch of the war in Ukraine on February 24
Zelensky fights back tears as he makes impassioned plea to EU leaders (Express.co.uk) Ukrainian President Volodymyr Zelensky addressed the European Parliament on Thursday morning as part of the last leg of a 48-hour round trip that began in the United Kingdom.
Russia-Ukraine War: Russia Strikes Cities as It Ramps Up Winter Offensive (New York Times) Ukraine’s Air Force said Russia launched a “massive” attack targeting the country’s already battered infrastructure, using drones and dozens of cruise missiles.
Russia hits targets across Ukraine with missiles, drones (AP NEWS) Russia used strategic bombers, cruise missiles and killer drones in a wave of attacks across Ukraine early Friday, while Moscow's military push that Kyiv says has been brewing for days appeared to pick up pace in eastern areas ahead of the one-year anniversary of its invasion .
Russia-Ukraine war latest: Ukraine 'shot down 61 out of 71' Russian cruise missiles (The Telegraph) Ukraine shot down 61 out of 71 missiles launched by Russia in an overnight attack, Kyiv has claimed.
Russia's cyberattacks aimed at ‘destabilizing’ Moldova, PM says (The Record from Recorded Future News) Russia is waging a hybrid war not only in Ukraine but also throughout Europe, and Ukraine’s neighbors and closest allies are bearing the brunt of it.
‘They’re Hunting Me.’ Life as a Ukrainian Mayor on the Front Line (New York Times) Being the leader of Kherson may feel more like a curse than an honor. But one woman isn’t giving up, even though the Russians are sitting just across the river and shelling her city nearly every hour.
Policymakers: Keep Ukrainian soldiers front of mind as this war of attrition continues (Atlantic Council) As the war reaches the one-year mark, leaders concerned about grand strategy need to weigh the suffering and resilience of the soldiers at the front.
Living Off the Grid in Ukraine’s War-Torn Cities (Wilson Center) The people of Ukraine have had to adjust to attacks on the telecommunications and electricity infrastructure almost since Russia’s war began, in February 2022.
European nations give ‘positive signals’ on fighter jets, says Volodymyr Zelensky (The Telegraph) Despite the Ukrainian president's optimism, some leaders have doubts over supplying aircraft, fearing it will risk escalation with Russia
The view from European capitals on Zelenskyy’s trip across the continent (Atlantic Council) Ukrainian President Volodymyr Zelenskyy zipped from London to Paris to Brussels this week. His message to leaders and lawmakers was more military aid is needed.
Olaf Scholz furious after minister ‘went behind back’ over Ukraine tanks (The Telegraph) Annalena Baerbock twice made discreet efforts to get allies to push German chancellor into decision, says report
UK training for Ukrainian fighter pilots meant for 'post-war,' but that could change: Minister (Breaking Defense) "But, of course, you've always got an eye on what the next gear change might need to be if the war continues to develop and another gear change is needed," British Minister for Armed Forces James Heappey told reporters.
Ukraine unlikely to be sent British jets until war is over, Ben Wallace says (The Telegraph) Defence Secretary’s comments follow Rishi Sunak’s warm reception to President Zelensky’s request for ‘wings’ to protect Ukraine’s freedom
Pentagon looks to restart top-secret programs in Ukraine (Washington Post) If approved, the move would authorize U.S. Special Operations troops to employ Ukrainian operatives to observe Russian movements and counter disinformation
It’s time to talk about Nato membership for Ukraine (The Spectator Australia) There was a time when Ukraine’s accession to Nato was a fantasy. It wasn’t just that Ukraine was dismally poor, politically unstable, or highly corrupt – though all these factors played a role.
US, French troops hold NATO military drills in Romania (Military Times) U.S. and French troops who are in Romania as part of a NATO battlegroup held a military exercise to test the alliance’s eastern flank defenses.
Putin’s Annexation Miscalculation (Wilson Center) We are fast approaching the one-year anniversary of Russia’s invasion of Ukraine. Everyone is expecting an escalation of the war this spring – Russia is poised to mobilize more troops, while Ukraine will deploy its new tanks and artillery, all in an attempt to produce a decisive military result.
