Cyber Attacks, Threats, and Vulnerabilities
Patient Data May Be Vulnerable in Cozy Bear Attack: Cybersecurity Expert (Bloomberg) Nicole Eagan, chief strategy officer and co-founder at Darktrace, discusses Cozy Bear, the hacking group tied to the Russian government which infiltrated organizations involved in developing a vaccine for Covid-19, according to the U.K. and U.S. cybersecurity agencies.
How Russia's Cozy Bear hunted for coronavirus vaccine secrets (The Telegraph) Investigators working within GCHQ, NCSC and MI5 declare for first time that organisation is an offshoot of Russian intelligence
Russian spies 'target coronavirus vaccine' (BBC News) The UK, US and Canada say state-backed hackers tried to steal coronavirus vaccine research.
Russian hackers target COVID-19 vaccine research with custom malware (BleepingComputer) Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus.
Cozy Bear hackers linked to Kremlin blamed for decade of cyber-espionage (Times) Cozy Bear is the name that cybersecurity companies have given to a Russian hacking group that is believed to be controlled by Moscow. The group, also known as Advanced Persistent Threat 29, is said to
Cozy Bear: Everything we know about the hackers reportedly targeting COVID-19 vaccine research (Tech2) The UK security agency says it is over 80 percent certain the attacks were to collect information on COVID-19 vaccine research or the COVID-19 virus itself.
Russian Hack Alert Shows Scale of Health Care’s Cybersecurity Challenge (Wall Street Journal) Thursday’s alert from the National Cyber Security Centre in the U.K., backed by U.S. and Canadian agencies, was unusually direct in its attribution, blaming a hacking group linked to Russian security services. The Kremlin has refuted the allegations.
Australian spies join in accusing Russia of 'trying to steal' virus vaccine secrets (The Sydney Morning Herald) Australia, US, UK and Canada have accused Russia of launching hacking attacks on western medical companies working on coronavirus vaccines and drugs.
Cozy Bear and Fancy Bear: what are the Russian hacking operations? (Evening Standard) The British, US and Canadian governments have accused the Russian hacking group Cozy Bear of trying to steal vital coronavirus information, including research about a possible vaccine. UK security minister James Brokenshire went further the next day, slamming the "completely unacceptable" actions of "Russian intelligence officers". - although there's no evidence that anything had been stolen or that damage had been done, he added.
Iran-linked hackers steal sensitive data from US Navy member, researchers say (CyberScoop) Allison Wikoff has spent years tracking suspected Iranian hackers, sifting through data they’ve left behind and analyzing their techniques. But in May, when her colleague stumbled upon a server with 40 gigabytes of the hackers’ training videos and online personas, Wikoff knew she had struck gold.
Iran-Linked Hackers Accidentally Exposed 40 GB of Their Files (SecurityWeek) The Iranian state-sponsored group Charming Kitten accidentally exposed a server storing 40 GB of information related to its operations
Iranian cyberspies leave training videos exposed online (ZDNet) Cyber-security firm IBM X-Force finds video recordings used to train Iranian state hackers.
Why Are Mysterious Fires Still Burning in Iran? (Foreign Policy) The incidents could raise fears of a military miscalculation between Tehran and Washington.
Before hack tore through Twitter, online forum offered accounts for sale (Reuters) Before a hacking campaign tore through Twitter and compromised some of its most high-profile users, an ad went up on a gray market site that facilitates the trade of user accounts for popular websites, including not only Twitter but Netflix, Instagram, Minecraft and others.
Twitter says about 130 accounts were targeted in cyber attack this week (Fox Business) The FBI's San Francisco division is leading an inquiry into the Twitter hacking
Twitter: No evidence hackers accessed user passwords (ZDNet) Social network has no plans to reset user passwords after yesterday's massive hack that spread a Bitcoin scam on the platform.
Twitter Staff Tricked in Celeb Account Hijacking Campaign (Infosecurity Magazine) Crypto scam tweeted by Gates, Musk, Obama, Biden and others
Twitter hack: The facts, theories and fallout of the Bitcoin heist (Verdict) The Twitter hack saw the accounts of Elon Musk, Bill Gates, Joe Biden and more hijacked by scammers asking for bitcoin. Here are the facts and the theories.
What we still don’t know about the disastrous Twitter breach (The Telegraph) The company is currently investigating how hackers managed to gain access to high-profile figures' accounts
Twitter Accounts of Apple, Musk, Gates, Others Hit in Major Hack (SecurityWeek) The official Twitter accounts of Apple, Elon Musk, Jeff Bezos and others were hijacked on July 15th by scammers trying to dupe people into sending cryptocurrency bitcoin in the hope of doubling their money.
