Dateline
Ukraine at D+396: Russia rattles the nuclear saber, again. (CyberWire) Russia announces plans to move nuclear weapons to Belarus as Ukraine prepares its spring offensive.
Russia-Ukraine war live: Ukrainian commander says ‘military necessity’ to hold Bakhmut; Nato criticises Putin’s ‘dangerous’ nuclear rhetoric (the Guardian) Col Gen Syrskyi visited Bakhmut and said ‘most intense phase’ of battle continues; plans for tactical nuclear weapons in Belarus ‘irresponsible’, said Nato
Russia-Ukraine war: List of key events, day 397 (Al Jazeera) As the Russia-Ukraine war enters its 397th day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 396 of the invasion (the Guardian) Ukraine accuses Kremlin of holding Minsk as ‘nuclear hostage’ after Russia strikes deal to station tactical nuclear weapons in Belarus
Ukrainian top brass stirs the pot with talk of Bakhmut counterattack (the Guardian) As Russian observers hunt for clues of a spring offensive, Ukraine’s land forces chief suggests an unlikely strategy
Ukraine Offensive Takes Shape, With Big Unknowns (Wall Street Journal) The outlines of Ukraine’s planned counteroffensive against the Russian invasion are beginning to emerge, after months of weapons deliveries from the West.
Russian strikes in Ukraine kill 10 civilians, wound 20 more (AP NEWS) Long-range Russian bombardment killed at least 10 civilians and wounded 20 others in several parts of Ukraine on Friday, officials in Kyiv said, as a Kremlin official boasted that its forces were prepared to repel an expected Ukrainian counteroffensive this spring .
Ukraine-Russia war: Russia targets humanitarian point in deadly missile strike (The Telegraph) A Russian strike on an "invincibility point" that gives humanitarian support killed three people in an eastern Ukraine town, the emergencies service said on Friday.
Kyiv doctor killed in Russian airstrike shows war’s fallout far from fron (Washington Post) Oksana Leontieva was late for work. The 36-year-old doctor was due at Ukraine’s top children’s hospital, where she treated patients with cancer and other serious diseases. But first she had to get her son to kindergarten.
Why drones targeted a Russian A-50U, vital for hypersonic Kinzhal strikes (Breaking Defense) A defense attaché to Kyiv told Breaking Defense that anytime the A-50 was aloft it was accompanied by two or more MiG-31Ks and that there was no telling when or if these aircraft might launch on demand.
Russian State TV Host Says Country Would Not Exist Without Nuclear Bombs (Newsweek) Russian propagandist Sergey Mardan said that his country would not exist without nuclear bombs.
Putin’s shattered army will never recover (The Telegraph) Russia’s absurd decision to send ancient tanks to the front line reeks of desperation and delusion
New Russian campaign tries to entice men to fight in Ukraine (AP NEWS) Advertisements promise cash bonuses and enticing benefits. Recruiters are making cold calls to eligible men. Enlistment offices are working with universities and social service agencies to lure students and the unemployed.
Mobilisation in Russia: How to Convince Men to Fight in Ukraine? (Royal United Services Institute) The Russian government has launched a video campaign drawing on a number of themes in an attempt to persuade its citizens to enlist. But has it achieved the desired effect?
Krieg: Ukraine braucht mehr Soldaten – Geheimdienst zieht die Zügel an (bild.de) Der ukrainische Geheimdienst zieht die Zügel an, damit Wehrpflichtige sich nicht drücken.
The Russian military’s growing discipline problems (Meduza) In a new investigative report, journalists at Mediazona counted 536 service-related felony cases filed in Russian garrison courts against soldiers since the full-scale invasion of Ukraine started last year. Most of these charges involve AWOL offenses, often resulting in probation sentences that allow offenders to return to combat. More serious crimes include refusal to obey orders, striking a commanding officer, and outright desertion.
