CISA directs Feds to patch Zerologon. Cerberus rising. Rampant Kitten's surveillance. TikTok and WeChat get reprieves.

Cyber Attacks, Threats, and Vulnerabilities

Windows Server Vulnerability Requires Immediate Attention (CISA) This afternoon, CISA issued Emergency Directive 20-04 (https://cyber.dhs.gov/ed/20-04/), which instructs the Federal Civilian Executive Branch agencies to apply August 2020 security update (CVE-2020-1472) for Microsoft’s Windows Servers to all domain controllers.

Windows Server Update Gets Serious: You Have The Weekend To Comply, Homeland Security Says (Forbes) A critical Windows Server, perfect 10, exploit is now classed as an emergency by the DHS cybersecurity agency. Here's what you need to know.

DHS CISA orders federal agencies to fix Zerologon flaw by Monday (Security Affairs) DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday.

Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents (The Hacker News) Cybersecurity Researchers Uncover 6-Year Cyber Espionage and Malware Campaign Targeting Iranian Dissidents and Expats

Iranian hacker group developed Android malware to steal 2FA SMS codes (ZDNet) The malware could steal 2FA SMS codes for Google accounts. Also contained vague functionality to do the same for Telegram and various social networks.

RampantKitten: An Iranian Surveillance Operation unraveled (Check Point Software) Check Point Research has unraveled an ongoing surveillance operation by Iranian entities that has been targeting Iranian expats and dissidents for years.

Hackers threaten more leaks after releasing personal information of 1,000 Belarus police officers (ABC) The leak by anonymous hackers is in retaliation to the arrests of street demonstrators against President Alexander Lukashenko, a statement says.

Cyber attack on NIC computers (Tribuneindia News Service) 100 systems targeted which carry data of PM, NSA A cyber breach was attempted by unidentified actors to install malware on approximately 100 odd computers of the National Informatics Centre (NIC), the government’s nodal agency which is responsible for securing critical cyber-infrastructure in the country, sources in the government said. A co

Cyber attack on NIC computers, email traced to Bengaluru (Express Computer) In a massive security breach, a malware has attacked approximately 100 computers of the National Informatics Centre (NIC), the government's nodal agency which is responsible for securing critical cyber-infrastructure in the country and comes under the Ministry of Electronics and Information Technology (MeitY)

Chinese Hackers 'Stole Data From Spanish Vaccine Labs': Report (SecurityWeek) Chinese hackers have reportedly stolen information from Spanish laboratories working on a vaccine for Covid-19.

Chinese hackers attacked secured Indian govt networks, Tibetan monk’s phone: US court documents (India Today) After reports bringing the Zhenhua Data leaks to light, documents filed in a US court now show that Chinese hackers targeted secured Indian government servers and also the phone of a Tibetan monk.

China-linked hackers accused of targeting Vatican network weeks before deal renewal (Angelus News) State-sponsored hackers targeted Vatican computer networks just weeks before the provisional agreement between China and the Holy See is due to be renewed.

China Data Leak Points to Massive Global Collection Effort (Voice of America) A Chinese firm with suspected ties to the Chinese government has been amassing a database of detailed personal information on 2.4 million people, including more than 50,000 Americans, according to findings by an independent researcher and an Australia-based cybersecurity firm.

Cisco Talos: Disinformation Tops Election Security Threats (SDxCentral) Cisco Talos warns in two election security reports that there’s more than technical concerns about voting machine hacks at stake.

Why Teens Are Falling for TikTok Conspiracy Theories (Wired) Conspiracies like Pizzagate are all over the social media platform. Here’s why they’ve found an audience there.

Attacks Using Cerberus Banking Trojan Surge (BankInfo Security) The posting on Russian underground forums of source code for the Android mobile banking Trojan Cerberus has led to an increase in attacks as well as updates to the

Officials say NASA facing increased targeting by foreign and domestic hackers (TheHill) Top officials at NASA say the agency is facing increasing attempts by foreign hackers to target sensitive information as it works to improve its IT security during the COVID-19 pandemic.

