Dateline Moscow and Kyiv: Russia's war at one year.
Ukraine in the second year of Russia's war: Diplomacy, attrition, cyber ops. (CyberWire) Russia continues to inflict casualties as it moves toward attrition tactics, but little ground is being gained.
Russia-Ukraine war: List of key events, day 366 (Al Jazeera) As the Russia-Ukraine war enters its 366th day, we take a look at the main developments.
Russia-Ukraine war live: Zelenskiy set to join G7 talks as first Polish tanks arrive in Ukraine (the Guardian) Ukraine’s president will join virtual talks with President Biden and other G7 leaders on the anniversary of Russia’s invasion
War Makes the State (Foreign Affairs) What the war in Ukraine has revealed about effective governance.
The Bomb in the Background (Foreign Affairs) What the war in Ukraine has revealed about nuclear weapons.
At One Year and Counting, the War in Ukraine Is Set to Last (World Politics Review) With Russia, Ukraine and NATO all not backing down, Putin’s war will likely continue for years to come.
Ukraine leader pledges push for victory on war anniversary (AP NEWS) Ukraine’s leader pledged to push for victory in 2023 as he and other Ukrainians on Friday marked the somber anniversary of the Russian invasion that upended their lives and Europe's security.
Grief and defiance in Kyiv on first anniversary of war in Ukraine (the Guardian) Houses have been destroyed, lives uprooted and loved ones lost but despite this terrible toll, Ukrainians remain upbeat
UN approves resolution calling for Russia to leave Ukraine (AP NEWS) The U.N. General Assembly approved a nonbinding resolution Thursday that calls for Russia to end hostilities in Ukraine and withdraw its forces, sending a strong message on the eve of the first anniversary of the invasion that Moscow's aggression must stop.
China calls for Russia-Ukraine cease-fire, peace talks (AP NEWS) China called for a cease-fire and peace talks between Ukraine and Russia, in a vaguely worded proposal released Friday that analysts said was unlikely to deliver results. Beijing claims to have a neutral stance in the war that began one year ago , but has also said it has a “no limits friendship" with Russia and has refused to criticize its invasion of Ukraine, or even refer to it as an invasion.
China Cease-Fire Proposal for Ukraine Falls Flat With US, Allies (Bloomberg) 12-point blueprint would offer some reprieve for Russia. Position paper unlikely to win support from Kyiv, allies.
What to expect in the second year of the Russia-Ukraine war (The Hill) The first year of the Russia-Ukraine war has been defined by the resilience of Kyiv’s forces and Moscow’s diminished military power. The course of the second year will depend largely on forces outs…
The Bloody Battle For Bakhmut Offers A Possible Preview Of How Year Two Of The Ukraine War Will Go (Forbes) The eastern Ukrainian town isn’t strategic, but it hardly matters. As the second year begins of what was predicted to be a days-long conflict, Vladimir Putin keeps throwing Russians into combat there and the Ukrainians keep killing them.
Moscow’s Military Capabilities Are in Question After Failed Battle for Ukrainian City (New York Times) A disastrous Russian assault on Vuhledar, viewed as an opening move in an expected spring offensive, has renewed doubts about Moscow’s ability to sustain a large-scale ground assault.
Russia-Ukraine war latest: King Charles says 'heartening' that Britain is supporting Ukraine (The Telegraph) The King has said it is “heartening” the UK is doing all it can to support Ukraine after Britain offered to send fighter jets to European allies.
Statement by Secretary of Defense Lloyd J. Austin III Marking One Year Since Russia's Inva (U.S. Department of Defense) One year ago, Russia launched an unprovoked and indefensible invasion of its peaceful and democratic neighbor Ukraine.
Putin’s folly: Russia's brutal invasion one year on | Ukraine: The Latest special video podcast (The Telegraph) The Telegraph’s team of experts and correspondents on the ground take your questions and offer detailed analysis of the last 12 months
Ukrainian soldiers training on German tanks say they’ve ‘swapped Ladas for Mercedes’ (The Telegraph) Barely versed in tank battle, they are ‘hungry for knowledge’ and have five weeks to master the Leopard 2 before heading back to the front
Biden Administration Announces Additional Security Assistance for Ukraine (U.S. Department of Defense) The Defense Department announced a new security assistance package to reaffirm the steadfast support of the United States for Ukraine's brave defenders and strengthen Ukraine's air defenses.
