Dateline Moscow and Kyiv: Change of command, but small change on the battlefield.
Ukraine at D+323: Fighting in Soledar and industrial mobilization. (CyberWire) Russia claims victory in Soledar, but Ukraine says fighting continues. Industrial mobilization challenges the Kremlin. GitHub ejects Russian hacktivist auxiliaries.
Russia-Ukraine war: List of key events, day 324 (Al Jazeera) As the Russia-Ukraine war enters its 324th day, we take a look at the main developments.
Moscow Says It Has Seized Ukrainian Town of Soledar (Wall Sreet Journal) Ukrainian officials say battles are continuing for control of the eastern town.
Russian Offensive Campaign Assessment, January 12, 2023 (Institute for the Study of War) Russian forces’ likely capture of Soledar on January 11 is not an operationally significant development and is unlikely to presage an imminent Russian encirclement of Bakhmut. Geolocated footage posted on January 11 and 12 indicates that Russian forces l
Ukraine's Battlefields Are Freezing. Here's What That Means for the War. (Military.com) Temperatures in eastern Ukraine have been well below freezing in recent days, hardening the ground and opening a window for potential winter offensives by both sides.
Rifts in Russian military command seen amid Ukraine fighting (AP NEWS) As Russian troops wage a ferocious house-to-house fight for control of strongholds in eastern Ukraine, a parallel battle is unfolding in the top echelons of military power in Moscow, with President Vladimir Putin reshuffling his top generals while rival camps try to win his favor.
The good and bad of Gerasimov’s ‘promotion’ (POLITICO) The naming of Valery Gerasimov<b> </b>to lead Russian troops in Ukraine shows Vladimir Putin is flailing tactically.
Russia’s new commander reflects Putin’s plan to push for victory in Ukraine (Washington Post) With the appointment of Gen. Valery Gerasimov, Russia’s highest-ranking military officer, as direct operational commander of the troubled war in Ukraine, President Vladimir Putin has doubled down on his conviction that the invasion’s objectives can be achieved without new leadership — and is now turning to a trusted confidant who will carry out his orders without question, analysts said.
Why Putin's command shake-up is doomed to fail (The Telegraph) Putin's generals cannot answer the key questions he faces - nor can they silence the critics of his stuttering invasion
Putin scolds defence industry minister in televised meeting for ‘fooling around’ (the Guardian) Russian leader publicly berated Denis Manturov, eye-rolling and shuffling papers during the live call, as his war in Ukraine caused fresh problems
General Says U.S. Values Allies' Assistance to Ukraine (U.S. Department of Defense) The U.S. respects the sovereign decisions of NATO and other allied nations regarding their security assistance to Ukraine, the Pentagon press secretary said.
Readout of Secretary of Defense Lloyd Austin's Call With Swedish Minister of Defence Pål Jonson (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III spoke by phone with his Swedish counterpart, Minister for Defence Pål Jonson.
Never mind Britain: Germany looks for US to lead the way on battle tanks to Ukraine (POLITICO) Chancellor Scholz says deliveries of heavy weapons depend on coordination ‘with our transatlantic partner.’
What is a 'main battle tank,' and how will Ukraine use them? (Breaking Defense) European nations are poised to send Ukraine main battle tanks. But Western MBTs will require different training, tactics, and logistical support than the smaller Soviet-derived designs Ukrainian troops are used to.
The West reaps multiple benefits from backing Ukraine against Russia (Atlantic Council) Ukraine is often viewed as being heavily reliant on Western support but the relationship is mutually beneficial and provides the West with enhanced security along with valuable intelligence, writes Taras Kuzio.
The Long War in Ukraine (Foreign Affairs) The West needs to plan for a protracted conflict with Russia.
Russia’s largest hacking conference reflects isolated cyber ecosystem (Brookings) One of Russia’s largest hacking conferences showcases nationalist propaganda and increasing technological isolation.
GitHub disables pro-Russian hacktivist DDoS pages (CyberScoop) NoName057 used the software development platform to carry out DDoS attacks on targets in a variety of NATO nations.
Russia criticises Reuters story on Russian hackers targeting U.S. nuclear scientists (Reuters) Russia's Foreign Ministry on Thursday criticised Reuters for spreading what it said was poorly sourced anti-Russian propaganda with a story about a Russian hacking team which targeted three nuclear research laboratories.
Putin running out of options in global pressure campaign (Yahoo) As the Russia-Ukraine war nears the end of its first year, Moscow is struggling to find leverage to wear down Western resolve to aid Kyiv. With its battlefield wins now few and far between, an economy crippled by harsh sanctions, and increasing international isolation, Russian President Vladimir Putin is running out of options to expand…
Ukraine war impacts spare parts supply for Indian military: Army chief (Defense News) Experts say up to 60% of Indian defense equipment comes from Russia.
