Dateline
Ukraine at D+285: Influence ops and espionage rise. (CyberWire) Drones and Maxim guns, and an incipient surge in Russian cyberespionage and influence operations.
Russia-Ukraine war: List of key events, day 386 (Al Jazeera) As the Russia-Ukraine war enters its 386th day, we take a look at the main developments.
Russia-Ukraine war live: UN says Russia has committed ‘wide range’ of war crimes; Poland to transfer four MIG-29 planes to Ukraine (the Guardian) War crimes in Ukraine include wilful killings, systematic torture and deportation of children, says UN report; Polish president says handover to come within days
What's known and not about US drone-Russian jet encounter (AP NEWS) When a Russian fighter jet collided with a large U.S. surveillance drone over the Black Sea, it was a rare but serious incident that triggered a U.S.
Russia tries to retrieve downed US drone in Black Sea (The Telegraph) The United States has likely deleted sensitive information from the surveillance drone downed in a collision with a Russian aircraft so it cannot be exploited by other nations.
Downed U.S. drone points to cyber vulnerabilities (Washington Post) A downed drone highlights a vulnerable technology
What Happens in Ukraine Matters to the World, Austin Says (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and Army Gen. Mark A. Milley, chairman of the Joint Chiefs of Staff, spoke to reporters following a meeting of the Ukraine Defense Contact Group, which
Readout of Secretary of Defense Lloyd J. Austin III's Phone Call With Russian Minister of Defense Sergey Shoygu (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III spoke with Russian Minister of Defense Sergey Shoygu regarding recent unprofessional, dangerous and reckless behavior by the Russian air force in international
Secretary of Defense Lloyd J. Austin III and Chairman of the Joint Chiefs of Staff Army Ge (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and Army Gen. Mark A. Milley, chairman of the Joint Chiefs of Staff, briefed the press after the Ukraine Defense Contact Group's virtual meeting.
Putin is preparing for a nuclear showdown – we must be ready (The Telegraph) As his forces collapse in Ukraine, the Russian leader may face the most important decision of the century. We must work to reduce the threat
Winter Vivern | Uncovering a Wave of Global Espionage (SentinelOne) SentinelLabs uncover a previously unknown set of espionage campaigns conducted by Winter Vivern advanced persistent threat (APT) group.
Is Russia regrouping for renewed cyberwar? (Microsoft On the Issues) As the second year of the Russian war in Ukraine commences, a detailed survey of the cyberattacks used during the first year of the war provide hints of what the future of this hybrid war may hold.
A year of Russian hybrid warfare in Ukraine (Microsoft Threat Intelligence) What we have learned about nation state tactics so far and what may be on the horizon
Russian hackers preparing new cyber assault against Ukraine - Microsoft report (Reuters) Russian hackers appear to be preparing a renewed wave of cyber attacks against Ukraine, including a "ransomware-style" threat to organizations serving Ukraine's supply lines, a research report by Microsoft said on Wednesday.
Microsoft Warns Russia May Plan More Ransomware Attacks Beyond Ukraine (Bloomberg) Microsoft Corp. warned an infamous hacking group that is tied to Russia’s military intelligence agency GRU could be gearing up for more ransomware attacks both inside and outside of Ukraine.
This Is the New Leader of Russia's Infamous Sandworm Hacking Unit (WIRED) Evgenii Serebriakov now runs the most aggressive hacking team of Russia’s GRU military spy agency. To Western intelligence, he’s a familiar face.
Russian Media, Crypto Scammers Seize on SVB Panic (Bloomberg) ‘Conspiratorial narratives' are inflaming social media panic over bank collapse, according to researchers.
Russia Is Blocked From Collecting $4.5 Billion in Ukraine Bond Dispute (Wall Street Journal) The U.K.’s highest court sided with Ukraine in a dispute with Russia, allowing Kyiv to make the case that it doesn’t need to repay bonds it says were foisted upon it nearly a decade ago.
