Dateline Moscow and Kyiv: The state of the frontline.
Ukraine at D+441: Skirmishing along the line of contact, and in cyberspace. (CyberWire) Ukraine says it will open its offensive when it's ready, and not before.
Russia-Ukraine war: List of key events, day 442 (Al Jazeera) As the war enters its 442nd day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 442 of the invasion (the Guardian) Zelenskiy says losses would be unacceptably high if spring counter-offensive launched too early; Kremlin spokesperson described military operation in Ukraine as ‘very difficult’
Ukraine needs more time before its counter-offensive, says Zelenskiy (the Guardian) Losses would be unacceptable without more heavy weapons promised by west, says president
Ukraine's occupied Zaporizhzhia nuclear plant faces possible staffing crunch (AP NEWS) Ukraine’s atomic energy company is claiming that Russia plans to relocate around 3,100 Ukrainian staff from Europe’s largest nuclear plant. Energoatom warned Wednesday that the plan could result in a potential “catastrophic lack of qualified personnel” at the Zaporizhzhia facility in Russia-occupied southern Ukraine. Energoatom said local workers who signed employment contracts with affilates of Russia’s nuclear agency Rosatom following Moscow’s capture of the Zaporizhzhia plant early in the war are set to be taken to Russia along with their families. Energoatom didn't specify whether the employees would be forcibly moved out of the plant. It also wasn't immediately possible to verify Energoatom’s claims about Moscow’s plan.
Weapons tracing shows Russia firing new cruise missiles at Ukraine just weeks after production (Breaking Defense) In one case where two Kh-101 missiles were recovered and examined after striking Kyiv in November 2022, CAR researchers were able to determine that one of the munitions was produced in the last quarter of 2022, most likely October.
Opinion | Putin Is Fighting, and Losing, His Last War (New York Times) When Russians talk about nuclear war, the safest response is to ensure their very conventional defeat.
Russia’s brutality in Ukraine has barely begun (The Hill) What would a Russian occupation of Ukraine look like? If the behavior of Russian forces since the invasion and Russian history are a guide, worse than anything since the Nazi occupation of Europe.
SACEUR Provides Update on Deterrence, Defense of Euro-Atlantic Area (U.S. Department of Defense) Army Gen. Christopher G. Cavoli provided an update on implementation of the Deterrence and Defense of the Euro-Atlantic Area concept following a NATO Military Committee meeting in Brussels.
Canada, Latvia to jointly train Ukrainian soldiers starting Monday (Reuters) Canadian and Latvian armed forces on Monday will begin training Ukrainian soldiers in Latvia, Canada's Defence Minister Anita Anand said on Wednesday.
US Cyber Command 'Hunts Forward' in Latvia (VOA) Working with Latvia, Canada, the US cyber team targeted threats to Latvia’s critical infrastructure, including by Russian-linked hackers
US cyber team unearths malware during ‘hunt-forward’ mission in Latvia (C4ISRNet) The Cyber National Mission Force has deployed to 22 countries including Ukraine, ahead of Russia’s invasion, and Albania, following Iranian cyberattacks.
US, Canada sent cyber experts to Latvia to bolster digital defenses (Record) The U.S. Cyber National Mission Force (CNMF) says it sent a team to the former Soviet state and current NATO member on a three-month “hunt forward” mission from February through April.
How spies took down Putin’s most insidious weapon against the West (The Telegraph) Russia made crucial mistakes that allowed cyber experts to remove Snake's venom
Turla's Snake malware network disrupted by Five Eyes' authorities - Help Net Security (Help Net Security) For nearly 20 years Turla has used versions of the Snake malware to steal sensitive documents from computer systems in at least 50 countries.
SafeBreach Coverage for US-CERT Alert (AA23-129A) – Snake Malware (Security Boulevard) SafeBreach coverage for US-CERT Alert (AA23-129A) - Hunting Russian Intelligence "Snake" Malware The post SafeBreach Coverage for US-CERT Alert (AA23-129A) – Snake Malware appeared first on SafeBreach.
Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020 (Malwarebytes) We discovered a new interesting lure that targeted the Eastern Ukraine region and started tracking the threat actor behind it.
A Mysterious New Hacker Group Is Lurking in Ukraine’s Cyberspace (WIRED) The unidentified attackers have targeted people on both sides of Russia’s war against Ukraine, carrying out espionage operations that suggest state funding.