Malware equipped with data stealing capabilities reported targeting Android mobile devices: Dhotre (The Hindu) Mr. Dhotre said the government has taken a number of measures to check malicious apps.

IBM X-Force discovers Mozi botnet accounts for 90% of IoT traffic (Internet of Things News) Security experts from IBM X-Force have discovered that the Mozi botnet now accounts for 90 percent of traffic from IoT devices.

A New Botnet Attack Just Mozied Into Town (Security Intelligence) The botnet attack Mozi builds on Mirai to infect IoT devices. Learn the details of this botnet, see how to spot it, and check up on your IoT security.

Firefox bug lets you hijack nearby mobile browsers via WiFi (ZDNet) Mozilla says users should update as soon as possible to Firefox v79 for Android.

Companies Can Track Your Phone’s Movements to Target Ads (Wired) Brands are seeking new ways to customize messages. A startup that gathers data on when you pick up your phone, or when you go out on a run, can help.

Google App Engine feature abused to create unlimited phishing pages (BleepingComputer) A newly discovered technique by a researcher shows how Google's App Engine domains can be abused to deliver phishing and malware while remaining undetected by leading enterprise security products.

5 ways cybercriminals can try to extort you (WeLiveSecurity) What are some common strategies cybercriminals employ in extortion schemes and how can youmitigate the chances of falling victim to a cyber-shakedown?

The Cost of Ransomware Payments Is The Tip of the Iceberg (Endpoint Security Solutions Review) So how much does a ransomware attack actually cost? Can we calculate the full cost of ransomware attack on businesses of all sizes?

3 Key Entry Points for Leading Ransomware Hacking Groups (HealthITSecurity) Given the prevalence of ransomware attacks on the healthcare sector, it's crucial for providers to understanding how hacking groups are getting in: through entry points like VPNs, RDP, and phishing.

Leading U.S. laser developer IPG Photonics hit with ransomware (BleepingComputer) IPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry has suffered a ransomware attack that is disrupting their operations.

Greenville Tech confirms some info was 'accessed and acquired' in ransomware attack; still not certain what type of info was breached (FOX Carolina) Greenville Technical College said Friday that the recent ransomware attack from August 27 involved a data breach.

Greenville Technical College releases information about data breach (WSPA 7News) Greenville Technical College release information Friday about a data breach that happened back on August 27. GTC discovered certain files on its system were infected…

UTAS data breach affects 19,900 students (The Examiner) Personal information of students made available to unauthorised users.

Medical group announces data breach of patient information at Montana hospitals (The Billings Gazette) SCL Health Medical Group announced on Sept. 10 a data breach of patient information that occurred earlier this year, including personal information of patients at three Montana hospitals.

Trinity Health announces data breach involving patient information (WWLP) Trinity Health has notified patients about a data breach that happened between April and May.

Saint Alphonsus owner says patient information compromised in data breach (KBOI) The owner of Saint Alphonsus Hospital system says some patient and donor information may have been compromised in a security breach. Trinity Health, the owner, says the cyber-attack may have involved its network which is operated and maintained by Blackbaud. Blackbaud says the people behind the cyberattack could have obtained access to personal information about patients and donors. Trinity Health says it started notifying impacted patients and donors Sept. 14 via U. S. mail.

Health Care Patient, Donor Data May Have Been Breached (SecurityWeek) Patients and donors to at least four different health care providers in Minnesota are being notified that their personal information may have been compromised.

Montefiore Notifies Patients of Security Breach and Potential Identity Theft (PR Newswire) Montefiore Medical Center is notifying patients about a security breach involving information accessed illegally by a former employee. In July...

Ontario nurses’ college hit by ransomware attack, personal data at risk (Global News) The College of Nurses of Ontario, which oversees about 188,000 members, offered few details about what it had previously referred to only as a "cybersecurity incident" it discovered Sept. 8.

'Millions' of South Africans' personal info exposed in credit bureau data breach (702) Experian SA CEO Ferdie Pieterse maintains numbers not as high as Sabric reported. Bruce Whitfield grills him for an explanation.

