Dateline Moscow, Kyiv, Bucharest, Berlin, Rome, Paris, Ottawa, and Washington: Support for Ukraine in Russia’s war of attrition.

Ukraine at D+112: The likely course of cyber escalation. (The CyberWire) Russia continues its slow offensive in the Donbas amid signs of difficulty maintaining its battalions’ troop strength. Western leaders visit Ukraine and promise more support. Observers speculate about the likely course of Russian cyber operations as the war continues.

Russia-Ukraine war: List of key events, day 113 (Al Jazeera) As the Russia-Ukraine war enters its 113th day, we take a look at the main developments.

Russia-Ukraine war: Scholz demands end to ‘unimaginable cruelty’ of invasion after Macron denounces Russian ‘barbarism’ – live (the Guardian) Leaders of Germany, France and Italy visit Ukraine and call for end to ‘senseless violence’

EU leaders decry Russian brutality in visit to Ukraine (AP NEWS) Four European leaders made a high-profile visit to show their support for Ukraine on Thursday, denouncing the brutality of the Russian invasion as they surveyed the ruins of a Kyiv suburb that was the scene of intense fighting early in the war and where many civilians were killed.

Scholz, Macron and Draghi in Kyiv to show support for Ukraine (the Guardian) Symbolic visit of German, French and Italian leaders comes as Russia continues attacks across country

Ukraine war: Russia accused of ‘abducting’ thousands of Ukrainian children
(The Telegraph) Russia has been accused of ‘abducting’ 2,000 vulnerable Ukrainian children and facilitating forced adoptions of them in Russia, as the UK announced fresh sanctions against those believed to be involved.

Renewed Belarus military buildup is a sign of Lukashenka’s desperation (Atlantic Council) Belarus dictator Alyaksandr Lukashenka is saber-rattling on the Ukrainian border once again but it is unclear whether he is genuinely preparing to invade Ukraine or merely seeking to demonstrate his loyalty to Putin.

‘Kidnapped’ separatists thrown into line of fire by Russia as ‘cannon fodder’ (The Telegraph) Huge casualty rate in Ukraine revealed, with soldiers killed ‘like pieces of meat’ after being sent to spot artillery positions

Russian army ramps up recruitment as steep casualties thin the ranks (Washington Post) With Moscow wary of ordering a general mobilization, the military is offering perks and applying pressure

В «Газпром добыча Уренгой» подтвердили аварию на Уренгойском месторождении (Правда УрФО) В Ямало-Ненецком автономном округе стало известно об аварийной ситуации на промышленной площадке «Газпром добыча Уренгой», из-за которой случился пожар на крупнейшем газовом месторождении. В компании

Exclusive: US fighters ‘captured’ by Russian forces in Ukraine (The Telegraph) Alexander Drueke and Andy Huynh are both veterans of the US military who travelled to the frontline to help in the war effort

2 US veterans, a Marine and a soldier, reported missing in Ukraine (Military Times) The U.S. State Department says it is looking into reports that Russian or Russian-backed separatist forces in Ukraine captured at least two American citizens.

China’s Xi Jinping endorses “legitimacy” of Russia’s war in Ukraine—Kremlin (Newsweek) Moscow’s version of events, if true, would represent the clearest public endorsement from Beijing since the invasion of Ukraine began more than 100 days ago.

US says China’s support for Russia over Ukraine puts it on ‘wrong side of history’ (the Guardian) ‘China claims to be neutral, but its behavior makes clear that it is still investing in close ties to Russia,’ state department spokesperson says

The U.S. overestimated Russia’s military might. Is it underestimating China’s? (POLITICO) Concerns about American blindspots on the Chinese military are a major factor driving reviews of U.S. assessments of foreign armed forces.

Nagorno-Karabakh in the Shadow of Ukraine (Foreign Affairs) What Russia’s war means for Armenia and Azerbaijan.