Ukraine war drives rising concern about nation-state hackers, survey says (Breaking Defense) “Foreign governments” are now the No. 1 cybersecurity concern for US public sector IT professionals, reports SolarWinds, itself rebuilding after a 2020 hack blamed on Russia.
Xi Jinping is rapidly running out of time – and he knows it (The Telegraph) The world is now in terrible danger of a major war, as Beijing’s global power approaches its peak
France launches war crime investigation after reporter Arman Soldin killed in Ukraine (CBS News) Arman Soldin, a French national, was one of the first AFP journalists to be sent to Ukraine after Russia invaded the country in Feb. 2022.
Attacks, Threats, and Vulnerabilities
Russian Group Possibly Behind Cyberespionage in Central Asia (Bank Info Security) A possibly Russian state hacking group has been deploying a novel backdoor dubbed DownEx against international governmental targets located in Kazakhstan and
Half of North Korean missile program funded by cyberattacks and crypto theft, White House says (CNN) About half of North Korea's missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said Tuesday.
New phishing-as-a-service tool “Greatness” already seen in the wild (Cisco Talos Blog) Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots.
Cisco warns of new ‘Greatness’ phishing-as-a-service tool seen in the wild (Record) A new phishing-as-a-service (PaaS) tool is allowing rookie hackers to incorporate “some of the most advanced” features into their cyberattacks, researchers warned Wednesday.
Creating Malicious Content Hosted on Squarespace (Avanan) Hackers are sending phishing content via Squarespace.
Cyber-Criminals Exploit Hardware Wallet to Steal Almost $30,000 (Infosecurity Magazine) Kaspersky discovered that the wallet the victim purchased had been tampered with
Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers (SentinelOne) Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.
CACTUS ransomware | Cyber Threat Intelligence (Kroll) Kroll has identified a new ransomware strain, CACTUS that leverages documented vulnerabilities in VPN appliances. Read more
Deconstructing a Cybersecurity Event (Dragos | Industrial (ICS/OT) Cyber Security) Learn more about a failed extortion scheme against Dragos in May 2023. No Dragos systems were breached, including anything related to the Dragos Platform.
Dragos Says Ransomware Gang Accessed Limited Data but Failed at Extortion Scheme (SecurityWeek) ICS cybersecurity vendor Dragos discloses breach and data theft but says ransomware group failed at elaborate extortion scheme.
Dragos Discloses ‘Failed Extortion Scheme’ By Cybercriminals That Accessed Onboarding Resources | CRN (CRN) Industrial cybersecurity vendor Dragos said that an employee’s account was compromised, and its SharePoint system accessed, in an attack by a “known cybercriminal group.”
Ransomware Group Targeted Dragos in Unsuccessful Extortion Attempt (Decipher) A known ransomware group was able to access limited information resources, which it then attempted to use in an unsuccessful extortion attempt against the company.
Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt (BleepingComputer) Industrial cybersecurity company Dragos today disclosed what it describes as a "cybersecurity event" after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices.
Identify vEdge Certificate Expired on May 9th 2023 (Cisco) This document describes how to identify a vEdge that has an expired certificate affecting control plane, which eventually impacts data plane.
Expired Cisco certificate cripples vEdge SD-WAN appliances (Register) Updates said to be rolling out now... if your gateway hasn't already bricked itself
Anatomy of a Social Media Impersonation Scam (BlueVoyant) BlueVoyant’s cyber threat analysts have been tracking a sophisticated social media impersonation campaign for over two years.
National Gallery of Canada recovering from ransomware incident (Record) Canada’s national art museum has spent the last two weeks recovering from a ransomware attack that forced it to shut down its IT system.
Evil digital twins and other risks: the use of twins opens up a host of new security concerns (CSO Online) Digital twins are incredibly useful tools for a range of industries. But they also come with intrinsic risk factors and could create new avenues for attacks unless security is involved when they’re created.
Bots Are Taking Over the Internet: Automated Threats are a Growing Risk for Organizations (Imperva) Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, releases the 2023 Imperva Bad Bot Report, a global analysis of automated bot traffic across the internet. In 2022, nearly half (47.4%) of all internet traffic came from bots, a 5.1% […]
Risk of cyber-attack is main Eurovision worry, says BBC executive (the Guardian) Cybersecurity experts drafted in to help thwart any sabotage attempt as UK stands in as host for Ukraine
Eurovision’s preparations for potential Russia cyberthreat ‘in good place’ (Alloa and Hillfoots Advertiser) The contest’s chief also confirmed Russian voters are effectively barred from voting this year.