What Frederick the Great’s Army Can Tell Us About Russia’s Private Military Company (War on the Rocks) In describing the Wagner Private Military Company forces fighting in Ukraine, some Western commentators have used the term “mercenaries,” while others
Putin to send nuclear weapons to Belarus (The Telegraph) Russia will store part of its nuclear arsenal in another country for the first time since the breakup of the Soviet Union
Russia accused of taking Belarus ‘nuclear hostage’ with deal to station missiles there (the Guardian) Ukraine says Putin’s deal to station tactical nuclear weapons in Belarus destabilises neighbour
Was die Stationierung von Atomwaffen in Belarus bedeutet (DER STANDARD) Der russische Präsident Wladimir Putin hat angekündigt, in Bälde taktische Atomwaffen im Nachbarland zu stationieren. Welche Folgen könnte diese Entwicklung haben?
Putin’s timeline for storing tactical nuclear weapons in Belarus is hard to believe (the Guardian) Although Alexander Lukashenko has agreed to host nuclear bases little construction work seems to have started
Ukraine Calls for Emergency UN Meeting After Russia Announce... (MENAFN) Tensions between Ukraine and Russia continue to escalate following Russia's announcement of plans to deploy tactical nuclear weapons in Belarus. In r
Ukraine Latest: US Says Not Planning to Adjust Nuclear Posture (Bloomberg.com) Vladimir Putin said Russia is preparing to station tactical nuclear weapons in Belarus, escalating a confrontation with the US and its allies.
Nikolai Patrushev: Russia is capable of destroying any adversary, including the United States, in case of a threat to its existence (Rossiyskaya Gazeta) Secretary of the Russian Security Council Nikolai Patrushev, in an interview with Rossiyskaya Gazeta, commented on the flights of American strategic bombers near the borders of Russia with mock missile strikes on targets in the Russian Federation, calling them dangerous and short-sighted stupidity.
Peskov: Western reaction will not affect Russia's plans to deploy nuclear weapons in Belarus (Rossiyskaya Gazeta) Presidential spokesman Dmitry Peskov said that no reaction from the West could affect Russia's plans to deploy its tactical nuclear weapons in Belarus.
Quel impact aura la guerre en Ukraine sur l’OTAN et l’UE ? (Theatrum Belli) Si l’OTAN sort renforcée de la guerre en Ukraine, il est indispensable d’avoir conscience de ses limites et des adaptations à y apporter, notamment en visant à ce que les […]
Watch: ‘Publicly glowing, privately embarrassed’ Putin faces snub by Xi Jinping | Defence in Depth (The Telegraph) As Putin looks for international support, it’s obvious that China is in the driving seat of their relationship
Xi and Putin are building a new axis of evil (The Telegraph) While Western countries focus on their regional concerns, China and Russia are beginning to work together. We should be deeply worried
Moldova holds High-Level Political and Security Dialogue with the European Union (EU NEIGHBOURS east) The second EU-Republic of Moldova High-Level Political and Security Dialogue was held in Brussels on 23 and 24 March, following its launch in Chisinau on 18
Opinion Ukraine smolders as Europe comes slowly awake (Washington Post) A pair of news items last week encapsulate what Europe is doing, and failing to do, to provide for Ukraine’s defense — and for its own.
South Africa must arrest Vladimir Putin (The Telegraph) If the International Criminal Court is not to be reduced to an impotent irrelevance, the arrest would simply have to take place
Europe's transport sector terrorised by ransomware, data theft, and denial-of-service attacks (Tripwire) A new report from ENISA, the European Union Agency for Cybersecurity, looking at cyberattacks targeting the European transport network over a period of almost two years, has identified that ransomware has become the prominent threat.
How Albania Became a Target for Cyberattacks (Foreign Policy) A massive hack led to the expulsion of Iranian diplomats—but Tehran may have had help from Moscow.
Russian hackers attack Atac, Ministry of Transport and Postal Police (Breaking Latest News) Italy still victim of attacks by Russian hackers. The NoName collective, already the protagonist of several violations of Italian and European institutional sites, claimed on its Telegram channel that it had taken the sites of the Ministry of Transport and Atac, the Roman public transport company, offline in the morning, including the section of ecommerce…
Russia’s Rostec allegedly can de-anonymize Telegram users (BleepingComputer) Russia's Rostec has reportedly bought a platform that allows it to uncover the identities of anonymous Telegram users, likely to be used to tamp down on unfavorable news out of the country.
