Cyber Attacks, Threats, and Vulnerabilities
Super Tuesday voting so far free of cyber meddling, U.S. officials say (Yahoo) The Super Tuesday primary elections were so far free of any signs of interference, said national security professionals who gathered in Northern Virginia in an unprecedented monitoring effort to counter cyberattacks and foreign disinformation. "On the specifics of today, we have not seen any acute
No Foreign Meddling in Super Tuesday Primaries, US Officials Say (Voice of America) U.S. voters who headed to the polls to cast ballots in Super Tuesday primaries encountered scattered problems, some causing long lines or delays, but nothing that could be attributed to foreign interference, U.S. officials said. The updated assessment late Tuesday came as polling stations were preparing to close in the last of the 14 states and one territory giving voters a chance to determine U.S.
A quiet night for disinformation watchdogs (NBC News) The Department of Homeland Security and disinformation experts monitoring social media had a relatively quiet night on Super Tuesday.
CISA Officials See ‘No Malicious Activity’ During Super Tuesday (Nextgov.com) Subsequent information could change the analysis but the agency does not currently attribute technical hiccups in some states to interference.
The Cybersecurity 202: Here are the serious tech glitches that frustrated voters on Super Tuesday (Washington Post) The scenario election officials feared – Russians hacking the vote – did not come to be on Super Tuesday. But the mega-primary day was bedeviled by a slew of serious technical glitches that frustrated voters.
Fraud alert: Secretary of state warns about election disinformation attempts (Vindicator) While Ohio has taken numerous steps to make sure its voting system can’t be hacked, Secretary of State Frank LaRose said there’s an equally important issue: combating disinformation. “You’re in a fight against foreign actors that want to undermine the credibility of our form of government,” LaRose said during a Tuesday visit to […]
Twitter temporarily suspends liberal journalist for quoting Joe Biden gaffe (Fox News) A liberal journalist was hit with a temporary suspension on Twitter over a tweet quoting a gaffe from former Vice President Joe Biden.
At least two presidential campaigns aren’t using two-factor authentication (Fifth Domain) At least two presidential campaigns are not using two-factor authentication, according to Maine Sen. Angus King, because the campaigns consider the technology too unwieldy.
EU Rapid Alert System used amid coronavirus disinformation campaign (Euractiv) An EU instrument designed to monitor serious cases of disinformation has been triggered following a series of online campaigns surrounding the deadly coronavirus outbreak, the European Commission has confirmed, in what could be the first time the EU's Rapid Alert System is being used.
Cobalt Ulster Strikes Again With New ForeLord Malware (Threatpost) Threatpost talks to Alex Tilley, senior security researcher with Dell SecureWorks' Counter Threat Unit Research Team, about a recently discovered campaign linked to an Iranian APT.
Why ‘free’ Wi-Fi isn’t really free (Naked Security) How much data is too much to give away to get online while you’re waiting at the train station? In the airport? A shopping mall?
Are Hackers Targeting Critical Infrastructure More Often? (Government Technology) Researchers at RSA 2020 discussed the growing trend of hackers harassing large industrial systems. In doing so, they aren't just shifting their targets — they're also exhibiting more insidious behavior.
Ransomware Attackers Use Your Cloud Backups Against You (BleepingComputer) Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you.
SpaceX Contractor Hit by Data Breach (Infosecurity Magazine) DoppelPaymer ransomware pegged as the likely culprit
Experts Insight On Visser Data Breach (Supplier To Lockheed, Tesla, Boeing And SpaceX) (Information Security Buzz) It has been reported that an American manufacturer which works with SpaceX and Tesla is being extorted by cyber criminals who are leaking documents relating to these companies. The cyber crime group known as DoppelPaymer has already leaked non-disclosure agreements signed between Visser Precision and the Elon Musk-led companies SpaceX and Tesla. More documents stolen from Visser’s …
Ransomware getting more fearsome, but there's reason for optimism (Help Net Security) F-Secure documents a steep increase in attack traffic in 2019 that was unmatched by previous years, with 2.8B attack events in the second half of the year.
Let's Encrypt? Let's revoke 3 million HTTPS certificates on Wednesday, more like: Check code loop blunder strikes (Register) Tons of TLS certs need to be tossed immediately after Go snafu
Let’s Encrypt to Revoke Millions of TLS Certs (Register) On Wednesday millions of Transport Layer Security certificates will be revoked because of a Certificate Authority Authorization bug.