US vows to send more drones, aid to Ukraine on war’s anniversary (Defense News) The Pentagon announced it would send more drones to Ukraine to aid its fight against Russia on the first anniversary of Russia’s invasion of the invasion.
Tanks might not reach Ukraine this year, US Army secretary says (Defense News) The US Army is weighing options to get tanks to Ukraine, but delivery won't happen right away.
Invasion anniversary: Does Putin still have a pathway to victory in Ukraine? (Atlantic Council) Vladimir Putin's decision to invade Ukraine is widely seen as one of the biggest geopolitical blunders of the modern era, but as the war enters its second year, could the Russian dictator still have a pathway to potential victory?
One Year On, Why Putin Has Already Lost the War (Defense One) “I do not see how Putin could maintain support of the elite for two or three years.”
Opinion | Russian Troops Know How Little They Mean to Putin (New York Times) Despite staggering losses, the Kremlin is still intent on fighting.
Whatever it takes, Putin must lose (The Telegraph) The Russian leader has badly underestimated the determination of Ukraine and its Western allies
Only by supporting Ukraine can we hope to build a lasting peace (The Telegraph) Justice is the call of Old Testament and New. In times of war we must strain every sinew to bring peace with justice
One thing is clear: Vladimir Putin cannot be allowed to win (The Telegraph) The West has shown great determination in the face of Russian aggression. Our resolve must not weaken
Ukraine can bring down Putin’s crumbling regime (The Telegraph) With Western support, Kyiv has an opportunity to destroy the morale of the Russian army for good
The survival of international law is at stake in Ukraine (The Telegraph) The war shows what happens when checks on power are destroyed. We must stand firm against a future where the law of the jungle rules
The War in Ukraine Is the End of a World (The Atlantic) A shroud is settling over the dreams many of us had at the end of the 20th century.
Opinion | How Will the War in Ukraine End? Maybe Like 1953 Korea. (New York Times) A frozen conflict can be preferable to the alternatives.
What Pentagon leaders say they have learned from a year of battle in Ukraine (Breaking Defense) While not disclosing everything, senior military leaders from virtually every service and specialty have spoken about how they're incorporating lessons from the Ukraine war, from the danger of cell phones to the importance of a quick-moving industrial base.
How the U.S. Adopted a New Intelligence Playbook to Expose Russia’s War Plans (New York Times) Bolder disclosures are part of a larger effort to stymie the Kremlin’s offensive in Ukraine and align support for Kyiv’s war effort in allied countries.
CISA Urges Increased Vigilance One Year After Russia's Invasion of Ukraine (Cybersecurity and Infrastructure Security Agency | CISA) CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia's 2022 invasion of Ukraine. CISA urges organizations and individuals to increase their cyber vigilance in response to this potential threat.
Authorities blame hackers after air raid sirens sound over radio in multiple Russian cities (Meduza) The sound of air raid sirens played over radio stations in at least nine Russian cities on Wednesday, according to the Telegram channels Baza and Ostorozhno, Novosti.
Russia blames 'hackers' for fake missile strike alerts (Register) Ten cities panic after emergency systems start Putin out warnings of an impending attack
Radio stations Sputnik and Vera hacked in Crimea (BLiTZ Newspaper) In Crimea, the Sputnik and Vera radio stations were hacked, and a statement by the head of Ukrainian intelligence, Kirill Budanov, appeared on the air. On
Ukraine says Russian hackers backdoored govt websites in 2021 (BleepingComputer) The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian state hackers have breached multiple government websites this week using backdoors planted as far back as December 2021.
Russia's information war against Ukraine went stealth after Meta crackdown (CyberScoop) Russia's covert operations are prioritizing quantity over quality but researchers say the approach isn't working.