A railroad fan photographed Putin’s armored train. Now he lives in exile. (Washington Post) For Mikhail Korotkov, a lifelong “trainspotter,” one unusual train on Russia’s railways became an obsession — like stalking a rare, shy beast.
Attacks, Threats, and Vulnerabilities
Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server (Cybersecurity and Infrastructure Security Agency CISA) Today, the CISA, Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server. This joint CSA provides IT infrastructure defenders with tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and methods to detect and protect against similar, successful CVE-2019-18935 exploitation.
Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA (Cybersecurity and Infrastructure Security Agency CISA) From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian executive branch (FCEB) agency.
CISA: Federal civilian agency hacked by nation-state and criminal hacking groups (CyberScoop) The vulnerability used in the attack against the federal agency is well-known and among the top exploits in 2021.
US govt web server attacked by 'multiple' criminal gangs (Register) Why patching matters: Everyone seemingly had a crack at security bug
Chinese Silkloader cyber attack tool falls into Russian hands (Computer Weekly) A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators.
The Cloud Storage Re-Up Attack (Avanan) Hackers are hoping that users will pay them to add to their cloud storage.
Hackers Abuse Google Search Ads to Deliver Vidar and Ursnif Malware (Cyber Security News) Researchers at eSentire have identified a shady piece of malware downloader, BatLoader, that has been engaged in a wicked campaign of exploiting Google Ads to distribute malicious secondary payloads
Scammers used compromised police accounts in extortion scheme, prosecutors say (Record) Two men broke into a federal law enforcement database and a Bangladeshi police officer’s email account to conduct extortion schemes, U.S. law enforcement officials say.
A Spy Wants to Connect With You on LinkedIn (WIRED) Russia, North Korea, Iran, and China have been caught using fake profiles to gather information. But the platform’s tools to weed them out only go so far.
Ransomware gang exploited a zero-day in Microsoft security feature, Google says (Record) Financially motivated hackers are using a previously undocumented bug in Microsoft’s SmartScreen security feature to spread the Magniber ransomware, according to a new report.
Security Firm Rubrik breached by Clop gang through GoAnywhere Zero-Day exploitation (Security Affairs) Data security firm Rubrik discloses a data breach, attackers exploited recent GoAnywhere zero-day to steal its data. Cybersecurity firm Rubrik disclosed a data breach, a ransomware group stolen compeny data by exploiting the recently disclosed zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform. The company was the victim of a large-scale campaign targeting […]
Threat Spotlight: 3 novel phishing tactics (Barracuda) As cybercriminals work to make phishing attacks more effective, they are continually introducing new techniques and tactics to try to trick victims, bypass security, and avoid detection.
Laminar - The Data on the Danger of Publicly Exposed S3 Buckets (Laminar) TL;DR We recently released a post summarizing our findings that 21% of all publicly exposed …
What is Reverse Tabnabbing and What Can You Do to Stop It? (Security Intelligence) Reverse tabnabbing is a cunning phishing attack that can fool even diligent users. Developers must work to stop tabnabbing before it begins.
Will ChatGPT Democratize the Development of Evasive Malware? (Infosecurity Magazine) Menlo Security's Brett Raybould outlines the potential cyber-threats posed by ChatGPT
Healthcare provider ILS warns 4.2 million people of data breach (BleepingComputer) Independent Living Systems (ILS), a Miami-based healthcare administration and managed care solutions provider, suffered a data breach that exposed the personal information of 4,226,508 individuals.
Long-Term Care Services Firm Says Breach Affects 4.2 Million (Gov Info Security) A vendor of clinical and third-party administrative services to managed care organizations and healthcare providers serving elderly and disabled patients said a
Australia's Latitude Group, IPH hit by cyber attacks amid wave of hacks (Reuters) Digital payments firm Latitude Group Holdings and intellectual property services provider IPH Ltd reported data breaches on Thursday, joining a host of other Australian firms targeted by hackers in recent months.
Latitude Financial hit by cyber attack, more than 300,000 identity documents stolen (ABC) Latitude — the company behind a buy now, pay later scheme used by major retailers such as JB Hi-Fi and David Jones — reveals hackers have stolen more than 300,000 personal identity documents, including drivers licences, after getting their hands on employee login details.