Russian hacktivists deploy new AresLoader malware via decoy installers (CSO Online) The new malware loader can give attackers remote access and the ability to deliver other payloads.
New loader on the bloc - AresLoader (Intel471) AresLoader is a new loader malware-as-a-service (MaaS) offered by threat actors with links to Russian hacktivism that was spotted recently in the wild.
L’Ukraine sous le feu des cyberattaques russes (Le Journal du Dimanche) Un rapport de la direction du renseignement d’intérêt cyber de Thales met en lumière la doctrine d’usage de Moscou.
Ukraine War Shows Difficulty of Large-Scale Cyberattacks, NSA Director Says (Wall Street Journal) Gen. Paul Nakasone, in an interview, says U.S. rivals are trying to penetrate America’s networks, data and weapons systems.
Tensions on the rise at revered Kyiv monastery complex (AP NEWS) The courtyards of the Kyiv-Pechersk Lavra have been busy with more than just the usual worshippers, going to and from its churches in the sprawling monastic complex that is Ukraine’s most revered Orthodox site.
Opinion The moral and legal case for sending Russia’s frozen $300 billion to Ukraine (Washington Post) Russia’s assault on Ukraine has become a brutal war of attrition — militarily but also economically and socially. Russian President Vladimir Putin recognizes the nature of this struggle. Ukraine, having lost one-third of its GDP, with one-third of its population already displaced and the lights flickering on and off, could win battles and still lose the war.
The Limits of Economic Warfare (Foreign Affairs) What sanctions on Russia can and cannot achieve.
Friends Over Factories (Foreign Affairs) Ukraine’s alliances are worth more than Russia’s industries.
Attacks, Threats, and Vulnerabilities
New Dark Power ransomware claims 10 victims in its first month (BleepingComputer) A new ransomware operation named 'Dark Power' has appeared, and it has already listed its first victims on a dark web data leak site, threatening to publish the data if a ransom is not paid.
Phishing Campaign Targets Chinese Nuclear Energy Industry (Intezer) A phishing campaign with malicious payloads targeted the Chinese nuclear energy industry, using tactics that align with Bitter APT.
'Bitter' espionage hackers target Chinese nuclear energy orgs (BleepingComputer) A cyberespionage hacking group tracked as 'Bitter APT' was recently seen targeting the Chinese nuclear energy industry using phishing emails to infect devices with malware downloaders.
Fork in the Ice: The New Era of IcedID (Proofpoint) Key Findings
Proofpoint is tracking new variants of IcedID used by at least three threat actors.
Initial analysis suggests this is a forked version with potentially a separate panel for managing the malware.
While much of the code base is the same, there are several key differences.
One key difference is the removal of banking functionality such as web injects and backconnect.
Proofpoint researchers hypothesize the original operators behind Emotet are using an IcedID variant with different functionality.
Internet Crime Complaint Center (IC3) | Business Email Compromise Tactics Used to Facilitate the Acquisition of Commodities and Defrauding Vendors (IC3) The FBI warns the public of criminal actors using Business Email Compromise (BEC) schemes to facilitate the acquisition of a wide range of commodities.
MacStealer: New macOS-based Stealer Malware Identified (uptycs) MacStealer is a new Command and Control (C2) malware, a macOS stealer, that also controls its operations over Telegram, found by Uptycs Threat Research.
Emotet malware distributed as fake W-9 tax forms from the IRS (BleepingComputer) A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue Service and companies you work with.
PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw (SecurityWeek) Proof-of-concept code to exploit a just-patched security hole in the Veeam Backup & Replication product has been published online.
The latest mass ransomware attack has been unfolding for nearly two months (Washington Post) The year’s second mass ransomware attack has claimed some big victims
Twitter says parts of source code posted online, seeks leaker (Washington Post) Twitter’s subpoena asked GitHub to identify a user named in documents as “FreeSpeechEnthusiast,” who shared the code, and anyone who downloaded it.
Critical WooCommerce Payments Vulnerability Leads to Site Takeover (SecurityWeek) A critical-severity flaw in the WooCommerce Payments WordPress plugin could allow attackers to take over site administrator accounts.
