Dateline: Russia's hybrid war against Ukraine.
Ukraine at D+452: Russia claims victory in Bakhmut as the G7 finishes its meeting. (CyberWire) Ukraine has denied Russian claims of having secured Bakhmut. The G7 meetings conclude with more sanctions on Russia.
Russia-Ukraine war at a glance: what we know on day 453 of the invasion (the Guardian) Russian-imposed Donetsk leader Denis Pushilin says demining is being carried out in Bakhmut; Ukraine’s deputy defence minister insists Ukraine still had a small foothold inside the city
Ukraine Races to Forge New Army Ahead of Offensive (Wall Street Journal) Kyiv is training military recruits—among them an actor, lawyer and security guard—to take part in its imminent move on Russian forces.
Russia-Ukraine War: Zelensky Denies Bakhmut Has Fallen as Biden Pledges Commitment to Ukraine (New York Times) At the G7 summit in Japan, President Volodymyr Zelensky of Ukraine said Kyiv’s forces were still fighting for the city. But even if Bakhmut falls, gains on its outskirts could give Ukraine a tactical opportunity.
Russia-Ukraine war live: Bakhmut remains ‘epicentre’ of combat, Ukraine says; Brazil’s Lula ‘upset’ not to meet Zelenskiy at G7 (the Guardian) Ukraine armed forces says Russia carrying out airstrikes on ruined city; Brazil’s president repeats criticism of Biden’s role in conflict
Putin's hollow victory: The capture of Bakhmut in numbers (The Telegraph) Russia claims to have seized the city in a battle likely to have been the bloodiest since the Second World War. But it came at a huge cost
Why Ukraine's spring offensive still hasn't begun — with summer just weeks away (AP NEWS) For months, Western allies have shipped billions of dollars worth of weapons systems and ammunition to Ukraine with an urgency to get the supplies to Kyiv in time for an anticipated spring counteroffensive. Now summer is just weeks away and instead of an ongoing counteroffensive Russia has dug in deeper, fortified its lines and the two sides have focused on an intense battle for Bakhmut. But officials sense the campaign will now finally launch, and in some cases, the initial shaping operations that signal the next stage of this fight have already begun.
Putin claims first battlefield victory in a year as Russian troops seize Bakhmut (The Telegraph) As the Russian president congratulated his army and Wagner mercenaries, Volodymyr Zelensky denied the city had been captured
Russia claims to have Bakhmut but top Ukrainian military leaders say the battle is not over (AP NEWS) Although Russia claims it has won control of Ukraine's eastern city of Bakhmut, after a grinding nine-month conflict in which tens of thousands of fighters have died, top Ukrainian military leaders say the battle is not over.
Russia-Ukraine war: Zelenskiy says Bakhmut ‘is not occupied’; Russia accuses G7 of ‘undermining global stability’ — as it happened (the Guardian) Volodymyr Zelenskiy says during Japan visit that Ukrainian troops are still in eastern city at centre of bloody battle; Moscow calls summit a ‘politicised’ event
Russian troops have taken control of Bakhmut, Kremlin says (The Telegraph) Putin congratulates soldiers after claiming a victory that would mark an end to a ferocious and bloody battle for the eastern city
Russia-Ukraine war – as it happened: Kyiv says situation in Bakhmut ‘critical’ after Wagner claims control of city (the Guardian) Ukraine denies Wagner claim that city has fallen and says fighting ongoing in some parts
As Russia Claims Victory in Bakhmut, Ukraine Sees Opportunity Amid Ruins (New York Times) Military analysts say that if Moscow continues to send reinforcements to defend the city, that could weaken Russian forces’ ability to hold off a broader counteroffensive that Ukraine has been planning.
Russia-Ukraine War: Zelensky Denies Bakhmut Has Fallen as Biden Pledges Commitment to Ukraine (New York Times) At the G7 summit in Japan, President Volodymyr Zelensky of Ukraine said Kyiv’s forces were still fighting for the city. But even if Bakhmut falls, gains on its outskirts could give Ukraine a tactical opportunity.
Zelensky says destroyed Bakhmut now lives ‘only in our hearts’ (Washington Post) Visiting Hiroshima, another city devastated by war, he implores world leaders to continue aid and support
Zelenskyy likens Hiroshima destruction to Ukraine in G-7 appeal (Nikkei Asia) Ukraine president seeks more weapons, wider participation in peace formula
Ukrainian Energy During the War and Between the Winters (Wilson Center) In September 2022, Russia started using a new strategy in its war against Ukraine: massive attacks on the energy infrastructure. A big strike happened in September and starting in October, Ukraine experienced more than 15 massive attacks and dozens of smaller ones, oriented to specific regions and facilities. In October, Ukraine had to suspend electricity export. Consumers lived through cutoffs and the constant risk of a total blackout. All energy sectors suffered, but the power system incurred the biggest damages and losses.