Ontario school district hit by cyber attack discovers additional info stolen (IT World Canada) The Huron-Superior Catholic District School Board has sent letters to students and former students informing them their personal information was compromised in a cyber attack that was first announced on Dec. 15, 2022. The attack initially took down the board's website, as well as telephones, public address systems, and email for all board sites. The
UPDATE: MMC Gradually Reopening After Major Cyber Attack (WGNS) Murfreesboro Medical Clinic is carefully reopening after the April 22, 2023. The main facility on Garrison Drive, the one of South Church Streeet and MMC in the Fountains are now officially open. All other locations as well as laboratory and radiology services remain closed.
CEO Joey Peay noted, "I'm astounded as to what our team has been able to accomplish in such a short period of time."
Peay has reassuring news . . .
He underlined, "While many systems are ...
WhatsApp Bug Enables Suspicious Microphone Access - Spiceworks (Spiceworks) Meta-owned WhatsApp seems to be affected by a bug that allows the app to access an Android phone’s microphone even when the app is closed.
Security Patches, Mitigations, and Software Updates
New features and updates to improve online safety (Google) Today at I/O 2023, we’re sharing the newest ways we’re keeping you safer with Google.
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API (Akamai) Akamai researcher Ben Barnea found a new important vulnerability in an Internet Explorer component, assigned CVE-2023-29324 with a CVSS base score of 6.5.
Trends
ESET shares key changes in world of advanced persistent threat activity (SecurityBrief Asia) ESET has released its APT Activity Report, which summarises the activities of selected APT groups that were observed, investigated, and analysed by ESET researchers.
Power Rankings: 2022 Ransomware Malicious Quadrant (Halcyon) Halcyon Blog Post: The Halcyon team of ransomware experts has put together this RaaS power rankings guide for the ransomware threat landscape based on data from throughout 2022...
Most firms aren't taking cybersecurity seriously enough - and it could come back to haunt them (TechRadar) Departments just need to communicate more, report claims
The Biggest Data Breaches in History (Bankless Times) In the past month alone we’ve seen ChatGPT, Western Digital, Microstar International and Pizza Hut all admit to suffering data breaches.
The State of Ransomware Attacks in Education 2023: Trends and Solutions (Veriti) Ransomware attacks targeting the education sector are on the rise. Learn how to prevent exposure of sensitive data and children's safety.
Grit Blog GRIT Ransomware Report: April 2023 (Guidepoint Security) Following a relatively active March–resulting in 451 affected organizations observed across 24 ransomware leak sites–GRIT observed interesting movement in the ransomware landscape in April. Most notably, Clop, a Full-time group we described in detail in 2023’s first quarterly report, dropped from 128 reported victims in March to just three in April, reflecting our assessment that Clop’s March spike resulted from their aggressive use of an exploited vulnerability.
Marketplace
NuHarbor Security on Inc. Magazine’s annual list of best workplaces for 2023 (VermontBiz) Awards in five special categories follow top honor from VermontBiz in the medium business category
Mimecast Announces Two New Executive Appointments to Drive Customer and Operational Excellence (Mimecast) Jeff Hess and Purnima Jandial Join Corporate Leadership Team as Part of Amplified Organizational Focus on Customer Centricity
OpenSSF Welcomes New Members, Veteran Cybersecurity Expert as General Manager, and New Funding (PR Newswire) The Open Source Security Foundation (OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world's...
Phosphorus Poised for Record Growth with Appointment of New Chief Revenue Officer (GlobeNewswire News Room) Security industry veteran Shawn O’Brien will lead the company’s global sales and field operations during a period of significant growth and transformation...
BioCatch announces second consecutive record growth quarter (Biocatch) BioCatch, the pioneer of behavioral biometric intelligence and global leader in fraud detection, today announced historic first-quarter revenue results.
Products, Services, and Solutions
Trua Launches TruaID, A Verified Digital ID That Helps Consumers Keep Personal Information Secure (PR Newswire) Trua (www.TruaMe.com), the digital identity-verification and screening company, has launched a new product called TruaID, which will give...
Push protection is generally available, and free for all public repositories (The GitHub Blog) Announcing the general availability of push protection–a feature that proactively prevents secret leaks in your public and private repositories.