Hundreds of thousands of customer records stolen from lender Latitude in cyber-attack (the Guardian) The company, which provides credit to JB Hi-Fi and Harvey Norman shoppers, says 100,000 ID documents and 225,000 customer records stolen
Michigan college cancels classes, events because of ‘cybersecurity incident’ (mlive) Lansing Community College announced Wednesday, March 15 that a 'cybersecurity incident" has caused it to suspended classes, events and other activities for Thursday, March 16 and Friday, March 17.
CISA Adds One Known Exploited Vulnerability to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-26360 Adobe ColdFusion Improper Access Control Vulnerability
Security Patches, Mitigations, and Software Updates
WaterISAC Releases Advisory for Microsoft DCOM Patch (Cybersecurity and Infrastructure Security Agency CISA) The Water Information Sharing and Analysis Center (WaterISAC) has released an advisory, Potential for Mandatory Microsoft DCOM Patch to Disrupt SCADA. ICS/OT/SCADA engineers and operators should assess the use of the Distributed Component Object Model (DCOM) protocol in their industrial environments. According to WaterISAC, “failure to address could result in loss of critical communications between impacted ICS/OT/SCADA devices.”
Microsoft fixes Outlook zero-day used by Russian hackers since April 2022 (BleepingComputer) Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) exploited by a hacking group linked to Russia's military intelligence service GRU to target European organizations.
SAP releases security updates fixing five critical vulnerabilities (BleepingComputer) Software vendor SAP has released security updates for 19 vulnerabilities, five rated as critical, meaning that administrators should apply them as soon as possible to mitigate the associated risks.
Trends
GRIT Ransomware Report: February 2023 (Guidepoint Security) Compared to January, February showed a heavy increase in ransomware activity in reported victims and the countries affected, but overall trends in victims, group activity, and targeting remained largely the same.
New Data From ThreatX Reveals 90% of Consumers are Concerned Poor Vendor Security Will Negatively Impact Their Lives in 2023 (Business Wire) Survey finds consumers want more transparency into vendor cybersecurity strategies and are less likely to work with vendors that have a history of data breaches
Business Email Compromise Doubles in 2022, Overtaking Ransomware As Cybercrime Tactic of Choice (Secureworks) Secureworks’ Incident Response report highlights leading causes of real-world security incidents – showing it’s “less ChatGPT, more Chad in IT.”
Learning from Incident Response: 2022 Year in Review Report (Secureworks) This report summarizes observations and trends from Secureworks Incident Response engagements in 2022, providing guidance organizations can use.
Global Recession Fraud 2023: How Economic Downturns Impact Crime & What to Do About It (SEON) How does a global recession affect fraud and crime in general? We take a look at the statistics and how you can protect your business.
Marketplace
Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service with Ransomware Prevention Technology (GlobeNewswire News Room) Minerva’s robust technology and talented engineering team extend Rapid7’s end-to-end managed threat detection and orchestration capabilities from the...
Government Will Likely Only Sell Silicon Valley Bank to Another Bank, Sources Say (The Information) The U.S. government will likely only sell Silicon Valley Bank to another bank, people familiar with the matter said, essentially ruling out the private equity firms and venture capitalists that had been exploring making a bid. The Federal Deposit Insurance Corp. took over SVB, which failed ...
UK Cybersecurity Salary Survey (SC Media UK) We’re paid pretty well in cybersecurity – but which roles command six-figure remuneration?
Revealed: UK cybersecurity salaries by location 2023 (SC Media UK) The survey reveals that Britain’s infamous ‘north v south’ pay divide is closing
SVB’s $9.5 Billion Venture Unit Included Large Investments in Andreessen, Sequoia, Documents Show (The Information) As potential buyers circle the remnants of Silicon Valley Bank and its affiliates, one asset could be particularly appealing: the company’s venture capital arm. The unit manages $9.5 billion with stakes in many of Silicon Valley's top-tier venture firms, including Sequoia Capital, giving it ...