Opinion | At Last, F-16 Jets for Ukraine (Wall Street Journal) Biden finally agrees to train Kyiv’s pilots to help win the air war.
Opinion | Why Ukraine Needs Those F-16s (New York Times) The need for control of the nation’s airspace is one of the war’s largely untold stories.
Providing Ukraine with F-16 jets a ‘colossal risk’ for west, Russia says (the Guardian) Warning comes after Joe Biden said US would back joint effort to train Ukrainian pilots to fly fighter jets
Zelenskyy, 'de-risking' China: 5 takeaways from Hiroshima G-7 summit (Nikkei Asia) Leaders gathered in Hiroshima work toward pacts to defend rule-based order
Zelensky dominates summit as G7 leaders call out China (BBC News) Ukraine's president made a dramatic appearance in Japan, as China warned against "economic coercion".
Ukraine's Zelenskyy at center of last day of high-level diplomacy as G7 looks to punish Russia (AP NEWS) World leaders ratcheted up pressure Sunday on Russia for its war against Ukraine, with Ukrainian President Volodymyr Zelenskyy at the center of a swirl of diplomacy on the final day of the Group of Seven summit of rich-world democracies. Zelenskyy’s in-person attendance at one of the world’s premier diplomatic gatherings is meant to galvanize attention on his nation’s 15-month fight against Russia. G7 nations have unveiled a slew of new sanctions and other measures meant to punish Moscow and hamper its war-fighting abilities. The G7 leaders have faced a balancing act as they look to address a raft of global worries demanding urgent attention, including climate change, AI, poverty and economic instability, nuclear proliferation and, above all, the war in Ukraine.
G7 ends with Ukraine in focus as Zelenskyy meets world leaders and Russia claims disputed gains (AP NEWS) Ukrainian President Volodymyr Zelenskyy has huddled with some of his biggest backers as the Group of Seven summit closed in Hiroshima. Zelenskyy is building momentum for his country’s war effort even as Russia claimed a battlefield victory that was quickly disputed by Ukraine. The Ukrainian leader’s in-person appearance in his trademark olive drab underscored the centrality of the war for the G7 bloc of rich democracies. It also stole much of the limelight from other priorities, including security challenges in Asia and outreach to the developing world, that the leaders focused on at the three-day gathering. Hosting Japanese Prime Minister Fumio Kishida says the G7 is committed to “strong backing for Ukraine from every possible dimension.”
G7 Leaders Urge China To 'Press Russia' To Withdraw From Ukraine (RadioFreeEurope/RadioLiberty) The leaders of the Group of Seven (G7) leading economies have urged China to “press Russia” to end its invasion of Ukraine and withdraw its forces from Ukrainian territory.
G-7 latest: Zelenskyy and Kishida lay flowers at peace monument (Nikkei Asia) Ukrainian president to hold solo press conference Sunday evening
In Hiroshima, Zelensky Tells Putin to Abandon ‘Nuclear Blackmail’ (WSJ) The Ukrainian president’s trip to the G-7 summit was both a working visit to seek further Western military aid and a symbolic plea about the threats Kyiv faces from Russia’s leader.
Zelenskiy’s G7 visit sends ‘incredibly powerful message’ to Russia, says Sunak (the Guardian) The UK PM said the Ukrainian president attending the summit confirmed that world leaders are united in their support of his country
Zelenskyy visit highlights Japan's task to achieve world peace (Nikkei Asia) G-7's sole Asian member can bridge gaps between Global South and the West
Zelenskyy invites Modi to back Ukraine's peace formula at G-7 (Nikkei Asia) Ukrainian leader jets into midst of staunch allies, on-the-fence players
Pope Asks Italian Cardinal To Carry Out Peace 'Mission' On Ukraine War, Vatican Says (RadioFreeEurope/RadioLiberty) Pope Francis has asked Cardinal Matteo Zuppi, head of the Italian bishops conference, to carry out a peace mission to try to help bring an end to the war in Ukraine, the Vatican said on May 20.
Zelenskyy to attend G7 summit Sunday as world leaders tighten sanctions against Russia over Ukraine (AP NEWS) Leaders of the world's most powerful democracies are pledging to tighten punishments on Russia for invading Ukraine. The Group of Seven leaders meeting in Japan made clear that their support for Ukraine “will not waver." Ukrainian President Volodymyr Zelenskyy was expected to join the summit in Japan in person on Sunday, following a virtual appearance on Friday. Russian President Vladimir Putin’s nuclear threats against Ukraine, along with North Korea’s missile tests and China’s expanding nuclear arsenal, have resonated with Japan’s push to make nuclear disarmament a major part of the summit that opened Friday in Hiroshima, Japan.