Everything Blockchain Inc. Announces Significant Product Updates to EB Control (GlobeNewswire News Room) Updates will enhance security, performance, UI and navigation, reporting...
How Torq Hyperautomation Reinvents Security Case Management (Torq) The new Torq Hyperautomation platform was purpose-built from the ground up to deliver comprehensive Case Management capabilities to SecOps
Prove Identity Partners with Visa to Make Customer Onboarding 79% Faster While Enhancing Security (Business Wire) Prove Identity, Inc. (“Prove”), a leader in consumer identity, today announced a new partnership with Visa (NYSE: V), a world leader in digital payments, to empower brands to increase secure loyalty account enrollment by eliminating manual account registration and pre-filling application forms with verified information.
Lexmark Named 2023 Global Print Security Leader by Quocirca (Lexmark Newsroom) Strategic vision and comprehensive approach to print security drive Lexmark's industry leader designation.
Okta Customer Identity Cloud Adds Security Center to Enterprise Plan (Auth0) New feature provides real-time monitoring of potential identity security events and threat response efficacy
LogRhythm Announces Technology Partnership with Mimecast to Provide Advanced Combination of Email Security, Enterprise Security and Threat Management Capabilities (Business Wire) New integration combines LogRhythm’s automated threat management and enterprise security with Mimecast’s email security services
Salt Security Achieves AWS WAF Ready Designation (PR Newswire) Salt Security, a leading API security company, announced today it is now an Amazon Web Service (AWS) Web Application Firewall (WAF) Ready...
Aqua Enhances Software Supply Chain Security with Pipeline Integrity Scanning (Aqua) Aqua Security announced it added pipeline integrity scanning to prevent software supply chain attacks and assure CI/CD pipeline integrity.
Acalvio Completes the AWS Foundational Technical Review and Joins the AWS Partner Network (Business Wire) Customers can now actively defend against cyber attacks with confidence using the Active Defense solution from a cybersecurity deception leader
Mosaic launches global primary cyber coverage with Safe Security (Safe Security) The specialty insurer launched the new coverage under a pioneering partnership with Safe to embed real-time cyber-risk data into its underwriting process.
Corvus Insurance Delivers an Industry-Leading Loss Ratio of 36% (Business Wire) Corvus delivers with a combination of strong underwriting talent, data analytics, and fast growing adoption from engaged policyholders
Nyriad’s UltraIO Data Storage System Provides Exceptional Performance, Resilience, and Efficiency with Low Total Cost of Ownership (TCO) (Carahsoft) Nyriad® and Carahsoft Technology Corp. today announced a partnership.
Malwarebytes Now Offers Mobile Security for MSPs (Channel Futures) Malwarebytes has added mobile security to its OneView platform, allowing MSPs to safeguard Chromebooks, Android and iOS devices.
Zimperium Launches Unified Mobile Security Platform (Fast Mode) Zimperium Launches Unified Mobile Security Platform
News: DNSFilter Joins Forces with SolCyber to Bring DNS Security to Businesses Worldwide (DNSFilter) Threat protection leader is the latest addition to the modern MSSP’s program, delivering comprehensive DNS-layer security in minutes
Azion Obtains PCI DSS v4.0 Cybersecurity Certification (Azion Technologies) With PCI DSS v4.0, Azion is prepared to support the payment card sector in facing the new challenges of today's cybersecurity. Find out how.
Synopsys and ReversingLabs Sign Agreement to Enhance Software Supply Chain Risk Management (Synopsys) Agreement Provides Comprehensive Software Supply Chain Risk Management Solution for Both Open-Source and Commercial Third-Party Software
Tanium Achieves StateRAMP Authorization (Business Wire) Converged endpoint management leader supports state organizations on cloud-first initiatives with a single platform for visibility, control, and remediation
Technologies, Techniques, and Standards
NSA Releases New Best Practices for Securing Home Networks (Security Intelligence) Even in the comfort of your own home, poor network security can open doors to a cyber criminal, leading to a company-wide data breach.
What Is the Dark Web? Is the Dark Web Illegal? (Trend Micro News) What is the dark web? The dark web is the hidden part of the internet that can only be accessed via specific browsers.
Ransomware Detection – A Question of DNA (Nebulon Inc) Ransomware protection, detection, and recovery services are a part of the DNA of smartInfrastructure. With the challenges of ransomware only growing, it’s time that all modern application infrastructure have cybersecurity and cyber-resilience built in.