US sending Ukraine new $1 billion arms package amid grinding Donbas fight (Defense News) The U.S. will send Ukraine another $1 billion in weapons to fight Russia, including Harpoon anti-ship launchers for the first time from the U.S., and more ammunition for high-tech, medium-range rocket launchers, the Biden administration announced Wednesday.

U.S. Giving Ukraine $1 Billion Military Aid Package Including Artillery, Anti-Ship Missiles (Forbes) The package will include artillery and advanced rocket systems.

Ukraine Won’t Get Key Weapons From $1 Billion Aid For Months (Time) New missiles could open Russian naval blockade of ports

Canada to send C$9 mln of replacement barrels for howitzer guns to Ukraine (Reuters) Canada will provide 10 replacement barrels for M777 howitzer artillery guns to Ukraine in new military aid valued at C$9 million ($6.9 million), the Canadian defense minister said on Wednesday.

‘It was worse than hell’: life in Mariupol under Russian occupation (the Guardian) Around 90,000 Ukrainians remain in the city with little access to electricity, phone, internet, water or healthcare

Attacks on hospitals from Syria to Ukraine: Improving prevention and accountability mechanisms  (Atlantic Council) When Russia invaded Ukraine on February 24, 2022, it soon began implementing one of its frequent—and criminal—tactics that it had already been using in its military intervention in Syria: bombing healthcare and medical facilities.

Putin critic Alexei Navalny confirms move to another maximum security prison (CBC News) Russian opposition politician Alexei Navalny confirmed Wednesday that he was transferred to another prison and is in quarantine.

Allies of Kremlin critic Alexei Navalny cannot reach him after alleged transfer to high-security prison (New York Daily News) Alexei Navalny, Russian President Vladimir Putin’s most vocal critic, has allegedly been moved to a high-security prison notorious for its brutal conditions and prisoner abuse.

How Russia telegraphed invasion of Ukraine in space and online (Defense News) While the discussion of Russia’s invasion of Ukraine at Europe’s largest land warfare tradeshow has focused on how militaries fight on the ground, Major Gen. Michel Friedling, the head of France’s Space Command, said Russia’s use of cyber and space weapons sent a critical message.

Russia’s cyber fog in the Ukraine war (GIS Reports) Russia has intensified its cyberattacks against Ukraine and the West, but has not crossed any red lines so far.

Russia Might Try Reckless Cyber Attacks as Ukraine War Drags On, US Warns (Defense One) Ground commanders have been unable to capitalize on at least one previous cyber strike.

Cyber Attacks in Times of Conflict (CyberPeace Institute) The CyberPeace Institute is aggregating data on cyberattacks and operations following the military invasion of Ukraine.

Vladimir Putin’s Ukraine invasion is the world’s first full-scale cyberwar (Atlantic Council) The current Russo-Ukrainian War is a major milestone in our developing understanding of cyber security. It is now clear that the invasion unleashed by Vladimir Putin on February 24 is the world’s first full-scale cyberwar.

Why Russia has refrained from a major cyber-attack against the West (Cyber Security Hub) While Russia has the capability to strike, we have not yet seen a SolarWinds-style incident since the outbreak of war in Ukraine

In modern war, we have as much to fear from cyber weapons as kinetics (Computing) The physical world is past the point of no return when it comes to dependence on technology, says Ian Hill

The future of global security will be decided in Ukraine (Atlantic Council) Western leaders must use the forthcoming NATO Summit in Madrid to regain the initiative from Putin’s Russia and define Ukraine’s role in the future of European security, writes Ukrainian Defense Minister Oleksii Reznikov.

Turkey wants ‘concrete steps’ from Sweden, Finland over NATO bids (Al Jazeera) Turkish president says no progress can be achieved in the process without seeing ‘concrete steps’ by both countries.

Putin’s Annual Cash-Grab Party Is Already a Big, Sad Mess (The Daily Beast) Putin’s aides are scrambling for excuses to explain the pathetic guest list at Russia’s premier economic forum, which kicked off on Wednesday.

