Dateline: Russia's war against Ukraine.
Ukraine at D+448: More Russian strikes against cities. (CyberWire) As Russia continues heavy missile strikes against Ukrainian cities, the Wagner Group complains that the Russian regulars have withdrawn in Bakhmut, exposing Wagner's flanks.
Russia-Ukraine war: List of key events, day 449 (Al Jazeera) As the war enters its 449th day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 449 of the invasion (the Guardian) Kyiv attacked again with missiles; one killed in strike on Odesa; train services suspended in Crimea after ‘interference by outsiders’ causes freight train derailment
Russia-Ukraine war live: Wagner chief accuses Russian army of leaving his troops exposed in Bakhmut (the Guardian) Yevgeny Prigozhin says Russian army retreated in Bakhmut, leaving his own fighters’ flanks exposed, as Ukrainian military says its troops have advanced
Ukraine war: Russia launches ninth wave of missile attacks on Kyiv this month (BBC News) All missiles over the capital were shot down, but falling debris caused some damage, Ukraine says.
Russia fires 30 cruise missiles at Ukrainian targets; Ukraine says 29 were shot down (AP NEWS) Ukrainian officials say Russia has fired 30 cruise missiles against various parts of the country in the latest nighttime test of Ukrainian air defenses which shot down 29 of them. Kyiv officials said defense systems also shot down two exploding drones and two reconnaissance drones early Thursday. A military spokesman said one person died and two were wounded by a Russian missile that got through and struck an industrial building in the southern region of Odesa. Loud explosions were heard in Kyiv as the Kremlin’s forces targeted the capital for the ninth time this month. It is a clear escalation after weeks of lull and ahead of a much-anticipated Ukrainian counteroffensive using newly supplied advanced Western weapons.
Downing of Russian missiles shows 'profound effect' of Ukrainians training on US systems: General (Breaking Defense) "I think about the value of training forces that never previously had a capability like that and then we provide that capability to them. And they're able to conduct an intercept in that way," Gen. Charles Flynn said. "To me that's that's the bigger issue."
'We can no longer do our job', say Russian missile scientists following arrests for treason (The Telegraph) Putin warned that weapons research facility could collapse, as hypersonics experts stage rare public protest
Press-release on the Concept of the UN Convention on International Information Security (The Ministry of Foreign Affairs of the Russian Federation) On May 15, Russia together with Belarus, North Korea, Nicaragua and Syria as co-sponsors, submitted the Concept of the UN Convention on Ensuring International Information Security (IIS) as an official document of the 77th session of the UN General Assembly.
Report Launch: Evolving Cyber Operations and Capabilities | CSIS Events (Center for Strategic and International Studies) Join the CSIS Strategic Technologies for a report launch event to examine cyber and the war in Ukraine, with a view to the wider debate around the role and value of cyber capabilities.
Ukraine War: Vast hacker 'militias' do little damage – but can rally mass support, says study (Breaking Defense) "Hacktivist" groups like the IT Army of Ukraine claim hundreds of thousands of members, but their cyber attacks are less about tangible results than online agitprop, says a forthcoming study from CSIS exclusively previewed by Breaking Defense.
Concerns Over Critical Cybersecurity Vulnerabilities That Remain Unresolved (Office of the Inspector General, Washington Metropolitan Area Transit Authority) The Office of the Inspector General (OIG) is transmitting this Management Assistance Report (MAR)...
Ex-contractor's computer in Russia breached D.C. Metrorail transit system, watchdog finds (CBS News) The Washington Metropolitan Area Transit Authority carries hundreds of thousands of people a day.
Ex-DC Metro contractor logged in to sensitive system from Russia, watchdog finds (CNN Politics) A former Washington, DC, Metro transit system contractor retained access to “critical and sensitive” Metro data from his computer in Russia after he left his job in a breach that raises broader security concerns about one of the nation’s largest transit systems, according to a report released Wednesday.
Computer in Russia breached Metro system amid security concerns, report says (Washington Post) The inspector general’s report surfaced deep-rooted problems that the watchdog’s officials say leave the transit agency open to attacks that could threaten train safety
Russian computer breached DC Metro system: watchdog (The Hill) A computer based in Russia was able to breach the Washington, D.C., Metro system earlier this year, the Metro’s Office of the Inspector General (OIG) said in a new report.
Ukraine, Ireland, Iceland and Japan officially join NATO’s cyber defense center (Record) The military alliance's Cooperative Cyber Defense Center of Excellence (CCDCOE) grows by four countries, including three who are not NATO members.