Coalfire Compliance Report Unveils the Next Horizon In Compliance (PR Newswire) Today, Coalfire released its new Securealities 2023 Compliance Report developed in partnership with Informa's Omdia research division. The...
Securealities Report: 2023 Compliance (Coalfire.com) Coalfire and Omdia surveyed 300 security and IT professionals, spanning industries including financial services, IT, education, and healthcare to see what’s changed in the world of compliance, and how today’s challenges can be met more effectively.
Eleven steps to develop an effective ransomware response - Intelligent CIO North America (Intelligent CIO North America) Anthony Giandomenico, VP Global Security Consulting, Proactive and Reactive Services, Fortinet, and Aamir Lakhani, Global Security Strategist and Researcher, Fortinet, offer a checklist which suggests how organizations can effectively deal with a ransomware attack. FortiGuard Labs’ research shows that organizations in almost all areas around the world are possible targets for ransomware attacks. Therefore, it is […]
Design and Innovation
ZeroFox Announces Generative AI Capabilities, Develops FoxGPT (GlobeNewswire News Room) Inspired by ChatGPT, the external cybersecurity innovator begins to release generative AI to augment intelligence workflows...
IBM Unveils End-to-End Quantum-Safe Technology to Safeguard Governments' and Businesses' Most-Valuable Data (IBM Newsroom) IBM announced a new IBM Quantum Safe technology - a comprehensive set of tools & capabilities, along w/IBM's deep security expertise, designed as an end-to-end solution made available as organizations prepare their quantum-safe journey.
IBM bringing organizations along quantum-safe journey | IBM Research Blog (IBM Research Blog) Organizations are already examining how to upgrade their cybersecurity to prepare for the quantum era.
Four Takeaways From Google’s Big AI Event (The Information) Google’s once-a-year product showcase on Wednesday confirmed what employees and rivals have been saying for months: the company is playing catch-up to rivals in conversational artificial intelligence and other fronts. During its annual event for software developers, the company announced new AI ...
Google is throwing generative AI at everything (MIT Technology Review) But experts say that releasing these models into the wild before fixing their flaws could prove extremely risky for the company.
Google Says Search Enters New Era With Conversational AI Features (Wall Street Journal) The company intends to use artificial-intelligence programs to provide lengthier replies to queries. The new features invite follow-up questions.
Google Just Added Generative AI to Search (WIRED) Challenged by ChatGPT, the king of search launches a feature that can answer queries with text summarizing information found online.
Google rebrands AI tools for Docs and Gmail as Duet AI — its answer to Microsoft’s Copilot (The Verge) Most of Google’s promised AI Workspace features are invite-only.
Google’s ‘Project Tailwind’ is an AI notebook that helps with study and more (9to5Google) Google has launched “Project Tailwind,” a new AI-first tool that is effectively a notebook of the future to help you...
Google will help Play Store developers build out their listings with generative AI (The Verge) It’ll also use AI to summarize user reviews.
'Universal translator' dubs and lip-syncs speakers - but Google warns against misuse (TechCrunch) Google's experimental translation tool redubs video in a new language while syncing the speaker's lips — and they know that could be trouble.
Cybersecurity faces a challenge from artificial intelligence’s rise (Washington Post) While defenders have been winning more battles, the availability of AI tools threatens that progress
Research and Development
American psychology group issues recommendations for kids' social media use (TechCrunch) A major psychological organization in the U.S. is out with a set guidelines designed to protect children from the harms of social media.
Academia
Cybersecurity Awareness in Higher Education is More Important Than Ever, Report Finds (NINJIO) Training all university stakeholders - faculty, staff, and students - in cybersecurity awareness is a proven solution for reducing a university's cyber risk.
Chattanooga State cyber incident cancels some classes through May 26 (Chattanooga Times Free Press) Chattanooga State Community College has canceled classes through May 26 as officials grapple with an unspecified "cyber incident."
Legislation, Policy, and Regulation
EU Vows to Act If Revamped US Data-Transfer Pact Poses Problems (Bloomberg) Justice commissioner speaks to lawmakers about data flows pact. Didier Reynders says new deal includes ‘significant’ changes.
Walden says cybersecurity strategy mostly well-received (Cybersecurity Dive) The acting national cyber director says common ground exists in certain areas, but a great deal of work remains.