Zelenskyy lands in Hiroshima to pitch for F-16s and peace at G-7 (Nikkei Asia) Ukrainian president meets with Modi, Sunak ahead of Ukraine session on Sunday
Fact Sheet on U.S. Security Assistance to Ukraine (US Department of Defense) In total, the United States has committed $38 billion in security assistance to Ukraine since the beginning of the Biden Administration, including more than $37.3 billion since the beginning of Russia’s unprovoked and brutal invasion on February 24, 2022.
U.S. Official Looks to Deter Russia in Black Sea Region (U.S. Department of Defense) Russia's invasion of neighboring Ukraine has far-reaching impacts for the Black Sea region, and the United States is working with allies and partners to counter Russian President Vladimir Putin's
WSJ News Exclusive | To Aid Ukraine in Fight Against Russia, Allies Look to Security Model Like Israel’s (Wall Street Journal) NATO membership isn’t on the table for now, but the U.S. and European allies could provide Kyiv guarantees for weapons and advanced technology.
Putin has one deadly weapon left, and I saw first hand the threat it poses (The Telegraph) Russia’s submarines are first rate. Our ability to contain them is more critical than ever
Russia turns to laptops to sharpen its firepower on the front line (The Telegraph) Moscow’s soldiers are relying on Strelets battlefield computers to detect and fire on Ukrainian positions, according to a report
Mystery surrounds 'hundreds' of UK 'long-range' attack drones heading to Ukraine (Breaking Defense) The Prime Minister’s office told Breaking Defense that it "wouldn’t be able to get into further detail," and experts have few theories.
How NATO can take a 360-degree approach to the Vilnius summit (Atlantic Council) According to officials and experts at a recent Atlantic Council event, Russia will remain at the top of NATO's Vilnius agenda—but that doesn't mean the Alliance shouldn't have its eye on challenges posed by China and emerging technologies.
The free world faces a troubling new challenge (The Telegraph) The world is far from united in condemning the Russian invasion of Ukraine; many countries still maintain a studied neutrality
The Future Is a Hard Sell in Russia (Wilson Center) There is an invisible struggle taking place within the Russian community, one that is more significant than the endless squabbles between those who have left the country and those who have remained. The divide in question is between those who have a stake in the present and those who would rather bet on the future. One or the other.
Ukraine’s cyber chief on the ever-changing digital war with Russia (Record) Yurii Shchyhol, leader of Ukraine's national cyberdefense agency, explains in an interview with The Record about how Russian hackers are adapting to the response from Kyiv and its allies.
The Underground History of Russia's Most Ingenious Hacker Group (WIRED) From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.”
Russia’s Investigative Committee brings charges against ICC prosecutor, judge (TASS) Both have been put on a wanted list
ICC Statement on reports of coercive measures against officials (International Criminal Court) The International Criminal Court (“ICC” or the “Court”) is aware and profoundly concerned about unwarranted and unjustified coercive measures reportedly taken against ICC officials, notably the Prosecutor of the Court and the judges of Pre-Trial Chamber II by the authorities of the Russian Federation. The ICC finds these measures unacceptable.
ICC Slams Russian Arrest Warrant For Hague-Based Prosecutor Who Issued Warrant Against Putin (RadioFreeEurope/RadioLiberty) The International Criminal Court (ICC) said it is “profoundly concerned” about Russia’s move to issue a warrant for the arrest of an ICC prosecutor and judges who earlier had issued a war-crimes arrest warrant for President Vladimir Putin, accusing him of illegally deporting children from Ukraine.
U.S. Condemns Lukashenka Regime, Urges Release Of 1,500 Political Prisoners In Belarus (RadioFreeEurope/RadioLiberty) The United States condemned the regime of authoritarian ruler Alyaksandr Lukashenka of Belarus, saying it was “unjustly holding over 1,500 political prisoners.”
'It Will Perish When I'm Gone': Russian Language Usage Plunges In Wartime Ukraine (RadioFreeEurope/RadioLiberty) As it seeks to fight off the Russian invasion, Ukraine is experiencing the most rapid shift away from the use of the Russian language in its recent history. The process, accelerated by Russia's renewed attempts to erase Ukrainian culture and sow divisions within the country, is far from painless.
Russia’s Latest Sanctions on U.S. Officials Turn to Trump Enemies (New York Times) Among the 500 people singled out for travel and financial restrictions were Americans seen as adversaries by former President Donald J. Trump.