Opinion What NATO should do now to help protect Ukraine in the long-term (Washington Post) The United States and its European allies have pledged about $150 billion in military and other aid to Ukraine since Vladimir Putin unleashed his pitiless war there 15 months ago.
Pressure campaign on Biden to send F-16s to Ukraine goes into overdrive (POLITICO) Officials signal they’re still open to allowing other countries to send their U.S.-made jets.
From Ukraine war to China's rising power: 5 reasons this G7 matters (CNN) This year’s G7 meeting in Japan holds special significance, not only for its location.
European Diplomats Look Ahead To Further Reconstruction Efforts In Ukraine (RadioFreeEurope/RadioLiberty) The ambassadors of Poland, Germany, and Britain and the former foreign ministers of Spain and Georgia on May 17 said that reconstruction efforts in Ukraine are already under way, even with the war far from over and with formal plans for reconstruction still in the formative stage.
Allies 'Don't Go To Russia,' EU's Enlargement Commissioner Says After Forum In Sarajevo (RadioFreeEurope/RadioLiberty) The European Commissioner for Neighborhood and Enlargement Oliver Varhelyi on May 17 warned aspiring member Bosnia-Herzegovina that EU allies do not visit Russia, another show of disappointment in the country after Republika Srpska President Milorad Dodik’s trip to Moscow last year.
Czechs Scrap Communist-Era Deals To Make Russia Pay For Land (RadioFreeEurope/RadioLiberty) The Czech government on May 17 canceled Soviet-era decrees that granted the Russian Embassy free use of land in Prague and other cities, a further step in a more than two-year diplomatic spat with Moscow worsened by the war in Ukraine.
Head of Dutch satellite technology firm arrested for spying - DutchNews.nl (DutchNews.nl) A Greek national who headed Brabant-based satellite technology firm Aratos has been arrested in Paris and charged with spying for Russia, according to FBI documents. The man, Nikos Bogonikolos, was arrested on May 9 and remains in custody pending extradition proceedings, the FBI said. Bogonikolos is the founder of the Greek conglomerate Aratos Group, a collection of defense and technology companies in the Netherlands and Greece. “As alleged, while ostensibly operating as a defense contractor for Nato and other ally countries,...
NATO contractor accused of smuggling quantum computing and other advanced technology to Russia (Stars and Stripes) A NATO contractor has been arrested under suspicion he helped Russia obtain advanced military technologies, the Justice Department said.
Attacks, Threats, and Vulnerabilities
Playing for the Wrong Team: Dangerous Functionalities in Microsoft Teams Enable Phishing and Malware Delivery by Attackers (Proofpoint) Proofpoint researchers have uncovered several new ways of effectively abusing Microsoft Teams, including:
Researchers show ways to abuse Microsoft Teams accounts for lateral movement (CSO Online) Attackers have several ways to enable lateral movement within a network via a compromised Teams account.
Malicious Microsoft VSCode extensions steal passwords, open remote shells (BleepingComputer) Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times.
Leveraging Dropbox to Soar Into Inbox (Avanan) Hackers are leveraging Dropbox to send malicious URLs.
Access to Energy Sector ICS/OT Systems Offered on Hacker Forums (SecurityWeek) Threat actors have been selling access to energy sector organizations, including ICS and other OT systems, according to a new report
Multiple flaws in Teltonika industrial cellular router expose OT networks to hack (Security Affairs) Experts found multiple vulnerabilities in Teltonika industrial cellular routers that could expose OT networks to cyber attacks. A joint analysis conducted by industrial cybersecurity firms Claroty and Otorio discovered multiple flaws in Teltonika Networks’ IIoT products that can expose OT networks to remote attacks. Teltonika Networks is a leading manufacturer of networking solutions, widely adopted […]
State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered (The Hacker News) SideWinder, a state-sponsored group, uses a network of phishing domains to target government and financial sectors in Pakistan and China.
MalasLocker ransomware targets Zimbra servers, demands charity donation (BleepingComputer) A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking.
Hackers Modified Cobalt Strike Capabilities to Attack macOS Users (GBHackers) Threat actors have been employing Cobalt Strike to breach Windows PCs for years, despite the infosec industry's ongoing efforts to stop it.
macOS is being targeted by 'Cobalt Strike' that opens your machine up to hackers (iMore) Always be careful online.
Researchers infiltrate Qilin ransomware group, finding lucrative affiliate payouts (Record) Cybersecurity researchers managed to infiltrate the Qilin ransomware group, gaining an inside look at how the gang functions and how it rewards affiliates for attacks.
