Dateline Moscow, Kyiv, Zurich, and Redmond: hybrid warfare from both sides.

Ukraine at D+119: A look at both sides of a cyber campaign. (The CyberWire) Both Russian and Ukraine have used cyber operations in Russia’s hybrid war. A report cautions against dismissing Russian cyber capabilities because of their so-far apparently limited effect, and another study sees Ukraine’s IT Army as a new form of organization likely to have unforeseen effects on the development of norms for conflict in cyberspace.

Ukraine News: More Brutal Fighting Expected in East (New York Times) Moscow’s advancing forces threaten Lysychansk, the last major urban center in Ukrainian hands in Luhansk province. Ukrainian forces are bracing for another bitter fight in neighboring Donetsk province.

Russia-Ukraine war: List of key events, day 120 (Al Jazeera) As the Russia-Ukraine war enters its 120th day, we take a look at the main developments.

Russia makes ‘marginal gains’ near Severodonetsk (Washington Post) Russia has amassed forces near Severodonetsk in an attempt to seize Ukraine’s last urban foothold in the east, Ukrainian officials said, but the invaders made little progress there on Saturday.

Russia nears ‘tactical’ victory in Severodonetsk as villages fall (The Telegraph) Losses are ‘clear setback’ for Ukrainians, but experts say that Kremlin troops could still face protracted battles to capture key cities

Letters written, tanks in position as battle for Lysychansk looms (Washington Post) With Russian forces massed just across the river, Valentina Danko leaned over a pool of candlelight and wrote letters to her children. They had left months ago, but she chose to stay in her hometown and has lived in a dark school basement for 116 days.

Russia-Ukraine war: what we know on day 120 of the invasion (the Guardian) Russian forces edge closer to seizing the last pocket of resistance in Ukraine’s eastern Luhansk; footage shows drone crashing into oil refinery inside Russia’s borders

The arrival of Western weapons begins to reshape the battle off Ukraine’s coast. (New York Times) The Ukrainian military said it was attacking Russian infrastructure on Snake Island.

Russia Hits Grain Terminals in Latest Attack on Ukraine’s Food Infrastructure (Wall Street Journal) Russian forces targeted at least two large North American-owned grain terminals in the port of Mykolaiv, as part of what Kyiv and Western governments say is a campaign to degrade Ukraine’s ability to export food.

Ukraine war: Russia ‘destroys army fuel tanks with high-precision weapons’ (The Telegraph) Russia’s defence ministry has said it used high-precision weapons to strike Ukrainian army fuel tanks and military equipment near the southern city of Mykolaiv.

Yes, Ukraine will win the war, even if no one wants to say so (Newsweek) When Russia rolled into its smaller neighbor, the expectation was that Putin would win in 72 hours. He didn’t. But he’s not the only one reluctant to say so.

Russian army could soon run out of weapons and troops: Boris Johnson (Newsweek) Britain’s prime minister said Russia’s recent military advances have come at a cost that could end up turning the tide of the war in Ukraine.

The AP Interview: Estonian PM says don’t play down Russia (AP NEWS) Estonian Prime Minister Kaja Kallas has told The Associated Press that the West shouldn’t underestimate Russia’s military capabilities in Ukraine, saying Moscow is in it for the long haul as the war enters its fifth month.

Ukraine strikes Snake Island in ‘significant’ blow to Russia’s Black Sea forces (The Telegraph) Satellite images show destruction to key features on the strategic island, including a radar station, a tower and an anti-aircraft system

Ukrainian photojournalist ‘executed in cold blood’ by Russians, group says (Washington Post) Reporters Without Borders said an investigation it published Wednesday found evidence that Russian forces killed a Ukrainian photojournalist, along with a soldier accompanying him, in a forest near Kyiv in March.

Captured Briton Aiden Aslin told his execution will go ahead (The Telegraph) The British fighter told ‘time is running out’ as his family say the UK has not tried to negotiate his release with Russia

After a Pivotal Period in Ukraine, U.S. Officials Predict the War’s Path (New York Times) As Russia makes slow but steady progress, the arrival of new weapons systems will help Ukraine hang on to territory, U.S. officials and analysts say.

