Dateline Moscow and Kyiv: Victory Day jitters.
Ukraine at D+438: Victory Day eve. (CyberWire) Russia strikes Ukrainian cities as it prepares for Victory Day and waits for Ukraine's spring offensive.
Russia-Ukraine war: List of key events, day 439 (Al Jazeera) As the war enters its 439th day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 439 of the invasion (the Guardian) Five people injured in strikes on Kyiv as Russia launches another major assault on Ukraine; Ukrainian general vows to defend Bakhmut
Ukraine cities hit as Russia evacuates civilians amid Victory Day security fears (the Guardian) Kyiv and Odesa targeted overnight, with attacks coming as Moscow prepares to commemorate victory over Nazi Germany
Russia-Ukraine war live: Moscow launches new strikes across Ukraine; Kyiv claims Russia has lost 100,000 soldiers in Bakhmut (the Guardian) Drone attacks launched on Kyiv with explosions also reported in Odesa and Kherson; Ukrainian general says ‘meat assaults’ have led to high casualties
Russia hits Ukraine with huge barrage of Iranian-made drones (POLITICO) Kyiv says its air defense system fended off the new Russian assault.
Ukraine downs Russian hypersonic missile with US Patriot (AP NEWS) Ukraine’s air force claims to have downed a Russian hypersonic missile over Kyiv using newly acquired American Patriot defense systems, the first known time the country has been able to intercept one of Moscow’s most modern missiles.
In Ukraine, A New Chance to Judge the Patriot Missile (Defense One) The much-lauded air-defense system has a decidedly mixed record. The Pentagon should watch its performance carefully.
Russia-Ukraine war live: Wagner group head says he has been promised more ammunition after tirade against Russian generals (the Guardian) Yevgeny Prigozhin had criticised the defence minister, Sergei Shoigu, and the chief of the general staff, Valery Gerasimov
Russia’s Wagner group signals it will stay in Bakhmut after threat to quit (the Guardian) Yevgeny Prigozhin drops plans to withdraw from devastated city after receiving promises of extra arms
No love lost between Russian military and Wagner mercenaries (AP NEWS) A threat by the leader of private Russian military company Wagner to withdraw his fighters from the battle to seize a city in eastern Ukraine is another flareup in his dispute with Russia’s regular military over credit and tactics.
Russia's newest weapon is changing the course of Ukraine war (The Telegraph) Moscow's use of glide bombs, and their below-the-radar effectiveness, could force Kyiv to rewrite its counter-offensive plans
‘This will be different’: Kherson’s ruined villages come to life with counteroffensive preparation (the Guardian) Signs of the anticipated Ukrainian strike are unmistakable now – to strategists and residents• Russia-Ukraine war – live updates
Czech president warns Ukraine against rushed counteroffensive (the Guardian) Petr Pavel sounds cautious note, saying Kyiv no longer has element of surprise that led to military successes last year
Senior Ukrainian officials fear counterattack may not live up to hype (Washington Post) The Ukrainian military has spent nearly 15 months exceeding the world’s expectations. Now, senior leaders are trying to lower those hopes, fearing that the outcome of an imminent counteroffensive aimed at turning the tide of the war with Russia may not live up to the hype.
Worries grow about Ukraine nuke plant amid evacuations (AP NEWS) Anxiety about the safety of Europe’s largest nuclear power plant is growing after the Moscow-installed governor of the Ukrainian region where it is located ordered civilian evacuations. The Russia-backed governor of Ukraine’s Zaporizhzhia province told civilians to leave 18 communities, including the city where most plant workers live. He said Sunday that more than 1,500 people already had been evacuated from two unspecified cities.
Russia says bomber who injured novelist acted for Ukraine (AP NEWS) Russia’s top investigative agency on Saturday said the suspect in a car bombing that injured a prominent pro-Kremlin novelist and killed his driver has admitted acting at the behest of Ukraine’s special services. The blast that hit the car of Zakhar Prilepin, a well-known nationalist writer and an ardent supporter of Russia’s war in Ukraine, was the third explosion involving prominent pro-Kremlin figures since the start of the conflict.
Pro-Kremlin writer wounded in car explosion in Russia (Washington Post) A car bomb injured the Russian nationalist writer Zakhar Prilepin and killed one person in a village east of Moscow on Saturday, Russian authorities said.
Zakhar Prilepin: Russian pro-war writer defiant after car bomb attack (BBC News) Zakhar Prilepin said he had been driving and the bomb had been under the passenger seat.