Ransomware-as-a-service operation exposed: How does RaaS work? (Cyber Security Connect) Security researchers have infiltrated a Russian-based ransomware-as-a-service operation, exposing how the business model works, and how much of a cut the gang in charge of the operation gets.
Temu accused of data risks after sister app was suspended for malware (CNBC) The U.S. has accused Temu of data risks following the Google suspension of its sister app, but analysts are not too bothered.
KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) (Help Net Security) A vulnerability (CVE-2023-32784) in KeePass can be exploited to retrieve the master password from the software's memory.
Identity crimes: Too many victims, limited resources (Help Net Security) The lack of transparency in data breach notices is growing, leaving us all more vulnerable to becoming victims of identity crimes.
Lacroix Closes Production Sites Following Ransomware Attack (SecurityWeek) Technological equipment supplier Lacroix has closed three production sites after experiencing a ransomware attack.
Capita accused of ‘unsafe storage of personal data’ following data breach (Record) At least one government customer has publicly criticized the UK outsourcing company after a report that it had left data exposed for seven years, in an incident separate from a highly publicized ransomware attack.
Ransomware Group Adds Academy Mortgage to Victim List, Raising Concerns of a Major Data Breach (JD Supra) On May 15, 2023, reports began to surface about a potential Academy Mortgage data breach after a well-known ransomware group added the company to its...
Clinic goes offline after alleged cyber security attack (KFOR Oklahoma City) Patients have been lining up outside of a local allergy, asthma and immunology clinic for much needed injections, while the clinic tries to recover from what they said is a cyber security breach.
Florida Baptists continue investigation of $700K cyber attack (Biblical Recorder) JACKSONVILLE, Fla. (BP) — An investigation continues into how more than $700,000 in funds was stolen from the Florida Baptist Convention (FBC) through a cyberattack, with no additional details available at this time, a spokesperson for the convention told Baptist Press today (May 16). The convention shared in May 10 statement that “an incident of [...]Read More...
Find out what data is available about you online — but be warned, it might feel a little creepy (ABC) Have you ever wondered how much of your personal information is available online? Here's your chance to find out.
Important Things At Twitter Keep Breaking, And Making The Site More Dangerous (Techdirt) It turns out that if you fire basically all of the competent trust & safety people at your website, you end up with a site that is neither trustworthy, nor safe.
Security Patches, Mitigations, and Software Updates
Microsoft pulls Defender update fixing Windows LSA Protection bug (BleepingComputer) Microsoft has pulled a recent Microsoft Defender update that was supposed to fix a known issue triggering persistent restart alerts and Windows Security warnings that Local Security Authority (LSA) Protection is off.
Cisco fixes critical bugs in Small Business Series switches (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.
Trends
Q1 2023 Cyber Threat Report (Nuspire) Learn more about the biggest threats we saw, plus get a look into the technology industry’s threat landscape in our latest report.
Report: AppSec Teams Stuck in Catch-Up Cycle Due to Massive Cloud-Native Enablement Gap, Unable to Keep Up with Agile Developer Pace (GlobeNewswire News Room) 85% of AppSec pros say ability to differentiate between real risks and noise is critical, yet only 38% can do so today; mature DevOps organizations cite...
Industry Insights Report: Compliant Communication 2023 (Global Relay) Global Relay has published an Industry Insights Report, which serves as a litmus test for market responsiveness for recordkeeping and communications compliance.
42% of IT leaders told to keep data breaches confidential (AtlasVPN) Data breaches can seriously threaten businesses, resulting in significant financial losses, legal ramifications, and reputational damage.
New Osterman Research Report Finds Cyber Resilience Programs are Falling Short, With More Than Half of Security Leaders Revealing Their Workforce Is Not Prepared for A Cyberattack (Business Wire) While 86% of organizations have a cyber resilience program, more than half of respondents say their organization lacks a comprehensive approach to assessing cyber resilience
'A ticking time bomb': limitations in cyber cover (Allens) Insurers heavily scrutinise organisations' ability to prevent, anticipate and withstand cyber-attacks when deciding whether or not to offer cyber insurance. This Insight explains what known vulnerabilities are; the approach commonly adopted by insurers; and what you can do to mitigate the risk.
Identity crimes: Too many victims, limited resources (Help Net Security) The lack of transparency in data breach notices is growing, leaving us all more vulnerable to becoming victims of identity crimes.