What recent data breaches tell us about cybersecurity in SA (IT-Online) The past couple of months should lay to rest any doubt over whether South African organisations are under sustained attack from cybercriminals. By Brian Pinnock, cybersecurity expert at Mimecast Over the past three months we’ve seen well-known local healthcare and financial organisations falling victim to cyberattacks and data breaches, and in some cases being forced […]

Anglicare Sydney says 17GB of data exfiltrated during ransomware attack (iTWire) About 17GB of data has been exfiltrated from Anglicare Sydney, a Christian not-for-profit that supports people across the greater Sydney and Illawarra regions, to a remote location during a ransomware attack, according to a statement put out by the organisation. But in the same statement, Anglicare...

Statement from Anglicare Sydney - 19 September 2020 (Anglicare Sydney) The cyber attack Anglicare Sydney has experienced is part of increased illegal cyber activity targeting the Australian health and aged care sectors alongside other sectors seeking to obtain funds via ransomware activity.

University of Tasmania IT bungle leads to mass student data breach (9News) Thousands of University of Tasmania (UTAS) students have had their personal information exposed to the enti...

Insurance firm suffers cyber attack (Tribune) A LOCAL insurance company has had to beef up its cyber security system after falling victim to hackers.

"Suspicious activity" detected on over 48,000 CRA accounts following data breach (Insurance Business) Accounts were breached thanks to a technique called credential stuffing

Hartford’s response to cyberattack was exemplary (Hartford Courant) Organizations throughout Connecticut can look at Hartford’s ransomware incident as a new type of example to aid in their cybersecurity planning and decision making. There seems to be an endless stream of cases demonstrating what can go wrong. In Hartford, we have a case study in what it takes to weather a ransomware attack with minimal harm.

Senior Biden campaign cybersecurity expert participated in racist internet troll group (Washington Examiner) A senior cybersecurity adviser to Joe Biden’s presidential campaign spent years affiliating with a hacking organization and boasted on a personal blog about breaking into her neighbor's computers.

Cyber Trends

DDoS Threat Report 2020 Q2 (Nexusguard) Nexusguard research reveals 570% increase in Bit-and-Piece DDoS attacks. Traditional threshold-based attack detection is no longer reliable with new bit-and-piece changes.

DDoS attacks motivated by financial gain on the rise: Security Researchers (TheWindowsClub News) Security researchers at Imperva observed an RDoS activity against one of their customer’s entire network. Full details here.

The Exploitation of Cloud Based Email Services (INKY) Is the cloud hackable? Yes. The FBI has seen a rise in BEC phishing scams and is urging companies to be aware and take precautions. Now, more than ever, companies need sophisticated anti-phishing software solutions that only INKY can provide.

Online Threats Retain Sky-High Levels as Pandemic-induced Cyberattacks Persist (Global Security Mag Online) The COVID-19 pandemic has touched virtually every aspect of human life—from health to housing to economy in general. With uncertainty looming over the future of physical services and remote work on the rise, many businesses and organizations have taken the opportunity to move online and put an extra effort into increasing digital presence. But this decision has been met with multiple challenges, including an ever-increasing number of cybersecurity incidents.

Marketplace

Goldman snubs £2bn Darktrace float amid Lynch extradition battle (Sky News) Legal issues surrounding the British technology star have led to Goldman Sachs deciding not to seek an IPO role, Sky News learns.

Scoop: How the Oracle-TikTok deal would work (Axios) A deal memo between the companies shows a variety of concessions to assuage security concerns.

ByteDance says not aware of $5 billion education fund in TikTok deal (Reuters) TikTok owner Bytedance said in a social media post on Sunday that it was the first time it had heard in the news it was setting up a $5 billion education fund in the United States.

Huawei: A Tool in a Playbook? (Budapest Business Journal) While technology news in August was dominated by whether Microsoft would buy TikTok or not, the “Huawei issue” was deepening further. The Chinese company is due to release Mate 40, the latest mobile device equipped with Kirin, the Huawei chipsets, later this fall, and the United States Department of Justice released an indictment by the U.S. Attorney against Huawei on fraud, intellectual property theft, money laundering and other charges.