Attacks, Threats, and Vulnerabilities
KeePass Exploit Allows Attackers to Recover Master Passwords from Memory (The Hacker News) A newly discovered security flaw (CVE-2023-32784) in KeyPass password manager software could expose your master password in cleartext!
CISA warns of Samsung ASLR bypass flaw exploited in attacks (BleepingComputer) CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection.
Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware (Security Affairs) Cybercriminal gang FIN7 returned with a new wave of attacks aimed at deploying the Clop ransomware on victims’ networks. Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest […]
Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks (The Hacker News) The infamous cybercrime syndicate FIN7 is back in business, launching their first ransomware campaign in years.
Microsoft: Notorious FIN7 hackers return in Clop ransomware attacks (BleepingComputer) A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims' networks.
Researchers tie FIN7 cybercrime family to Clop ransomware (Record) Long-running cybercrime cartel FIN7, which has made use of ransomware variants developed by groups including REvil and Maze, has added another strain to its arsenal.
Mapping The Ransomware Payment Ecosystem: A Comprehensive Visualization of the Process and Participants (Institute for Security and Technology) !e Institute for Security and Technology’s Ransomware Task Force (RTF) is working to illuminate the ransomware payment ecosystem as part of our efforts to improve the information environment and blunt the ability of criminal and other malign actors to pro#t from ransomware attacks.
RATs found hiding in the npm attic (ReversingLabs) ReversingLabs researchers discovered two malicious packages that contained TurkoRat, an infostealer that lurked on npm for months before being detected.
Legitimate looking npm packages found hosting TurkoRat infostealer (CSO Online) The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.
npm packages caught serving TurkoRAT binaries that mimic NodeJS (BleepingComputer) Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan.
Open-source Infostealer RAT hidden in malicious npm package (CryptoSaurus) TurkoRat capable of credential harvesting has features like wallet grabber Prajit Nair (@prajeetpeaks) • May 20, 2023
Microsoft VMs hijacked in cloud Cyber Attack (IT Security News) A threat actor with a history of targeting Microsoft servers has recently gained control over virtual machines (VMs) and installed third-party remote management software within clients’ cloud environments. The Mandiant Intelligence team has identified this actor, known as UNC3844, evading security software detections on Azure cloud platforms. Their primary objective is to exploit cloud storage
Hackers Use SIM Swapping Technique to Gain Access to Microsoft Azure Machines (GBHackers - Latest Cyber Security News | Hacker News) Threat group known as 'UNC3944' employ phishing and SIM-swapping techniques to seize control of Microsoft Azure admin accounts.
PyPI repository restored after temporarily suspending new activity (Computing) After temporarily suspending new user sign-ups and package uploads, the maintainers of the Python Package Index (PyPI), the official repository for open source Python packages, have now restored the registry.
PyPI new user and new project registrations temporarily suspended. (Python) Python Infrastructure's Status Page - PyPI new user and new project registrations temporarily suspended..
PyPi on Hold: Suspends New Users’ and Projects Creations Due to A High Volume of Malicious Activity (Medium) A few hours ago, the PyPi team announced that they are temporarily suspending the creation of new users and the publication of new projects
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted (The Hacker News) Administrators of the PyPI software repository have disabled new user sign-ups and package uploads until further notice.
PyPI Repository temporarily suspends user sign-ups and package uploads due to ongoing attacks (Security Affairs) The Python Package Index (PyPI) maintainers have temporarily disabled the sign up and package upload processes due to an ongoing attack. The maintainers of Python Package Index (PyPI), the Python software repository, have temporarily disabled the sign up and package upload processes due to an ongoing attack. The maintainers opted to disable the above functionalities […]
High-tech facial phone locks undone by low-res photos of owners (Times) Mobile phones have a facial lock that can be fooled by a low-resolution printed photo, research has shown. Handsets made by Samsung, Honor, Motorola, Nokia, Opp
The urgent PayPal email scam you can't afford to ignore (Fox News) The Federal Trade Commission issued warnings about phishing emails from PayPal and Metamask. Kurt "CyberGuy" Knutssons shows you how to keep data safe.
The Real Risks in Google’s New .Zip and .Mov Domains (WIRED) While the company’s new top-level domains could be used in phishing attacks, security researchers are divided on how big of a problem they really pose.
What Is Inferno Drainer? New Phishing Scam Pilfering Crypto, NFTs (Decrypt) The scammer reportedly charges 20% to 30% of the stolen assets in exchange for deploying their malicious software.
BNY Mellon Files Notice of Data Breach Affecting Clients’ Social Security Numbers (JD Supra) On May 13, 2023, Bank of New York Mellon Corporation (“BNY Mellon”) filed a notice of data breach with the Attorney General of Massachusetts after...