OpenAI: ChatGPT payment data leak caused by open-source bug (BleepingComputer) OpenAI says a Redis client open-source library bug was behind Monday's ChatGPT outage and data leak, where users saw other users' personal information and chat queries.
OpenAI says a bug leaked sensitive ChatGPT user data (Engadget) OpenAI announced Friday that the chat history bug from earlier in the week might have also leaked user and payment data..
March 20 ChatGPT outage: Here’s what happened (OpenAI) An update on our findings, the actions we’ve taken, and technical details of the bug.
UK Pension Protection Fund latest victim of GoAnywhere hack (Record) The Pension Protection Fund, which manages billions of dollars in assets, appears to be a victim of the Clop ransomware group's exploitation of a bug in the popular file-transfer technology.
Don't fall for this new round of iCloud support scam emails (Fox News) Victims of Apple's new phishing scam will receive false emails from iCloud support that will lead to an ask about personal information from hackers.
Sun Pharma Hit by Infamous Ransomware Group ALPHV BlackCat - Threats to Release Sensitive Data! (TimesNow) ALPHV BlackCat, the notorious ransomware group, has now come out and listed the Sun Pharmaceutical breach on their leak site on the darknet.
Arbitrum Discord hacker shares phishing announcement amid airdrop hype (Cointelegraph) Clicking on phishing links usually navigates the unsuspecting victims to a fake website prompting them to enter personal information, such as a wallet’s private key.
NCC Warns Of Pirated YouTube Software-related Malware (Leadership News) The Nigerian Communications Commission's Computer Security Incident Response Team (NCC-CSIRT) has warned those looking to acquire pirated software and
Latitude breach now one of the biggest in Australian history (Australian Financial Review) What was first reported as the theft of 330,000 customer records is now up to 14 million records, and counting.
Maersk says posted data is not current and not from attack by hackers (The Loadstar) Maersk denies that a cyberattack by hacker group Anonymous Sudan occured, despite leaked customer credentials appearing on social media
Crown Resorts investigating potential data breach after being contacted by hacking group (ABC) Crown Resorts confirms it is investigating a potential global data breach after it was contacted by a hacker group that claims to have obtained company files.
Arbitrum Discord hacker shares phishing announcement amid airdrop hype (Cointelegraph) Clicking on phishing links usually navigates the unsuspecting victims to a fake website prompting them to enter personal information, such as a wallet’s private key.
Popular apps with Chinese ties can gather more data than TikTok (Washington Post) As Congress weighs an unprecedented ban of the wildly popular Chinese-owned TikTok over supposed security concerns, millions of Americans are downloading Chinese-designed apps to their phones that pose greater privacy risks with no outcry from lawmakers or regulators.
Inaudible ultrasound attack can stealthily control your phone, smart speaker (BleepingComputer) American university researchers have developed a novel attack which they named "Near-Ultrasound Inaudible Trojan" (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs.
Security Patches, Mitigations, and Software Updates
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now! (Naked Security) Admin-level holes in websites are always a bad thing… and for “bad”, read “worse” if it’s an e-commerce site.
Microsoft pushes OOB security updates for Windows Snipping tool flaw (BleepingComputer) Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability.
Microsoft fixes reversible screenshot vulnerability on Windows (The Verge) You might want to update the Snipping Tool on Windows 11.
Trends
Huge Fines Are a Wake-up Call to Prioritize Data Security (Tanium) To avoid fines, more firms are practicing “privacy by design,” per a new survey. ISACA’s Safia Kazi parses the benefits and challenges.
Gordon Moore, Intel Co-Founder and Author of Moore’s Law, Dies at 94 (Wall Street Journal) Moore’s Law proved a remarkably accurate observation about how quickly engineers would create advances in digital technology.
'Moore's Law' creator Gordon Moore has died at age 94 (Silicon Valley Business Journal) Gordon Moore was a key figure in the development of Silicon Valley and the wider tech industry.
Beloved hacking veteran Kelly ‘Aloria’ Lum passes away at 41 (TechCrunch) Kelly "Aloria" Lum was 41 when she passed away in New York City. She was a beloved member of the cybersecurity community, particularly in the city.