Twitter Confirms 'Security Incident' Involving Hacked Accounts (SecurityWeek) Twitter said it is working to fix a "security incident" after scammers hijacked high-profile accounts on Wednesday to dupe people out of money.
Who’s Behind Wednesday’s Epic Twitter Hack? (KrebsOnSecurity) Twitter was thrown into chaos on Wednesday after accounts for some of the world's most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to internal Twitter administrative tools. This post is an attempt to lay…
Twitter hack: How 367 users lost over Rs 90 lakh in just 2 hours (DNA India) Twitter hack: How 367 users lost over Rs 90 lakh in just 2 hours - As Twitter went through the worst-ever cyber attack on any social media platforms on Thursday, at least 367 users transferred around $1,20,000 (over Rs 90 lakh) to hackers in Bitcoins.
Twitter Hack Highlights Chaos of Responding to Cyberattacks (Wall Street Journal) The breach Wednesday played out in public, with the accounts of influencers such as Barack Obama and Bill Gates requesting money be sent to cryptocurrency accounts. But the relatively scant details about how the breach occurred underscores the at-times chaotic work of responding to threats.
How Twitter got hacked, and what you can learn from it (Compliance Week) Twitter just suffered the biggest cyber-attack in its history. But is it being set up for something bigger? We explore that possibility and much more.
Bill Gates phishing campaign 'nearly identical' to Twitter attack (Yahoo) A day after the Twitter attacks that compromised many accounts and posted a bitcoin scam, a similar scam has emerged via phishing. Of the names used: Bill Gates.
A catastrophe at Twitter (Interface) You can’t say you didn’t see it coming.Whatever Twitter eventually comes to say about the events of July 15th, 2020, when it suffered the most catastrophic security breach in company history, it must be said that the events were set in motion years ago.Beginning in the spring of 2018, scammers began to impersonate noted cryptocurrency enthusiast Elon Musk. They would use his profile photo, select a user name similar to his, and tweet out an offer that was effective despite being too good to be tr
Disinformation landscape could have made Twitter hack much worse (WJLA) Twitter confirmed that it suffered a "coordinated social engineering attack" that allowed hackers to temporarily take control of some of the most influential voices on the social media platform.
The Twitter bitcoin hack was bad but it should have been way worse (WIRED UK) The scam was for bitcoin. However, there may be more trouble ahead if the attackers raided direct messages
Experts Say Twitter Breach Troubling, Undermines Trust (SecurityWeek) A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public.
Hackers Used Internal Twitter Tools to Hijack High-Profile Accounts (SecurityWeek) Twitter has confirmed that hackers leveraged internal tools to take over high-profile accounts and post scam tweets
Twitter Attack Raises Concerns Over its Internal Controls (Dark Reading) Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.
A history of Twitter's security breaches (The Telegraph) A hack hitting Twitter's most high-profile users is not the first instance of security failures at the social media network
Twitter Hack: A Sign of More Troubles Ahead? (GovInfo Security) While the Wednesday hijacking of several high-profile and verified Twitter accounts appears to have been confined to a cryptocurrency scam, security experts are
Cyberattacks like the Twitter hack will escalate in the runup to the US elections: Darktrace (CNBC) Justin Fier of Darktrace discusses the security breach on Twitter that saw prominent accounts such as Joe Biden's hacked, and predicts that attacks like this will become "a new norm" in the next few months.
What the Twitter Hack Revealed: An Election System Teeming With Risks (New York Times) The breach that targeted Joe Biden, Barack Obama and others served as a warning: Had it happened on Nov. 3, hoping to upend the election, the political fallout could have been quite different.
Twitter Is Not Prepared for the 2020 Election (The New Republic) This week’s unprecedented security breach revealed the platform’s terrifying flaws, and the potential chaos hackers could cause in the future.
What is Social Engineering? (Webroot) Social engineering is the art of manipulating people so they give up confidential information, which includes
TikTok’s huge data harvesting prompts security concerns (The Economic Times) TikTok starts collecting data the minute you download the app. It tracks the websites youre browsing and how you type, down to keystroke rhythms and patterns, according to the companys privacy policies and terms of service. The app warns users it has full access to photos, videos and contact information of friends stored in the devices address book, unless you revoke those permissions.
Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation (CISA) This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques.