Delicious irony: Credit rating builder Loqbox lets customer details and card numbers slip after 'sophisticated attack' (Regiater) 'We are truly sorry'
Citrix vulnerability used for potential Defence recruitment database access (ZDNet) ASD notified Defence and its recruitment database contractor that it had reason to believe it was vulnerable to a Netscaler bug a month after Citrix made the vulnerability public.
MediaTek Bug Actively Exploited, Affects Millions of Android Devices (Threatpost) An exploit published by a developer is easy to use and has already been used to build malicious apps that gain root access on Android devices.
Hackers are using Word documents to drop NetSupport Manager RAT (HackRead) Before dropping NetSupport Manager RAT, attackers lure users into opening a malicious MS Word document by entering a password.
Phishing email claims to be from ADA president (American Dental Association) At least one American Dental Association member has reported receiving a phishing email appearing to come from an address containing ADA President Chad P. Gehani's name and including a link to "view member's details."
It's not just phishing emails, now we have to worry about fake calls, too (Techxplore) When your boss calls and tells you to wire $100,000 to a supplier, be on your toes. It could be a fake call.
Deepfakes and the detection challenge (Computing) The issue of deepfakes, as depicted in the BBC TV drama The Capture, is only going to get worse, warn Kemp Little's Joanna Conway and Oriana Williams
The Case for Limiting Your Browser Extensions (KredsOnSecurity) Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content.
Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums (ZDNet) Impacted projects include WordPress, Concrete5, Composr, SilverStripe, ZenCart, and others.
PHOENIX CONTACT Emalytics Controller ILC (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.4
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Phoenix Contact
Equipment: Emalytics Controller ILC 2050 BI(L)
Vulnerability: Incorrect Permission Assignment for Critical Resource
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to change the device configuration and start or stop services.
Emerson ValveLink (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Emerson
Equipment: ValveLink
Vulnerability: Improper Access Control
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow arbitrary code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of ValveLink digital valve controller software are affected:
Moxa AWK-3131A Series Industrial AP/Bridge/Client (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.9
ATTENTION: Exploitable remotely/low skill level is needed to exploit/public exploits are available
Vendor: Moxa
Equipment: Moxa AWK-3131A
Vulnerabilities: Improper Access Control, Use of Hard-coded Cryptographic Key, OS Command Injection, Use of Hard-coded Credentials, Classic Buffer Overflow, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Access Control, Authentication Bypass Using an Alternate Path or Channel
SweynTooth Vulnerabilities (CISA) 1 EXECUTIVE SUMMARY
CISA is aware of a public report of multiple Bluetooth Low Energy (BLE) vulnerabilities with proof-of-concept (PoC) exploit code affecting a large number of IOT, Smart-home, wearable, and medical devices from vendors who utilize BLE wireless communication technology. This report was released without coordination with some of the affected vendors and without advance coordination with CISA. CISA has notified some of the affected vendors of the report and has asked the vendors to confirm the vulnerabilities and identify mitigations.
Omron PLC CJ Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Omron
Equipment: PLC CJ Series
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Omron programmable logic controllers are affected:
Indonesian hackers breach Uttarakhand’s tourism website (The Times of India) Uttarakhand’s tourism website — uttarakhandtourism.gov.in — was hacked by a group of Indonesian hackers called “One Hat Cyber Team” on Tuesday. The ha
At last, wool auctions set to resume after cyber hacking (Farm Weekly) Today's Melbourne wool sales have been cancelled because of a cyber attack on the industry's main software supplier.
Fraudsters will take advantage of health outbreaks to send email phishing scams (Yahoo) Disease outbreaks typically result in a surge of email phishing scams, and experts say to stay vigilant.
As coronavirus scams spread, here’s how to protect yourself (Yahoo) The Better Business Bureau and Federal Trade Commission have issued alerts warning people of COVID-19-related scam emails and texts.
How coronavirus disinformation caused chaos in a small Ukrainian town (41NBC News | WMGT-DT) NOVI SANZHARY, Ukraine — By the time the riot police turned up, things were already out of control. In this rural Ukrainian town of about 8,000 people, residents reacted with anger after evacuees from the center of the coronavirus outbreak in China were airlifted to a nearby medical facility last month. As a fog of …
Criminals on CCTV: Scammers caught red-handed (BBC News) The man who hacked into a criminal call centre to expose scammers at work.
Hacker Breaks Into CCTV Cameras of Scammers, Catches Them Red-Handed: Report (NDTV Gadgets 360) The scammers in Gurugram were acting as technical support staff for Microsoft.