Ukrainian organizations warned of hacking attempts using CredoMap malware, Cobalt Strike beacons (ZDNet) Russian hackers continue their attempts to break into the systems of Ukrainian organisations, this time with phishing and fake emails.

Conti Armada: The ARMattack Campaign (Group-IB) Take a deep dive into ARMattack, one of the shortest yet most successful campaigns by the Russian-speaking ransomware group Conti.

Russian cyber spies attack Ukraine’s allies, Microsoft says (Reuters) Russian government hackers have conducted multiple cyber spy operations on countries allied with Ukraine since Moscow’s February invasion of that country, Microsoft said in a report on Wednesday.

Microsoft: Russian cyber spying targets 42 Ukraine allies (AP NEWS) Coinciding with unrelenting cyberattacks against Ukraine, state-backed Russian hackers have engaged in “strategic espionage” against governments, think tanks, businesses and aid groups in 42 countries supporting Kyiv, Microsoft said in a report Wednesday.

Russia Increased Cyber Espionage Against Countries Supporting Ukraine, Microsoft Says (Wall Street Journal) Microsoft said it had observed Moscow-backed hacking attempts in over 40 countries, many of them targeting NATO members for espionage.

Many Russian Cyberattacks Failed in First Months of Ukraine War, Study Says (New York Times) A report published by Microsoft also found that Moscow’s disinformation campaign to establish a narrative of the war favorable to Russia was doing better than expected.

Microsoft says Russia has stepped up cyber espionage against the US and Ukraine allies (CNN) Russian intelligence agencies have increased their efforts to hack US and allied government computer networks to gather intelligence since the war in Ukraine began, Microsoft said in new findings published Wednesday.

Russia launched cyber espionage campaigns against Ukraine allies: Microsoft (The Hill) Russia has levied dozens of cyber espionage campaigns in 42 countries since it invaded Ukraine in February, according to a new Microsoft report. The report says those efforts have targeted entities…

Microsoft: Russian Cyber Spying Targets 42 Ukraine Allies (VOA) The US-based software company says ‘strategic espionage’ by state-backed Russian hackers has targeted government agencies, think tanks, businesses and aid groups in the affected countries

Study says many Russian cyberattacks failed in early months of Ukraine war (Raven Tribune) A new examination of how Russia used its cyber capabilities in the early months of the war in Ukraine contains a number of surprises: Moscow

[Blog] Defending Ukraine: Early Lessons from the Cyber War (Microsoft On the Issues) Editor’s note: Today Microsoft published a new intelligence report, Defending Ukraine: Early Lessons from the Cyber War. This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons…

[Report] Defending Ukraine: Early Lessons from the Cyber War (Microsoft) The recorded history of every war typically includes an account of the first shots fired and who witnessed them. Each account provides a glimpse not just into the start of a war, but the nature of the era in which people lived.

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine (The Hacker News) Ukrainian CERT has warned of a new series of Russian cyberattacks exploiting the “Follina” vulnerability in the Windows operating system.

How the cloud saved Ukraine’s data from Russian attacks (C4ISRNet) Russian operatives conducted physical and virtual “wiper attacks” on computer networks in Ukraine – attempting to delete all stored government information. Yet the data survived.

Research questions potentially dangerous implications of Ukraine’s IT Army (CyberScoop) Volunteer hacking efforts could unwittingly pull countries or private companies into a murky geopolitical mess, a researcher says.

The IT Army of Ukraine Structure, Tasking, and Ecosystem (Center for Security Studies) For several years prior to the Russian invasion on 24 February 2022, the principal idea of creating a cyber volunteer army had been bouncing around in Ukrainian government circles. In part, those discussions were informed by the success of the Estonian Defence League’s Cyber Unit and other efforts around the globe to organize, incorporate, and surge civilian IT volunteers into existing military structures in times of need.

Identity among the cyber aid Ukraine needs during conflict with Russia (SC Magazine) There is a torrent of identity issues that emerge from displaced people that requires unique solutions, a panel explained at the Identiverse conference on Tuesday.