The First Crypto War? Assessing the Illicit Blockchain Ecosystem One Year Into Russia's Invasion of Ukraine (TRM Insights) When Russia invaded Ukraine on February 24, 2022, many analysts and commentators anticipated that it would become the world’s first crypto war.
Ransomware Gang Conti Has Re-Surfaced and Now Operates as Three Groups: TRM Labs (CoinDesk) The sanctioned hacking group with Russian origins is now operating as Black Basta, BlackByte and Karakurt, blockchain intel firm says in a new report.
Ukraine suffered more data-wiping malware than anywhere, ever (Ars Technica) Russia has greatly accelerated cyberattacks on its neighbor in the wake of its invasion.
Russia-Ukraine War: 3 Cyber Threat Effects, 1 Year In (ReliaQuest) A year ago, what was planned to be as a swift, focused, military invasion of Ukraine did not go according to Russian expectations. The war continues, and so do its effects on cybersecurity. Let’s focus attention on three key areas that have seen significant changes: state-sponsored activity, cybercrime, and hacktivism. Understanding their evolution will help […]
Russian cybercrime alliances upended by Ukraine invasion (Register) Study: Old pacts ditched the moment Moscow moved in
How the Russia-Ukraine war has changed cyberspace (The Hill) The Russia-Ukraine war has shattered the digital wall that often separated the government’s cyber experts from the private sector, forcing a new level of transparency on potential threats and engag…
Russia’s War Against Ukraine Disrupts the Cybercriminal Ecosystem (Recorded Future) New Insikt Research examines how Russia’s war against Ukraine has disrupted the cybercriminal ecosystem and ignited a resurgence of “crowdsourced hacktivism.”
How Ukrainian intel has grown in a year of war (Scripps News) Former CIA Director and Defense Secretary Leon Panetta tells Scripps News Ukrainians have sources within the Russian army and across Ukraine.
Superhumans Center: Symbol of Ukrainian defiance amid Russia’s war (Atlantic Council) Opening in the coming months, the Superhumans Center war trauma hospital in western Ukraine is a symbol of Ukrainian defiance as Russia's brutal invasion enters its second year, writes co-founder Andrey Stavnitser.
A Tool of Attrition (Foreign Affairs) What the war in Ukraine has revealed about economic sanctions.
A Year After Russia’s Invasion of Ukraine, Tough Sanctions Linger (Wall Street Journal) The invasion prompted a volley of tough sanctions from the U.S. and its allies, a historic use of economic measures that will likely have lasting implications for businesses.
How Biden’s Shock-and-Awe Tactic Is Failing to Stop Russia (Bloomberg) The economic punishment of Russia was touted as a game-changer. Instead it’s turned into a war of attrition — and a race against time.
The West Tried to Isolate Russia. It Didn’t Work. (New York Times) The West never won over as much of the world as it initially seemed. Here’s how Russia is taking advantage of a fragmented world.
Watch: Giant Ukrainian flag painted by protesters outside Russian Embassy in London (The Telegraph) The campaign group Led By Donkeys claimed responsibility for the huge blue and yellow flag which was then spread by traffic
Attacks, Threats, and Vulnerabilities
Lorenz Abuses Magnet RAM Capture (Arctic Wolf) Learn about a Lorenz ransomware case that Arctic Wolf Labs investigated, where the group leveraged new TTPs, including the abuse of the Magnet RAM Capture tool.
Popular IBM file transfer tool vulnerable to cyberattacks, CISA says (The Record from Recorded Future News) A vulnerability in the IBM Aspera Faspex file transfer tool is actively being exploited by malicious hackers, CISA says.
Russia-linked hackers release stolen Royal Mail data on dark web (The Telegraph) LockBit demands postal service pay £33m ransom
URLs 4X More Likely than Phishing Attachments to Reach Users (Cofense) The first steps in traditional phishing emails have remained the same for decades; the email will contain either a malicious URL or an attachment. In recent
Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting (The Record from Recorded Future News) What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says.
HardBit Ransomware Offers to Set Ransom Based on Victim's Cyberinsurance (SecurityWeek) HardBit ransomware operators want to work with victims to negotiate a ransom behind the back of cyberinsurance companies.