U.S. probing how American electronics wound up in Russian military gear (Washington Post) FBI and Commerce Department agents are visiting tech companies to ask about computer chips found in drones, other weaponry.

Russia uses INSTC corridor to beat sanctions and drive trade with Iran and India (The Loadstar) Russia has begun sending goods to India via the International North South Transport Corridor (INSTC) to overcome sanctions-related challenges in doing business with traditional trade partners. INSTC is a 7,200km multimodal, cross-border freight network that links Russia to Central Asia, Iran and India, involving sea, rail and road links. It was initiated by India, Russia and Iran in 2000, with an agreement signed in 2002, but was never used to its …

Attacks, Threats, and Vulnerabilities

Proofpoint Discovers Potentially Dangerous Microsoft Office 365 Functionality that can Ransom Files Stored on SharePoint and OneDrive (Proofpoint) Ransomware attacks have traditionally targeted data across endpoints or network drives. Until now, IT and security teams felt that cloud drives would be more resilient to ransomware attacks. After all, the now-familiar “AutoSave” feature along with versioning and the good old recycle bin for files should have been sufficient as backups. However, that may not be the case for much longer.

New Attack Spoofs PayPal to Obtain Payment from End-User (Avanan) A new attack is spoofing PayPal to obtain credentials and money from the end-user.

New IceXLoader 3.0 – Developers Warm Up to Nim (Fortinet Blog) FortiGuard Labs discovered version 3.0 of IceXLoader, a new malware loader. Read our blog for the technical details of how it behaves and the potential malware that it can deliver in an infected sy…

Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike (BleepingComputer) The threat actor known as ‘Blue Mockingbird’ has been observed by analysts targeting Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources.

A Weaponized npm Package ‘@core-pas/cyb-core’ Proclaimed Pentesting Related (Mend) On June 6th, 2022, the Mend research team detected and flagged a malicious dependency confusion attack in npm exfiltrating Windows SAM and SYSTEM files.

Akamai Warns Of “Panchan” Linux Botnet That Leverages Golang Concurrency, Systemd (Phoronix) Akamai Security Research today is lifting the public embargo on ‘Panchan’, a new peer-to-peer botnet they are warning customers about that has been breaching Linux servers since March.

Hertzbleed vulnerabiity in AMD and Intel CPUs could leak cryptographic keys (Computing) Intel says an attack probably wouldn’t work outside a lab environment

New ‘Hertzbleed’ Remote Side-Channel Attack Affects Intel, AMD Processors (SecurityWeek) Academic researchers describe Hertzbleed, a new Intel and AMD CPU side-channel attack that leverages remote timing to extract secrets from the targeted system.

Attackers Can Exploit Critical Citrix ADM Vulnerability to Reset Admin Passwords (SecurityWeek) A vulnerability in Citrix ADM leads to system corruption, allowing an attacker to reset the administrator password at reboot and log in with default admin credentials.

Account Takeover in 2022 (Digital Shadows) Credential abuse is something that happens to other…

24 billion usernames and passwords available on the dark web – an increase of 65% in just two years (PR Newswire) Digital Shadows, the leader in threat intelligence and digital risk protection, has today published new research quantifying the scale of…

Lower reveals data breach impacting 86,000 customers (National Mortgage News) The incident at the mortgage fintech occurred late last year as a spate of attacks rocked other housing lenders.

Don’t use these passwords: These are the 10 logins most regularly found for sale online (ZDNet) People are still using common passwords and re-using them across multiple accounts. Cyber criminals are taking advantage.

BeanVPN leaks 25 million user records (Infosecurity Magazine) The cache of 18.5GB connection logs allegedly contained more than 25 million records

Heineken says there’s no free beer, warns of phishing scam (Register) WhatsApp messages possibly the worst Father’s Day present in the world

Oversight Leads to Data Breach at Choice Health Insurance (JD Supra) Recently, Choice Health Insurance reported a data breach after the company discovered that an unauthorized party was offering data obtained from the…

CHI Health says cybersecurity breach may have exposed some patients’ data (Columbus Telegram) CHI Health is notifying patients that one of its vendors had a “cybersecurity event” that may have exposed some patients’ protected health information.