Poland’s cyberspace defence forces to cooperate with Google (First News) Cyberspace Defence Forces (CDF) will work in partnership with Google in tackling cyber threats, Poland’s defence minister said after talks with the internet giant’s deputy CEO.

Poland Has Had It With Russia (Foreign Policy) The ratings are out: And Biden falls alongside Putin.

Axis of autocrats versus democratic Europe (Atlantic Council) Vladimir Putin will pay a rare visit to his last remaining ally Alyaksandr Lukashenka in Belarus next week as the two dictators face the reality of mounting international isolation over the criminal invasion of Ukraine.

Turkey’s wartime bridge to the West is collapsing (Atlantic Council) Turkey’s balancing act towards Russia’s invasion of Ukraine is limiting its goodwill with the West.

Britain must be prepared to go to war with Russia (The Telegraph) Putin’s latest threats show he is not beaten, but we are dangerously ill-equipped for a conventional conflict

EU leaders to grant Ukraine candidate status in blow to Putin (the Guardian) Brussels has dramatically accelerated the process, amid outrage over the brutality of the unprovoked Russian attack

EU candidate status for Ukraine is the ideal response to Russian aggression (Atlantic Council) European Union leaders must decide this week whether to grant Ukraine official EU candidate nation status. This is a critically important moment for Ukrainians that will also shape the future direction of the entire continent.

Ukraine expects EU-wide support for candidacy to join bloc (AP NEWS) A Ukrainian official overseeing the country’s push to join the European Union said Wednesday that she’s “100%” certain all 27 EU nations will approve Ukraine’s EU candidacy during a summit this week.

What would EU candidate status mean for Ukraine? (Atlantic Council) Ukrainians expect the country to be granted official EU candidate nation status at this week’s summit of European leaders but what would this mean for Ukraine’s broader ambitions for greater Euro-Atlantic integration?

Time for EU leaders to honor Ukraine’s long fight for a European future (Atlantic Council) Ukraine hopes to receive official EU candidate nation status this week as the country’s long struggle for a European future enters a new phase while Ukrainian forces continue to defend against Russian invasion.

Croatia’s remarkable national journey is a source of hope for Ukraine (Atlantic Council) Croatia’s journey from war and partial occupation by a more powerful neighbor to membership of the European Union is a source of inspiration for Ukrainians as they fight against Russia’s ongoing invasion.

From Russian Elites, No Sign of Broad Challenge to Putin (New York Times) Many business owners and intellectuals fled Russia after the invasion of Ukraine, but others stayed behind, struggling to redefine their lives. Their diverging choices do not add up to a broad challenge to Vladimir Putin’s war.

The Putin Apostates Come Home (Puck) If the West was counting on sanctions to create enough economic pain for the Russian population to rise up, sweep Putin from power, and end the war, they have been wildly unsuccessful. In fact, many conscientious objectors who at first fled the country are wending their way back home.

In Russia, Western Planes Are Falling Apart (Wired) After months of sanctions that have made critical repair parts difficult to access, aircraft operators are running out of options.

Western Brands Are Up for Grabs in Sanctioned Russia (Wall Street Journal) Russian businesses are imitating and trying to swipe iconic trademarks of companies that left after the invasion of Ukraine.

What Lessons Can We Learn From Russia’s War on Ukraine? (Defense One) Better to learn now than to doom ourselves to repeat history.

China says Ukraine crisis has sounded alarm for humanity (AP NEWS) The conflict in Ukraine has “sounded an alarm for humanity,” Chinese leader Xi Jinping said Wednesday, as China continues to assume a position of neutrality while backing its ally Russia.

Attacks, Threats, and Vulnerabilities

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report (CISA) CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography or broken authentication schemes, insecure firmware updates and remote code execution via native functionality.

Industry Reactions to ‘OT:Icefall’ Vulnerabilities Found in ICS Products (SecurityWeek) Industry professionals comment on the disclosure of OT:Icefall, a collection of 56 vulnerabilities affecting ICS products from 10 major companies.