Patient Privacy Incident (University of Missouri Health Care) At University of Missouri Health Care, we take privacy very seriously, and it is important to us that you are made fully aware of any potential privacy issues.
Philadelphia Inquirer Operations Severely Disrupted by Cyber Attack, Offices Closed for Remediation (CPO Magazine) A cyber attack on one of the oldest newspapers in the United States has damaged editorial services and advertising to such a degree that it is “unclear” when normal operations will be restored.
Threat of Confidential Data Release in Dallas Ransomware Attack (NBC 5 Dallas-Fort Worth) A threat was posted Friday on a website related to the Royal Ransomware Group threatening to release data the group claims to have accessed from the City of Dallas.
Dallas police struggle to access physical evidence amid ransomware, impacting trials (Dallas News) Defense lawyers were exasperated after more than three months of pervasive evidence storage issues. The consequences played out in a murder trial, where a man...
‘The data will be leaked soon’: Threat about Dallas ransomware attack surfaces (Dallas News) FBI Dallas says threats of data leaks from hacker groups typically indicate they haven't yet received what they want, like money.
Cyber attack hits NOSM University, affecting digital systems (CBC News) NOSM University lost internet service at both its Sudbury and Thunder Bay campuses due to cyber attack.
Attempted cyber attack responsible for 3-week Newport News library computer outage (Daily Press) For more than three weeks, public computers, printing, faxing, and scan-to-email services have all been unavailable at Newport News libraries.
Luxottica confirms 2021 data breach after info of 70M leaks online (BleepingComputer) Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums.
Hackers post the data of 70m eyewear customers online for free (Cyber Security Connect) The personal data of 70 million customers of a major eyewear company have been posted to hacking forums for free. The world’s largest eyewear organisation, Luxottica, has revealed that it was the vi
Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers (Record) In its latest regulatory filing about the breach, the Houston-based food distribution giant said it sent notification letters to more than 125,000 current and former employees.
Hackers steal the SSN of nearly 6 million people (Panda Security Mediacenter) PharMerica suffered the biggest data breach so far this year. The stolen data appears to be up for sale on the black market.
Cyber-attack forces Suzuki to shut down motorcycle plant in India for a week, causes heavy production loss (Free Press Journal) Apart from slashing output from the factory by 20,000 units, the cyber attack also forced Suzuki to push off its annual supplier conference.
Hong Kong accountant loses HK$700,000 in phishing scam, joining 1,408 others who collectively lost HK$26.1 million this year (The Star) Scammers used text messages and emails to communicate with their victims in more than 90 per cent of the cases, according to forceScams involving cross-jurisdictional syndicates and victims only noticing their losses weeks later pose challenges, says police
Verizon issues warning about "smishing," texts that are sent to your phone to rip you off (Phone Arena) Verizon issues a warning about fake SMS text messages called "smishing" designed to get you to send credit card info and more.,
Security Patches, Mitigations, and Software Updates
HP rushes to fix bricked printers after faulty firmware update (BleepingComputer) HP is working to address a bad firmware update that has been bricking HP Office Jet printers worldwide since it was released earlier this month.
ASUS routers knocked offline worldwide by bad security update (BleepingComputer) ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity.
Business email compromise is on the rise, Microsoft warns (Axios) An often-overlooked cybercrime tactic is getting more sophisticated and growing in popularity among criminal gangs, Microsoft warned in a report released Friday.
Rise in cyberattacks worries capital market registrars (Punch Newspapers) Owoturo said that an increased threat of cyberattacks had given rise to renewed efforts by capital market stakeholders to safeguard data.
67% Of Indian Firms To Outsource Key Security Functions As Cyber Attacks Spike (Zee News) About 72.5 per cent of the enterprises said they use threat intelligence products or services in their organisation, and 26.5 per cent said that they plan to implement it in the next two years.
Option3 Aims to Strengthen National Cybersecurity with New Acquisition Plans (TechBullion) New York-based cybersecurity private equity firm Option3 is actively engaged in negotiations to acquire a number of companies addressing specific cyber challenges, the company tells TechBullion. The move is aimed at building a next-generation “cyber-focused defense technology platform,” known internally as RESILIENT. The RESILIENT platform has been rapidly progressing in recent months as discussions near […]
Accenture, Raytheon, Stellar Ventures Invest in Space Cybersecurity Company SpiderOak (GovCon Wire) Looking for the latest GovCon News? Check out our story: Accenture, Raytheon, Stellar Ventures Invest in Space Cyber Company SpiderOak. Click to read more!
SentinelOne is leveraging A.I. to fend off cyberattacks (Fortune) A $100 million IPO in 2021 has allowed the company to play offense against cybercriminals.