Is Putin’s Russia heading for collapse like its Czarist and Soviet predecessors? (Atlantic Council) Vladimir Putin's disastrous invasion of Ukraine is sparking debate over the possibility of a new Russian collapse. Could today's Russian Federation be facing the same fate as its Czarist and Soviet predecessors?
The main effort of Russian propaganda language is to give the impression that there is still no war (Global Voices) What does Russian propaganda do? It replaces the associations of words so that we perceive the world as better and safer, as a world in which there is no war
Readout of Secretary of Defense Lloyd J. Austin III's Bilateral Meeting With Minister of Defense Juansher Burchuladze (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III hosted Minister of Defense Juansher Burchuladze of Georgia at the Pentagon to reaffirm the U.S.-Georgia defense relationship.
SpaceX admits blocking Ukrainian troops from using satellite technology (CNN) The president of SpaceX revealed the company has taken active steps to prevent Ukrainian forces from using the critical Starlink satellite technology with Ukrainian drones that are a key component of their fight against Russia.
Decrying Starlink's 'Weaponization,' SpaceX Cuts Support for Ukrainian Military (Defense One) But Wednesday's explanation by the Elon Musk-founded company is at odds with its continuing work for the U.S. military.
The main effort of Russian propaganda language is to give the impression that there is still no war (Global Voices) What does Russian propaganda do? It replaces the associations of words so that we perceive the world as better and safer, as a world in which there is no war
After the war in Ukraine: Cyber revanchism. (CyberWire) Wars eventually end. But when they do, especially if they end ambiguously, they give rise to lingering revanchism and preparation for the next round.
Attacks, Threats, and Vulnerabilities
U.S. declassifies balloon intelligence, calls out China for spying (Washington Post) The State Department on Thursday released details about China’s high-altitude balloon surveillance program, declassifying information collected by U.S. U-2 spy planes and other sources to expose what the Biden administration is calling a sophisticated effort to surveil “more than 40 countries across five continents.”
China’s Balloon Program Grew From a Humble Start (Wall Street Journal) Modest beginnings have given way to a modern program of towering data-vacuums aloft that are rattling the U.S. military establishment.
Open-source repository malware sows Havoc (ReversingLabs) Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.
Understanding Stealerium Malware and Its Evasion Techniques (Uptycs) We observed an increase in promotion of Stealerium on hacker forums. This malware is used by cybercriminals focused on stealing account credentials.
#StopRansomware - Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities (CISA) CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North Korean state-sponsored cyber to target various critical infrastructure sectors, especially
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities (CISA) Note: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn about other ransomware threats and no-cost resources.
U.S., South Korean Agencies Partner to #StopRansomware Threat from DPRK (National Security Agency/Central Security Service) The National Security Agency (NSA) partnered with U.S. and South Korean government agencies to release a joint Cybersecurity Advisory today about the Democratic People's Republic of
US and South Korea accuse North Korea of using hospital ransoms to fund more hacking (The Record from Recorded Future News) When North Korea collects ransoms from healthcare facilities, the money could be funding operations against bigger targets, an advisory said.
North Korea using healthcare ransomware attacks to fund further cybercrime, feds say (SC Media) An update to a July 2020 joint federal alert warns North Korean state-sponsored threat actors are continuing to target healthcare with ransomware attack, using the funds for further cybercrime.
U.S., South Korea Warn of North Korean Ransomware Threats (Bank Info Security) Multiple government agencies in the U.S and South Korea issued a joint alert warning critical infrastructure sectors - and especially the healthcare sector - of
Using Geotargeting to Customize Phishing (Avanan) Hackers are now customizing their phishing campaigns via geotargeting.
Geotargeting tools are allowing phishing campaigns to home in on potential victims (The Record from Recorded Future News) Hackers are using tools from Geo Targetly to tailor phishing attacks to specific locations, according to research from Avanan.
r/reddit - We had a security incident. Here’s what we know. (reddit) TL:DR Based on our investigation so far, Reddit user passwords and accounts are safe, but on Sunday night (pacific time), Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to some internal documents, code, and some internal business systems.