Changing the game: How Cybereason's operative approach is transforming cybersecurity (TahawulTech.com) Cybereason CEO and Co-founder Lior Div shares the company’s journey to success and discusses how they are transforming the landscape to empower enterprises win the cyber war.

ThreatQuotient Celebrates World Rhino Day 2020 With Ongoing Support for Helping Rhinos (BusinessWire) ThreatQuotient Celebrates World Rhino Day 2020 With Ongoing Support for Helping Rhinos.

Ostendio Selected Best Tech Work Culture and Best Tech Manager Finalist in Timmy Awards (PR Newswire) Tech in Motion named Ostendio a 2020 finalist for Best Tech Work Culture and Ostendio CEO, Grant Elliott, as Best Tech Manager in the 6th...

Cybereason Managing Director Andrew Borene Joins NDIA Special Ops Exec Board (ExecutiveBiz) Andrew Borene, managing director for the U.S. public sector at endpoint security company Cybereason,

Products, Services, and Solutions

Ransomwiz from Nyotron Lets Cyber Pros Build Safe Ransomware Attacks (Security Boulevard) Free Online Tool Puts Good Guys in the Hacker’s Shoes to Test Defenses SANTA CLARA, Calif., September 21, 2020 - Nyotron, provider of the industry’s first

Criterion Systems Awarded GSA Highly Adaptive Cybersecurity Services (HACS) Special Item Number (Criterion Systems) Criterion Systems, Inc. announced today it has been awarded the General Services Administration (GSA) Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) 54151HACS.

Exclusive Networks signs distribution deal with NetSkope (TechCentral.ie) Cybersecurity and cloud solutions distributor Exclusive Networks has signed a sole distribution contract with Netskope. The deal will support sharply rising enterprise demand for Netskope’s Security Cloud, with Exclusive Networks growing the Netskope partner base and delivering dedicated in-country expertise along with a wealth of value-creation services. “This is great news for channel partners in [&hellip

ESET Launches Cyber Security Products Bundle for Small Business (Small Business Trends) A new cybersecurity bundle from ESET, the Cloud Administrator, can protect your network and remote workers affordably.

SessionGuardian Enterprise Reduces Work from Home Cyber-Security Threats for Businesses (PR Newswire) Remote work is a fact of life. COVID-19 restrictions increase #WFH security risks. SecureReview now offers SessionGuardian Enterprise, a...

With Trump's WeChat ban approaching, here are several alternatives (Fortune) With the U.S. banning WeChat on Sunday, here are alternative chat apps for people looking to stay in touch with friends and family in China.

Technologies, Techniques, and Standards

Make IoT Devices Certifiably Safe—and Secure (IEEE Spectrum) Makers of Internet-connected gadgets should have to certify that their products can resist cyberattacks

Creating An Internal Cybersecurity Hub Inside Your Company (Forbes) Evolving cybersecurity challenges require strategy and new and collective thinking. One initiative to consider is creating an internal company “Cyber Hub” (CH) to optimize corporate approaches to cybersecurity.

Protecting Satellite Communications (SpaceNews) The U.S. Space Force acquires, operates and maintains a constellation of Advanced Extremely High Frequency satellites that are reserved for strategic, high-priority military missions, providing secure, jam-resistant communications.

New Ops Group Tries a Better Approach to Cyber Warfare (Air Force Magazine) A new 867th Cyberspace Operations Group stood up at Joint Base San Antonio, Texas, on Sept. 18 to streamline the Air Force’s cyber offense and defense.

Air Force revamps its teams for U.S. Cyber Command (C4ISRNET) The Air Force activated a new cyber operations group under U.S. Cyber Command, conducting operations in defense of the nation and for combatant commanders.

Cyber sentries: National Guard helping Stamford, other cities secure voting systems (Laredo Morning Times) More than 100 Connecticut towns have signed on to the guard's program to prevent bad actors from intruding in Nov. 3 election.