Russia soldier jailed for refusing to join Ukraine war (Al Jazeera) Russian court sentenced Marsel Kandarov to five years in jail for refusing to take part in ‘special military operation’.
Attacks, Threats, and Vulnerabilities
‘Dark Pink’ hackers target state and military organizations in Asia, Europe (The Record from Recorded Future News) A new hacking group dubbed “Dark Pink” is targeting government and military agencies in Asia and Europe with phishing emails.
RAT malware campaign tries to evade detection using polyglot files (BleepingComputer) Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security tools.
Aflac's Japan says US partner leaked cancer customer info (Register) Zurich’s Japanese outpost also leaks a couple of million records
Aflac, Zurich Policyholders in Japan Affected by Data Leaks (Bank Info Security) Personal information for more than 1.3 million Aflac cancer insurance policyholders and almost 760,000 Zurich Insurance auto insurance policyholders in Japan has
Japan Units of Aflac, Zurich See 2 M. Customers' Data Breached (Nippon.com) Tokyo, Jan. 10 (Jiji Press)--Aflac Life Insurance Japan Ltd. and Zurich Insurance Co., the Japanese unit of Zu…
Royal Mail hit by Russia-linked ransomware attack (BBC News) The group is working "around the clock" to resolve severe disruption to overseas deliveries.
Russia-linked hackers behind Royal Mail cyber attack (The Telegraph) Lockbit’s ransomware scrambled software on machines used to send international post
Royal Mail cyberattack linked to LockBit ransomware operation (BleepingComputer) A cyberattack on Royal Mail, UK's largest mail delivery service, has been linked to the LockBit ransomware operation.
Royal Mail cyberattack linked to Lockbit gang (Computing) The Russia-linked Lockbit ransomware gang has been linked to a cyberattack that disrupted Royal Mail's international export services this week.
Royal Mail halts international services after cyberattack (BleepingComputer) The Royal Mail, UK's leading mail delivery service, has stopped its international shipping services due to "severe service disruption" caused by what it described as a "cyber incident."
Corrupt software introduced by contractors took down FAA system, officials say (NBC News) This system, installed in 1993, runs the Notice to Air Missions system, or NOTAM, which sends pilots vital information they need to fly.
'Old tech and damaged database' to blame for FAA outage (Computing) An error in a Notice to Air Missions system, which grounded flights across the USA earlier this week, was caused by a damaged database file, the Federal Aviation Administration has said.
Crypto-inspired Magecart skimmer surfaces via digital crime haven (Malwarebytes) One criminal scheme often leads to another. This blog digs into a credit card skimmer and its ties with other malicious services.
Researchers Find 'Digital Crime Haven' While Investigating Magecart Activity (Dark Reading) A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more.
Windows zero day patched but exploitation activity unclear (TechTarget) Avast detected a recently patched Windows zero-day flaw being exploited in the wild and urged users to patch.
TX Insurance Administrator Discloses Healthcare Data Breach (Health IT Security) Bay Bridge Administrators (BBA) experienced a data security incident that impacted individuals enrolled in some employment insurance benefits.
Laid-Off Workers Are Flooded With Fake Job Offers (Wall Street Journal) The rise of virtual hiring and remote work have made it easier to swindle job seekers, and fraudsters see new opportunity in recent job cuts, authorities say.
Microsoft's VALL-E will usher in new era of cyber crime (IT PRO) With its ability to synthesise speech from short audio clips, Microsoft's VALL-E poses a worrying development in the realm of deepfakes
Public warned of scammers impersonating UK Police (3FM) The public are being warned of a recent phone scam where callers pretend to be UK Police.
Security Patches, Mitigations, and Software Updates
CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog (The Record from Recorded Future News) CISA added a new zero day bug to its known exploited vulnerability list this week after Microsoft confirmed it was being used in attacks.
Juniper Networks Releases Security Updates for Multiple Products (CISA) Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms (CISA) Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update.
Sewio RTLS Studio (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sewio Equipment: RTLS Studio Vulnerabilities: Use of Hard-coded Password, OS Command Injection, Out-of-bounds Write, Cross-Site Request Forgery, Improper Input Validation, Cross-site Scripting 2.
RONDS Equipment Predictive Maintenance Solution (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: RONDS Equipment: Equipment Predictive Maintenance (EPM) Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized user to leak login credentials and download files.