Hackers breach Reddit to steal source code and internal data (BleepingComputer) Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code.
Reddit Breached With Stolen Employee Credentials (Dark Reading) Reddit code, internal documents, dashboards, and business systems were compromised in the cyberattack.
Reddit Says It Was Hacked But That You Don't Need to Worry. Probably. (Gizmodo) The social media site says that a phishing incident led to the theft of company data but that user data is safe.
Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices (The Hacker News) 38 security vulnerabilities found in Wireless IIoT devices from 4 different vendors. Threat actors can exploit these vulnerabilities.
ESXiArgs Ransomware Hits Over 3,800 Servers as Hackers Continue Improving Malware (SecurityWeek) New developments in ESXiArgs ransomware attacks, including improved encryption, victims, and questions regarding the exploited vulnerability.
Hypervisor patching struggles exacerbate ESXiArgs attacks (TechTarget Security) Infosec experts weighed in on the difficulties of patching hypervisors, which contributed to a high number of unpatched instances hit by ESXiArgs ransomware.
Supply Chain Attack via New Malicious Python Packages by Malware Author Core1337 (Fortinet Blog) The FortiGuard Labs team recently discovered various new 0-day attacks in PyPI packages by malware author, "Core1337". Read to learn more about these malicious supply chain attacks. …
Cybercrime Gang Uses Screenlogger to Identify High-Value Targets in US, Germany (SecurityWeek) Russia-linked financially motivated TA866 targeting companies with custom malware, including a screenlogger, a bot, and an information stealer
Hacker develops new 'Screenshotter' malware to find high-value targets (BleepingComputer) A new threat actor tracked as TA886 targets organizations in the United States and Germany with new custom malware to perform surveillance and data theft on infected systems.
Romance scammers’ favorite lies exposed (Federal Trade Commission) Romance scammers tell all sorts of lies to steal your heart and money, and reports to the FTC show those lies are working.
New FTC Data Reveals Top Lies Told by Romance Scammers (Federal Trade Commission) New data released today by the Federal Trade Commission sheds new light on the lies that romance scammers use to take advantage of people—lies that reports to the FTC show cost nearly 7
Romance scammers could cause unhappy Valentine’s Day (Washington Post) Behind the lies of romance scams
Love Bytes (Georgia State News Hub) A research team at Georgia State University is identifying how scammers target victims on dating apps.
As V-Day nears: Romance scams cost victims $1.3B last year (Register) Don't trust your super-hot military boyfriend you've never met. He doesn't exist
Michigan AG warns of cybersecurity risks after data breach of gaming sites (mlive) DraftKings, FanDuel and BetMGM are among the gaming sites affected by the recent cyber-attack.
Largest Canadian bookstore Indigo shuts down site after cyberattack (BleepingComputer) Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday, causing the company to make the website unavailable to customers and to only accept cash payments.
Indigo says ‘cybersecurity incident’ has impacted online orders, electronic payments (Global News) Toronto-based Indigo said in a release Wednesday that it hopes to have its systems back online as soon as possible following the incident, which the company did not elaborate on.
Cyberattack on ION Derivatives Unit Had Ripple Effects on Financial Markets (Wall Street Journal) Last week’s ransomware attack showed big financial firms can also be harmed by breaches at fintechs and other third parties that provide even small pieces of the technical machinery underlying the markets.
Alexa, who else is listening? (WeLiveSecurity) Have you ever stopped to think how easily your smart speaker could be used as a spying tool by someone with illicit intent?
Disinformation Researchers Raise Alarms About A.I. Chatbots (New York Times) Researchers used ChatGPT to produce clean, convincing text that repeated conspiracy theories and misleading narratives.
Morphisec: ChatGPT could create super malware (Israel Defense) ChatGPT is a powerful AI chatbot that uses a huge data collection and natural language processing to “converse” with users in a way that feels like a normal, human conversation. Its ease of use and relatively high accuracy has seen users leverage it to do everything from solving complicated math problems, to writing essays, creating software and writing code, and making captivating visual art. Until now AI was mainly used in data analytics.