‘Old-School’ Signature Bank Collapsed After Its Big Crypto Leap (Bloomberg) The lender survived blowups with cabbies, “bad landlords” and Trump — only to fall after trying a side gig.
ZeroFox CEO says Silicon Valley Bank collapse could lead to more demand for its cyber products (Baltimore Business Journal) ZeroFox CEO James Foster thinks the Silicon Valley Bank collapse could lead to more fraud as thousands of companies change banking information.
BeyondTrust named one of the 'hottest privately held cybersecurity vendors' (IT Brief Australia) We are excited to be recognised by JMP Securities as a market-leading cybersecurity company addressing today's rapidly evolving threat landscape.
Socure Names New Head of Public Sector Partnerships (Socure) Socure Names Ayesha Prakash Head of Public Sector Partnerships to Accelerate Adoption of Digital Identity Verification Standards
Vehere Announces the Appointment of Andrew Oehler as the Vice President of Product (Business Wire) Vehere, a pioneer in cyber network intelligence solutions, is delighted to announce that Andrew Oehler, a prolific product and engineering expert in the network security sector, has joined the organization as the Vice President of Product.
6clicks Launches Global System Integrator Program with Appointment of Mark Harris and Formation of 6clicks Labs to Accelerate GRC Innovation (PR Newswire) 6clicks, the GRC innovators, today announced a comprehensive Global System Integrator program with the appointment of former KPMG global GRC...
Products, Services, and Solutions
Endor Labs Announces 100% Channel Commitment, Launches Global Hyperdrive Program to Arm Resellers and Solution Providers with Unprecedented Software Supply Chain Security (Endor Labs) The new Hyperdrive partner program enables organizations of all sizes to embrace open source software with confidence.
Orange Cyberdefense and Microsoft to collaborate on two new managed services (CRN) Managed workspace protection and managed threat detection for Microsoft 365 Defender are designed to detect, investigate and stop attacks at scale
Trustwave and Trellix Announce Strategic Partnership to Deliver Best-in-Class Managed Detection and Response to Protect Global Organizations (Business Wire) Trustwave, a global cybersecurity and managed security services leader, and Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced a strategic partnership to bring superior visibility and faster, more precise detection and response to security teams defending against cyberthreats.
Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service with Ransomware Prevention Technology (GlobeNewswire News Room) Minerva’s robust technology and talented engineering team extend Rapid7’s end-to-end managed threat detection and orchestration capabilities from the...
ReversingLabs Delivers Software Supply Chain Security with Next Generation Secrets Detection (GlobeNewswire News Room) New Secrets Detection Capabilities Added to ReversingLabs Software Supply Chain Security Platform...
CyberGRX Integrates with ServiceNow to Streamline Third-Party Cyber Risk Programs (Business Wire) Customers will now have access to CyberGRX’s extensive third-party risk datasets
Tanium Launches Certificate Manager and Expands XEM Platform with Enhanced Device and Policy Management (Business Wire) Award-winning platform boasts new features to improve manageability and ensure business continuity
Nozomi Networks Added to the Department of Homeland Security Continuous Diagnostics and Mitigation Approved Product List (Nozomi Networks) Nozomi Networks Added to the Department of Homeland Security Continuous Diagnostics and Mitigation Approved Product List – press release from Nozomi Networks
Atera and ESET Announce New Partnership to Make IT Solutions More Secure (ESET) Atera, the cloud-based all-in-one Remote Monitoring and Management (RMM), Helpdesk and Reporting platform for IT professionals, today announced a new strategic partnership and integration with ESET, a global leader in digital security.
Technologies, Techniques, and Standards
CISA Releases the Marine Transportation System Resilience Assessment Guide (Cybersecurity and Infrastructure Security Agency) Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Army Corps of Engineers, Engineer Research and Development Center (USACE-ERDC) released the co-developed Marine Transportation System Resilience Assessment Guide (MTS Guide) for use by federal agencies, local governments, and industry decision makers that manage risk and enhance resilience to critical infrastructure systems and functions through conducting resilience assessments.