VA Asking Private Sector for Cyber Operations Support (Meritalk) The Department of Veterans Affairs (VA) sent out a new contract opportunity notice on May 11 seeking private sector interest in a five-year contract to support the agency’s VA Cybersecurity Operations Center (VA CSOC).
Chinese companies switch auditors to avoid U.S. delisting risk (Nikkei Asia) American, Singapore companies gain business as accountant inspections begin
Cyber security skills shortage: Recession or stress? (ITWeb) If you want to attract more people into cyber security, you need to put controls in place that minimise the stress, says KnowBe4’s Anna Collard.
America is entering a Forever Labor Shortage (Business Insider) The coming surge in boomer retirement will transform the job market for decades to come — and that's great news for everyone.
AvePoint Appoints Max McNamara as VP and Managing Director for ANZ (SecurityBrief Australia) AvePoint appoints Max McNamara as Vice President and Managing Director of Australia and New Zealand to drive its ANZ strategy and business growth.
FBI veteran joins Pamir Consulting to Safeguard Billions of Dollars of US Sponsored Academic Research and Prevent IP Theft (Pamir Consulting) Alan Kohler will also Bolster Pamir Capabilities Advising US Companies with Mitigating Business Risk in China
Products, Services, and Solutions
Ping Identity Achieves DOD IL5 Authorization (PR Newswire) Ping Identity, the intelligent identity solution for the enterprise, announced its core identity and access management (IAM) solutions are now...
Orion Governance Licenses Technology from GE to Deliver Next Generation Data Governance Solution (GlobeNewswire News Room) Orion will embed certain GE data governance solutions to help ensure enhanced security in today’s multi-cloud/hybrid IT landscape...
Thales strengthens its leadership in Automotive Cybersecurity with a new certification (Thales Group) There is a clear growing demand for increased cybersecurity in the automotive industry. The United Nations Economic Commission for Europe (UNECE) responded by issuing a new regulation (UN Regulation No. 155) for vehicle Cyber Security Management System. This covers risk and security assessment, threat detection, and vulnerability monitoring over the entire vehicle lifecycle. In consequence, the automotive industry is implementing a mandated cybersecurity standard (ISO/SAE 21434) that applies not only to car manufacturers, but also to all vehicle cybersecurity suppliers such as Thales. Being compliant in this highly regulated environment reinforces Thales' leadership in automotive cybersecurity.
ABPSecurite to distribute LogRhythm’s solutions in Singapore (Channel Asia) LogRhythm has picked cybersecurity firm ABPSecurite as its value-added distributor in Singapore.
Mobilicom’s Product Suite Selected for Deployment in Autonomous & Remote-Controlled EV Platforms for Homeland Security & Defence (GlobeNewswire News Room) Mobilicom Limited (Mobilicom or the Company) (Nasdaq: MOB, MOBBW, ASX: MOB), a provider of cybersecurity...
Technologies, Techniques, and Standards
Ponemon Cybersecurity Training Study Finds Significant Shifts In Cybersecurity Training Over Past Two Years with 24% Higher Use of Simulated Environments (GlobeNewswire News Room) Study finds Realistic Simulation Training Provides an Average ROI of 40%...
OSINT Methods To Investigate Suspected AI Generated Content (ShadowDragon) The proliferation of content generated by artificial intelligence (AI) is just beginning. Recent years have seen online accounts, run by bots, create fake news articles, divisive social media posts, fraudulent product reviews, and more. As mainstream access to AI tools spreads, the opportunities to use the technology for malicious purposes are on the rise.
DarkBERT could help automate dark web mining for cyber threat intelligence (Help Net Security) Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract CTI.
Here are five cybersecurity measures a small business can use to safeguard its online presence (Techaeris) Protecting your small business's online presence is essential to maintain customer trust; here are five cybersecurity measures a small business can implement.
Fur-midable: US Air Force pairs Angry Kitten jammer with Reaper drone (C4ISRNet) Angry Kitten’s name is a brew of inside joke and design goals, and is a departure from the typically terrifying military moniker, like Hellfire or Stryker.
Why Amazon S3 is a ransomware target and how to protect it (Storage | TechTarget) Attackers can easily hit Amazon S3 with ransomware if admins aren't careful. Ensure the safety of data in S3 object storage.
Design and Innovation
The debate over whether AI will destroy us is dividing Silicon Valley (Washington Post) Prominent tech leaders are warning that artificial intelligence could take over. Other researchers and executives say that’s science fiction.
AI Is About to Make Social Media (Much) More Toxic (The Atlantic) We must prepare now.
The open-source AI boom is built on Big Tech’s handouts. How long will it last? (MIT Technology Review) Greater access to the code behind generative models is fueling innovation. But if top companies get spooked, they could close up shop.