Mount Saint Mary College confirms December ransomware attack (The Record from Recorded Future News) Mount Saint Mary College dealt with a ransomware attack in December that leaked the data of all students and faculty over the last ten years.
MTU Cork confirms it suffered ransomware cyber attack as campus remains closed (The Irish Times) College has ‘not engaged’ with demand as it works towards managed return to campus
Ransom demand encoded in cyber attack on Munster Technological University (Irish Examiner) The college's Cork campuses have been closed for the entire week
The Army Officer Email Chain that Caused Pandemonium (Military.com) Around 06:30 Eastern time Feb. 2, approximately 13,000 Army inboxes pinged with an email from an unfamiliar sender.
Security Patches, Mitigations, and Software Updates
OpenSSL Fixes Multiple New Security Flaws with Latest Update (The Hacker News) OpenSSL project releases patches for multiple security flaws, including a high-severity vulnerability in the widely used encryption toolkit.
LS ELECTRIC XBC-DN32U (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: LS ELECTRIC, LS Industrial Systems (LSIS) Co. Ltd Equipment: XBC-DN32U Vulnerabilities: Missing Authentication for Critical Function, Improper Access Control, Cleartext Transmission of Sensitive Information, Access of Memory Location After End of Buffer 2.
Johnson Controls System Configuration Tool (SCT) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: System Configuration Tool Vulnerabilities: Sensitive Cookie Without ‘HttpOnly’ Flag, Sensitive Cookie in HTTPS Session Without 'Secure' Attribute 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access cookies and take over the user's session.
Horner Automation Cscape Envision RV (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Envision RV Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to an attacker executing arbitrary code via malicious project files.
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low attack complexity
Equipment: SYSMAC CS/CJ/CP Series and NJ/NX Series
Vulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, Plaintext Storage of a Password
CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors. CISA is issuing this advisory to provide notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
ARC Informatique PcVue (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: ARC Informatique Equipment: PcVue Vulnerabilities: Cleartext Storage of Sensitive Information, Insertion of Sensitive Information into Log File 2.
Avast Threat Report: Consumers Plagued With Refund Fraud, Tech Support Scams, and Adware (Dark Reading) Avast researchers also discovered and reported two zero-day vulnerabilities, and observed the spread of information-stealing malware, remote access trojans, and botnets.
Avast Threat Labs releases Q4 2022 Threat Report (Avast) The Avast Threat Labs Q4 2022 Threat Report observed a rise in social engineering attacks during the final quarter of 2022, including invoice fraud, tech support scams, and others aimed at stealing money.
Top 10 Ransomware Targets in 2022 and Beyond (Security) Today's top ransomware targets include organizations in the media, retail and energy sectors. Learn which 14 industries have the highest attack rates.
Sumo Logic to be Acquired by Francisco Partners for $1.7 Billion (GlobeNewswire News Room) REDWOOD CITY, Calif., Feb. 09, 2023 (GLOBE NEWSWIRE) -- Sumo Logic (Nasdaq: SUMO), the SaaS analytics platform to enable reliable and secure cloud-native...
Francisco Partners Acquiring Sumo Logic for $1.7 Billion, Taking It Private (Channel Futures) Francisco Partners, a global investment firm, is acquiring Sumo Logic for $1.7 billion, taking the company private. Analysts say it's likely a smart move.
Coincover raises $30M to help protect digital assets from hacks and human error (TechCrunch) Coincover, a digital asset protection company, has raised $30 million to protect people and their digital assets from hacks or human error.
SPAC Corner Growth signs merger LOI with cybersecurity provider Noventiq (Seeking Alpha) SPAC Corner Growth Acquisition Corp. (COOL) intends to merge with cybersecurity and digital transformation services provider Noventiq.
Adept Technology Group agrees £50m sale (CRN) Recommended takeover by Wavenet would create a £200m-revenue player
Layoffs come for cybersecurity, too (Cybersecurity Dive) Even companies in more insulated fields, such as cyber vendors Sophos, Okta and Secureworks, are bound to feel the pain as enterprises cut spending.