Report: Adobe Reader is blocking antivirus tools from scanning loaded PDF documents (gHacks Technology News) Adobe is blocking several antivirus tools actively from scanning PDF documents loaded by its Adobe Acrobat Reader application, according to a security report published by Minerva Labs.

Adobe Acrobat may be quietly sabotaging your antivirus (TechRadar) Compatibility issues? What compatibility issues?

Does Acrobat Reader Unload Injection of Security Products? (Minerva Labs) Since March of 2022 we’ve seen a gradual uptick in Adobe Reader processes attempting to query which security product DLLs are loaded into it by acquiring a handle of the DLL. The significant rise over the recent months has caught our attention as it is very unusual behavior for Adobe.

AvosLocker Ransomware Deployed in Log4Shell Attack (Decipher) An AvosLocker ransomware attack exploited the Log4j bug in VMware Horizon servers.

Sending Phishing Emails from QuickBooks (Avanan) Hackers are sending phishing emails directly from QuickBooks.

Elusive ToddyCat APT Targets Microsoft Exchange Servers (Threatpost) The threat actor targets institutions and companies in Europe and Asia.

New ToddyCat APT Targets Exchange Servers (Decipher) An APT group dubbed ToddyCat has emerged to target Exchange servers in organizations across Asia and Europe.

Okta says Lapsus$ incident was proof zero trust works (Register) Once former supplier Sitel coughed up its logs, it became apparent the attacker was hemmed in

Threat Spotlight: Attempts to exploit Atlassian Confluence zero day (Journey Notes) Barracuda researchers have observed a steady flow of attacks on the zero-day vulnerability in Atlassian

Sensitive data from IU Health patients breached by unknown perpetrators (The Herald-Times) An “unauthorized party” acquired patients’ personal information including names, medical codes, telephone numbers and Social Security numbers.

Blockchains Vulnerable to Centralized Control, DARPA Report Finds (Gizmodo) The report points to a handful of, “unintended centralities,” it argues could concentrate blockchain power in the hands of a few select individuals or groups.

Yodel hit by cyber attack (Apex Insight) UK delivery company Yodel has been hit by a cyber attack that has affected its services.

Security Patches, Mitigations, and Software Updates

Google Releases Security Updates for Chrome (CISA) Google has released Chrome version 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.  CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update.

SMA Technologies Patches Critical Security Issue in Workload Automation Solution (SecurityWeek) A critical vulnerability in the SMA Technologies OpCon UNIX agent results in the same SSH key being deployed with all installations.

Fortune 1000 Identity Exposure Report 2022 (SpyCloud) As the world began rebounding from the pandemic last year, the move forward into a digital age marched on. More enterprises embraced hybrid work models rather than requiring a complete return to the office, and employees continued to juggle more account logins for web and cloud apps. And the lines between work and personal spaces – and devices – remained blurred.

New Research from Snyk and The Linux Foundation Reveals Significant Security Concerns Resulting from Open Source Software Ubiquity (GlobeNewswire News Room) The State of Open Source Security Highlights Many Organizations Lacking Strategies to Address Application Vulnerabilities Arising from Code Reuse…

New Survey from Cloud Security Alliance and Google Finds Cloud (CSA) Study provides a deeper understanding of public cloud adoption and risk management practices within the enterprise

2022 Shadow SaaS-to-SaaS Integration Report (Valence Security) Download our whitepaper to learn more about The SaaS-to-SaaS Supply Chain security risks and how Valence can help

Qonsent Survey Reveals Consumers Want More Control Over Personal Data and Transparency From Brands (Qonsent) New survey highlights growing consumer demand for holistic data privacy policies, increased transparency from brands, and simplified solutions to manage data

Organisations ‘wait for attack before defending themselves’, says security report (Engineering & Technology) Executive boards in pandemic-struck sectors are putting their companies’ recovery at risk by only approving IT security spending after they have been victims of a cyber-attack, according to a new report.