Russian Pro-War Activist, Writer Said To Be 'Conscious,...Cheerful' After Car Bombing (RadioFreeEurope/RadioLiberty) The governor of Russia's Nizhny Novgorod region said on May 7 that the war-backing writer and political activist Zakhar Prilepin is awake and "stable" following an induced coma after his car was hit by an explosion a day earlier.
Lavrov Reads from a Piece of Paper, Putin Stares into the Past (Wilson Center) Sergey Lavrov is one of the most visible faces of Russia’s war against Ukraine. Here he is sitting at the famous round table in the room where the UN Security Council meets. Next to him is UN Secretary-General António Guterres.
A ‘nervousness never seen before’ hits Moscow before Victory Day parades (the Guardian) Paranoia following the drone attacks on the Kremlin and a weakened military dog the event Putin views as deeply symbolic
Russia Exits Europe (Wilson Center) Russia has been a European power for centuries. In the eighteenth century, Peter the Great founded St. Petersburg as a window on Europe. In the early nineteenth century, Russia defeated Napoleon as part of a broad coalition that reorganized Europe. In the twentieth century, the Soviet Union overwhelmed Nazi Germany and then occupied Eastern Europe for more than forty years.
As the Ukraine war grinds on, Russia is becoming a cultural wasteland | William Fear (the Guardian) Years ago, Putin lifted much of the censorship that haunted the Soviet Union. Now it’s back with a vengeance, says writer William Fear
Putin signs two new decrees related to Ukraine (CNN) CNN Russian Affairs Contributor Jill Dougherty breaks down the significance of Russian President Vladimir Putin's new decree, ordering the construction of museums dedicated to the "heroic deeds" of Russian fighters in Ukraine. The move also comes one day after Putin greenlit a plan allowing the deportation of Ukrainians from occupied regions.
‘What is this insane war?’: a philosopher on Ukraine’s frontlines (the Guardian) Polarizing French intellectual Bernard-Henri Lévy embedded with Ukrainian defenders for revealing and damning new documentary
We knew in 2011 Putin would attack Ukraine, says Bill Clinton (the Guardian) Revelation raises questions about whether US and Europe should have been more prepared for 2014 invasion
Swedish Army chief on Ukraine, artillery gaps and the need for industry to 'cooperate' (Breaking Defense) Getting nations to develop interchangeable weapons is "about leadership. And it's also about having a narrative that for me, in many ways, these are low-hanging fruits that will empower the West to fight better together," Maj. Gen. Karl Engelbrektson tells Breaking Defense.
Readout of Secretary of Defense Lloyd J. Austin III's Meeting With Polish Deputy Prime Min (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III met with his Polish counterpart, Deputy Prime Minister and Minister of National Defence Mariusz Błaszczak.
Polish-U.S. Defense Leaders Look to Further Crucial Partnership (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and Polish Defense Minister Mariusz Blaszczak discussed the situation in Ukraine and ways to strengthen interoperability between the United States and Poland
Pro-Russian Hackers Claim Downing of French Senate Website (SecurityWeek) The French Senate's website was offline after pro-Russian "NoName" hackers claimed to have taken it down.
This new Counter-Strike map was created to smuggle the truth about the Ukraine war into Russia (PC Gamer) The Finnish newspaper Helsinin Sanomat has created a CS:GO map with a secret press room detailing the war in Ukraine.
New CS:GO map bypasses Russia's censorship of Ukraine war news (BleepingComputer) Finish newspaper Helsinin Sanomat has created a custom Counter-Strike: Global Offensive (CS:GO) map explicitly made to bypass Russian news censorship and smuggle information about the war in Ukraine to Russian players.
Binance Faces US Probe of Possible Russian Sanctions Violations (Bloomberg) DOJ said to probe whether Russians illegally accessed exchange. Neither Binance nor executives have been accused of wrongdoing.
‘Red Pill’ Dating Coach Gonzalo Lira, Accused of Shilling for Putin, Is Arrested in Ukraine (The Daily Beast) Gonzalo Lira, a prolific online personality who became an outspoken supporter of Putin’s invasion of Ukraine, had his home in Kharkiv raided by the security services.
Attacks, Threats, and Vulnerabilities
Website of ANI goes down after Bangladeshi hacker group targets it (OpIndia) The website of news agency ANI has gone offline after a hacking attack by Mysterious Team, a Bangladesh-based hacker group
Iran Downplays Hacking Of Foreign Ministry Servers As Media Exaggeration (Iran International) Iran’s foreign ministry spokesman confirmed the hacking attack on the ministry's website on Sunday but claimed reports had been exaggerated.