A presidential critical infrastructure protection order is getting a badly needed update, officials say (Washington Post) The Biden administration is revising a decade-old presidential directive on safeguarding critical infrastructure
White House tries to balance AI’s 'enormous danger' and promise (Yahoo News) The astonishing speed of AI innovation has presented the Biden administration with a complex challenge. Given the immense promise and peril of artificial intelligence, the White House recognizes it can’t maintain a laissez-faire attitude any longer.
CEO of ChatGPT maker OpenAI to testify to Congress (Washington Post) Sam Altman, the OpenAI chief, will appear for the first time as AI scrutiny soars in Washington
Bill calls for voting systems to undergo penetration testing (CBS 19) Senators Mark Warner and Susan Collins introduced the bill on Wednesday.
Congress puts focus on cybersecurity for suicide lifeline, voting systems, NOTAM (Record) Senators introduced bills on the national 988 hotline and voting technology. The chamber also passed legislation to improve the resiliency of NOTAM, which tracks aviation hazards.
Bipartisan Group Looks to Fix ‘Hopelessly Obsolete’ Classification System (Nextgov.com) Legislation is aimed at reducing over-classification and improving the handling of secrets.
After Pentagon Leak, Democrats and Republicans Unite to Reform Classification System (Military.com) The package of bills unveiled by Senate Intelligence Committee Chairman Mark Warner, D-Va., and other senators from both parties takes aim at overclassification.
Senators push overhaul of classification rules after Trump, Biden cases (The Hill) Responding to a series of intelligence breaches over the last year, senators on Wednesday introduced legislation that would require the National Archives to screen documents leaving the White House for classified material.
How Congress is tackling disinformation from US adversaries (The Hill) The U.S. government is seeking to step up its information war to defeat nation-state threat actors like Russia and China which, in recent years, have ramped up their disinformation campaigns global…
Industry skepticism about a Defense Department cybersecurity policy is only growing | Federal News Network (Federal News Network) Perhaps you have heard of CMMC, the Cybersecurity Maturity Model Certification program. Now in its 2.0 version, it is supposed to lay minimum cybersecurity standards on contractors doing business with…
Litigation, Investigation, and Law Enforcement
Breach of Mental-Health Records Challenges Nation’s Court System (Wall Street Journal) Hacker, reaching a dead end in extorting clinic in Finland, targeted individual patients.
Sweden charges man for spreading sensitive military information online (AP NEWS) Swedish prosecutors say that a 50-year-old man has been charged with spreading sensitive military information online. Authorities didn't identify the man who they say administered a database that was used for the exchange of secret information. The information was posted in a forum that he allegedly was responsible for. He was charged on Thursday with suspected “gross unauthorized possession of secret information” and sharing “secret and sensitive information about a large number of defense facilities” online. A senior prosecutor called the man’s alleged actions “serious” because the information was “of great importance for the defense of the kingdom.” It's unclear whether a foreign power actually got hold of the information. No date for a trial was announced.
Global surveillance: The secretive Swiss dealer enabling Israeli spy firms (Haaretz) The international mobile system is exposed and a loophole allows hackers, cybercriminals and states to geolocate targets and even hijack email and web accounts. Israelis can be found among the victims - and the attackers
Inside the Italian Mafia’s Encrypted Phone of Choice (Vice) A collaborative investigation reveals alleged members of the mafia are using encrypted phones from "No. 1 Business Communication." The company is linked to a high profile American businessman, a Ukrainian technologist, and multiple convicted criminals.
Crypto Regulatory Affairs: Global Law Enforcement Action Disrupts Dark Web Fentanyl Trade (Elliptic Connect) US and European law enforcement agencies announced the largest action yet to disrupt the trade on the dark web of the deadly opioid fentanyl. Read more in Elliptic's Crypto Regulatory Affairs update.
British man involved in Twitter hack extradited to US, pleads guilty to numerous cybercrimes (Record) Joseph James O’Connor, 23, faces up to 77 years in prison for hacking Twitter in July 2020.
Facial recognition: the CNIL decided to impose an overdue penalty payment on Clearview AI (CNIL) Background information CLEARVIEW AI collects photographs from a wide range of websites, including social networks, and sells access to its database of images of people through a search engine in which an individual can be searched using a photograph. The company offers this service to law enforcement authorities. Facial recognition technology is used to query the search engine and find an individual based on its photograph.