The nuclear consequences of cyber vulnerabilities (European Leadership Network) As cyber-nuclear interactions are likely to increase given trends in the militarisation of the cyber domain and the digitalisation of nuclear weapons systems, Wilfred Wan writes that nuclear-armed states must strengthen the cyber security of their weapons and should elaborate standards across the entirety of their supply chains.
The means to manage cyberspace and the duty of security (Modern Diplomacy) Over and above the ethical concepts regarding the near future, it is also good to focus on the present. Governments are required to protect their national resources and infrastructure against foreign and domestic threats, to safeguard the stability and centrality of human beings and political systems and to ensure modern services for civilians. Suffice it […]
ScarCruft surveilling North Korean defectors and human rights activists (Securelist) The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group.
North Korean hackers posed as Samsung recruiters to target security researchers (The Record by Recorded Future) North Korean state-sponsored hackers posed as Samsung recruiters and sent fake job offers to employees at South Korean security companies that sell anti-malware software, Google said this week in the first edition of its new Threat Horizons report.
Ukraine leader alleges Russia-backed coup planned next week (Military Times) Ukrainian President Volodymyr Zelenskyy said he received information that a coup was being planned for next Wednesday or Thursday.
Will Russia invade Ukraine? (Military Times) Wednesday, the U.S. Embassy in Kyiv issued an alert to U.S. citizens, warning them of “concerning reports of unusual Russian military activity near Ukraine’s borders and in occupied Crimea.”
All options fraught with risk as Biden confronts Putin over Ukraine (the Guardian) Analysis: Moscow presents Washington with a no-win situation: capitulate on Ukrainian sovereignty or risk all-out war
What’s Russia doing in Ukraine? Its latest military drills provide critical clues. (Atlantic Council) Here's what the Zapad-2021 joint exercise between Russia and Belarus revealed about the Kremlin's strategic plans.
Russia Won’t Let Ukraine Go Without a Fight (Foreign Affairs) Moscow threatens war to reverse Kyiv's pro-western drift.
Inside Wagnergate: Ukraine’s Brazen Sting Operation to Snare Russian Mercenaries (bellingcat) How a daring Ukrainian sting, years in the making, unravelled in spectacular circumstances.
What Russia Really Wants in the Balkans (Foreign Policy) The Kremlin is destabilizing Bosnia and Herzegovina in pursuit of broader strategic goals.
Energize NATO’s Response to Russia’s Threats Against Ukraine (Defense One) Signal new efforts to thwart a controversial Russian energy pipeline.
Russia Says U.S. Forcing Its Diplomats Out as Tensions Escalate (Bloomberg) 55 Russian diplomatic staff ordered to leave U.S. by mid-2022. U.S. toughened approach after Russia barred its local staff.
Iran’s War Within (Foreign Affairs) Ebrahim Raisi and the triumph of the hard-liners
Israel and Iran Broaden Cyberwar to Attack Civilian Targets (New York Times) Iranians couldn’t buy gas. Israelis found their intimate dating details posted online. The Iran-Israel shadow war is now hitting ordinary citizens.
2 US defense officials say Israel hacked Iran’s gas system last month — NYT (Times of Israel) Cyber assault on Iranian fuel system was followed by hack of Israeli LGBTQ dating site, pointing to new trend of attacks against soft targets, New York Times reports
Israel restricts cyberweapons export list by two-thirds, from 102 to 37 countries (The Record by Recorded Future) The Israeli government has restricted the list of countries to which local security firms are allowed to sell surveillance and offensive hacking tools by almost two-thirds, cutting the official cyber export list from 102 to 37 entries.
Amid NSO scandal, Israel said to ban cyber tech sales to 65 countries (Times of Israel) In potential major blow to industry, Defense Ministry reportedly scales down list of eligible states to just 37, dropping the UAE, Morocco, Saudi Arabia and dozens of others
Israel defense ministry slashes cyber export list, drops Saudi Arabia, UAE (CTECH) The Ministry of Defense has reduced the number of countries approved for export of cyber tools by Israeli companies from 102 to 37
NSO blacklisting: It is time for the US to end its Cold War ways (Al Jazeera) Israel will continue exporting harmful surveillance tech unless Washington stops turning a blind eye.
Under new deal, Israel and Morocco could share intel, hold joint drills — official (Times of Israel) A top Israeli defense official says Jerusalem and Rabat will begin cooperating deeply on security issues following the signing of a memorandum of understanding between the two countries.
Britain and Israel to sign trade and defence deal (the Guardian) Pact covers Iran as well as cybersecurity, despite controversy over use of Israeli firm NSO Group’s Pegasus spyware in UK
Japan, Vietnam Look to Cyber Defense Against China (SecurityWeek) Japan and Vietnam signed a cybersecurity agreement as the two Asian nations step up their military ties amid concerns over China’s growing assertiveness
EU outlines plans for regulating tech giants (CRN Australia) Proposing the Digital Markets Act and the Digital Services Act.