Is cyber security stuck in a recruitment rut? (teiss) The cyber skills shortage is set to worsen, and the industry needs to think more creatively about how it hires

Forescout to open new offices in UK and Ireland as part of expansion plans (CRN) Keith Weatherford, VP of Worldwide Channel Sales at Forescout, has said the company is integrating the channel ‘closer and closer’

LogRhythm Announces New Additions to the Leadership Team (PRWeb) LogRhythm, the company helping busy and lean security operations teams save the day, names Mitzi Hunter as chief marketing officer and Mike Dalgleish to vice

Praetorian Announces Appointment of Andrew McFarland as Chief Operating Officer (Business Wire) Praetorian, a leading offensive security company, today announces the appointment of high-tech industry veteran Andrew McFarland to the position of ch

Matt Mullins Joins Cybrary’s New Threat Intelligence Group (Cybrary) Another day, another exciting new addition to our growing team! We’re welcoming long-time Cybrary instructor, Matt Mullins, to the Cybrary Threat Intelligence Group (CTIG) team as a Senior Security Researcher, where he’ll focus on adversary emulations of various threat actor groups and developing additional red team content.

Products, Services, and Solutions

Mitek Makes Digital Access Faster and More Secure Than Ever (Business Wire) As consumers transact more business online than ever, identity verification has become essential to safe digital access. Now Mitek is making it possib

Zscaler and AWS Expand Relationship Enabling Customers to Accelerate Onramp to the Cloud with Zero Trust Security (GlobeNewswire News Room) Zscaler’s New Posture Control CNAPP Offering Built on AWS Enables Security and DevOps Teams to Efficiently Prioritize and Remediate Hidden Risks Across…

Zscaler Advances Cybersecurity and User Experience with New AI/ML Capabilities for the Zscaler Zero Trust Exchange (Zscaler) AI-Powered Innovations Supercharge Zscaler’s Security Service Edge (SSE) Cloud Security Platform to Block the Most Sophisticated Cyberattacks

Zscaler Launches Posture Control Solution (Zscaler) Zscaler launches Posture Control Solution to remediate hidden security risks across cloud-native application environments.

DigiCert and Eonti Selected by the Western Canadian NG9-1-1 Network Operator to Secure the Next Generation 9-1-1 Systems (PR Newswire) Today, DigiCert, Inc., the world’s leading provider of digital trust, and Eonti, a leading professional services consulting firm specializing…

PlainID and Hub City Media Partner to provide Next Generation Authorization to secure Digital Assets. (PR Newswire) PlainID, The Authorization Company, a leading provider of authorization and policy-based access solutions, has announced a strategic…

Keeper Security Launches One-Time Password Sharing with Zero-Knowledge Encryption (PR Newswire) Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software, today announced the launch of One-Time Share, a…

ThreatX Unveils API Protection Quick Start Program (Business Wire) ThreatX today announced the launch of its API Protection Quick Start Program

Introducing Cloudforce One: Cloudflare’s new threat operations and research team (Intelligent CIO North America) Blake Darché, Head of Threat Intelligence at Cloudflare, introduces Cloudforce One, a new threat operations and research team from Cloudflare. Meet Cloudflare’s new threat operations and research team: Cloudforce One. While this team will publish research, that’s not its reason for being. Its primary objective: track and disrupt threat actors. The security teams we speak with […]

SentinelOne Expands Singularity Marketplace with New Integrations for SIEM, SOAR, and Malware Analysis (Business Wire) SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced integrations with IBM, Swimlane, and Intezer, increasing use case

Deep Instinct partners with Integrity360 to deliver end-to-end deep learning cyber security to UK enterprises (EnterpriseTalk) Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today announced its partnership

Infodata, Forcepoint launch One Security Solution for Cyber Security (TheNiche) Cyber security experts on Tuesday called for constant awareness and sensitisation of individuals and organisations to help protect their data. The experts

Tanium Partners With ScreenMeet to Enable Employees to Securely Connect to Their Remote Desktops (Dark Reading) partnership lets users access one-click ScreenMeet sessions from the Tanium platform.