This ransomware group wants you to double-cross your insurer (SC Media) The HardBit ransomware group sets itself apart by making an appeal to victims to get their insurance company on the hook for the maximum amount covered by their policies.
Time to Deploy Ransomware Drops 94% (Infosecurity Magazine) Extortion was most common impact from cyber-attacks in 2022
Cybercriminals Disguise Malware As ChatGPT, Steal Sensitive Social Media Credentials: Kaspersky Report (News18) A team of researchers have identified a new and ongoing malware campaign that capitalises on the increasing popularity of the ChatGPT AI chatbot, a new report said on Thursday. According to cybersecurity firm Kaspersky, cybercriminals are distributing the malware via Facebook communities, offering a fake desktop version of ChatGPT.
Valve “honeypot” used to ban 40,000 Dota 2 players using cheat (BleepingComputer) Game developer Valve has announced that it permanently banned more than 40,000 accounts for using cheating software to gain an unfair advantage over other players in the Dota 2 game.
Burton Snowboards facing major cyberattack (WPTZ) The well-known winter gear Vermont company has been dealing with a major cyberattack
Fruit giant Dole suffers ransomware attack impacting operations (BleepingComputer) Dole Food Company, one of the world's largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations.
Food giant Dole hit by ransomware (Computing) Attack earlier this month forced the temporary closure of production plants in North America
Dole plants crippled by ransomware attack, stores run short (Register) Yes, we have no bananas, and things aren't looking peachy on the salad front
Food producer Dole confirms ransomware attack (The Record from Recorded Future News) Dole confirmed the incident following a report that an attack had forced some of the company’s production plants to close.
Dole North America Production Halts After Cyberattack (Entrepreneur) A cyberattack seriously disrupted Dole's operations, causing a temporary shutdown of production plants.
How I Broke Into a Bank Account With an AI-Generated Voice (Vice) Banks in the U.S. and Europe tout voice ID as a secure way to log into your account. I proved it's possible to trick such systems with free or cheap AI-generated voices.
Lewis Silkin - AI 101: What are the key data privacy risks and rewards for this new tech? (Lewis Silkin) This is the fifth article in our “AI 101” series, where the team at Lewis Silkin will unravel the legal issues involved in the development and use of AI text and image generation tools.
Security Patches, Mitigations, and Software Updates
VMware Releases Security Updates for Carbon Black App Control (CISA) VMware has released security updates to address a vulnerability in Carbon Black App Control. A remote attacker could exploit this vulnerability to take control of an affected system. For updates addressing lower severity vulnerabilities, see the VMware Security Advisories page.
CISA Releases Three Industrial Control Systems Advisories (CISA) CISA released three (3) Industrial Control Systems (ICS) advisories on February 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Companies urged to patch critical vulnerability in Fortinet FortiNAC (CSO Online) The high-severity vulnerability allows unauthorized users to write arbitrary files to the system, and it is being exploited.
Microsoft urges Exchange admins to remove some antivirus exclusions (BleepingComputer) Microsoft says some antivirus exclusions previously recommended for Exchange servers should be removed to boost their security.
Trends
Q4 Quarterly Threat Bulletin (Feb 2023) (Uptycs) This bulletin is a tool to evaluate and form a more robust detection and protection posture against the latest threats in Windows, Linux and macOS platforms.
Phishing still the leading way attackers breach security controls: IBM (Financial Post) IBM’s annual X-Force Threat Intelligence Index, an analysis of data gathered from network sensors and incident investigations, is filled with a dizzying array…
Marketplace
Policyholders Beware – Lloyd’s is Adding New Exclusions to Limit Insurance Coverage for State-Sponsored Cyber Attacks Next Month – Are You Prepared? (JD Supra) Cyberattacks on corporate networks are on the rise, and the ramifications from such an attack can be financially devastating. Recent benchmarking data...
CyberSmart raises $15M for an all-in-one cybersecurity and insurance solution targeting SMBs (TechCrunch) CyberSmart speaks to a bigger shift we've been seeing in the market: Small and medium businesses used to be overlooked when it came to cybersecurity.