INDIA/ISRAEL : Israel's NSO and Candiru eye new Indian interceptions contract (Intelligence Online) The Israeli cyberintelligence firm NSO Group is circling a tender with India's Research & Analysis Wing, but Indian officials are reticent to team with the company behind the Pegasus spyware.
Bard’s first public mistake cost Google $100 billion (Quartz) An underwhelming launch event and an error in an ad put Google's chatbot on the backfoot compared to Microsoft’s ChatGPT
Cyolo Recognized in 2022 Gartner Hype Cycle for Endpoint Security - Cyolo (Cyolo) Cyolo is recognized as a Sample Vendor in the 2022 Gartner "Hype Cycle for Endpoint Security” report in the ZTNA category.
Congressman James Langevin Joins Paladin Capital Group's Strategic Advisory Board (PR Newswire) Paladin Capital Group, a cyber and advanced technologies investor, today announced the addition of Fmr. Congressman James R. Langevin to its...
Products, Services, and Solutions
New infosec products of the week: February 10, 2023 (Help Net Security) The featured infosec products this week are from: Cequence Security, Deepwatch, Neustar Security Services, OPSWAT, and SecuriThings.
ConnectWise integrates with OpenAI to solve complex problems and save time for MSPs (GlobeNewswire News Room) ConnectWise accelerates its AI initiatives and brings OpenAI to the Asio™ platform and remote monitoring and management tools. Launching with ConnectWise...
Welcome to Wildebeest: the Fediverse on Cloudflare (The Cloudflare Blog) Today we're announcing Wildebeest, an open-source, easy-to-deploy ActivityPub and Mastodon-compatible server built entirely on top of Cloudflare's Supercloud.
Cerberus Sentinel Achieves Gold Standard for Security and Data Confidentiality with SOC 2® Certification (GlobeNewswire News Room) Independent Audit Confirms Cerberus Security Controls and Data Privacy Practices...
CrowdSec | Marketplace (Cortex) Enrich the data you have on your threats with the most advanced real-world CTI.
Arctic Wolf Wins SE Labs Award for Network Detection and Response Capabilities (GlobeNewswire News Room) Independent testing firm validates Arctic Wolf Managed Detection and Response as a market-leading solution to stop advanced threats after in-depth...
Darktrace product to ‘pre-empt’ industrial cyber attacks (Gasworld) Darktrace has launched its PREVENT/OT™ product which is designed to pre-empt industrial cyber attacks.
Cisco adds services, hardware to better support industrial IoT (Reseller News) Cisco has added new visibility and security software to its cloud-based dashboard for managing configuration and applications for IoT devices in industrial settings.
Technologies, Techniques, and Standards
Zero trust’s creator John Kindervag shares his insights with VentureBeat — Part I (VentureBeat) Zero trust creator John Kindervag shares his vision and insights in an exclusive interview on cybersecurity and more
Electronic communication: With great advantages come great risk (VentureBeat) Organizations must get control of their electronic communication apps and policies to avoid regulatory and security problems.
Design and Innovation
ChatGPT's founder blasts Google as a 'lethargic search monopoly' as the tech giant's AI war with Microsoft heats up (Business Insider) OpenAI CEO Sam Altman said he sees tremendous potential for his company's AI technology to change the way people find information online.
ESET launches its 2023 Women in Cybersecurity Scholarship Program (Cybersecurity Connect) ESET Australia is joining forces with Home Affairs and Cyber Security Minister, Clare O’Neil, to launch this year’s ESET Women in Cybersecurity Scholarship Program.
Stanbridge University Collaborates With FBI Private Public Partnership to Host Inaugural Tactical ‘Stop the Bleed’ Course (Digital Journal) Stanbridge University recently collaborated with InfraGard Los Angeles, a public-private partnership effort between the Federal Bureau of Investigation (FBI) and the private sector, to host an inaugural Tactical Stop the Bleed course on its Alhambra campus. The course aims to promote community security in critical infrastructure sectors and with law enforcement and military agencies.