Security Patches, Mitigations, and Software Updates
Google Patches the Critical MediaTek rootkit Vulnerability (GBHackers On Security) Google patches a critical vulnerability with MediaTek rootkit chips that affect millions of devices with chipsets from MediaTek.
It took Google months to patch a serious Android security flaw (Engadget) There's a good chance many devices will never receive the patch.
Let’s Encrypt discovers CAA bug, must revoke customer certificates (Ars Technica) Let's Encrypt users will need to manually force-renew once to avoid downtime.
GoodRx stops sharing personal medical data with Google, Facebook (Naked Security) The mobile app saves people money but was letting 20 companies know who’s taking antipsychotics, erectile dysfunction and HIV meds, and more.
Cyber Trends
Domain spoofing declines as protective measures grow (Valimail) The battle against phishing rages on. Estimates from the FBI peg losses due to just one type of email-based attack, the business email compromise (BEC), at $1.7 billion in 2019 alone.
McAfee Mobile Threat Report: Mobile Malware Is Playing Hide and Steal (McAfee) Consider the number of applications on your smartphone today. Which ones are actively used? Which ones are no longer used?
Is Mobile Malware Playing Hide and Steal on Your Device? (McAfee Blogs) As we become more reliant on our smart devices and apps, hackers use this dependency as an opportunity to gain access to our data. Hidden apps are the most active mobile threat, generating nearly 50% of all malicious activities. Let’s dive into these mobile threats and how they could potentially impact your life.
Report: Hackers target telecoms, defense contractors (FCW) China spent the year targeting telecommunications infrastructure to feed its spying and IP theft, while Iran shifted to target defense contractors in the latter half of the year.
A massive increase in eCrime behavior can easily disrupt business operations (Help Net Security) A new Cowdstrike report indicates an increase in eCrime behavior can disrupt business, with criminals employing tactics to leave organizations inoperable.
Digital Trust & Safety Index: A Rapidly-Changing Fraud Landscape (Sift Resources) Get valuable insight into the latest fraud trends and industry developments Trust and Safety pros need to know to stay one step ahead of fraudsters.
Humans remain weak link in fight against email scams (Business Insurance) Drilling employees on cyber security is key to preventing fraud, but such programs are still overlooked at many companies, experts say.
47% Americans Find Identity Theft Worse than Murder, New Report Show (Atlas VPN) According to the latest Atlas VPN research, the US residents are way more worried about being hacked than getting murdered.
2020 Spotlight Report on Privileged Access (Vectra) The report examines privileged access from unknown hosts, and why it is critically important to monitor cloud-native and hybrid cloud environments as well as determine how to correlate data and context from both into actionable information for security analysts.
ManagedMethods 2019 State of K-12 Cybersecurity Infographic Reveals Cybersecurity Incidents Impacting School Districts Increased 185% (ManagedMethods) ManagedMethods, a leading Google G Suite and Microsoft Office 365 data security and student safety platform for K-12 school districts, today released its State of K-12 Cybersecurity infographic, in partnership with the K-12 Cybersecurity Resource Center.
Cyber attacks, ransomware were unrelenting throughout 2019 (APN) Cyber criminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A new report from cyber security provider F-Secure, Attack Landscape H2 2019, documents a steep increase in attack traffic in 2019 that was unmatched by previous years. […]
White Paper: 2019 Insider Threat Report (Nucleus Cyber) Data security needs have changed as collaboration has moved data beyond fixed office locations and corporate firewalls, cybersecurity threats have increased and the advent of new regulations. Explore the top 5 data security challenges to modern collaboration and how data-centric security can help.
Expert: We Are Not Learning Enough From Cyberattacks (Government Technology) A former tech executive is troubled that the frequent cyberattacks that have hit businesses and local government entities do not seem to be sparking a wave of learning and improvement in their aftermath.
The Finances of Fortnite 2.0: In-Game Spending is Up 21% (LendEDU) Two years after our first Fortnite report, we revisted the topic to see how habits related to the game, especially financial ones, have changed.
Marketplace
Foxconn to resume production within weeks after coronavirus hit (The Telegraph) Foxconn, a key manufacturing partner for Apple, is expecting production to return to normal within weeks after the coronavirus outbreak stalled operations.
Coronavirus Is Devastating the Conference Circuit (Wall Street Journal) Business events are being scrapped or postponed at historic rates world-wide, resulting in tens of millions of dollars in lost revenue for local economies as travel curbs mount and ticket-holders stay put.