Latest Research Shows 38% of Respondents Believe Email as Communication Channel Most Vulnerable to Attacks (Armorblox) Enterprise Strategy Group research finds legacy controls unfit to stop sophisticated threats
Marketplace
BlueCat acquires Men&Mice to boost its industry-leading DNS, DHCP, and IP address management (DDI) platform (GlobeNewswire News Room) Enhanced portfolio will offer organizations of all sizes the tools to simplify and improve their networks...
Entro raises $6M for its end-to-end secrets security solution (TechCrunch) Entro secures $6 million in seed funding for its end-to-end security platform that helps enterprises manage and protect their secrets.
Data443 Buys Cyren Assets Out of Bankruptcy for Up to $3.5M (Bank Info Security) Data443 has bought Cyren's threat intelligence, URL categorization and email security technology out of bankruptcy for up to $3.5 million. Buying Cyren's anti-spam,
Doyle Security Systems acquires AMS Security Plus (Security Systems News) Doyle Security Systems, a residential and commercial security, fire and medical monitoring systems provider has announced its acquisition of AMS Security Plus, an Albany based private
Prudential PLC’s Acquisition of Qualys Stock Sparks Market Analysis and Discussion (Best Stocks) On May 17, 2023, financial and market analysts were abuzz following the news of Prudential PLC's acquisition of 7,948 shares
KnowBe4 Celebrates Success of 60,000-Customer Milestone (KnowBe4) KnowBe4 Celebrates Success of 60,000-Customer Milestone
Intercede Named Overall Leader in KuppingerCole Secrets Management Leadership Compass 2023 (Intercede) Intercede named an overall leader in KuppingerCole Secrets Management Leadership Compass 2023 for MyID CMS
Keeper Security opens regional headquarters in Tokyo (SecurityBrief New Zealand) Keeper Security, cybersecurity software, today marks its expansion into the Asia Pacific (APAC) market with the opening of its regional headquarters in Tokyo.
Darktrace appoints former VMware veteran as new SVP of its global partner organisation (CRN) He brings more than 25 years of experience to lead Darktrace’s ecosystem of over 500 channel partners
Veeam Announces New Leader of Americas Region (Veeam Software) Tech industry leader and Veeam veteran Shiva Pillay will drive alignment, high growth and optimize performance as companies prioritize data protection and ransomware recovery
Former National Cyber Director Chris Inglis Joins Securonix’s Newly Formed Strategic Advisory Board (Business Wire) Diverse Leadership Group of Distinguished Industry Veterans Brings Valuable Public and Private Sector Experience to Help Guide Growth and Expansion for Cloud-Native Security Analytics Leader
Products, Services, and Solutions
Anomali and ONG-ISAC Announce Joint Initiative to Combat Cybercrime in Oil & Natural Gas Sector (Anomali) Anomali, the leader in modernizing and scaling security operations, and the Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC), have announced a joint initiative to help protect oil and natural gas critical infrastructure organizations against nation- state attacks and other persistent cyber adversaries.
Intel and SAP Embark on Strategic Collaboration to Expand Cloud... (Intel) Intel and SAP set out to improve the performance, TCO, security and efficiency needed to run agile businesses today and in the future.
Rubrik Announces Industry’s First Advanced User Intelligence on Rubrik Security Cloud (Rubrik) Today, Rubrik, the Zero Trust Data Security™ Company, unveiled new user intelligence capabilities designed to empower organizations to become more proactive in the fight against ongoing cyberattacks.
OX Security Launches OX-GPT, AppSec's First ChatGPT Integration (Yahoo Finance) OX Security, a leader in software supply chain security, today announced the launch of OX-GPT, the first ChatGPT integration to improve software supply chain security. With the new integration, OX now presents developers with customized fix recommendations and cut and paste code fixes, providing for quick remediation of critical security issues across the software supply chain.
Quadrant Knowledge Solutions Names Zimperium The Leader in In-App Protection (Zimperium) Quadrant Knowledge Solutions, a global advisory and consulting firm, recently published its “SPARK Matrix: In-App Protection, 2022” report and named
Introducing SBOM360 Hub from Lineaje Inc. (Medium) Publish, Share & Use SBOMs with Confidence
Satori Augments Its Data Security Platform With Posture Management and Data Store Discovery Capabilities to Help Companies Proactively Protect Data (GlobeNewswire News Room) With the new additions to Satori’s Data Security Platform, companies gain unprecedented visibility to answer “Where is all my data?” and “Who has access to...