InHand Networks InRouter (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: InHand Networks Equipment: InRouter302, InRouter615 Vulnerabilities: Cleartext Transmission of Sensitive Information, OS Command Injection, Use of a One-way Hash with a Predictable Salt, Improper Access Control, Use of Insufficiently Random Values 2.
Panasonic Sanyo CCTV Network Camera (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Panasonic Equipment: Sanyo CCTV Network Camera Vulnerability: Cross-Site Request Forgery (CSRF) 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to perform actions via HTTP without validity checks.
SAUTER Controls Nova 200 – 220 Series (PLC 6) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series (PLC 6) Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2.
Johnson Controls Metasys (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Johnson Controls Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposed credentials in plain text to unauthenticated users.
Hitachi Energy Lumada APM (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Lumada APM Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to any Power BI reports installed or manipulate asset issue comments on assets.
Siemens S7-1500 CPU devices (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Siemens Mendix SAML Module (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Siemens Automation License Manager (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Siemens Solid Edge before V2023 MP1 (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Philips Patient Information Center iX (PIC iX) and Efficia CM Series (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Philips Equipment: Patient Information Center iX (PIC iX) and Efficia CM Series Vulnerabilities: Improper Input Validation, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Cryptographic Algorithm 2.
WatchGuard's Cybersecurity Predictions (WatchGuard Technologies) 2023 cybersecurity predictions from the WatchGuard Threat Lab, including Zero Trust, space hacks, cyber insurance, password-less authentication, and more
Trends in Credential Stuffing and How to Identify It (ThreatX Labs) There are various, distinct forms of brute force-based attacks. In this report, we focus on a variant called distributed botnet-based credential stuffing.
Anatomy of a Targeted Credential Stuffing Attack (ThreatX Labs) One of the main challenges that security operation centers (SOC) and threat hunting teams run into is trying to determine what is noise vs. a targeted attack when looking at millions (or even billions!) of requests in their logs.
Telegram Bot Abuse For Phishing Increased By 800% in 2022 (Infosecurity Magazine) The growth is associated with using HTML attachments as a delivery method in credential phishing
CISA Releases 2022 Year in Review (Cybersecurity and Infrastructure Security Agency) Year in Review Highlight’s CISA’s Growth and Extensive Work to Protect Nation’s Critical Infrastructure
2022 Year In Review (CISA) Our 2022 CISA Year in Review in January lays out the tremendous work by our teammates and partners over the past year. Organized around the four goals outlined in our Strategic Plan, it highlights key achievements toward our vision of ensuring secure and resilient critical infrastructure for the American people.
SailPoint Acquires SecZetta to Provide Comprehensive Identity Security for Non-Employee Identities (Business Wire) SailPoint Technologies, Inc., a leader in enterprise identity security, today announced it has acquired SecZetta, a leading provider of third-party id
Inbenta, a provider of AI-powered chatbots and more, lands $40M (TechCrunch) Inbenta, a company developing AI-powered chatbot and search technologies, has raised $40 million in a venture funding round.
Safe-T Group Announces Corporate Rebranding Changes Name to Alarum Technologies Ltd. to Reflect Core Values of its Growing Business (GlobeNewswire News Room) Safe-T Group Ltd. (Nasdaq: SFET) (TASE: SFET) (“Safe-T” or the “Company”), a global provider of...
IBM Announces $725M Quantum Computing Deal with Australian Government (HPC Wire) IBM Australia has announced the signing of the next iteration of the Whole-of-Government Arrangement with the Digital Transformation Agency (DTA) on behalf of the Commonwealth of Australia.
How Data Security Breaches Affect Your Company’s Value (American Security Today) Corporate victims to a data security breach can have dire effects on not just the company’s value, but also its brand image and reputation
Twitter Orders Staff Members At Asia Headquarters To Clear Desks And Work From Home (Deadline) Staff members at Twitter’s Asia headquarters in Singapore have been told to clear their desks and work from home indefinitely, according to a new report. An email sent Wednesday informed staff that…
Versa Networks named 2022 CyberSecured Awards winner (SecurityBrief Asia) Versa SASE 5G Edge won for delivering the industry’s only complete SASE integration of cloud security, networking, SD-WAN, secure access, and analytics.
Coalfire CPO Vineet Seth to Join anecdotes' Advisory Board (PR Newswire) anecdotes, the leading security compliance technology provider, announced today the appointment of Vineet Seth to the company's advisory board....