Facebook pulls out of the SXSW conference citing coronavirus concerns (The Verge) SWSX is still proceeding as planned, at least for now.
Google says its cloud conference will only be held virtually as coronavirus spreads (CNBC) The cloud conference drew in 30,000 attendees last year in San Francisco.
Deutsche Telekom postpones Cyber Security Tech Summit, Digital X events due to coronavirus (Telecompaper) Deutsche Telekom announced that it is postponing the Cyber Security Tech Summit Europe scheduled to take place in Bonn on 11 March. The situation relating to the spread of the coronavirus is "acute", the company said in a statement. The company alsodecided to postpone the Digital X East event planned for 12 March in Berlin, and the Digital X West in Bochum on 26 March.
Huawei in European 5G Heaven as Swiss Thumb Their Noses at Trump (Yahoo) A quiet Huawei Technologies Co.-led 5G revolution is unfolding at the heart of Europe -- in the bucolic Swiss hamlet of Taenikon.Far from President Donald Trump’s campaign to stop the world from using the Chinese company’s technology, cows in this northern Swiss village -- with its white-washed
It's a Titan IC take-over as Belfast cyber security firm is bought over (The Irish News) A BELFAST-based cyber security firm which spun out of Queen's University has been bought over for an undisclosed sum by a NASDAQ-listed group headquartered in California and in Israel.
DIGITAL ALLY CLOSES $2.9 MILLION UNDERWRITTEN PUBLIC OFFERING OF COMMON STOCK (AP NEWS) Digital Ally, Inc. (NASDAQ:DGLY), which develops, manufactures and markets advanced video recording products for law enforcement, emergency management, fleet safety and security, today announced the closing of an underwritten public offering of 2,521,740 shares of its common stock at a price of $1.15 per share, for gross proceeds to the Company of approximately $2.9 million, before deducting underwriting discounts and other offering expenses.
Nationwide invests in Deep Sentinel for business security service (VentureBeat) Deep Sentinel, a security startup that uses a combination of AI, cameras, and a hardware hub to prevent crimes, has secured investment from Nationwide.
Xerox Moves to Buy All of HP’s Shares in Public Takeover Bid (Wall Street Journal) The public takeover bid follows moves by HP to resist a deal that the printer and computer company says undervalues its business.
BRIEF-Sectra Q3 Operating Profit Rises To SEK 99.7 Mln (Reuters) Sectra's nine-month interim report 2019/2020: Sectra is growing with satisfied customers--tops ranking for seventh consecutive year.
1touch.io Wins Gold Cybersecurity Excellence Award, Silver Info Securi (PRWeb) 1touch.io, a leading provider of data and privacy management solutions, today announced that its data discovery and classification platform, Inventa, has wo
BitDam Named Winner of InfoSec Award for Email Security (PRWeb) BitDam, a leading provider of cybersecurity solutions that protect enterprise communications from unknown threats hidden in files and links, is proud to an
CyCognito Wins Three Cybersecurity Excellence Awards (Globe Newswire) Company recognized for outstanding technology, innovative approach and overall contribution to the cybersecurity industry
Forrester Wave Report: Security Awareness and Training Solutions (KnowBe4) KnowBe4 has been named a Leader in The Forrester Wave for Security Awareness and Training Solutions, Q1 2020. Download the full report!
Why Jack Dorsey’s days at Twitter may be numbered (The Telegraph) Being ousted from the company you founded is a common in the world of tech.
Google has betrayed its ‘don’t be evil’ motto, says former executive (The Telegraph) Ross LaJeunesse enjoyed a sparkling career at Google for much of his 11 years with the company.
Coalfire Security Pros Named To HITRUST® Assessor Council (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, announced today that two of its healthcare security specialists, Zach Shales and Arthur Staff, were appointed to the Health Information Trust Alliance (HITRUST) CSF® Assessor Council.
Elron Appoints Yaron Elad as CEO (InsurTech360) Elron Appoints Yaron Elad as CEO, Focusing on Cybersecurity and Enterprise Software while maturing the value of its MedTech portfolio Yaron Elad, who served
Products, Services, and Solutions
Swimlane Patent Validates SOAR as an Enabler Across all Security Use Cases (BusinessWire) Swimlane today announced it has been granted US Patent 10,552,615, “Threat Response Systems and Methods.”