Cybercriminals disguising as top streaming services to spread malware (TechRepublic) Malicious actors are posing as Netflix, Hulu, and more, to launch phishing attacks, steal passwords, launch spam, and distribute viruses.
Orange confirms ransomware attack exposing business customers' data (BleepingComputer) Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers.
iTWire - Two for two: Nefilim gang claims hit on subsidiary of France's Orange SA (ITWire) Attackers have used the Nefilim ransomware, that can encrypt files on Windows systems, to attack a subsidiary of Orange SA, formerly France Télécom SA, a French multinational telecommunications corporation and posted a note indicating that the attack has taken place. It has 266 million customers wor...
Fake Downloaders Aimed at Organizations in Canada, France, Germany, Spain, Italy, the United Kingdom, and the United States (Proofpoint) When distributing malware to potential victims, threat actors have various options for payload delivery.
New wave of attacks aiming to rope home routers into IoT botnets (Helpnet Security) A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. The report urges users to take action to stop their devices from enabling this criminal activity.
Cloud provider stopped ransomware attack but had to pay ransom demand anyway (ZDNet) BlackBaud said it had to pay a ransom demand to ensure hackers would delete data they stole from its network.
US casting site leaks personal data belonging to 260,000+ actors (SafetyDetectives) Prominent US online casting agency MyCastingFile.com has leaked a significant volume of private data belonging to more than 260,000 users.
Actors Engage in Social Engineering-Based Email and Voice Phishing (TechNadu) Amazon users are falling to the trap of clever fraudsters who are sending phishing emails that pass through security filters.
Who's going to derail the U.S. presidential election? The culprit may be close to home (USA TODAY) Election officials are carrying out anti-meddling training exercises to get ready for Nov. 3. Russia, China and Iran are all in focus. So is the USA.
Credit card fraud: Government's cyber security reveals names of 7 'hacked' websites (Up News Info) The government’s cybersecurity agency Cert-In has warned against incidents of credit card skimming on e-commerce websites worldwide. In online credit card skimming, cyber criminals add skimming code on online shopping websites to steal credit card information shared by customers. As per Cert-In, “Attackers are typically targeting e-commerce sites because of their wide presence, popularity and […]
At Hospitals, Life or Death May Depend on Cyber Resilience: Check Point Exec
(Israel Defense) The vulnerability of interconnected medical devices poses a major risk to hospitals as they are increasingly targeted by hackers.
Elyments recovers from cyber attack, sees surge in user-base (Deccan Herald) Amid the India-China military stand-off at the eastern Ladakh, indigenous social media application Elyments suffered a cyber attack last week. On the launch day (July 5), Elyments, developed by Sumeru Software Solutions Pvt Ltd faced Distributed Denial of Service (DDoS)-style cyber-attack with two million malicious requests a minute. This apparently hampered the user experience and registration process via One-Time-Password.
Security Patches, Mitigations, and Software Updates
Federal agencies told to patch wormable Windows DNS bug in 24 hours (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) today asked all U.S. federal executive branch departments and agencies to mitigate the critical SIGRed Windows DNS Server wormable remote code execution (RCE) vulnerability within 24 hours.
Emergency Directive 20-03: Mitigate Windows DNS Server Vulnerability from July 2020 Patch Tuesday (CISA) This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Emergency Directive 20-03, “Mitigate Windows DNS Server Remote Code Execution Vulnerability from July 2020 Patch Tuesday”.
Check Point helps Zoom resolve "Vanity URL" security problem (TechRepublic) The loophole gave cybercriminals an opening through specialized Zoom URL links.
Cisco issues security patches for critical vulnerabilities affecting its router and firewall products (Computing) The flaws could enable hackers to take full control of the target device
Exabeam Survey Shows Negative Impact of the COVID-19 Pandemic (Exabeam) Insights from Exabeam's latest survey of 1,005 U.S. and U.K. cybersecurity professionals who manage and operate SOCs shows the negative impact of the COVID-19 pandemic.
New Research Reveals COVID-19 Has Increased Cyber and Financial Risks as Security Teams Reduce Staff (Exabeam) Cyberthreats and loss of revenue rise as employees work from home, even as furloughs and job redundancy threaten[...]
The big numbers that reveal the scope and scale of online scamming (Computing) Cloud-based threat intelligence is the only way to keep ahead of the bad guys, says Check Point's Eddie Doyle
What Twitter's Worst Hack Means For Its Bottom Line (Bloomberg) The breach revealed Twitter’s engineering prowess and management practices as subpar. Hedge fund Elliott Management can’t be happy about its investment.