Hacked verified Facebook pages impersonating Meta are buying ads from Meta (TechCrunch) Facebook scammers are impersonating Facebook and spreading malware by buying ads from, you guessed it, Facebook.
Subscription Trojans on Google Play (Securelist) The new Trojan family, Fleckpe, spreads via Google Play inside photo editors and wallpapers, subscribing the unaware user to paid services.
Twitter says 'security incident' exposed private Circle tweets (BleepingComputer) Twitter disclosed that a 'security incident' caused private tweets sent to Twitter Circles to show publicly to users outside of the Circle.
Organizations slow to patch GoAnywhere MFT vulnerability even after Clop ransomware attacks (Record) Dozens of organizations are still exposed to cyberattacks through a widely-abused vulnerability in GoAnywhere MFT — a web-based tool that helps organizations transfer files — according to new research.
White Phoenix: Beating Intermittent Encryption (Cyberark) Recently, a new trend has emerged in the world of ransomware: intermittent encryption, the partial encryption of targeted files. Many ransomware groups, such as BlackCat and Play, have adopted...
New Cactus ransomware encrypts itself to evade antivirus (BleepingComputer) A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of "large commercial entities."
PHP Packagist supply chain poisoned by hacker “looking for a job” (Naked Security) I pwned you! Gizza job! You know it makes sense!
Meet Akira — A new ransomware operation targeting the enterprise (BleepingComputer) The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms.
WordPress custom field plugin bug exposes over 1M sites to XSS attacks (BleepingComputer) Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS).
What Are IPFS Phishing Attacks and How Do You Avoid Them? (MUO) IPFS phishing attacks can bring you in trouble. Here’s how you can avoid them.
ALPHV gang claims ransomware attack on Constellation Software (BleepingComputer) Canadian diversified software company Constellation Software confirmed on Thursday that some of its systems were breached by threat actors who also stole personal information and business data.
Constellation Software hit by cyber attack, some personal information stolen (IT World Canada) A Canadian software company says it suffered a cyber attack this week. Toronto-based Constellation Software Inc. said in a statement that on Wednesday it was subject to what it calls a "cyber-security incident that impacted a limited number of its IT infrastructure systems." However, it adds, a "limited amount of personal information of individuals was
Press Release of Constellation Software Inc. (GlobeNewswire News Room) On April 3 2023 Constellation Software Inc. (“Constellation”) (TSX: CSU) was subject to a cyber-security...
Payment software giant AvidXchange suffers its second ransomware attack of 2023 (TechCrunch) Hackers have published sensitive information stolen from the AvixChange, including financial information and login details
Updated: Our Response to a Recent Security Incident (AvidXchange) AvidXchange is the industry leader in automating invoice and payment processes for mid-market businesses.
Website of Romanian Ministry of Education hacked, says education is “waste of time” (Romania Insider) Update: In an official press release, the ministry said that "the IT administrators of the Ministry of Education are analyzing the cyber incident that led to the blocking of the website edu.gov.ro on the morning of May 8, 2023. Information technology specialists are working to strengthen the...
Romanian Ministry of Education Website Hacked with Disparaging Message about Teachers and Education System (BNN) On Monday, May 8th, the website of the Romanian Ministry of Education was hacked, and a message appeared urging students not to attend classes because it was “a waste of time.” The hacker’s message insulted teachers, describing them as “not very intelligent” people who accept low salaries. The incident is a serious one that highlights the importance of website security and the impact of cyber-attacks on education.
Western Digital says hackers stole customer data in March cyberattack (BleepingComputer) Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal information in a March cyberattack.
Western Digital reveals customer data was compromised in recent hack (Cyber Security Connect) Storage company Western Digital sent a data breach notification to its customers following a cyber incident in March.
McPherson Hospital, Inc. Notifies Over 19k Patients of Recent Data Breach (JD Supra) On May 4, 2023, McPherson Hospital, Inc. (“McPherson Center for Health”) filed a notice of data breach with the Maine Attorney General after learning...
Murfreesboro Medical Clinic cyber attack (Shelbyville Times-Gazette) On April 22, 2023, Murfreesboro Medical Clinic & SurgiCenter ("MMC") was the victim of a sophisticated criminal cyberattack.