That wasn’t Google I/O — it was Google AI (MIT Technology Review) If you thought generative AI was a big deal last year, wait until you see what it looks like in products already used by billions.
Protecting and Securing Data from the Quantum Threat (Foundation for Defense of Democracies: TCIL Technical Note) Over the next decade, quantum computing will unlock new technological advances and upend the current security landscape.
Research and Development
Crossing the Valley of Death: Estonia's Innovation-driven Defense Technologies Amid Cyber Threats (AFCEA International) Estonia's defense innovation thrives despite limited budget, repurposing business cybersecurity technologies to counter cyber warfare threats and foster global collaboration.
CYBERCOM’s Academic Engagement Network hosts Cyber Recon Symposium, Recognizes Cyber Resea (U.S. Cyber Command) CYBERCOM’s Academic Engagement Network hosts Cyber Recon Symposium, Recognizes Cyber Research Excellence
ChatGPT caught NYC schools off guard. Now, we’re determined to embrace its potential. (Chalkbeat New York) After a cautious start, our approach to AI technology is evolving.
Legislation, Policy, and Regulation
Quad Leaders’ Joint Statement | The White House (The White House) 20 May 2023, Hiroshima Today, we — Prime Minister Anthony Albanese of Australia, Prime Minister Narendra Modi of India, Prime Minister Kishida Fumio of Japan, and President Joseph R. Biden, Jr. of the United States — met for the third in-person Quad Leaders’ Summit, hosted by Prime Minister Albanese. Together, we reaffirm our steadfast commitment…
Quad Leaders’ Summit Fact Sheet | The White House (The White House) Hiroshima, 20 May 2023 President Joseph R. Biden, Jr., Prime Minister Anthony Albanese of Australia, Prime Minister Kishida Fumio of Japan, and Prime Minister Narendra Modi of India met in Hiroshima on May 20, 2023 for the fifth convening of the Quad Leaders’ Summit. The Quad is committed to supporting the region’s development, stability, and…
Regional cyber powers are banking on a wired future. Expanding the Abraham Accords to cybersecurity will help. (Atlantic Council) The Abraham Accord countries face threats from hostile actors, and defending their technology and their peoples is a challenge.
China Bars Purchases of Micron Chips, Escalating Tech Clash (Bloomberg) Joe Biden says he expects China relations to improve soon. Company says it’s assessing next steps, will engage in talks.
China Is Jumping at Digital Shadows (Bloomberg) National security is a well-worn excuse, but the move on Micron may hurt the country rather than make it stronger.
Lawmakers want to track foreign doxing and cyber harassment campaigns (SC Media) A new bill would task the Department of Homeland Security with tracking and cataloguing incidents of doxing and cyber harassment against Americans by hostile foreign entities.
Gen. Paul Nakasone Outlines Priorities to Boost Cyberspace Posture (Executive Gov) Looking for the latest Government Contracting News? Read about Gen. Paul Nakasone Outlines Priorities to Boost Cyberspace Posture.
Pentagon Outlines Upcoming Contractor Cybersecurity Plan (Defense One) Expect the congressionally mandated strategy by year’s end, DOD CISO says.
Secure Software Regulations and Self-Attestation Required for Federal Contractors (The National Law Review) US Policy and Regulatory Alert
Government contractors providing software across the federal government&rsquo;s supply chain will be required later this year to comply with a new Secure Software Des
GAO Says DOD Needs to Better Manage Supply Chain Risks (HS Today) DOD has piloted the use of several tools to review potential suppliers but the review of the results is ongoing.
Revelations of surveillance misuse complicate policy fight (Washington Post) FBI’s improper surveillance of protesters, rioters and crime victims will complicate 702 reauthorizatio
Litigation, Investigation, and Law Enforcement
Meta Fined $1.3 Billion Over Data Transfers to U.S. (Wall Street Journal) The decision puts pressure on Washington to implement surveillance changes for Europe to allow Meta to keep the data spigot open.
Meta fined record $1.3 billion and ordered to stop sending European user data to US (AP NEWS) The European Union has slapped Meta with a record $1.3 billion privacy fine and ordered it to stop transferring user data across the Atlantic by October. The penalty released Monday is the latest salvo in a decadelong case sparked by U.S. cybersnooping fears. Meta, which had previously warned that services for its users in Europe could be cut off, vowed to appeal and ask courts to immediately put the decision on hold. The legal battle began in 2013 when Austrian lawyer and privacy activist Max Schrems filed a complaint about Facebook’s handling of his data following former National Security Agency contractor Edward Snowden’s revelations of electronic surveillance by U.S. security agencies.