Marketplace
Britive Receives $20.5M Series B Funding to Support Surging Customer Growth (PR Newswire) Britive, the cloud identity security platform, today announced it received $20.5M in Series B funding to support surging customer growth and...
Dealmakers See M&A Targets in Tech When Slowdown Abates (The Information) Dealmakers who gathered in New Orleans this week are hopeful that the prolonged deals freeze will thaw this year—and that the tech sector in particular holds plenty of companies ripe for acquisition. That may be a case of optimism transcending reality. On panels and in coffee chats at the annual ...
Lloyd’s of London says its controversial cyberwar exclusions could hit profits (Record) The chief executive of Lloyd’s of London warned last week that it could suffer a short-term hit to its income as a result of its controversial cyberwar exclusions.
First Citizens to acquire troubled Silicon Valley Bank (AP NEWS) North Carolina-based First Citizens will buy Silicon Valley Bank, the tech industry-focused financial institution that collapsed earlier this month, rattling the banking industry and sending shockwaves around the world.
First Citizens to Buy SVB After Biggest Bank Failure Since 2008 (Bloomberg) Deal includes $56 billion in deposits, $72 billion in loans. FDIC estimates the cost of SVB’s failure will be $20 billion.
First Citizens Bank will nearly double its assets by buying Silicon Valley Bank (Quartz) First Citizens will buy $72 billion in SVB assets under an FDIC-facilitated deal
Cyber Security Market Size Is Valued At US$ 534 Bn by 2032: Data Analysis by Experts at Market.Us (GlobeNewswire News Room) Rising Need for Cloud-based Cybersecurity Solutions and Technological Progress to Propel the Cybersecurity Market Beyond USD 534 Billion by 2032....
CyberArk founder: "The process of building a high-tech company is full of endless failures" | CTech (ctech) Alon Cohen, founder of CyberArk, chatted with Dr. Revital Mandil-Levin, founder of Nanocarry Therapeutic, in the first session of "Mentor Class", a series of online meetings, sponsored by Calcalist and Poalim Hi-Tech, that allows young entrepreneurs to meet with high-tech industry executives who share their experience, and business and management vision
TikTok Shifts Into Damage Control Mode (The Information) TikTok and some companies that work with the popular app have shifted into damage control mode after a rancorous Congressional grilling of TikTok CEO Shou Zi Chew failed to allay lawmakers’ concerns that its Chinese parent, ByteDance, poses a national security risk. Golin, a major public ...
Hollywood, music industry brace for a TikTok ban (Washington Post) The entertainment industry has become so reliant on TikTok that banning the app could hurt business, industry insiders say
Xcitium Earns 5-Star Rating in 2023 CRN® Partner Program Guide (GlobeNewswire News Room) Xcitium, the cybersecurity industry's leading provider of state-of-the-art endpoint protection...
(ISC)² Opens Nominations for the 2023 Global Achievement Awards (PR Newswire) (ISC)² – the world's largest nonprofit association of certified cybersecurity professionals – today announced nominations for its annual Global...
Retired Army Chief Warrant Officer Wes Postol Named SVP of Business Development at Electrosoft (PR Newswire) Electrosoft Services, Inc., an award-winning federal IT and professional services firm specializing in cybersecurity, today announced it has...
Products, Services, and Solutions
New infosec products of the week: March 24, 2023 (Help Net Security) The featured infosec products this week are from: ForgeRock, Vectra, Verosint, Vumetric, and Waterfall Security Solutions.
Secure User Identities in Your Zoom Calls — Authenticated by Okta (Okta) Zoom and Okta help organizations ensure that meetings and collaboration tools are frictionless, yet safe and secure.
Commsec, Forcepoint bring the next generation of cyber security to Irish businesses (TechCentral.ie) In association with Commsec CommSec is excited to announce a new partnership with Forcepoint, a leading provider of SASE (secure access service edge), zero trust and cloud security technologies. This partnership will allow CommSec’s customers to benefit from Forcepoint’s cutting-edge security solutions. Forcepoint though their platform Forcepoint ONE provides a powerful and safe platform to [&hellip
Verint announced its new partnership with Eventus Solutions Group (MarTech Cube) Verint® (NASDAQ: VRNT), The Customer Engagement Company®, today announced its new partnership with Eventus Solutions Group, a subsidiary of Tech Mahindra,
BlackBerry partners with Adobe to deliver secure forms with electronic signatures on mobile (Help Net Security) BlackBerry and Adobe partnership enhances operational processing and workforce efficiency that require signed approvals at any time.