A cancer centre is the latest victim of cyber attacks. Why health data hacks keep happening (The Conversation) While some cyber criminals have previously avoided schools and health-care organisations, it seems these are now fair game.
Dallas cyberattack highlights ransomware’s risks to public safety, health (Washington Post) Investigators weren’t able to get information on the history of police calls to the home of a mass killing suspect due to a ransomware attack that knocked Dallas government computers down, law enforcement officials told Rebecca Lopez of news channel WFAA in a story this weekend.
Hacked: Dallas Ransomware Attack Disrupts City Services (Dallas Observer) A ransomware group called Royal is behind a cyber attack that's interrupting multiple city services across Dallas.
City of Dallas Continues Battling Ransomware Attack for Third Day (NBC 5 Dallas-Fort Worth) Some services and websites were still crippled Friday in the third day of a ransomware attack on the Dallas City Government.
San Bernardino County pays hackers $1.1 million ransom after cyber attack (Victorville Daily Press) San Bernardino County paid a $1.1 million ransom to hackers who caused a \
San Bernardino County pays $1.1M ransom after cyberattack disrupts Sheriff's Department systems (ABC7 Los Angeles) The hackers encrypted San Bernardino County Sheriff's Department data, causing significant disruptions to operations.
Adna School District Defrauded $346,000 in Phishing Scam (The Daily Chronicle) The Adna School District was defrauded of $346,000 through what school officials have called a “sophisticated phishing scam,” according to Adna Superintendent Thad Nelson.
The …
Sioux Falls School District warns community of gift card scam (Dakota News Now) The Sioux Falls School District is warning residents of a scam that has been occurring in the community.
Nearly 50 news websites are ‘AI-generated’, a study says. Would I be able to tell? (the Guardian) A tour of the sites, featuring fake facts and odd wording, left me wondering what was real
Security Patches, Mitigations, and Software Updates
Dump these Cisco phone adapters because it's not fixing them (Register) Security hole ranks 9.8 out of 10 in severity, 0 out of 10 in patch availability
May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS) (Help Net Security) Todd Schell from Ivanti offers his May 2023 Patch Tuesday forecast, with an outline of what organizations can expect to face soon.
Trends
In a new hacking crime wave, much more personal data is being held hostage (CNBC) Hackers are stealing customer and employee data and threatening to leak it publicly in a data extortion shift from ransomware attacks.
Marketplace
DartPoints Acquires Venyu to Expand Data Center Infrastructure in South Central US (TelecomTalk) DartPoints has expanded its portfolio with the acquisition of Venyu, Louisiana's premier data center infrastructure and cloud services provider. The move brings DartPoints' total number of data centers to 11 across 10 US markets and three regions.
BNamericas - Claro announces a US$165M investment to stre... (BNamericas.com) This investment, whose main objective is to strengthen and ensure the capacities of mobile and fixed networks, as well as cloud and data center services, wil...
NGA faces challenges to $250M cyber award (Washington Technology) A pair of disappointed bidders want a second shot at this National Geospatial-Intelligence Agency contract reserved for small businesses.
Two KnowBe4 Leaders Named Winners For 2023 OnCon Icon Awards (Yahoo Life) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that its General Counsel Alicia Dietzen has been recognized with an OnCon 2023 Top 10 Corporate Counsel award along with Drew Graef, SVP of global talent, who has been recognized with an OnCon 2023 Top 10 Talent Acquisition Professional award.
Ron Gula's Cybersecurity Mission: 'Data Care,' Inclusivity (Gov Info Security) Ron Gula practices what he preaches. The cybersecurity industry veteran who formerly led a market-leading vendor now works as an investor and philanthropist and
Elaine Bucknor, former Sky CIO, appointed to Darktrace board (Finextra Research) Darktrace plc (DARK.L) (together with its subsidiaries, "Darktrace" or "the Group"), a global leader in cyber security AI, ispleased to announce today the appointment of Elaine Bucknor as Non-Executive Director with effect from 1 June, 2023.
Products, Services, and Solutions
New infosec products of the week: May 5, 2023 (Help Net Security) The featured infosec products this week are from: Dashlane, Immersive Labs, Intruder, Private AI, Vanta, and Veza.
DigiCert Releases Innovative Automated Testing Tool for Digital Certificates (Digicert) DigiCert is pleased to announce the release of a new certificate linter, known as pkilint, which builds on industry experience in automating compliance checks for digital certificates. This first release of pkilint implements compliance testing for the recently released CA/Browser Forum
KnowBe4 Launches Password Kit to Celebrate World Password Day (Dark Reading) KnowBe4 is offering a no-cost password kit to help end users practice good password hygiene and strengthen their defenses against social engineering.