Arc’teryx Partners with Kount to Rethink Fraud Prevention and Deliver Personalized Customer Experiences (BusinessWire) Kount, the leading AI-driven fraud prevention solution, today announced that Arc’teryx, a global company specializing in technical high-performance ap
BlackBerry Introduces New Updates to SecuSUITE for Government and BlackBerry AtHoc Crisis Communication (PR Newswire) BlackBerry Limited (NYSE: BB; TSX: BB) today announced new enhancements and feature updates to SecuSUITE® for Government and BlackBerry® AtHoc®...
Sonatype Overhauls JavaScript Scanning; Provides npm Automated Pull Requests and More Free Developer Tools (Globe Newswire) Enhanced solutions take advantage of new algorithms to better identify security vulnerabilities in open source npm packages
New Quest KACE Cloud MDM Simplifies Mobile Endpoint Management and Minimizes Fraudulent Access (Globe Newswire) New location tracking capabilities mitigate risks of company data being unwillingly exposed; lowers annual costs associated with replacing lost or stolen mobile devices
Appsian Announces SAP Integration Certification for Fine-Grained, ABAC and Security Analytics Platform for SAP® ERP Central Component and SAP S/4HANA® (BusinessWire) Appsian, the leader in ERP data security, today announced the SAP integration certification of their data security and compliance platform for SAP® ER
Ping Identity Announces New Workforce and Customer Authentication Solutions for the Modern Digital Enterprise (BusinessWire) Ping Identity, (NYSE: PING), the Intelligent Identity solution for the enterprise, today announced two new solution packages for enabling centralized
DH2i DxEnterprise for SDP-Enhanced Microsoft SQL Server Availability Groups (AGs) on Linux Now Available in AWS Marketplace (DH2i) DxEnterprise for SDP-enhanced Microsoft SQL Server Availability Groups (AGs) is now available for Linux on RHEL and Ubuntu in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
Honeywell to Roll Out Quantum Computer (Wall Street Journal) The industrial conglomerate plans to release an early-stage quantum computer for commercial experiments within about three months, with JPMorgan Chase as the first public user.
Trustology Rolls Out Credentials Wallet for Crypto Funds to Manage On-Exchange Risks (PR Newswire) Leading custodial wallet specialist Trustology has today announced a new solution for traders and crypto funds: an Exchange Credentials Wallet....
Titus Illuminate 2020 Lowers Major Barriers to Data Privacy Compliance (Citizen Tribune) Titus, the expert in data classification and a Blackstone portfolio company, today introduced Titus Illuminate 2020, the latest release of the company’s flagship solution for identifying and classifying unstructured data at rest.
Technologies, Techniques, and Standards
EMVCo Supports Security Evaluation for IoT Products (Financial IT) Global technical body EMVCo has confirmed its security evaluation methodologies and processes support IoT payment use cases, enabling emerging solutions and devices to be evaluated quickly and efficiently. Device hardware evaluations are playing an increasingly important role in IoT assessments across various IoT payment use cases, security frameworks and emerging compliance models. EMVCo, in collaboration with globally recognised independent laboratories, has worked since 2005 to evaluate the security of various EMV® hardware form factors and acts as a security certification entity.
GCHQ's infosec arm has 3 simple tips to secure those insecure smart home gadgets (Register) UK.gov tries the KISS approach to infosec advice for the public
Social engineering: Mind the identity verification gap (Help Net Security) Regardless of organization size, attacks are becoming more targeted due to the proliferation of data. This calls for IT departments to close the identity verification gaps.
The top-ten tenets of software quality assurance, part two: documentation (Computing) Not many people love documentation, but it's an essential element of any project. However, too much is just as bad as too little, warns Mark Wilson
Detecting Malware Beacons With Zeek and RITA (Black Hills Information Security) Hello and welcome, my name is John Strand and in this video, we’re going to be talking a little bit about beaconing using RITA. Now, for this particular video, I’m not using the security onion, instead we’re going to be using ADHD. If you want to find ADHD, go to the ActiveCountermeasures.com website. Go to …
How to avoid falling victim to a cyber attack (The Sydney Morning Herald) Our financial institutions are receiving an ever-increasing number of sophisticated cyber attacks, serving as a warning for consumers to ensure they are doing everything they can to protect their accounts.
Design and Innovation
Huge flaw found in how facial features are measured from images (Naked Security) It has to do with optics: faces appear to flatten out as we get further away. Our brains compensate, but AI-run facial recognition doesn’t.
Roblox 'Hacker Typer' vs Some of Roblox's Real Hackers (The Blast) A look at one of Roblox's most interesting games
Research and Development
Novel algorithm may help prevent fraudulent online transactions (Outlook India) Scientists have developed a new digital security algorithm which they say can help prevent fraudulent online transactions by increasing the randomness in the generation of user-authenticity tests like one-time passwords (OTPs) and CAPTCHA.