Nozomi Networks Extends its Threat Intelligence Service to Third-Party Security Platforms (Nozomi Networks) Nozomi Networks announces its Threat Intelligence is now available for use with third-party cybersecurity platforms.

Bugcrowd Launches New Reseller Partnership with SocialProof Security (PR Newswire) Bugcrowd, the leader in crowdsourced cybersecurity, today announced a strategic reseller partnership with SocialProof Security, furthering the…

Technologies, Techniques, and Standards

Exercise Cyber Shield 2022, and what the Guard brings to cybersecurity. (The CyberWire) Cyber Shield 2022 showcased the Guard’s role in protecting Department of Defense networks.

National Guard tests cyber skills on DOD networks (FedScoop) The National Guard recently focused on defending the Department of Defense’s networks during its premier annual cyber exercise, a departure from the last several years where it tested skills on state networks. The Guard is typically owned by the governors of their perspective states and mobilized by those governors in what’s known as state active […]

Keeping PowerShell: Measures to Use and Embrace (CISA) Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely due to its use by malicious actors after gaining access into victim networks. These recommendations will help defenders detect and prevent abuse by malicious cyber actors, while enabling legitimate use by administrators and defenders.

Cloud Security Technical Reference Architecture (CISA) Executive Order 14028, “Improving the Nation’s Cybersecurity” marks a renewed commitment to and prioritization of federal cybersecurity modernization and strategy.

‘Stronger front door’ required to rebuff cyber HEAT attacks (Engineering & Technology) Emergent threat types such as ‘HEAT’ attacks are highlighting a disconnect between layers in conventional enterprise IT security stacks and exposing organisations to a wider spectrum of potential compromises, according to a cyber-security expert.

Trends in Modern Security Operations (Anvilogic) Learn what makes SOC modernization mission critical in the ESG Research Report. Download it today.

Design and Innovation

SolarWinds Says It’s Found A Way To Avert Another ‘Sunburst’ Attack (CRN) SolarWinds unveils new code-build process


Ransomware attacks on US schools and colleges cost $6.62bn in 2020 (Comparitech) In 2020, 77 individual ransomware attacks affected over 1,740 schools and colleges, potentially impacting 1.36 million students. We estimate that these attacks cost education institutions $6.62 billion in downtime alone. Most schools will have also faced astronomical recovery costs as they tried to restore computers, recover data, and shore up their systems to prevent future […]

Legislation, Policy, and Regulation

GAO Warns US Gov’t About ‘Catastrophic’ Cyber Risk (Law360) Cyberattacks targeting critical infrastructure may “affect entire systems and result in catastrophic financial loss” beyond what can be covered by private insurance or government backstops, the U.S. Government Accountability Office warned in a report that recommends joint federal action to study growing cyberinsurance risks.

Readout from CISA’s Third Cybersecurity Advisory Committee Meeting (Cybersecurity and Infrastructure Security Agency) Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its third Cybersecurity Advisory Committee meeting in Austin, Texas where Committee members met and provided updates and key recommendations to CISA Director Jen Easterly on the work of its six subcommittees.

DRAFT REPORT TO THE CISA DIRECTOR: Transforming the Cyber Workforce (CISA Cybersecurity Advisory Committee) The Transforming the Cyber Workforce Subcommittee has been asked to develop strategic recommendations to identify and cultivate the best pipelines for talent, expand all forms of diversity, and develop retention efforts to keep CISA’s best people. Additionally, the subcommittee has been tasked with identifying creative ways to develop a better-informed digital workforce and inspire the next generation of cyber talent through education of “K through Gray” communities.

CISA advisors recommend agency cut onboarding time to 90 days (Federal News Network) CISA’s Cybersecurity Advisory Committee is out with initial recommendations, including plenty of ideas for how the agency can streamline and speed up hiring.

CISA experts propose ‘311’ cybersecurity emergency call line for small businesses (The Record by Recorded Future) Experts said CISA should create an emergency “311” cybersecurity call line for incidents targeting small and medium-sized businesses.