EU lawmakers vote for tougher rules on ad tracking (Computing) The proposals are part of the EU's ongoing fight to regulate tech giants
EU Pushes to Limit How Tech Companies Target Political Ads (Wall Street Journal) The European Union is proposing a ban on media companies targeting political ads at people based on their religious views or sexual orientation, a new volley in the continent’s expansion of global tech regulation.
Indian Government Submits Bill to Ban Most Cryptocurrencies, Dashing Hopes for Friendlier Measure (CoinDesk) While the bill might be the same as the draft submitted in January, expectations had grown that the government would submit a final version that would be accommodative to crypto.
Possible Huawei ban has telecoms asking Liberals about taxpayer compensation for new equipment (National Post) Both Bell and Telus have previously installed Huawei equipment to serve their existing older-generation networks, and it would have to be removed if the ban is retroactive
Taxpayer funds may be used to remove Huawei equipment if company is banned in Canada (MobileSyrup) Although an announcement has yet to be made, Canada is expected to follow the lead of allies in the Five Eyes intelligence network.
Estonia aligning with Europe against Huawei (Developing Telecoms) Estonia’s parliament The Rigiikogu has approved new legislation that effectively bans the country’s operators from using network equipment from China’s Huawei.
China’s top policymaking body charts plan for science and technology 'self-sufficiency' (The Record by Recorded Future) China's top leadership unveiled a plan for developing homegrown science and technology with an eye toward Chinese "self-sufficiency."
China Asks Didi to Delist From U.S. On Security Fears (Bloomberg) Regulators asked Didi brass to devise a plan to go private. Forced delisting will be severest action against China Tech.
Former DefSec Carter Calls for Stronger Retaliation Against Cyberattacks (MeriTalk) Former U.S. Secretary of Defense Ash Carter said cybersecurity risks are a “very serious matter” and called for stronger retaliation from the U.S. government and Department of Defense (DoD) against malicious cyber actors.
US sanctions 28 quantum computing entities in China, Russia, Pakistan, Japan (The Record by Recorded Future) The US Department of Commerce has sanctioned 28 organizations from China, Russia, Pakistan, Japan, and Singapore for helping advance and distribute quantum computing technologies to military and nuclear weapons programs.
US Government Adds Four Entities on the Department of Commerce Bureau of Industry and Security Entity List for Malicious Cyber Activities (Global Compliance News) On November 3, 2021, the Commerce Department’s Bureau of Industry and Security (“BIS”) issued a final rule adding the following four entities to the Department of Commerce Bureau of Industry and Security Entity List: Candiru (Israel), NSO Group (Israel), Computer Security Initiative Consultancy PTE (Singapore), and Positive Technologies (Russia). The addition of the four entities comes after the October 21, 2021 publication of an interim rule by BIS establishing controls on the export, re-export, and in-country transfers of items that may be used for malicious cyber activities and is part of the ongoing effort by the Biden-Harris Administration to combat the use of digital tools for repression.
More Chinese firms added to US trade blacklist (Computing) The action will restrict exports to firms that support Chinese military's modernisation efforts, US government says
Why Do Governments Reveal Cyber Intrusions? (Lawfare) Germany’s decision to publicly name the Ghostwriter hacking group as the perpetrator targeting its political institutions should not be taken lightly.
Antitrust Tech Bills Gain Bipartisan Momentum in Senate (Wall Street Journal) Support for curbing large technology companies’ market power is widening in the Senate, with lawmakers in both parties endorsing new legal constraints on search engines, e-marketplaces, app stores and other online platforms.
The head of Instagram agrees to testify as Congress probes the app’s effects on young people. (New York Times) This will be the first time Adam Mosseri, a trusted lieutenant to Mark Zuckerberg, will appear before lawmakers under oath.
UK’s surveillance culture may be normalising use of tech for abuse (ComputerWeekly.com) Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships.
Govt to introduce new social media laws on 'defamatory' comments (CRN Australia) To make social media companies provide details of commenters.
What the SEC Requires From Businesses After a Data Breach (Security Intelligence) Consumers have become wary of data breaches and the decreased safety of their personal information. However, the cost of a data breach is no longer only a matter of money and your company’s good name. There is now a third critical reason to pay attention: the U.S. Securities and Exchange Commission — more commonly referred to as the SEC.
FTC warns health apps to comply with health data-breach rules (American Medical Association) The AMA has pushed for better protection of patients’ data in health apps. Learn how this federal regulatory action moves in that direction.