Twitter stepped up search to fill top security job ahead of hack (Reuters) Twitter Inc had stepped up its search for a chief information security officer in recent weeks, two people familiar with the effort told Reuters, before the breach of high-profile accounts on Wednesday raised alarms about the platform's security.
The Cybersecurity Stocks That Could Benefit From The Twitter Hack (Benzinga) CrowdStrike (NASDAQ: CRWD) and a number of cybersecurity shares were trading higher Thursday after a major, wide-ranging hack of the Twitter (NYSE: TWTR) platform....
Huawei security chief: We are not improperly accessing data (CNN) Huawei Chief Security Officer Andy Purdy says Huawei can prove it is not improperly accessing and sending data back to China. He says the new US sanctions "forced" the United Kingdom into its decision to ban Huawei.
At 95, technology pioneer Jerry Cox has a cybersecurity startup that looks like a winner (STLtoday.com) Q-Net Security lands $3 million contract to develop its device for the Air Force
Private equity firm to acquire Forescout for $1.4 billion after awkward start (CyberScoop) Advent International will purchase outstanding Forescout shares for $29 apiece.
Pandemic Spurs a Price Cut in Cybersecurity Deal (Barron's) Advent International has agreed once again to buy the software provider Forescout Technologies, but this time the private-equity firm is paying 12% less, or $1.43 billion.
Some VPN Providers Pull Hong Kong Servers Over Security-Law Fears (Wall Street Journal) At least three providers of virtual private networks, which let internet users circumvent censorship and protect their privacy, are suspending their Hong Kong operations, citing concerns over Beijing’s new national-security law for the city.
Facebook to label posts about voting from presidential candidates (Axios) They'll be used regardless of whether the posts contain misinformation.
TSMC plans to halt chip supplies to Huawei in 2 months (Nikkei Asian Review) Chip titan says 5G demand will fuel growth despite US export ban and pandemic
BlackBerry: The Chronicles Of Cylance (Seeking Alpha) BlackBerry needs to step out of its comfort zone. Its endpoint and cloud security offerings need to drive the go-to-market strategy for BB to grow market share.
New York City Cyber Center in Soho reopened to lead Covid-19 recovery (CTECH) Jerusalem Venture Partners (JVP) founder and chairman Erel Margalit led a delegation of CEOs from JVP portfolio companies to make the announcement
Arceo.ai Strengthens Cyber Security Risk Capabilities: CJ Pruzinsky Joins the Team of Cyber Insurance Experts (PR Newswire) Arceo.ai, a cyber risk analytics company that empowers enterprises to better identify, respond to, and recover from cyber risks, continues to...
Ryan Fairchild Joins Novetta as VP, Enterprise Solutions (WashingtonExec) Advanced analytics technology provider Novetta has hired Ryan Fairchild as vice president of enterprise solutions in Novetta’s Information Exploitation
Products, Services, and Solutions
Barracuda introduces first global secure SD-WAN service built natively on Microsoft Azure (Barracuda Networks) With the new Barracuda CloudGen WAN, customers can deploy the Microsoft Global Network as their secure enterprise WAN backbone.
Acunetix Now Available on macOS (PR Newswire) Acunetix, a global leader in automated web application security, is now available on macOS. Customers can now harness the full power of...
Customers Award Druva with Top Ratings for Best-In-Class Performance and User Experience (BusinessWire) Druva, Inc., the leader in Cloud Data Protection and Management, today announced Druva Cloud Platform has once again been recognized by today’s leadin
Inflow Technologies partners with Cyware to provide next-gen threat intelligence and Cyber Fusion solutions (CRN - India) Read Article Inflow Technologies has announced that it has partnered with Cyware, a provider of threat intelligence and cyber fusion solutions, to deliver Cyware’s cyber fusion, threat intelligence, threat response, and security automation solutions to customers. Inflow can now distribute an integrated suite of Cyware products that can be offered separately or all together for …
Tufin Launches the Tufin Marketplace: Creating a Hub for Security Policy Apps (AiThority) Tufin, a company pioneering a policy-centric approach to security and IT operations, announced the launch of the Tufin Marketplace, a digital platform
Surfshark upgraded its infrastructure to 100% RAM-only servers (Surfshark) Today, the vast majority of top VPN providers offer strict no-logs policies. However, in pursuit of higher user privacy and security, converting all servers to RAM-only profiles has not become a common practice. Running all servers on volatile (RAM) memory means that any information that would usually be on the hard drive is wiped off …
Prevailion’s New Hacker Intelligence Service Provides Full Transparency on Undisclosed Corporate Breaches for Compliance and Auditing Professionals (Valdosta Daily Times) Corporate network breaches are happening all the time, but finding out about them can be difficult for anyone outside of the company. This lack of transparency poses a significant problem for many interested parties, but it’s particularly challenging for the compliance industry.