Companies Respond to SEC’s Proposed Cybersecurity Disclosure Framework (cyber/data/privacy insights) As we reported in our March 2022 client alert, the Securities and Exchange Commission released proposed cybersecurity reporting rules and solicited feedback through a 60-day comment period. The comment period ended on May 9, 2022, and the SEC received 100+ comments from business, legal, nonprofit an

The federal government is (finally) taking the connection between legacy IT and cybersecurity seriously (SC Magazine) A little-used program for modernizing government IT systems got a big funding boost earlier this year, and most of their spending so far has focused squarely on enhancing cybersecurity and implementing concepts like zero trust throughout the federal digital ecosystem.

Investments (The Technology Modernization Fund) A list of all investments that have been awarded TMF funding.

House appropriators approve Pentagon’s $11.2 billion ask for cyber (The Record by Recorded Future) A powerful House panel on Wednesday fully funded the Defense Department’s request for $11.2 billion for cyberspace activities in the next fiscal year.

Questions over Cyber Command support, operations raised in defense authorization bill (SC Magazine) The House Armed Services Committee passed an amended version of the NDAA that authorizes $131 billion to bolster research and development for the Department of Defense, establishes a cyber threat information collaboration environment between and requires military leaders to further clarify how they define information operations and give Congress a 48-hour heads up before engaging in clandestine cyber operations.

Cyber Insurance: Action Needed to Assess Potential Federal Response to Catastrophic Attacks (Government Accountability Office) Cyber insurance can help offset costs of some common cyber risks, like data breaches or ransomware. But cyber risks are growing, and cyberattacks…

Top Senate Democrat casts doubt on prospect of major data privacy bill (Wall Street Journal) Senate Commerce Chair Maria Cantwell said she’s not close to supporting a major proposal, dealing a significant blow to efforts to revive the long-stalled bill

Revamped DOJ Compliance Unit Takes On Greater Role in Corporate Settlements (Wall Street Journal) The Justice Department’s corporate enforcement, compliance and policy unit is hiring as it assumes more responsibility in overseeing settlements with companies.

Litigation, Investigation, and Law Enforcement

EXCLUSIVE: Hacked documents reveal Ecuador’s failed effort to take in NSA whistleblower Edward Snowden (The Daily Dot) Hackers obtained data from the Ecuadorian Embassy in Moscow, revealing discussions regarding NSA whistleblower Edward Snowden.

Pegasus used by at least 5 EU countries, NSO Group tells lawmakers (POLITICO) NSO Group ‘made mistakes,’ its chief lawyer says.

EU Parliament’s Pegasus committee fires against NSO Group (euractiv) The inquiry committee to investigate the use of the Pegasus spyware questioned a representative of the Israeli company behind the technology, the NSO Group, with questions but still many remain unanswered.

Swedish court upholds ban on Huawei sale of 5G gear (Reuters) A Swedish appeals court on Wednesday upheld a ruling by a lower court that banned Huawei (HWT.UL) from selling 5G equipment in the country, in the latest setback to the Chinese telecoms company’s hopes of staging a comeback.

Twitter apologizes for abusing user security information after $150 million FTC settlement (The Record by Recorded Future) Twitter published an apology on Wednesday after it was caught covertly using account security data for targeted advertising.

Lycamobile fined again for customer data handling (CRN Australia) Paid the ACMA a $186,000 penalty.

State Privacy Law Compliance Has Ways To Go, Survey Shows (Law360) With five state consumer privacy laws set to take effect in 2023, companies that are feeling confident in their ability to comply with these new requirements may not be quite as ready as they think, according to a new survey of nearly 200 executives released by Womble Bond Dickinson.

DOJ Official Confirms CCO Certs. Are New Settlement Staple (Law360) A senior official in the U.S. Department of Justice’s fraud section said Wednesday that companies can expect a new policy requiring that chief compliance officers certify agreements with the department to “most likely” be part of every new deal moving forward.

Andrew Gillum, Former Florida Gubernatorial Candidate, Is Indicted on Fraud Charges (Wall Street Journal) Mr. Gillum, also a former mayor of Tallahassee, Fla., was once considered a rising star in Florida Democratic politics.