Armis Achieves U.S. Department of Defense Impact Level 4 Authorization (Armis) DoD customers can now take advantage of Armis’s secure, agentless, Unified Asset Management for IT, OT and IoT devices.
MITRE Rolls Out Supply Chain Security Prototype (Dark Reading) Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
Versa Networks ACE Partner Program Honored with Top 5-Star Rating in CRN Partner Program Guide for Third Year in a Row (Business Wire) Versa Global Partner Program Recognized Again for Equipping Highly Engaged Partners with Enablement to Grow Revenue by Selling the Industry’s Leading Unified SASE Solution
New Total Economic Impact Study Finds Illumio Delivered 111 Percent Return on Investment and Paid for Itself in Six Months (GlobeNewswire News Room) Illumio Zero Trust Segmentation Platform reduced blast radius by 66 percent and decreased the cost and impact of downtime by $3.8 million...
Netsurion earns 5-star rating in 2023 CRN Partner Program Guide (GlobeNewswire News Room) Netsurion, a leading provider of Managed XDR, is being recognized by CRN®, a brand of The...
AU10TIX Collaborates with Microsoft on Decentralized Verifiable Credentials (AU10TIX) AU10TIX’S Reusable ID using Microsoft Entra Verified ID Ushers in the Age of Strong Credential Tokens for Cost-Effective Lifetime Re-Verification of Enterprises and Users on a Global Scale TEL AVIV, Israel and SAN FRANCISCO, March 27, 2023 — AU10TIX, a global technology leader in identity verification and identity management, today announced it is working with […]
Cloud Computing Magazine Names Forward Networks a 2023 Product of the Year Award Winner (PR Newswire) Forward Networks announced today that TMC, a global, integrated media company, has awarded Forward Enterprise a 2023 Product of the Year Award,...
Technologies, Techniques, and Standards
Tesla Hacked Twice at Pwn2Own Exploit Contest (SecurityWeek) Researchers successfully demonstrate exploit chains to hack Tesla’s newest electric car at the annual Pwn2Own software exploitation contest.
Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days (Security Affairs) On the third day of the Pwn2Own Vancouver 2023 hacking contest, the organization awarded $185,000 for 10 zero-day exploits. Pwn2Own Vancouver 2023 is ended, contestants disclosed 27 unique zero-days and the organization awarded a total of $1,035,000 and a Tesla Model 3. The team Synacktiv (@Synacktiv) (Benoist-Vanderbeken, David Berard, Vincent Dehors, Tanguy Dubroca, Thomas Bouzerar, […]
Design and Innovation
Microsoft Now Claims GPT-4 Shows 'Sparks' of General Intelligence (Vice) The eyebrow-raising claim from Microsoft—which is banking on GPT putting it ahead of Google—contrasts with the model's clear limitations.
ChatGPT is about to revolutionize the economy. We need to decide what that looks like. (MIT Technology Review) New large language models will transform many jobs. Whether they will lead to widespread prosperity or not is up to us.
There's No Such Thing as Artificial Intelligence (Bloomberg) The term breeds misunderstanding and helps its creators avoid culpability.
Legislation, Policy, and Regulation
Time for an International Cyber Court? (Modern Diplomacy) In the current international environment, the significance of the Information and Communications Technology (ICT) is steadily rising. In this context, international cooperation is gradually moving towards a legal architecture for ICT governance and international information security (IIS) as an integral part of the overall international security framework. One of the key global challenges on this […]
New Zealand security chiefs increasingly concerned about foreign interference (Reuters) New Zealand intelligence agencies are growing more concerned about both foreign interference and malicious cyber activity ahead of elections in October, the country’s intelligence chiefs said on Monday.