How to Catch a Spy who Uses Numbers Stations? The KGB Experience (Numbers Stations Research) From 2019 onwards the Latvian National Archive offers access to various KGB documents. The author had already previously shown the very detailed efforts of the Latvian KGB counterintelligence to monitor and study the CIA and BND numbers stations broadcasts, or what they called - “one directional communications”.[1]

Design and Innovation

New Crop of Covid-Tracking Apps Addresses Old Concerns (Wall Street Journal) In hopes of containing the virus, seven states have put out apps using Google and Apple tech, facing privacy concerns head-on and keeping features simple

Research and Development

Political violence in cyberspace (ETH Zurich Center for Security Studies) Cyber harm has become a reality with impacts deep and wide in societies around the globe. Institutions such as the UN, WHO, and Council of Europe have adopted a new term: cyber violence.

Academia

Why adding cybersecurity to the curriculum is more important than ever (FE News) We must equip students with #cybersecurity skills to prepare for a post COVID world No one could have predicted the devastating impact COVID-19 had on businesses across the world. The almost overnight transition to remote working forced unprecedented changes, blindsiding thousands of organisations. Across the country, thousands of endpoints suddenly...

Purdue Northwest College Of Technology Awarded Nearly $6 Million From National Security Agency (Hammond, IN Patch) The funds will be used to develop AI cybersecurity training for transitioning military, first responders, and other adult trainees.

Warner pushes for measures to reinforce cybersecurity in public schools (Augusta Free Press) U.S. Sen. Mark R. Warner (D-VA) is raising alarm regarding the need to protect education infrastructure from cyber-attacks.

IoT Security & Education: Toward a Secure Connected Campus? (IoT For All) Smarter devices can improve the interaction between students and teachers as well as provide more efficient learning in the education sector.

Legislation, Policy and Regulation

Hyping the cyberthreat sabotages policymaking, ex-British intelligence official says (Washington Post) Hyping the cyberthreat undermines sound policymaking, according to a former senior British official, noting that after nearly three decades of warnings, a catastrophic cybersecurity event has yet to occur.

Iran vows ‘hit’ on all involved in US killing of top general (Military Times) The chief of Iran’s paramilitary Revolutionary Guard threatened Saturday to go after everyone who had a role in a top general’s January killing during a U.S. drone strike in Iraq.

Islamic State, Defeated U.S. Foe, Still Brims With Cash, Ambition (Wall Street Journal) The extremist group remains flush with cash despite setbacks in the past year, holding financial reserves and a range of revenue streams that U.S. and Western security officials warn could pay for a dangerous resurgence.

How the NSA is disrupting foreign hackers targeting COVID-19 vaccine research (TechCrunch) The headlines aren’t always kind to the National Security Agency, a spy agency that operates almost entirely in the shadows. But a year ago, the NSA launched its new Cybersecurity Directorate, which in the past year has emerged as one of the more visible divisions of the spy agency. At its co…

Mike Pompeo: ‘The tide has turned’ on global perceptions of Chinese threat (Atlantic Council) The world has “awakened” to the threat Beijing poses to international security and the global economy, according to US Secretary of State Mike Pompeo.

Why Diplomacy Matters as Much as Defense When It Comes to Cybersecurity (World Politics Review) The U.S. gets a lot right about its strategic approach to cyberspace, but given the steady stream of reporting on the wave of adversarial cyber campaigns waged by Russia, China and Iran, it also still gets plenty of things wrong. And the idea that the Pentagon will act as a “backstop” isn’t comforting.

Opinion | Trump Takes Election Interference Seriously (Wall Street Journal) It’s not a partisan issue. The administration is focused on challenges from Russia, China and Iran.

Australia's cyber power is more bark than bite (ZDNet) A newly-published index ranks Australia's cyber intent four spots higher than its actual cyber capability. Labor says this capability gap is down to the all-talk no-action Morrison government.

Beijing is publicizing its philosophy of how tech firms like TikTok must aid China’s rise (Quartz) In odd timing for TikTok's US deal, the Party explains how private Chinese firms must assist its goals.