Next Announces SIEM Streaming Service and Enterprise Class Scalability (Next DLP) Next DLP announces a new integration between Splunk and the Reveal platform. The technology partnership will improve incident response effectiveness.
AU10TIX's Award-Winning Serial Fraud Monitor Prevented Over a Billion USD in Business Fraud in Q1 (PR Newswire) AU10TIX, a global technology leader in identity verification and identity management, today announced that its award-winning Serial Fraud...
Enzoic Launches Automated Threat Intelligence Solution (Business Wire) Identity breach monitoring product continuously screens for exposed data to prevent theft
Next Announces SIEM Streaming Service and Enterprise Class Scalability (Business Wire) Reveal add-on for Splunk is now available in Splunkbase
Bitwarden Launches Passwordless.dev Toolkit to Simplify Passkey Implementation for Developers (Business Wire) With the rising demand for passwordless logins, Bitwarden Passwordless.dev accelerates delivery of passwordless authentication, making passkey deployment easy for developers to build and implement FIDO authentication so users can sign in with a passkey.
Proofpoint Joins Joint Cyber Defense Collaborative (GlobeNewswire News Room) Public-private partnership will facilitate a holistic and synchronized approach to threat prevention, detection, and response...
Cellebrite and The Exodus Road Provide Digital Intelligence Technology to the National Bureau of Investigations Anti-Human Trafficking Division in the Philippines (GlobeNewswire News Room) As the digital world enables the spread of human trafficking and exploitation, Cellebrite empowers law enforcement with advanced digital intelligence in...
BeyondTrust Enhances its Partner Program to Support Better Enablement, Greater Engagement, and Simplified Processes (GlobeNewswire News Room) BeyondTrust’s Partner program, now called the PartnerTrust, promotes deeper partner engagement through additional resources and simplified access for more...
DOD to Replace ESS Program With Microsoft Cyber Tools; Redhorse’s John Zangardi Quoted (Executive Gov) Looking for the latest Government Contracting News? Read about DOD to Replace ESS Program With Microsoft Cyber Tools; Redhorse’s John Zangardi Quoted.
Prevalent TPRM Platform v3.29 Enhances AI-Based Evidence Review & Expands on ESG Assessment Capabilities (Prevalent) New release addresses two of the most frequently discussed topics among third-party risk management practitioners today.
Snowflake and Securiti Partnership Enables Data Innovation at Scale (Securiti) Snowflake and Securiti partnership enables organizations to unleash the full potential of their data, streamline siloed data governance across large multi-region and multi-account Snowflake implementations. Learn more.
Barracuda launches enterprise-grade SASE platform for businesses and MSPs (Barracuda) Barracuda SecureEdge is delivered as a service, makes security deployment and management easier for customers, and helps protect users, sites, and IoT devices
Technologies, Techniques, and Standards
Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says (FCW) A new interagency effort to proactively mitigate ransomware vulnerabilities has helped expand information sharing between the public and private sectors, according to a risk operations official from the Cybersecurity and Infrastructure Security Agency.
Research Report: The State of Industrial Secure Remote Access (I-SRA) (Cyoio) A new report from Takepoint Research and Cyolo reveals problems are plentiful when it comes to securing remote access to industrial environments.
[New Research] Best Password Practices to Defend Against Modern Cracking Attacks (Specops Software) Today, the Specops research team is publishing new data on how long it takes modern attackers to brute force guess user passwords with the help of newer...
Cyber Hygiene Explained: Common Mistakes + Best Practices (CrowdStrike) Cyber hygiene refers to the practices computer users adopt to maintain the safety and security of their systems in an online environment.
How to Enable Advanced Data Protection on iOS, and Why You Should (Electronic Frontier Foundation) Apple has long used end-to-end encryption for some of the information on your iPhone, like passwords or health data, but the company neglected to offer a way to better protect other crucial data, including iCloud backups, until recently. This came after years of a hard fought battle pushing Apple...
Plan Radar gives pointers on construction data security (SecurityBrief Australia) It is easy for hackers to infiltrate construction data security systems through the internet or gain physical access via external contractors.
Design and Innovation
New ZIP domains spark debate among cybersecurity experts (BleepingComputer) Cybersecurity researchers and IT admins have raised concerns over Google's new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery.
Academia
GCA's Cybersecurity Toolkit Now Available Through the Consortium of Cybersecurity Clinics (GCA) The model is a win-win for all, as it offers students real hands-on experience and provides the local community dedicated cyber-related services.