Legislation, Policy, and Regulation
MIC calls on agencies, public to help clean up cyberspace (VietNamNet News) Experts say that people of all backgrounds in society should work to help clean up cyberspace and repel growing online fraud.
'It just rang': In crises, US-China hotline goes unanswered (AP NEWS) Within hours of an Air Force F-22 downing a giant Chinese balloon that had crossed the United States, Defense Secretary Lloyd Austin reached out to his Chinese counterpart via a special crisis line, aiming for a quick general-to-general talk that could explain things and ease tensions.
U.S. Poised to Further Tighten Technology Exports to China After Balloon Incident (Wall Street Journal) China risks losing even more access to Western technology, as Washington and its allies consider punishing Beijing with stiffer restrictions on products it needs to advance its military and economic might.
Chinese Balloon Carried Antennas, Other Equipment to Gather Intelligence, U.S. Says (Wall Street Journal) The Biden administration is preparing to take action against China’s surveillance program, a senior State Department official said. FBI agents examined material recovered from the Chinese balloon.
Jimmy Wales: Online Safety Bill doesn't make sense (Computing) Government's blind pursuit of big tech endangers the free access web, say Wikimedia executives Jimmy Wales and Fransizka Putz
Coinbase CEO Armstrong Decries Rumors of Possible US SEC Ban on Crypto Staking (Bloomberg) Armstrong flags rumors that SEC wants to ‘get rid of’ staking. Coinbase earlier disclosed agency’s probe into staking product.
Section 230 Has to Go (The Information) On Monday, The Information published an opinion piece with the headline “Let Section 230 Stay.” Today, we present an opposing point of view. If you’re reading The Information, you already know that the internet is a toxic waste dump. How could it not be? Negative content attracts more eyeballs ...
Reed, Wicker Announce SASC Subcommittee Assignments for 118th Congress | United States Senate Committee on Armed Services (U.S. Senate Committee on Armed Services) Today, Senate Armed Services Committee Chairman Jack Reed (D-RI) and Ranking Member Roger Wicker...
Litigation, Investigation, and Law Enforcement
Angry senators grill Pentagon officials over Chinese spy balloon response (CNBC) Senators were visibly angry as they pressed Pentagon officials on when they learned of the Chinese spy balloon, and why they waited so long to shoot it down.
Morocco decries 'unjust' EU actions over Pegasus spyware (I24news) Pegasus, developed by Israel's NSO Group, can be used to access a phone’s messages, look through photos, eavesdrop on calls, track locations, and film users - Click the link for more details.
Free Speech vs. Disinformation Comes to a Head (New York Times) The outcome of a case in federal court could help decide whether the First Amendment is a barrier to virtually any government efforts to stifle disinformation.
UK Information Commissioner’s Office Publishes Details of Reprimands (cyber/data/privacy insights) On 6 December 2022, the UK Information Commissioner’s Office (ICO) announced that it would publish details of all future reprimands, including those issued from January 2022 onwards, ‘unless there is a good reason not to’. This is part of the ICO’s new strategic approach to regulatory action. The IC
Trump-Russia: ‘investigation of investigators’ leaves little but questions over bias (the Guardian) Durham inquiry into origins of FBI’s Trump-Russia scrutiny has sparked allegations of a weaponization of justice department
Sam Bankman-Fried Needs Tighter Bail Restrictions, Judge Says (New York Times) A federal judge said he was not satisfied with a plan that lawyers for the disgraced FTX founder struck with prosecutors to limit his use of encrypted messaging apps.
FTX gets court approval to subpoena founder Bankman-Fried, other insiders (Reuters) Failed crypto firm FTX received court approval on Wednesday to issue subpoenas to its founder Sam Bankman-Fried and members of his family as part of the company's investigation into "misappropriated and stolen" funds.
TransUnion Sued Over 2022 Data Breach Affecting 200 Million (Bloomberg Law) TransUnion LLC was hit with a class action alleging it failed to protect the personal information of 200 million people who were affected by a 2022 data breach.