Introducing the PhishingKitTracker (Security Affairs) Experts that want to to study phishing attack schema and Kit-composition can use the recently PhishingKitTracker, which is updated automatically. If you are a security researcher or even a passionate about how attackers implement phishing you will find yourself to look for phishing kits. A phishing kit is not a phishing builder, but a real […]
Technologies, Techniques, and Standards
Why companies don't need to turn to surveillance technologies to push for remote-working productivity (Computing) There are ways to promote collaboration without having to resort to micromanaging or using intrusive surveillance tools
Insight series: What is device attestation? (GlobalPlatform) Attestation helps determine the trustworthiness of a device which is critically important for the success of secure IoT deployments
Leaders see data as ‘ammunition’ in future warfare (US Army) Army leaders: Data will be 'ammunition' in future multi-d...
The US Navy is making South China Sea memes as its warships anger China and challenge its sweeping claims (Business Insider) In addition to the destroyers, aircraft carriers, and other warships patrolling the area, the US Navy is now making South China Sea memes.
Design and Innovation
‘It was written in Mandarin’: Cybersecurity specialist analyses malware sources (Cambridge Independent) A showcase of one of the entrants to the Cambridge Independent Science and Technology Awards 2020.
Air Force trusted computing experts eye potential $950 million project for cyber enabling technologies (Military & Aerospace Electronics) The ACT 3 program will emphasize enabling technologies for prototype technologies for operational environments, and ways to buy limited quantities.
Stepping up cyber protections for networks on Navy ships (Federal News Network) The Navy is seeking help from industry to improve the cybersecurity of ship-board networks.
Navy cyber security experts say they plan to deploy shipboard cyber defenses aboard 180 ships by next year (Military & Aerospace Electronics) Delivering cyber baselines enables Navy experts to identify capability risks during a ship’s availability or scheduled modernization.
Design a Home Office With Productivity and Comfort in Mind (Re/Max Alliance BoulderHomeSource) Working from home comes with its own unique challenges. With the right home office design, you can make yourself more productive and comfortable when working from home!
Research and Development
New Research Reveals Sexist Tendencies in Facial Recognition Tech (Secplicity - Security Simplified) Recently Amazon, Microsoft, and others have taken a step back to review the use of their own face recognition software. Some users of this technology may use only face recognition to identify a person. This idea that you only need the face recognition software to identify a person doesn’t allow for errors in the programming […]
RMIT launches new cyber research centre (iTnews) Tackling threat to industry.
Editorial: Implementing Respondus is a flawed and lethargic solution to curbing academic fraud (The Fulcrum) Editorial: Professors and Faculties should take advantage of the COVID-19 pandemic to develop innovative ways to evaluate students in their courses instead of relying on invasive proctoring software to monitor traditional multiple-choices exams.
Legislation, Policy, and Regulation
NATO Crafting All-Domain, Euro-Atlantic Strategy As Threats to Alliance Shift (USNI News) NATO is drafting a comprehensive, all-domain strategy that will reset the focus of the alliance on high-end conflict with peer adversaries, a senior official said last week. This “Euro-Atlantic area” strategy will address shortfalls in existing response capability as well as emerging threats in “space, cyber, new technology” for the alliance, and it “will be …
Mega Twitter hack shows the need for countries to have cybersecurity laws for digital firms (The Financial Express) While there is no doubt that social media companies need to spend more on security—there is no law regarding this as of now—platforms also need to have contingency plans ready.
A little bird didn’t tell me (Pursuit) The hack attack on Twitter was aimed at financial gain, but what happens when hacking turns political? University of Melbourne experts look at what is needed.
Trump Confirms US Cyberattack On Russian Trolls (ScreenRant) Trump shares info about an offensive cyberattack.
What Putin’s plot to plunder the Covid-19 vaccine tells us about tyranny | TheArticle (TheArticle) The discovery that computer hackers working for the Russian state have tried to steal the pioneering work of the [...]