Goodman Campbell Brain and Spine Announces Data Breach Following Ransomware Attack (JD Supra) Recently, Goodman Campbell Brain and Spine confirmed that the company experienced a data breach after an unauthorized party gained access to the…

MCG Health Confirms Data Breach Leaking Consumers’ Social Security Numbers (JD Supra) Recently, MCG Health reported a data breach after discovering an unauthorized party obtained certain personal information about affected individuals…

Malaysian POS and Inventory Management Software Provider Leaked Almost 1 Million Customers’ Data (SafetyDetectives) The SafetyDetectives cybersecurity team has discovered a major data leak affecting the software company called StoreHub.
StoreHub is based in Malaysia and provi

Security Patches, Mitigations, and Software Updates

Critical Code Execution Vulnerability Patched in Splunk Enterprise (SecurityWeek) Splunk this week announced the release of out-of-band patches that address multiple vulnerabilities across Splunk Enterprise, including a critical issue that could lead to arbitrary code execution.

Metasploit 6.2 Released – 138 New modules, Enhancements & Features (Cyber Security News) With 864 payloads and 2,227 exploits, Metasploit 6.2 is one of the most-used penetration testing frameworks. In order to assess the vulnerability of a network and to test its defenses, these elements can all be used.

Don’t wait to install the June Windows update — it fixes a major security bug (The Verge) It’s time to install the latest Windows update.

Debate rages over Microsoft vulnerability practices after Follina, Azure issues (The Record by Recorded Future) Microsoft’s response to several issues, including Follina and recent problems with Azure, has stirred debate among security experts who question its handling of vulnerability disclosure.

Pain Points: Ransomware Data Disclosure Trends (Rapid7) In a first of its kind report, Rapid7 uses proprietary data from the clear, deep, and dark web to analyze the disclosure layer of double extortion ransomware attacks.

Got hit by a cyberattack? Hackers will probably come after you again – within a year (ZDNet) Cyber criminals are taking advantage of companies that don’t update their cybersecurity strategies.

Cybersecurity Courses Ramp Up Amid Shortage of Professionals (Claims Journal) DENVER (AP) — The pressure was on. Someone, somewhere, was attacking computer systems so customers couldn’t reach certain websites. In a windowless room

Fortinet Global Survey Uncovers Critical OT Security Challenges (GlobeNewswire News Room) 93% of OT Organizations Experienced an Intrusion in Past 12 Months, and 78% Experienced More than Three…

OT Cybersecurity Readiness is Dangerously Behind (Industry Week) Manufacturers continue to leave themselves vulnerable to criminal attacks with their operational technology systems.

Report reveals extent of cybercrime risk to law firms (Today’s Conveyancer) A new report from the Solicitors Regulation Authority (SRA) shows that email remains a significant vulnerability for law firms, involved in more than…

Marketplace

ShiftLeft Announces Strategic Investment from and Go-to-Market Partnership with Wipro (Business Wire) ShiftLeft, an innovator in automated application security testing, announced an investment from and go-to-market partnership with Wipro Ventures.

Jit Banks Massive $38.5 Million Seed Round Funding (SecurityWeek) An Israeli startup promising technology to help developers simplify security when deploying cloud apps, has banked an eye-opening $38.5 million in seed-stage funding.

GreyNoise Attracts Major Investor Interest (SecurityWeek) Radian Capital leads a $15 million Series A investment in threat-intelligence startup GreyNoise.

GreyNoise to expand its threat intel collection after securing $15M in funding (TechCrunch) GreyNoise Intelligence, a Washington, D.C.-based cybersecurity startup that analyses internet scanning traffic to help organizations separate threats from internet “background noise,” has landed $15 million in Series A funding to expand its threat collection capabilities and help protect organizations from emerging vulnerabilities.