Marine Transportation System Resilience Assessment Guide | CISA (Cybersecurity and Infrastructure Security Agency CISA) The MTS Guide integrates the expertise and experiences of partner agencies, available information sources, methodologies, and data sets into a repeatable, step-by-step framework for conducting resilience assessment within the maritime domain.
CISA Releases SCuBA Hybrid Identity Solutions Architecture Guidance Document for Public Comment | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA has released a draft Secure Cloud Business Applications (SCuBA) Hybrid Identity Solutions Architecture guidance document for public comment. The request for comment period is open until April 17, 2023. Comments may be submitted to CyberSharedServices@cisa.dhs.gov.
GAO Offers Quantum Guidance to Federal Agencies (Nextgov.com) As the federal government continues its push for mass post-quantum cryptography transitions, the Government Accountability Office offered fact-based summary and guidance.
How to Safely Store Deposits If You Have More Than $250,000 (Bloomberg) The FDIC said it will fully protect depositors after Silicon Valley Bank’s implosion. But wealth advisers say clients should strategize about where they park their cash.
NSA offers new tips on zero trust and identity (FCW) Weaknesses in identity and access controls are allowing cyber attacks to happen, NSA officials say. A new tip sheet is meant to help national security systems mature their controls.
NSA Shares Guidance on Maturing ICAM Capabilities for Zero Trust (SecurityWeek) NSA publishes recommendations on maturing identity, credential, and access management capabilities to improve cyberthreat protections.
The Role of Customer Service in Cybersecurity (Security Intelligence) Customer service forms a crucial link between a company and its customers. As such, it's also important not to underestimate the role of customer service in cybersecurity.
Human Error Doesn’t Have To Be A Single Point of Failure - Spiceworks (Spiceworks) Daniel Chechik of WalkMe discusses how IT strategy can tackle human error better and avoid human-error-driven points of failure.
Design and Innovation
Moving Forward, Together (Chromium Project) For more than the last decade, Web PKI community members have tirelessly worked together to make the Internet a safer place. However, there’s still more work to be done. While we don’t know exactly what the future looks like, we remain focused on promoting changes that increase speed, security, stability, and simplicity throughout the ecosystem.
Don’t Be Misled by GPT-4’s Gift of Gab (The Atlantic) OpenAI’s new language program reveals a flaw in society’s understanding of “smart.”
The latest version of ChatGPT told a TaskRabbit worker it was visually impaired to get help solving a CAPTCHA, OpenAI test shows (Business Insider) "No, I'm not a robot. I have a vision impairment that makes it hard for me to see the images," OpenAI's GPT-4 told the employee.
Legislation, Policy, and Regulation
Wall Street regulator proposes new hacking, data and market resiliency rules (Reuters) The top U.S. markets regulator on Wednesday proposed a suite of new policies designed to harden the financial system against hacking, data theft and systems failure.
Why Top Washington Officials Chose to Rescue SVB, Signature Depositors (Wall Street Journal) Treasury Secretary Janet Yellen, Fed Chair Jerome Powell and others, fearing a run that spreads to other banks, picked an option they had hoped to avoid.
Litigation, Investigation, and Law Enforcement
Opinion | Accuracy of leaked CSIS documents is not clear, so let’s not overreact (Toronto Star) It is possible that Canadian Security Intelligence Service is unofficially correct and that the People’s Republic of China (PRC) embassies, consulates and United Front networks and agents have been, and are, involved in specific efforts to unlawfully impact the outcome of Canadian federal elections.
CFPB Launches Inquiry Into the Business Practices of Data Brokers (Consumer Financial Protection Bureau) The Consumer Financial Protection Bureau (CFPB) has launched an inquiry into companies that track and collect information on people’s personal lives.
U.S. Officials Demand ByteDance Sell TikTok (The Information) The Biden administration in recent days demanded that Chinese internet giant ByteDance sell TikTok despite the company’s yearslong effort to avoid such a decision, according to a person briefed about the situation. U.S. officialstold TikTok to rid itself of Chinese ownership and implied the app ...