Protests erupt across the U.S. amid internet shutdown in India and manhunt for activist (NBC News) Sikh activists have demonstrated in cities like Chicago, Sacramento and New York as Indian officials search for Sikh figurehead Amritpal Singh.
France to ban TikTok on work phones of civil servants -minister (Reuters) France will ban the use of Chinese-owned video-sharing app TikTok on the work phones of civil servants, Civil Service Minister Stanislas Guerini said on his Twitter account.
The TikTok wars – why the US and China are feuding over the app (the Guardian) The US says the extremely popular video-sharing app ‘screams’ of national security concerns and considers a countrywide ban
Why does US see Chinese-owned TikTok as a security threat? (AP NEWS) U.S. lawmakers have grilled TikTok CEO Shou Zi Chew about data security and harmful content, with some pushing to ban the popular short-video app nationwide.
What TikTok must overcome to show us it can be trusted (The Telegraph) It’s the fastest-growing social media network in the UK, but significant concerns over security and influence mean its future is at risk
Opinion | There’s a Problem With Banning TikTok. It’s Called the First Amendment. (New York Times) American users of the social media platform are indisputably exercising their constitutional rights when they post and consume content on the site.
Export Control is Not a Magic Bullet for Cyber Mercenaries (Lawfare) The U.S. and the EU need to do more to limit the damage to their intelligence and law enforcement capabilities caused by cyber mercenaries.
Air Force CROWS wants to expand cyber defenses within Space Force (C4ISRNet) The Cyber Resiliency Office for Weapon Systems works with acquisition and test teams to ensure old and new platforms are protected against cyber threats.
US military needs 7th branch just for cyber, current and former leaders say (Record) “Only a service, with all its trappings, can provide the level of focus needed to achieve optimal results in their given domain,” says a memorandum from the 3,700-member Military Cyber Professional Association.
Litigation, Investigation, and Law Enforcement
Haggie said a cyberthreat report raised 'no red flags.' Now it appears he didn't actually read it. (CBC) The then-health minister now says he was presented with a summary, partly verbal, of that 2020 threat assessment about cyber preparedness.
Australian police arrest four BEC actors who stole $1.7 million (BleepingComputer) The Australian Federal Police (AFP) has arrested four members of a cybercriminal syndicate that has laundered $1.7 million stolen from at least 15 victims between January 2020 and March 2023.
UK Sets Up Fake DDoS-for-Hire Sites to Trap Hackers (PCMag Middle East) 'We will not reveal how many sites we have or for how long they have been running,' the UK's National Crime Agency says.
UK National Crime Agency reveals it ran fake DDoS-for-hire sites to collect users’ data (Record) British cyber police created several fake sites intended to expose customers of underground markets that sell user-friendly software for launching distributed denial-of-service (DDoS) attacks.
Justice Department Announces Arrest of the Founder of One of the World’s Largest Hacker Forums and Disruption of Forum’s Operation (U.S. Department of Justice) The founder of BreachForums made his initial appearance today in the Eastern District of Virginia on a criminal charge related to his alleged creation and administration of a major hacking forum and marketplace for cybercriminals that claimed to have more than 340,000 members as of last week. In parallel with his arrest on March 15, the FBI and U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG) have conducted a disruption operation that caused BreachForums to go offline.
The FBI's BreachForums bust is causing 'chaos in the cybercrime underground' (CyberScoop) The dramatic fall of one of the preeminent cybercrime communities on the web will have major implications for the cybercrime markets.
DOJ says ‘millions’ of US citizens victimized by BreachForums administrator (Record) An unsealed affidavit from an FBI special agent lays out the government's case against Conor Fitzpatrick, accusing him of facilitating access to stolen personal data.
FBI dismantles cybercrime forum boasting data connected to breach affecting US lawmakers (The Hill) The FBI has dismantled a cybercrime forum that boasted having data connected to security breaches affecting U.S. lawmakers and millions of citizens. The Justice Department (DOJ) said in a rel…
They Posted P[*]rn on Twitter. German Authorities Called the Cops (WIRED) Regulators are using an AI system to scan websites and messaging apps to find p[*]rnography. Creators face fines and potential prison sentences.