‘Unleashed from IBM’ – An interview with Kyndryl UK/I chief Tosca Colangeli (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.

After his company was spun off from IBM, this CFO had to attract a new set of investors (Fortune) Kyndryl CFO David Wyshner explains his strategy and outlook for the company.

The Switzerland of Security: Why Being Independent Matters (GovInfoSecurity) Mandiant has taken advantage of the opportunity to become truly vendor-agnostic since selling its FireEye products business to Symphony Technology Group in October,

Cerberus Sentinel Set to Join Russell 2000® Index (Yahoo) Cerberus Cyber Sentinel Corporation (NASDAQ: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., is set to join the broad-market Russell 2000® Index at the conclusion of the 2022 Russell indexes annual reconstitution, effective after the U.S. market opens on June 27, according to a preliminary list of additions posted June 3. Annual Russell indexes reconstitution captures the 4,000 largest

US cybersecurity provider SentinelOne opens India office in Bengaluru (The Hindu) SentinelOne will hire 500 people and invest $50 million in market expansion in India

Former Cisco Leader to Lead Baffle’s Expansion in Asia-Pacific (GlobeNewswire News Room) Bengaluru Welcomes Fast-growing U.S.-based Data Protection Company…

Stellar Cyber expands its management team with two appointments (Help Net Security) Stellar Cyber announced it has expanded its management team with the addition of two experienced industry leaders.

Stellar Cyber Hires Exabeam, Cybereason, Fortinet Security Veterans; Open XDR for MSSP Push Continues (MSSP Alert) Stellar Cyber hires are well-known within MSSP & cybersecurity circles; executives previously held key posts at Cybereason, Exabeam, Fortinet & more.

Products, Services, and Solutions

Bringing New Capabilities to the DomainTools App for Splunk (Domain Tools) We are pleased to announce the latest version of the DomainTools App for Splunk (version 4.3).

Faster Threat Investigation with Armorblox (Armorblox) Armorblox is making security admin jobs easier through the release of enhanced EAC capabilities for detection, investigation, and remediation of email account compromise incidents. Armorblox machine learning-based detection provides highly accurate detection of compromised accounts.

Enforcing Cloud Resource Policy Guardrails for HashiCorp Terraform Cloud (Styra) Styra and HashiCorp let teams enforce fine-grained policy guardrails around Terraform Cloud infrastructure with OPA for security and compliance.

New Black Kite FocusTags Provide Instant Visibility of High-Profile Cyber Events at Scale (Business Wire) Black Kite, the leader in third-party cyber risk intelligence, announces the availability of FocusTags™, a fast and simple way for users to track high

Mutare Enhances Voice Traffic Filter to Eliminate Voice Network Security Threats (PR Newswire) Mutare, Inc., a leading innovator of enterprise solutions that reimagine how businesses securely communicate, today released several new…

Everything Blockchain Launches Channel Program (Benzinga) Everything Blockchain Inc., (OTC Markets: OBTX) , through its subsidiary Vengar Technologies, today announced the launch of its channel program to deliver EB

Hunters Named Snowflake Cybersecurity Partner of the Year (GlobeNewswire News Room) Snowflake Summit – Hunters today announced that it has been named the 2022 Cybersecurity Partner of…

Hunters Security ETL for Snowflake Streamlines Migration of Security Data from SIEM to Snowflake Data Lake (GlobeNewswire News Room) New product offering enables the smooth transition and organization of massive volumes of security data without major data engineering effort …

Varonis Strengthens Cloud Security Offering with Data Discovery and Classification for Amazon S3 (Varonis) New capabilities deliver accurate, scalable data classification for S3 buckets to help organizations slash sensitive data exposure

Flashpoint Announces Cybersecurity Platform for K-12 (GovTech) With ransomware and other cyber threats increasingly targeted at school systems, New York-based risk intelligence company Flashpoint is offering its risk management and cybersecurity platform to K-12 school districts.