Academia
We need to start teaching cybersecurity in elementary school (World Economic Forum) Children are using technology at ever younger ages - which is why we need to start teaching cyber safety to them at a younger age, too .
Legislation, Policy, and Regulation
International partners want in on Pentagon’s cybersecurity standards (Fifth Domain) The Pentagon is now working with nearly a dozen other nations and bodies to instill new cybersecurity standards for defense contracting.
Spy boss tells business to improve defences as cyber attacks mount (Australian Financial Review) Rachel Noble, the digital spy agency's new chief, has told business to bolster cyber defence capabilities in the wake of the crippling attack on Toll Group.
National cyber intel agency to be headed up by Abigail Bradshaw (Defence Connect) The Australian Cyber Security Centre (ACSC) will be
Huawei protest futile, Hague warns rebel MPs pushing for ban (The Sydney Morning Herald) The former foreign secretary predicted the rebellion would end in failure.
Senators urge British Parliament to reject Huawei from 5G networks (TheHill) A bipartisan group of senators led by Senate Minority Leader Charles Schumer (D-N.Y.) on Tuesday “strongly urged” the British Parliament to reject Chinese telecom group Huawei and exclude it entirely from
Bipartisan commission to make 75 recommendations to defend against cyberattacks (TheHill) A new report by a bipartisan commission will include at least 75 recommendations for Congress and the executive branch on how to defend the nation against cyberattacks, including bipartisan recommendations for defending elections.
Ukraine is getting more help to build cyber capabilities (Fifth Domain) Ukraine will be receiving U.S. funding to build its cybersecurity.
State pledges $8 million to Ukraine for cybersecurity assistance (TheHill) The State Department on Tuesday announced that the U.S. would give Ukraine $8 million in cybersecurity assistance funds as part of a “cyber dialogue” held in Kyiv between officials from the two countries.
[Letter to the Comptroller General on controlling child abuse material posted online] (Unites States Congress) Dear Mr. Dodario: We write to request a review of the federal government's efforts to combat the alarming growth in the amount of child sexual abuse material available online.
Congress, Justice Department take aim at tech, hoping to halt spread of child sexual exploitation online (Washington Post) U.S. regulators are preparing to take fresh aim at Facebook, Google and other tech giants this week, unveiling new efforts to combat online content that harms or abuses children — and hold Silicon Valley responsible for its spread.
The EARN IT Act: How to Ban End-to-End Encryption Without Actually Banning It (Center for Internet and Society) There’s a new bill afoot in Congress called the EARN IT Act. A “discussion draft” released by Bloomberg is available as a PDF here.
[Letter to the Vice President on controlling coronavirus misinformation] (United States Senate Committee on Homeland Security and Governmental Affairs) Dear Mr. Vice President: As American citizens and communities across the country prepare for the threat of novel Coronovirus 2019 (COVID-19), I write to ask about the information the federal government is providing the American people.
Navy leaders acknowledge networks are a problem. Now what? (C4ISRNET) Government leaders and industry officials have been hopeful that the Navy's IT troubles will get renewed attention under the watch of Adm. Michael Gilday, the service's top officer.
Litigation, Investigation, and Law Enforcement
Facebook Sets Spyware Firm NSO Back Over Court No-Show (Bloomberg) NSO Group says lawsuit in San Francisco wasn’t properly served. Israeli firm was accused of creating bogus WhatsApp accounts.
Chinese Nationals Indicted in Alleged North Korean Cryptocurrency Hack (Lawfare) U.S. indictments were unsealed yesterday against two Chinese nationals charged with laundering over $100 million worth of cryptocurrency on behalf of North Korean hackers. In the two-count indictment handed up in the U.S. District Court for the District of Columbia on Monday, March 2, Tian Yinyin and Li Jiadong were charged with money laundering conspiracy and operating an unlicensed money transmitting business.
Investigators find no evidence for Georgia Gov. Kemp’s hacking claim (Atlanta Journal Constitution) The Georgia attorney general's office has closed its investigation into Gov. Brian Kemp's allegation that Democrats tried to hack election info.
Seven people wrongfully apprehended by Met Police during Oxford Circus facial recognition deployment (Computing) Big Brother Watch claims 86 per cent of alerts flag innocent members of the public
India’s supreme court lifts ban on banks facilitating cryptocurrency trade (Quartz India) RBI's move was "unconstitutional."