CrowdStrike focuses on ChromeOS security, rising cloud threats (Security | TechTarget) CrowdStrike chief product officer Raj Rajamani sat down with TechTarget Editorial last week to discuss cloud threats, ChromeOS security and generative AI.
Deloitte integrates blockchain for digital credentials (Cointelegraph) Deloitte announces the integration of KILT Blockchain technology for issuing “reusable digital credentials to support KYC and KYB processes.“
OneSpan Delivers Innovative Customer Success Packages to Support Entire Customer Journeys (OneSpan) Modern unified success service offerings provide faster time to value, mission-critical support, and increased user adoption to meet evolving customer needs
Technologies, Techniques, and Standards
Threat Intelligence Feeds Defined (CrowdStrike) A threat intelligence feed is a real-time, continuous data stream that gathers information related to cyber risks or threats. Learn more!
Five reasons organizations aren’t ready for the next cyberattack (Security Magazine) Even as security organizations are economizing on everything from desk space to free coffee cyber threats are consistently getting worse.
BlackBerry Report Surfaces Increasing Rate of Cyberattacks (Security Boulevard) A threat intelligence report published by BlackBerry found that from December 2022 through February 2023, 12 cyberattacks per minute were launched against
To Keep Hackers Out of US Weapons, the Pentagon Needs to Get In (Defense One) Constant surveillance of data flows is key to spotting dangerous intrusions.
OT Security: Know What You've Got and Where Your Risks Are (Bank Info Security) Threat intelligence is an important component of OT security because it maps the techniques and tactics of threat actors to what they are likely to attack, and it
Defense sector ISAC releases supply chain security handbook for small business with manufacturing focus (Inside Cybersecurity) The National Defense Information Sharing and Analysis Center has published a supply chain handbook for small business manufacturing designed to help companies address “specific and common challenges” by offering use cases and ideas to address them.
Design and Innovation
Discord’s username change is causing discord (The Verge) Let’s hear from Discord users and admins on what’s wrong with the username change.
Google Plans to Make Search More ‘Personal’ with AI Chat and Video Clips (Wall Street Journal) Changes aim to respond to queries that can’t be easily answered by traditional ‘10 blue links’ web results.
Generative AI supports cyber security analysts (Information Age) Constraining ChatGPT training data improves accuracy.
ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways (ZDNET) Unrestrained by ethics or law, cybercriminals are racing to use AI to find innovative new hacks, says Recorded Future CEO Christopher Ahlberg.
US Cyber Command beginning to examine next-generation weapons platform (DefenseScoop) As Cybercom gains greater oversight over capabilities and programs, it is now beginning to rearchitect its cyber weapons platform.
Research and Development
The NSA’s research chief on emerging tech — including ‘beyond belief’ leaps in AI (Record) Gilbert Herrera, leader of the NSA's Research Directorate, discussed artificial intelligence, quantum computing and more with The Record at Vanderbilt University's annual security summit.
US Spies Should Tap Private AI Models, NSA’s Research Chief Says (Bloomberg) He says spy agencies need to keep up with foreign counterparts. National Security Agency’s Herrera argues for AI in interview.
DoD Co-funds Institute to Research the Neural, Biological, and Cognitive Foundations of Ar (U.S. Department of Defense) The Department of Defense announced the award of $10 million for the establishment of an institute dedicated to advancing unified research in artificial and natural intelligence.
Academia
Chinese students in U.S. wary of going home under new spy law (Nikkei Asia) Overseas youths face new risks, from smartphone content to surveillance by peers
Researchers at University of Waterloo allowed to complete current projects with Huawei (Waterloo Region Record) University will not enter into any new partnerships with the Chinese telecommunications company
Ending university research partnerships with Chinese telecom will have ‘negative impact’ says Waterloo prof (Waterloo Region Record) ‘It’s hard to comprehend what national security risk there might be in a topic that studies computer assistance in diagnosing eye diseases in children’
Stellenbosch University Study Discovers Anti-poaching Technologies Vulnerable To Cyber-attacks (India Education) Various technologies such as tracking tags, CCTV and thermal cameras, Wireless Sensor Networks, mobile apps and drones are being used in anti-poaching operations for intelligence and communications to protect wildlife. However, these technologies bri
Legislation, Policy, and Regulation
EU Receives Criticisms from SAP, Siemens on Data Act Draft Before Adopted as Legislation (Tech Times) This aims to curb the power of tech companies in the United States to help the EU to achieve its digital and green efforts.