Kaspersky’s enhanced threat intelligence portal unifies vendors’ services (Back End News) The new release of Kaspersky Threat Intelligence (TI) unifies all vendors’ TI services, sources, and cyber-reconnaissance capabilities in a single and convenient interface. The updated portal suppo…

Trend Micro offers VicOne security for EVs and connected cars (InfotechLead) Trend Micro, a cybersecurity leader, announced VicOne, dedicated security for the electric vehicles and connected cars.  

Symmetry Systems Achieves SOC 2 Type 1 Certification (PR Newswire) Symmetry Systems, the industry’s first hybrid cloud data security provider, announced it has successfully completed a Type 1 System and…

Veristor Named 2022 Southeast Regional Partner of the Year by Arctic Wolf (Veristor) Atlanta-based Solution Provider Recognized by Security Operations Leader

ReliaQuest GreyMatter joins Microsoft Intelligent Security Association (ReliaQuest) ReliaQuest’s GreyMatter for Azure Sentinel and GreyMatter for Defender for Endpoint are available on the Azure Marketplace.

Thales solution supports DevSecOps teams with data protection (SecurityBrief Asia) Thales’ CipherTrust Platform Community Edition enables DevSecOps teams to deploy data protection controls into multi-cloud applications faster.

BlackBerry Set to Unfurl Zero-Trust Network Access Service (Security Boulevard) BlackBerry Ltd. next month will make available a zero-trust network access-as-service offering based on a gateway it hosts on its cloud platform. Alex

SecureKloud Launches CloudEdge Platform to Ease Cloud Adoption (AiThority) SecureKloud Technologies, provider of cloud transformation solutions, has announced the launch of its Platform-as-a-Service (PaaS) offering

Palo Alto Networks named Google Cloud technology partner of the year for security  (SecurityBrief Australia) Palo Alto Networks was recognised for helping organisations rapidly transform security operations for future success.

Cowbell Cyber Named to the 2022 CB Insights Insurtech 50 List of Most Innovative Insurtech Startups (StreetInsider.com)
Company recognized for its standalone, individualized, and easy-to-understand cyber insurance for small and medium-sized enterprises PLEASANTON, Calif., June 15,…

Technologies, Techniques, and Standards

Closing the Web Application Security Gap (MeriTalk) With Federal cybersecurity leaders striving to close the security gap, is application security (AppSec) meeting agency expectations and what challenges are leaders facing during implementation? Download the “Closing The Web Application Security Gap” research report to learn more.

Lessons for Better Fraud Decision-Making (SecurityWeek) Only when we have that deeper understanding – an understanding that goes beyond the application layer data – can we make better decisions around fraud.

Design and Innovation

LaMDA and the Sentient AI Trap (Wired) Arguments over whether Google’s large language model has a soul distract from the real-world problems that plague artificial intelligence.

‘Is This AI Sapient?’ Is the Wrong Question to Ask About LaMDA (Wired) The bigger problem is what happens when we act as if AIs are conscious, and how that could be used against us.

Academia

Craven Community College offering new cybersecurity programs (WITN) Craven Community College is offering new programs focusing on cybersecurity starting this fall.

Legislation, Policy, and Regulation

Little Self-Regulation for Militaries Developing Artificial Intelligence (International Policy Digest) The military applications of artificial intelligence hold a lot of promise for countries seeking an edge on the battlefield.

Should Brazil Ban Huawei? (Diplomat) The case for banning the Chinese telecoms firm is compelling, but such a move would carry a steep cost.

Opinion | Banning Huawei is the start, not the end, of protecting cyber infrastructure (Toronto Star) Canada never really had a Huawei problem: instead, it has a technology strategy problem.

A plan to strip Huawei from rural telecoms is still short billions (Washington Post) The Biden administration and Congress are struggling to fulfill one of the main components of their program to protect U.S. telecom systems from Chinese spying — removing Huawei gear from rural wireless networks.

FCC says most requests for funds to replace Chinese telecom equipment are deficient (Reuters) The Federal Communications Commission (FCC) told Congress on Wednesday it had found deficiencies in two-thirds of applications to reimburse U.S. carriers for removing equipment from Chinese companies deemed national security threats.