Cybersecurity Firm Cyren To Pursue Liquidation (CRN) Cybersecurity company Cyren, which provides email security, said it will pursue liquidation of its assets.
Cyren Ceases Operations After Financing, Sale Efforts Fail (Bank Info Security) Cyren plans to cease operations and pursue liquidation after the email security and threat detection vendor failed to sell assets or raise more capital. The company
Cyren Announces Nasdaq Delisting Determination (Yahoo) Cyren (NASDAQ:CYRN), a provider of email inbox security and threat detection solutions, today announced that, in response to its planned liquidation, the Company received written notice from Nasdaq, advising it that based upon Nasdaq's review and pursuant to Listing Rule 5101, 5110(b) and IM-5101-1, Nasdaq has determined to delist the Company's securities from The Nasdaq Stock Market.
VMware and Broadcom merger update: Deadline extended by another three months (CRN) The close of the mammoth merger has been pushed back again to late May
Keysight Expands EDA Software Portfolio with the Acquisition of Cliosoft (Business Wire) Acquisition to digitally transform design-test workflows and meet productivity requirements of next-generation electronic product development lifecycles
Latest Trend Micro Acquisition to Give MSSPs Better SOC Capabilities (Channel Futures) Trend Micro is acquiring Anlyz, a provider of SOC technology. The acquisition will enable enterprises and MSSPs to improve operational efficiencies.
No Surprise AT&T Looking to Sell Cyber After 'Odd' AlienVault Acquisition (Channel Futures) It's no surprise if AT&T wants to sell its cybersecurity unit as the carrier has struggled to match industry expectations after its AlienVault acquisition.
Cybersecurity layoffs in 2023: What to expect? (Help Net Security) The economic downturn predicted for 2023 will lead to layoffs but cybersecurity workers will be least affected, says (ISC)².
Salt Security Announces Worldwide Channel Growth, Expanded Regional Coverage, and Essential Partner Certification Program (PR Newswire) Salt Security, the leading API security company, today announced strong worldwide channel growth, expanded coverage globally, and the Essential...
High Wire Networks Named to CRN MSP 500 and Elite 150 Listings of the Nation’s Top IT Managed Service Providers (GlobeNewswire News Room) High Wire Networks, Inc. (OTCQB: HWNI), a leading global provider of managed cybersecurity and IT...
Intel's Pat Gelsinger tries to calm employee jitters amid salary cuts and EMEA VP exit (CRN) The chipmaker's CEO tells employees in a new memo outlining the chipmaker’s plan to restore staff salaries and other compensation programs
Google bug bounty program paid a record $12 million last year (The Record from Recorded Future News) Cybersecurity researchers from 68 countries reported more than 2,900 vulnerabilities to Google's bug bounty program in 2023.
Swedish cybersecurity firm Truesec opens American HQ in Jacksonville (First Coast Inno) After about two years of remote operations, Swedish-based cybersecurity company Truesec has opened the headquarters of its American subsidiary on the Southbank near downtown.
Boston tech CEO bets on the Tampa Bay region with new office, USF donation (Tampa Bay Business Journal) The same week the publicly traded Boston company gave $1.5 million to USF, it opened a 42,000-square-foot space in Sparkman Wharf.
Appdome Adds New Customer and Product Executives to Accelerate Market Leadership and Growth (PR Newswire) Appdome, the mobile app economy's one and only Cyber Defense Automation platform, today affirmed its commitment to protect the global mobile...
Former Barracuda CFO joins Veeam's executive board (CRN) Following 16 years of service Dustin Driggs has joined Veeam as their new CFO
Products, Services, and Solutions
Contrast Security Expands Serverless Support with Microsoft Azure to Uncover Security Vulnerabilities within Multi-Cloud Deployment (Contrast Security) Leading code security provider helps enterprises adopt cloud-native application development, reduce security gaps and protect against potential lost revenue, damaged brand and costly fees.