UAE issues warning over cyber-attacks (Arabian Business) UAE Cybersecurity Council issues national warning
Neuberger: Counter Ransomware Initiative focused on ‘expanding the tent,’ with Jordan, Costa Rica, Columbia joining (Record) The U.S. government and several other countries have been grappling with a key question over the last year: Should ransomware payments be banned, with select waivers available for special situations?
US Senators Reintroduce Legislation on Commercial Satellite Cybersecurity (Via Satellite) Two U.S. Senators have reintroduced legislation to help protect commercial satellite operators from cyber attacks — an issue that has gained in prominence
The Disconnect on Undersea Cable Security (Lawfare) Policymakers and cable industry insiders disagree about the threats to critical infrastructure and how to address them, but greater dialogue could help.
US telcos won't scrap foreign network kit on their own dime (Register) Take it Huawei? Not if they don't think Feds will refund them
6 ways the White House is reigning in AI (Mashable) Biden's AI agenda comes into focus.
Where is our national cybersecurity strategy? All over the place (SiliconANGLE) Earlier this year, the Biden White House released its National Cybersecurity Strategy policy paper. Although it has some very positive goals, such as encouraging longer-term investments in cybersecurity, it falls short in several key areas. And compared with what is happening in Europe, once again the U.S. is falling behind and failing to get the job done.
The Attack on Colonial Pipeline: What We’ve Learned & What We’ve Done Over the Past Two Years | CISA (Cybersecurity and Infrastructure Security Agency CISA) Today marks two years since a watershed moment in the short but turbulent history of cybersecurity.
Senator Asks Big Banks How They're Going to Stop AI Cloned Voices From Breaking Into Accounts (Vice) The move comes after Motherboard used AI voice cloning technology to fool a bank’s security systems.
New York Attorney General Seeks Broader Authority to Police Crypto (Wall Street Journal) Proposed legislation would require crypto exchanges to have independent public audits of financial statements, among other new requirements.
NY Democrat unveils bill to criminalize sharing deepfake porn (The Hill) Rep. Joseph Morelle (D-N.Y.) has unveiled a bill to make the sharing of deepfake pornography without consent illegal, a response to the accelerated advancement of artificial intelligence and digita…
Litigation, Investigation, and Law Enforcement
European Court of Justice Clarifies Rules on Damages Compensation for GDPR Breaches (Cooley) On 4 May 2023, the Court of Justice of the European Union (CJEU) delivered its decision in the Österreichische Post case (Case C-300/21), in essence deciding that a mere infringement of the General Data Protection Regulation (GDPR) does not automatically lead to compensation for damages; compensation for nonmaterial damage does not need to meet a minimum threshold of seriousness; and it is up to the national courts to assess the amount of damages. This case was referred to the CJEU by the Austrian Supreme Court and is the first of many preliminary rulings pending before the CJEU regarding the right to compensation under Article 82 GDPR.
Victims' reluctance to report ransomware stymies efforts to curb cyberattacks, say federal officials (CyberScoop) Federal officials say they need more victims to report when they've been hit by ransomware in order to better defend against the problem.
An Investigation On Pegasus: The Spyware That Threatens Mexican Freedom Of Press And Human Rights (Gazelle) Pegasus is being used by the Mexican government to silence journalists, human rights activists, and lawyers to control the narrative.
Judge Dismisses F.T.C. Lawsuit Against a Location Data Broker (New York Times) The ruling was a blow to the commission’s intensifying efforts to crack down on the sale and use of sensitive personal information.
This historic writers’ strike matters for everyone – not just Hollywood | Hamilton Nolan (the Guardian) The contract that the writers are striking for could set a powerful precedent that AI must work for people, rather than being used to marginalize people to juice profits
Instagram sugar daddy reportedly arrested following Cybernews investigation (Cybernews) Brazilian police have reportedly arrested Victor Mendes – the alleged scammer behind the sugar daddy scam designed to con gullible victims on Instagram.
Texas mall shooting: gunman expressed interest in neo-Nazi views – report (the Guardian) Federal agents reportedly examining social media history of alleged shooter Mauricio Garcia
Community Health Systems Sued Over January Data Breach (Bloomberg) Community Health Systems Inc. negligently failed to protect the personal information of nearly 1.2 million people in connection with a January data breach, a new proposed federal class action said.