Meta fined more than €1 billion for GDPR breach (Computing) Meta Platforms, the owner of Facebook, has been fined €1.2 billion over the transfer of EU users' data to servers located in the United States.
FBI broke rules in scouring foreign intelligence on Jan. 6 riot, racial justice protests, court says (AP NEWS) FBI officials repeatedly violated their own standards when they searched a vast repository of foreign intelligence for information related to the insurrection at the U.S. Capitol on Jan. 6, 2021, and racial justice protests in 2020. That's according to a heavily blacked-out court order released Friday. FBI officials said the violations predated a series of corrective measures that started in the summer of 2021 and continued last year. But the problems could nonetheless complicate FBI and Justice Department efforts to receive congressional reauthorization of a warrantless surveillance program that government officials say is needed to counter terrorism, espionage and international cybercrime.
FBI misused intelligence database in 278,000 searches, court says (Reuters) A U.S. court found that the FBI improperly searched for information in a U.S. database of foreign intelligence 278,000 times over several years, including on Americans suspected of crimes, according to a ruling released on Friday.
FBI Searched Jan. 6 Rioters and George Floyd Demonstrators in Spy Database (Wall Street Journal) Disclosures that the agency used a foreign spying law to gather intelligence on citizen is likely to further complicate the Biden administration’s efforts to persuade Congress to renew it.
F.B.I. Violated Surveillance Program Rules After George Floyd Protests and Jan. 6 Attack (New York Times) The bureau made changes after the newly revealed violations of rules for querying messages intercepted under an expiring warrantless surveillance law.
FBI misused controversial surveillance tool to investigate Jan. 6 protesters (Record) The bureau improperly searched the personal communications of Americans who participated in the Jan. 6 attack on the Capitol and the 2020 protests over police violence, newly declassified documents show.
Feds holding alleged Discord leaker Jack Teixeira until trial (Military Times) The decision came after prosecutors argued that Teixeira hid violent and racist views revealed in his online social media accounts.
Guardsman Jack Teixeira, Pentagon leak suspect, due back in court (Military Times) A judge will decide if a Massachusetts Air National Guard member accused of leaking classified military documents will remain behind bars awaiting trial.
Amid leak of U.S. secrets, Pentagon hunts how documents left air base (Washington Post) THE DISCORD LEAKS | The chief suspect, Jack Teixeira, appears to have acted alone, but Air Force investigators have descended on a quiet corner of Cape Cod
Defense personnel alarmed after memos reveal Air Force leadership warned about accused Pentagon leaker but let him continue working (CNN Politics) Newly released memos revealing that Air Force leadership repeatedly warned Airman 1st Class Jack Teixeira about inappropriately accessing classified intelligence have left former and current defense personnel baffled at how he retained his security clearance and was able to continue sharing classified information for months.
Trump was warned about retaining classified documents, notes reveal (the Guardian) Exclusive: previously unreported warning contained in notes taken by lawyer Evan Corcoran that prosecutors have viewed in recent months
Colchester City Council investigating Capita over 'serious data breach' (BBC News) Colchester City Council "extremely disappointed" Capita failed to fully secure historic benefits data.
Child hackers: How are kids becoming sophisticated cyber criminals? (Euronews) In this new series of hacker : HUNTER, we speak to families and cybersecurity experts to find out how children and teenagers are finding themselves caught up in the shadowy world of cybercrime.
Supreme Court Leaves 230 Alone For Now, But Justice Thomas Gives A Pretty Good Explanation For Why It Exists In The First Place (Techdirt) Our long national wait for how the Supreme Court would rule regarding Section 230 is over, and the answer is… we need to keep waiting. The headlines note, correctly, that the court punted the matte…
TikTok Users Sue Montana, Calling State Ban Unconstitutional (New York Times) A spokeswoman for the state attorney general said that his office had “expected a legal challenge” and was “fully prepared to defend the law.”
Metro email policy under scrutiny after probe into Russia computer intrusion (Washington Post) As a policy, Metro deletes work emails after six months. The Office of the Inspector General said that time frame can be detrimental to investigations and safety.
A husband hid $500,000 in bitcoin during a divorce — and got busted by a crypto hunter (CNBC) Financial infidelity has become increasingly sophisticated, as investors "hop" coins across blockchains and sink their cash into metaverse properties.
Fraudster jailed for running multimillion-pound website iSpoof (the Guardian) Tejay Fletcher’s site offered tools allowing criminals to make phone calls that appeared to be from trusted companies
UMass Memorial to Pay $1.2M to Settle Wage Claims After Ransomware Attack (Campus Safety Magazine) A ransomware attack took down the provider's payroll system for weeks, and some employees allege they weren't paid the full amount owed.