Claroty Expands Integration with CrowdStrike to Increase Visibility and Reduce Risk in Industrial Environments (PR Newswire) Claroty, the cyber-physical systems protection company, today announced an expanded integration with CrowdStrike, a leader in cloud-delivered...
AUVSI Launches Green UAS Cybersecurity Certification Program For Commercial Drones (AUVSI) Today, AUVSI announced the launch of Green UAS, a new program to expand the number of commercial Uncrewed Aircraft Systems (UAS) that have been verified to meet the highest levels of cybersecurity and National Defense Authorization Act (NDAA) supply chain requirements. Green UAS mirrors the Defense Innovation Unit (DIU)’s Blue UAS certification program but is designed for customers who do not immediately require Department of Defense (DoD) authority to operate. Green UAS also offers a more streamlined pathway to the Blue UAS 2.0 cleared list.
BlackBerry Introduces New Updates to SecuSUITE for Government and BlackBerry AtHoc Crisis Communication (BlackBerry) BlackBerry Limited today announced new enhancements and feature updates to SecuSUITE® for Government and BlackBery® AtHoc® crisis communication system that enable government agencies to securely communicate and safeguard sensitive data, whether it’s engaging in highly confidential mobile conversations or delivering real-time critical information during times of crisis.
NTT DATA partners with Swimlane to deliver low-code security automation in the UK (CRN) NTT Data says it aims to tackle low extended detection and response (XDR) adoption
Checkmarx Provides Codebashing Training and Cybersecurity Curriculum Advisor to the Vilnius Coding School to Train the Next Generation of Developers on Advanced Application Security (PR Newswire) Checkmarx, the global leader in developer-centric application security solutions, today announced that it is partnering with the Vilnius Coding...
Edgio Strengthens Edge Security with DDoS Scrubbing and Enhanced Web Application and API Protection (WAAP) Capabilities (Business Wire) Product Enhancements Offer Increased Data Protection and Mitigate Increasingly More Sophisticated Threats
Parsons Unlocking Full-Spectrum Military Cyberspace Operations (GlobeNewswire News Room) As a leading offensive and defensive cyber company for military operations, Parsons Corporation...
Cybersecurity Fundamentals Training as E-Learning (LogRhythm) LogRhythm University provides cybersecurity fundamentals and extensive product training for security teams, now with self-paced e-learning offerings!
Microsoft expands attack disruption to BEC, ransomware (Register) There’s no HumOR in cyberattacks
Juniper Networks Expands Collaboration with IBM to Bring Intelligent Automation to Radio Network Solutions (Business Wire) Collaboration will explore new solutions to democratize radio networks and enable exceptional mobile user experiences
Technologies, Techniques, and Standards
Cybersecurity project from DoD hits targets, moves to next phase (Military Embedded Systems) The U.S. Department of Defense (DoD) Defense Information Systems Agency (DISA) reported that its "Thunderdome" cybersecurity and network architecture project hit its initial criteria for success and will be moving on to add elements and roll out to more locations.
Regulatory gaps drive systemic under-reporting and poor situational awareness (Control Global) Malicious IT and OT network cyberattacks continue to occur, particularly ransomware
Fantastic RPC Interfaces and How to Find Them (Akamai) Over the past few months, our team has put a lot of effort into MS-RPC research because of its complexity and largely underresearched nature. You may have seen the myriad posts about vulnerabilities we’ve discovered as a result of this work, such as srvsvc and Wininit.exe, for example. With the sheer amount of data and tools we have amassed throughout this research, it only made sense to have it in one place: our RPC Toolkit.
Schooled: Armorblox Protects Students from Account Compromise Attack (Armorblox) This blog examines an account takeover attack that targeted students at a large university. The malicious email attack was sent from a compromised user account in an attempt to steal victims' sensitive personal information. The email attack bypassed naive Microsoft 365 Email Security and had the potential to land in the inboxes of over 160,000 end users.
Why You Should Listen to Twitter on Two-Factor Authentication (New York Times) Elon Musk was right: Text messages are not the most secure way to protect your account.