Legislation, Policy, and Regulation
Spooked by ChatGPT, US Lawmakers Want to Create an AI Regulator (WIRED) At a congressional hearing, senators from both parties and OpenAI CEO Sam Altman said a new federal agency was needed to protect people from AI gone bad.
State Department Worries About Cyber Vulnerabilities Amid Debt Debate (Defense One) The department wants to spend nearly $1 billion on cybersecurity in 2024 to improve networks and communications devices.
TikTok Ban Signed in Montana, Paving Way for First Amendment Legal Battle (Wall Street Journal) Montana’s ban on TikTok is slated to take effect next year, paving the way for a legal fight that could determine the fate of a possible nationwide prohibition.
Montana says 1st-in-nation TikTok ban protects people. TikTok says it violates their rights (AP NEWS) Montana has become the first state to enact a complete ban on TikTok. Republican Gov. Greg Gianforte signed the legislation Wednesday and it is scheduled to take effect next January. The measure is more sweeping than bans put in place in nearly half the states and by the U.S. federal government that prohibit TikTok on government devices. The law is expected to face legal challenges and become a testing ground for whether a TikTok-free America is possible. TikTok has vowed to fight for Montana residents to be able to use the video-sharing app, which is owned by a Chinese tech company.
Montana’s TikTok ban is unconstitutional and makes no sense (Quartz) Three years after Trump tried and failed to ban TikTok on US soil, Montana has taken up the cause
Why does the US want to ban TikTok? The allegations against it (Reuters) Montana Governor Greg Gianforte on Wednesday signed legislation to ban Chinese-owned TikTok from operating in the state to "protect Montanans" from alleged Chinese surveillance, making it the first U.S. state to ban the popular short video app.
Congress looks to expand CISA's role, adding responsibilities for satellites and open source software (CyberScoop) Lawmakers advanced four on Wednesday that would broaden the Cybersecurity and Infrastructure Security Agency's portfolio.
Lawmakers advance cyber bills aimed at open-source, satellite vulnerabilities (Record) The House Homeland Security Committee on Wednesday easily advanced legislation to ensure the federal government and critical infrastructure can tap open-source software securely.
FDA shores up cybersecurity requirements for medical devices (Washington Post) FDA shoring up requirements for medical devices as cyberthreats increase
Data brokers and lobbying (Incogni Blog) Data brokers spent $143 million on lobbying from 2020 to 2022 as privacy laws in the US tighten.
Litigation, Investigation, and Law Enforcement
US offers $10m bounty for Russian ransomware suspect outed in indictment (Naked Security) “Up to $10 million for information that leads to the arrest and/or conviction of this defendant.”
Leak suspect shared classified secrets with foreigners, prosecutors say (Washington Post) The Justice Department, in a court filing ahead of Jack Teixeira’s next detention hearing, also says it found red flags in his Air Force record
Alleged Pentagon Leaker Says He’s No Edward Snowden, Seeks Bail (Bloomberg Law) The Air National Guardsman charged with the most serious leak of secret military information in a decade says he should be released on bail, arguing he’s no Edward Snowden.
Pentagon leak suspect Jack Teixeira warned about mishandling classified info, prosecutors say (AP NEWS) Prosecutors say that superiors of the Massachusetts Air National guardsman charged with leaking highly classified military documents had raised concerns internally on multiple occasions about his handling or viewing of classified information. Justice Department lawyers made the disclosure Wednesday in a court papers urging a magistrate judge to keep Jack Teixeira behind bars while he awaits trial in the case stemming from the most consequential intelligence leak in years. Prosecutors say Teixeira continued leaking documents even after he was admonished by superiors on two separate occasions last year over "concerning actions” he took related to classified information.
Accused Leaker Received Repeated Warnings Over Handling of Classified Information, Prosecutors Say (Wall Street Journal) The guardsman’s commanders expressed concerns months before Airman Jack Teixeira was arrested.
Meta Faces Record EU Privacy Fine Over Data Transfers to US (Bloomberg) Fine follows long-running saga over protection of data in US. Irish regulator is poised to issue decision in coming days.
Investors' case against SolarWinds resolved in favour of company (iTWire) The verdict in a case filed by investors against the directors of the software firm SolarWinds, claiming they were aware of the risks that the firm's software posed, but failed to act to prevent devastating attacks that came to light in 2020, has gone in favour of the company. The Supreme Court...
Fertility app Premom settles with FTC over risky data sharing (Washington Post) The app allegedly shared sensitive user information with China-based companies known for privacy problems