Opinion: After Huawei: Abandoned and coerced, Canada prepares for its humiliation (The Globe and Mail) The 'debate' over whether Ottawa would allow the Chinese telecom to help build Canada's 5G networks is as good as dead, as the U.S. exposes the limits of Canadian sovereignty
Why the Trump administration's win over Huawei could be bad news for TikTok (CNN) A week after saying his administration was "looking at" banning video app TikTok in the United States, President Donald Trump claimed credit for personally thwarting the expansion plans of another Chinese-affiliated technology company: Huawei.
US extends Huawei clampdown with list of suspect gear (South China Morning Post) Federal Communications Commission has begun drawing up list of telecoms equipment deemed to pose a security risk
FCC Takes Next Steps In Sealing Off Chinese Equipment (Law360) The Federal Communications Commission on Thursday asked for a fresh round of public comments on the agency's plans to further crack down on foreign-made network components believed to present national security risks.
Barr Warns Company Executives on Pushing Policies at Behest of China (Wall Street Journal) The Attorney General took aim at a range of American companies and industries for what he described as a willingness to accede to authoritarian demands from the Chinese government.
Attorney General Barr accuses Hollywood, Big Tech of collaborating with China (Reuters) U.S. Attorney General William Barr took aim at Hollywood companies, including Walt Disney Co on Thursday as well as large technology firms like Apple, Alphabet's Google and Microsoft Corp over company actions with China.
Security clearance processing times are down, continuous evaluation enrollment is up (Federal News Network) Government is closer to meeting its security clearance processing goals for the first time in years, due, in large part, to the steady rise in continuous evaluation enrollment.
Air Force wants to expand training for cyber teams (C4ISRNET) The Air Force has selected an Air National Guard base to be the center for training its defensive cyber teams.
Why Amazon, Apple and Google may have to tighten security settings on smart devices (Your Local Guardian) The UK Government has published proposals which will make it a legal requirement for smart devices to include certain security protections.
Huawei: Jersey to ‘align’ its approach with the UK (Jersey Evening Post) Jersey has been working with telecoms providers to ‘align’ its approach to Chinese telecoms company Huawei with that of the UK, the Economic Development Minister has said.
Israel Adopted Cyber War Protocol to Manage COVID-19 Crisis (Israel Defense) Deputy Director General of Robustness at the Israel National Cyber Directorate outlines Israel’s cyber response to the coronavirus pandemic
Litigation, Investigation, and Law Enforcement
Court Ruling Leaves Companies Scrambling for New Ways to Move Data From Europe to the U.S. (Wall Street Journal) A European court declared a trans-Atlantic data-transferring agreement invalid because it could expose Europeans’ data to U.S. government surveillance.
Exclusive: U.S. FBI is leading an inquiry into the Twitter hack, sources say (Reuters) The U.S. Federal Bureau of Investigation is leading a federal inquiry into the Twitter hacking, two sources familiar with the situation said, after hackers seized control of accounts belonging to Joe Biden, Kim Kardashian and others in what appeared to be a bitcoin scam.
Focus falls on bitcoin trail in race to identify Twitter hackers (Reuters) Hackers who targeted some of Twitter's top users to reap bitcoin worth $120,000 have likely left digital footprints that could offer clues for law enforcement agencies investigating the attack, three blockchain analysis companies told Reuters.
FinCEN Alerts Financial Institutions to Convertible Virtual Currency Scam Involving Twitter (FinCEN) FinCEN is emphasizing a high-profile scam exploiting Twitter accounts to solicit fraudulent payments denominated in convertible virtual currency (CVC).
Justin Sun Offers $1M Bounty to Catch Twitter Scam Hackers (The Cryptocurrency Post) Justin Sun, the BitTorrent CEO and TRON founder, has offered $1 million of his own cash to help following the Twitter programmers down and carrying them to equity.
Spain’s intelligence service has spyware program that targeted Catalan politicians (EL PAÍS) Pegasus, supplied by an Israeli company called NSO, is alleged to have been used in an attempt to access the handsets of parliamentary speaker Roger Torrent and deputy Ernest Maragall
Portsmouth sailor charged with giving classified information to a Russian (Virginian-Pilot) According to the charge sheet, the sailor used a government computer to get secret information on or around Jan. 9, 2019, and had reason to believe the information could be used to “injure the United States or benefit a foreign national.”
Police warning to firms in York and North Yorkshire after cyber crime case (York Press) A warning has gone out to businesses across York and North Yorkshire after police dealt with a former employee who accessed company records.