US Navy mulls adding info warfare specialists on more submarines (C4ISRNet) The service years ago made information warfare commanders fixtures of carrier strike groups.
Design and Innovation
These experts are racing to protect AI from hackers. Time is running out (ZDNET) AI is becoming a key part of our lives. Hacking it could cause chaos, so the race is on to build defenses.
Research and Development
DHS S&T Looking for Partners to Develop Innovative Solutions to Confront Accelerating Homeland Security Threats (HS Today) “There are lots of problems but the solutions are there, too – we just have to surface them," Chief Scientist Sam Howerton said at GTSC's S&T Day.
NSA Engages with Partners, Public During Top Scientific Conference in Hawaii (National Security Agency/Central Security Service) This year, NSA attended and sponsored the Hawaii International Conference on System Sciences (HICSS) at the Hyatt Regency Maui. Held over three days in January, it serves as the longest-standing
Legislation, Policy, and Regulation
Elections: FG unveils committee on cyberattack prevention (Punch Newspapers) The President, Major General Muhammadu Buhari (retd.), has unveiled a committee to coordinate the activities of computer security centres in the Information and Communication Technology industry to intercept potential cyberattacks during the 2023 general election.
Commission strengthens cybersecurity and suspends the use of TikTok on its corporate devices (European Commission - European Commission) To increase its cybersecurity, the Commission's Corporate Management Board has decided to suspend the use of the TikTok application on its corporate devices and on personal devices enrolled in the Commission mobile device service.
The Push to Ban TikTok in the US Isn’t About Privacy (WIRED) Lawmakers are increasingly hellbent on punishing the popular social network while efforts to pass a broader privacy law have dwindled.
When States Buy Chinese, America Is Put at Risk (Newsweek) China is everywhere—operations targeting American politicians and theft of commercial information from American companies are just two deeply established (and frankly, successful) lines of effort. While American leaders are thankfully working to close these security gaps, they are still paying
White House cybersecurity strategy to force large companies to make systems secure by design (FedScoop) The highly anticipated strategy document aims to deliver security improvements to the broader digital ecosystem.
Large Telecoms Pitch Strike Force for Internet Traffic Security Over Global Gateway (Broadband Breakfast) Verizon, AT&T and Lumen warned about prescriptive rules that could diminish security.
The new era of counterintelligence must shift focus to the gray zone (The Hill) There’s a quiet, low-level competition for influence playing out in gray zones from Africa to Asia.
Litigation, Investigation, and Law Enforcement
Russian Malware Developer Arrested And Extradited To The United States (United States Attorney's Office for the Middle District of Florida) United States Attorney Roger B. Handberg announces the arrest and extradition of Dariy Pankov a/k/a “dpxaker.” Pankov is charged with conspiracy, access device fraud, and computer fraud. If convicted on all counts, he faces a maximum penalty of 47 years in federal prison. The indictment also notifies Pankov that the United States intends to forfeit $358,437, which is alleged to be traceable to proceeds of the offenses.
Russian malware dev behind NLBrute hacking tool extradited to US (BleepingComputer) A Russian malware developer accused of creating and selling the NLBrute password-cracking tool was extradited to the United States after being arrested in the Republic of Georgia last year on October 4.
Russian accused of developing password-cracking tool extradited to US (The Record from Recorded Future News) A 28-year-old Russian malware developer was extradited to the U.S. for allegedly creating and selling a malicious password-cracking tool.
Sam Bankman-Fried Hit With Additional Bank Fraud Charges in New Indictment (CoinDesk) The document calls on the former FTX CEO to forfeit hundreds of millions of dollars' worth of assets, which in many cases have already been seized by the U.S. government.
Woman sues city of Crystal, police lieutenant for allegedly accessing her private information (Star Tribune) Derrick Hacker was charged criminally last year with illegally accessing state driver's license databases.
Pentagon investigating how internal emails leaked for 2 weeks without its knowledge (CNN Politics) The Pentagon is investigating how a trove of internal US Special Operations Command emails was apparently exposed publicly online and leaked unclassified data for nearly two weeks without the military's knowledge, a Pentagon spokesperson told CNN.