Wallarm adds Cybersecurity Leaders to its Board of Advisors (Business Wire) Wallarm, the end-to-end API security company, is pleased to introduce the newest cybersecurity luminaries to join the company’s already impressive Boa
Castellum, Inc. Announces Alan R. Lynn to Join Advisory Board (GlobeNewswire News Room) POTOMAC, Md., Jan. 13, 2023 (GLOBE NEWSWIRE) -- Castellum, Inc. (NYSE American: CTM) announces Alan “Al” Lynn has joined the Company’s Advisory Board....
Products, Services, and Solutions
Aryaka Delivers Mission-Critical Managed Network and Security Offering for Retailers at NRF 2023 (PR Newswire) Join Aryaka®, the leader in Unified SASE solutions, at NRF booth #1805, January 14-17, at the Javits Center in New York City to learn more...
Beyond Identity Receives FIDO2 Certification (Beyond Identity) Enterprises now have a standards-based path to accelerate passwordless phishing-resistant authentication
ChicMe Chooses Forter to Optimize Customer Experience and Support New Market Expansion (Business Wire) Online retailer ChicMe has chosen Forter to help with its global expansion by improving payment processing.
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward (ReversingLabs) Learn how A1000 can reduce risks (and workload and tool costs) while ensuring privacy. Plus, how it reduces MTTD, and prioritizes malware for triage.
Divilo announces new partnership with ThetaRay FXCompared.com (FXcompared) Divilo, a provider of business-to-business financial services, has confirmed that it will be working with ThetaRay’s AI-led transaction monitoring service to help with its online money transfer service. Read more about the international payments market with our money transfers news.
CISA's Joint Cyber Defense Collaborative Taps SentinelOne for Threat Intelligence (MSSP Alert) As a Joint Cyber Defense Collaborative (JCDC) member, SentinelOne will provide threat intelligence to help combat cyberattacks.
authID® Integrates Verified™ CloudConnect™ with Okta Workforce Identity Cloud, Expands Offerings across Workforce and Customer Identity (Yahoo) Combining Verified with Okta’s Workforce and Customer Identity Clouds delivers authID’s phishing-resistant Human Factor Authentication™ that eliminates the risks of passwords and credential compromise for both workforce and customer applications DENVER, Jan. 12, 2023 (GLOBE NEWSWIRE) -- authID [Nasdaq: AUID] a leading provider of secure identity authentication solutions, today announced the integration of Verified CloudConnect with Okta’s Workforce Identity Cloud and the expanded availability of
NVIDIA Helps Retail Industry Tackle Its $100 Billion Shrink Problem (NVIDIA Blog) To make it easier for developers to quickly build and roll out applications designed to prevent theft, NVIDIA today announced three Retail AI Workflows, built on its Metropolis microservices.
Technologies, Techniques, and Standards
Getting Cybersecurity Protection Via Your DNS: Opportunities and Challenges (DomainTools) Joe St Sauver discusses cybersecurity protection via DNS as a way to help prevent employees from navigating to potential malware-infected or phishing sites.
Patch Where it Hurts: Effective Vulnerability Management in 2023 (The Hacker News) Businesses are taking an average of 215 days to patch reported vulnerabilities. Even critical vulnerabilities are taking over 6 months to fix.
How to Block Scam Calls, the Top Source of Fraud Against Older Adults (Wall Street Journal) Virtual assistants, call blocking and robocall apps can keep con artists at bay.
US spies lag rivals in seizing on data hiding in plain sight (AP NEWS) As alarms began to go off globally about a novel coronavirus spreading in China , officials in Washington turned to the intelligence agencies for insights about the threat the virus posed to America.
Design and Innovation
DoraHacks and Cryptosat Run the First Cryptographic Trusted-Setup for Zero-Knowledge in Space (Yahoo) DoraHacks, a leading global hackathon organizer and open source incentive platform, and Cryptosat, which develops and launches crypto-satellites into space to enable novel cryptographic applications, announced today that they have successfully performed the first experiment to initiate a Zero-Knowledge (ZK) proof system in space.
Research and Development
Quantum computers threaten our whole cybersecurity infrastructure: Here's how scientists can bulletproof it (Phys.org) Thirteen, 53 and 433. That's the size of quantum computers in terms of quantum bits, or qubits, which has significantly grown in the last years due to important public and private investments and initiatives. Obviously, it is not only a mere question of quantity: the quality of the prepared qubits is as important as their number for a quantum computer to beat our existing classical computers, that is, to attain what's called the "quantum advantage". Yet it is conceivable that soon quantum-computing devices delivering such an advantage will be available. How would this affect our daily lives?