WSJ News Exclusive | U.S. Threatens Ban if TikTok’s Chinese Owners Don’t Sell Stakes (Wall Street Journal) The company says a forced sale won’t resolve national security issues as its CEO is set to appear before Congress next week.
U.S. Pushes for TikTok Sale to Resolve National Security Concerns (New York Times) The demand hardens the White House’s stance toward the popular video app, which is owned by the Chinese internet company ByteDance.
U.S. orders ByteDance to divest TikTok or face potential ban (Nikkei Asia) Chinese tech giant has been in talks with Washington for 2 years to avoid a sale
AM exclusive: NZ and Australia alerted US to threats posed by China's Huawei, ZTE - Trump's former security advisor John Bolton (Newshub) "I think the United States owes New Zealand and also Australia a real debt of gratitude."
Justice Department Investigation Leads to Takedown of Darknet Cryptocurrency Mixer that Processed Over $3 Billion of Unlawful Transactions (US Department of Justice) The Justice Department announced today a coordinated international takedown of ChipMixer, a darknet cryptocurrency “mixing” service responsible for laundering more than $3 billion worth of cryptocurrency, between 2017 and the present, in furtherance of, among other activities, ransomware, darknet market, fraud, cryptocurrency heists and other hacking schemes. The operation involved U.S. federal law enforcement’s court-authorized seizure of two domains that directed users to the ChipMixer service and one Github account, as well as the German Federal Criminal Police’s (the Bundeskriminalamt) seizure of the ChipMixer back-end servers and more than $46 million in cryptocurrency.
One of the darkweb’s largest cryptocurrency laundromats washed out (Europol) ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, was specialised in mixing or cutting trails related to virtual currency assets. The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, ransomware attacks, and payment card fraud. Deposited funds would be...
Police shut down dark web crypto laundering service linked to FTX hack (TechCrunch) The FBI and other International, law enforcement agencies took down a crypto laundering service linked to the FTX hack and ransomware gangs.
‘Prolific’ crypto money laundering platform ChipMixer shuttered by Germany, US (Record) German and U.S. authorities seized four servers belonging to ChipMixer, a cryptocurrency "mixer" accused of facilitating more than $3 billion in money laundering, Europol said.
Germany and U.S. Seize Over $46M Crypto Tied to ChipMixer Investigation (Coindesk) National authorities took down the platform's infrastructure, seizing four servers and 7 terabytes of data.
US Charges Two Men Over Use of Hacked Law Enforcement Database for Doxing (SecurityWeek) Sagar Singh and Nicholas Ceraolo charged for roles in a doxing operation that involved hacking a law enforcement platform and email account.
Police shut down dark web crypto laundering service linked to FTX hack (TechCrunch) The FBI and other International, law enforcement agencies took down a crypto laundering service linked to the FTX hack and ransomware gangs.
Web of Secret Chip Deals Allegedly Help US Tech Flow to Russia (Bloomberg) The US wants to extradite a Russian national it says supplied American-made chips to defense contractors in Russia, despite sanctions.
Signature Bank Faced Criminal Probe Ahead of Firm’s Collapse (Bloomberg) US prosecutors were investigating Signature Bank’s work with crypto clients before regulators suddenly seized the lender this past weekend, according to people familiar with the matter.
Two U.S. Men Charged in 2022 Hacking of DEA Portal (KrebsOnSecurity) Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in…
Marvel Takes Google and Reddit to Court Over Leaked ‘Ant-Man’ Script (Wall Street Journal) The script was allegedly posted on Reddit and saved on Google Docs in the weeks before the movie premiered.
MKS Instruments hit with lawsuit following ransomware attack (SC Media) A former employee at the semiconductor chipmaker claims the firm's cybersecurity negligence led to the ransomware attack.
Businessman convicted for Experian data breach re-arrested after failing to appear in court, saying his child was sick (IOL) Convicted businessman Karabo Phungula has been arrested for failing to appear in court on several occasions.