China threatens U.S. companies with sanctions following Trump’s WeChat ban (Washington Post) American companies including Apple and Google could land in Beijing's crosshairs after the Chinese government responded to President Trump's WeChat ban by pointedly announcing details about a restrictive new corporate blacklist.

Statement on Delayed Prohibitions Related to TikTok (U.S. Department of Commerce) In light of recent positive developments, Secretary of Commerce Wilbur Ross, at the direction of President Trump, will delay the prohibition of identified transactions pursuant to Executive Order 13942, related to the TikTok mobile application that would have been effective on Sunday, September 20, 2020, until September 27, 2020 at 11:59 p.m.

Trump says he has given his ‘blessing’ to TikTok deal but that final terms are still being negotiated (Washington Post) President Trump said Saturday that he had given his “blessing” to a deal between Oracle and the popular video-sharing app TikTok, potentially averting a ban of the app in the United States after months of negotiation.

TikTok Ban Averted: Trump Gives Oracle-Walmart Deal His ‘Blessing’ (WUFT) President Trump has given tentative approval to a deal that will keep TikTok alive in the U.S., resolving a months-long confrontation between a hit app popularized by lip-syncing teens and White House officials who viewed the service as a national security risk.

Trump Signs Off on TikTok Deal With Oracle, Walmart (Wall Street Journal) The popular Chinese-owned video-sharing app TikTok will partner with Oracle and Walmart to become a U.S.-based company after negotiations that stirred debate over national security and the future of the internet.

Trump agrees to Oracle deal for TikTok in U.S. (Silicon Valley Business Journal) Under the deal, ByteDance will keep control of the algorithm, which picks which videos to show each user, under the current agreement. However, President Trump said that China would have no influence on TikTok.

The TikTok deal solves quite literally nothing (TechCrunch) Well… that was pointless. After debasing the idea of free commerce in the U.S in the name of a misplaced security concern, stringing along several multi-billion dollar companies that embarrassed themselves in the interest of naked greed, and demanding that the U.S. government get a cut of the…

Internet Society: U.S. Administration ban of TikTok and WeChat is a direct attack on the Internet (Internet Society) The U.S. Administration’s move to ban TikTok and WeChat for U.S. app stores is a direct attack on the Internet. It is an extreme measure that fundamentally undermines the foundation of the Internet. It’s especially a threat to the principles of openness and accessibility as well as its decentralized management. The Internet has no center. […]

COO of a VPN company elaborates on TikTok's potential ban controversy (Finbold) Chief Operating Officer of Atlas VPN shares cold hard facts on why the previously planned TikTok ban has valid reasoning behind it.

Trump Protects TikTok Users' Security By Cutting Them Off From Security Updates (Vice) Any TikTok vulnerabilities patched by ByteDance will continue to persist for Americans and Americans only under Trump's new TikTok ban.

Analysis | Trump’s WeChat Ban Is Just a MAGA Wall in Cyberspace (Washington Post) The latest barrier is unnecessary, porous and costly.

Huawei will run out of smartphone chips early next year (Light Reading) Three key questions about US sanctions and their impact on Huawei and the global market at large.

The Huawei Ban Could Crush U.S. Overseas Aid Efforts (Foreign Policy) A new law meant to keep Chinese telecoms out of American networks threatens to make life impossible for diplomats, aid workers, and the military across…

Lawmakers call upon tech firms like Facebook, Microsoft to step in on election security (FOX 29 News Philadelphia) Lawmakers are increasingly turning to a new ally in their efforts to track foreign election interference.

The Cybersecurity 202: The next Supreme Court justice could play a major role in cybersecurity and privacy decisions (Washington Post) The next Supreme Court justice could play a key role in determining rules of the road for cybersecurity and privacy in the digital age ― regardless of whether they're appointed by President Trump or Joe Biden.

U.S. Fleet Cyber Command/U.S. 10th Fleet holds Change of Command (DVIDS) Vice Adm. Ross Myers relieved Vice Adm. Timothy “T.J.” White as commander, U.S. Fleet Cyber Command/U.S. 10th Fleet (FCC/C10F), during a change of command ceremony at the U.S. Naval Academy, Sept. 18

What the Intelligence Community Doesn't Know is Hurting the US (The Cipher Brief) Cipher Brief Expert Matt Olsen and The Center for American Progress argue that the IC's lack of business skills is hurting the country.