Legislation, Policy, and Regulation
DOD, Japan MOD Sign Technology and Security of Supply Arrangements (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and Japanese Defense Minister Yasukazu Hamada signed a bilateral Research, Development, Test and Evaluation Memorandum of Understanding and a bilateral,
Re-upping a spy agency’s snooping power this year will be a complicated task for Congress (Washington Post) National Security Agency and U.S. Cyber Command chief Gen. Paul Nakasone forcefully made the case Thursday for Congress to renew an expiring surveillance power, saying it has helped disrupt cyberattacks and patch digital vulnerabilities.
NSA director pushes Congress to renew surveillance powers (Stars and Stripes) A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats.
Keynote Speech by GEN Paul M. Nakasone, Commander, USCYBERCOM, Director NSA/Chief, Central (National Security Agency/Central Security Service) Keynote Speech by GEN Paul M. Nakasone, Commander, USCYBERCOM, Director NSA/Chief, Central Security Service at the Privacy and Civil Liberties Oversight Board Public Forum on FISA Section 702 on
FCC identifies challenges in getting Huawei rip-and-replace program fully functional (Inside Cybersecurity) The Federal Communications Commission is facing challenges in completing its rip-and-replace program to remove untrustworthy equipment from Huawei and ZTE that the government has deemed a national security risk, according to a Tuesday report to Congress.
Wisconsin, North Carolina ban TikTok from state devices on security concerns (MarketScreener) The governors of Wisconsin and North
Carolina on Thursday signed orders banning TikTok on government
devices due to cyber security concerns, joining other states and
the federal government in... | January 13, 2023
Litigation, Investigation, and Law Enforcement
Google Says Supreme Court Ruling Could Potentially Upend the Internet (Wall Street Journal) A case challenging the liability shield protecting websites such as YouTube and Facebook could result in both widespread censorship and a proliferation of offensive content, Google said in a court filing.
SEC sues Covington law firm for names of 300 clients caught up in hack (Reuters) The U.S. Securities and Exchange Commission has sued law firm Covington & Burling for details about nearly 300 of the firm's clients whose information was accessed or stolen by hackers in a previously undisclosed cyberattack, court documents show.
SEC Demands That Covington & Burling "Name Names" (The National Law Review) Earlier this week, the United States Securities and Exchange Commission filed a&nbsp;complaint&nbsp;against one of the country&#39;s leading law firms - Covington & Burling LLP.&nbsp; According to
SEC Accuses Law Firm Covington of Stalling Cyberattack Probe (1) (Bloomberg Law) The Securities and Exchange Commission has accused law firm Covington & Burling of failing to comply with a subpoena for information about a 2020 cyberattack on the firm that potentially exposed client data.
Live Updates: Garland Names Special Counsel in Biden Documents Case (New York Times) The appointment of Robert K. Hur by Attorney General Merrick Garland came after the discovery of two batches of classified documents from Mr. Biden’s time as vice president. One set was recovered from a storage space in the garage of his home in Wilmington, Del.
Ex-U.S. attorney Robert Hur appointed special counsel to investigate Biden docs (Maryland Daily Record) Attorney General Merrick Garland appointed Robert Hur as special counsel to investigate classified documents found at Joe Biden’s home and at an office.
Opinion If Trump’s classified document mishandling was ‘irresponsible,’ so is Biden’s (Washington Post) After the Justice Department released a staged photo of classified documents — including some marked “Top Secret/SCI” (sensitive compartmented information) — which the FBI had spread on the floor of former president Donald Trump’s Mar-a-Lago estate, President Biden was asked on “60 Minutes” what he thought when he saw that picture.
Joe Biden may have broken the Espionage Act. It’s so broad that you may have, too | Trevor Timm (the Guardian) The Espionage Act is incredibly broad and spares literally no one. Readers of this newspaper may even have violated it
The S.B.F. Chronicles, Part 4: Alameda, We Have a Problem (Puck) Among the first to sniff out the infamous balance sheet of Alameda Research, S.B.F.’s now defunct hedge fund, was a young doctor turned financial sleuth whose analysis helped facilitate FTX’s demise. This is the fourth in a series.
Sam Bankman-Fried sticks to his script (Axios) The disgraced FTX founder also addresses his Robinhood contradiction.
SEC charges Gemini and Genesis with unregistered securities offering (The Block) The program has been the subject of a public fight between the two erstwhile corporate partners.
Nexo Office Raided by Bulgarian Police in Wide Investigation (Bloomberg) More than 300 personell take part in Bulgarian operation. Probe comes four months after US states move against Nexo.
GAO rules Booz Allen has no conflict in $860M VA award (Washington Technology) This is the second time in 12 months that protestors unsuccessfully raised conflict-of-interest allegations against Booz Allen over a large Veterans Affairs win.