House Panel Advances ‘Rip And Replace’ Shortfall Fix (Law360) U.S. House lawmakers advanced a bill Wednesday that would rely on an FCC auction of midband spectrum to patch a nearly $4 billion shortfall in the Federal Communications Commission’s program aimed at replacing Chinese-made network equipment.

House Democrats propose major funding increase for CISA (The Record by Recorded Future) House Democrats on Wednesday proposed boosting President Joe Biden’s Cybersecurity and Infrastructure Security Agency (CISA) budget request by more than $400 million, as the organization urges the private entities to keep their “shields up” against possible Russian digital attacks.

“Never Trust, Always Verify”: Federal Migration to ZTA and Endpoint Security (CSIS) The Issue The federal government’s latest guidance aimed at improving the nation’s cybersecurity demonstrates a commendable shift in priorities—moving away from perimeter defense and firewalls and instead embracing zero trust architecture (ZTA) to create resilient systems. For the government to succeed in this transition, it must recognize that ZTA is more about mindset and culture than it is a standardized roadmap.

House Armed Services chair calls national security software, systems ‘too vulnerable’ (CyberScoop) Rep. Adam Smith said the U.S. needs to invest in modernizing national security software and systems, which he said are vulnerable to cyberattacks.

FCC Reminds Small Voice Providers Of Anti-Robocall Mandate (Law360) The Federal Communications Commission reminded certain voice service providers with 100,000 or fewer voice access lines that the June 30 deadline for them to implement an anti-robocall compliance framework into their systems is fast approaching.

Litigation, Investigation, and Law Enforcement

Interpol seizes $50 million, arrests 2000 social engineers (BleepingComputer) An international law enforcement operation, codenamed ‘First Light 2022,’ has seized 50 million dollars and arrested thousands of people involved in social engineering scams worldwide.

INTERPOL raids hundreds of scammy call centers in sweep (CyberScoop) Investigators found scammers involved in human trafficking.

Hundreds arrested and millions seized in global INTERPOL operation against social engineering scams (Interpol) International police cooperation targets telecommunication fraud, business mail compromise (BEC) and associated money laundering

Hack Me If You Can, Part 1: The Making of a Russian Hacker – The Journal. – WSJ Podcasts (Wall Street Journal) In more than 20 years of reporting on cybercrime, Wall Street Journal reporter Robert McMillan has never come face-to-face with a criminal hacker. Until he met Dmitry Smilyanets. Dmitry grew up during the fall of the Soviet Union, a computer-loving kid with big dreams. He became part of a generation of Russian hackers who cut their teeth in the early days of the internet and went from stealing passwords to hacking some of America’s biggest companies. This is the story of how Dmitry became one of the best.

Hack Me If You Can, Part 2: Counterstrike – The Journal. – WSJ Podcasts (Wall Street Journal) In 2008, Dmitry Smilyanets and his crew of hackers pulled off one of the biggest hacks in history. It made Dmitry millions of dollars, some of which he used to build an esports empire. But the hack put a target on Dmitry’s back. A U.S. prosecutor, Erez Liebermann, was tasked with bringing Dmitry to justice. In this episode, Erez follows Dmitry’s every move — chasing him around the world.

Hack Me If You Can, Part 3: The Infiltrator – The Journal. – WSJ Podcasts (Wall Street Journal) After his arrest in Amsterdam, the threat of a decades-long prison sentence loomed over Dmitry. If he cooperated with American prosecutors, he could lower his sentence. But he’d have to betray his hacking collaborator and best friend, Vladimir Drinkman. Dmitry takes the deal and starts working with the U.S. government while he serves his time. And in the years since, Dmitry has had a new vantage point to watch the evolving threat hackers pose. Increasingly, hackers are targeting public institutions and infrastructure, putting many Americans at risk. It’s now Dmitry’s job to help stop them.