Litigation, Investigation, and Enforcement

Prosecutors open homicide case after hacker attack on German hospital (Reuters) German prosecutors opened a homicide investigation on Friday into the case of a patient who died after a hospital in the western city of Duesseldorf was unable to admit her because its systems had been knocked out by a cyber attack.

Cyber Attack Suspected in German Woman’s Death (New York Times) Prosecutors believe the woman died from delayed treatment after hackers attacked a hospital’s computers. It could be the first fatality from a ransomware attack.

Ireland’s data watchdog slammed for letting adtech carry on ‘biggest breach of all time’ (TechCrunch) A dossier of evidence detailing how the online ad targeting industry profiles Internet users’ intimate characteristics without their knowledge or consent has been published today by the Irish Council for Civil Liberties (ICCL), piling more pressure on the country’s data watchdog to take…

Leaked Treasury documents reveal how dirty money moves through global banking system (Axios) Thousands of leaked documents reveal how some of the biggest banks knowingly moved around illicit cash.

Secret Documents Show How Criminals Use Famous Banks To Finance Terror And Death (BuzzFeed News) Thousands of secret “suspicious activity reports” offer a never-before-seen picture of corruption and complicity — and how the government lets it flourish.

Assange was offered presidential pardon to help 'resolve' Russia role in DNC hack, court told (NBC News) The WikiLeaks founder was told that speculation about the leak's source was "damaging to U.S.-Russian relations," London's Old Bailey court heard.

From Doklam to Dalai Lama, Chinese intel paid Indian journalist for info (Daiji World) The Special Cell of the Delhi Police have arrested 61-year-old Indian freelance journalist Rajeev Sharma, allegedly found working for Chinese intelligence.

WeChat Ban Blocked by Federal Judge in Ruling Against Trump Administration (Wall Street Journal) A federal judge temporarily blocked the Trump administration’s executive order curbing Americans’ use of WeChat, agreeing with free-speech arguments raised by users of the popular Chinese-owned messaging and e-commerce app.

Trump’s Unprecedented Bans of TikTok, WeChat Apps Slammed as Violating First Amendment (Variety) The Trump administration made good on its threat to block U.S. users from accessing TikTok and WeChat, announcing that American businesses will be banned from distributing either of the Chinese-own…

US sanctions hacker company linked to Iranian government (2spyware) The US says Rana company works for the Iranian government. Today, the US government has imposed sanctions on the well known Iranian company and individuals

Tesla wins lawsuit against whistleblower accused of hacks (Roadshow) The automaker won its case against an ex-employee who sought whistleblower protections and was accused of hacking Tesla's Gigafactory.

Six indicted for bribing staff to manipulate Amazon Marketplace (Computing) Scheme involved paying bribes to Amazon employees to gain unfair competitive advantage worth more than $100 million on Amazon's third-party platform

B.C. appeal court green-lights data breach class action lawsuit (IT World Canada) The suit against Peoples Trust alleges negligence and breach of contract in the loss of personal information on 12,000 customers

Amazon, Pindrop Beat Voiceprint Suit by Showing Illinois Absence (Bloomberg Law) Amazon Web Services Inc. and Pindrop Security Inc. beat claims that they collected voiceprints in violation of an Illinois law by showing their activities weren’t connected to the state.

Mobile App Stores and Crypto (AVC) I have written extensively on this blog over the last decade and a half about the significant negative consequences that the two large mobile operating systems have on distribution of software. I am strongly opposed to the monopolies that Apple and Google have over mobile apps that run on iOS and Android. I am rooting […]

SEC Charges Former NS8 Chief With Defrauding Investors (Wall Street Journal) The Securities and Exchange Commission said it charged NS8’s former chief executive with defrauding investors, alleging he falsely claimed millions in revenue and raised about $123 million in fraudulent offerings.