Dateline Moscow, Kyiv: Notes on the hybrid war.
Ukraine at D+144: Firing for whatever effect. (The CyberWire) Heavy Russian artillery fire continues along the line of contact, The strikes are regarded as a preparation for a renewed offensive in the Donbas, as spoiling attacks against a feared Ukrainian counter-offensive in the southern region, as direct terrorism of the civilian population, as a crude expression of a deterrent to HIMARS attacks against high-value targets, and, finally, as a form of attack Russia’s army is actually able to carry out. In the cyber phase of the hybrid war, the GRU seems to be trolling researchers who look into its activities.
Russia-Ukraine war: List of key events, day 144 (Al Jazeera) As the Russia-Ukraine war enters its 144th day, we take a look at the main developments.
Russia-Ukraine war at a glance: what we know on day 144 of the invasion (the Guardian) Evacuations from Sviatohirsk Lavra in Donetsk; Russian forces reportedly preparing new offensive; all bodies identified after Vinnytsia missile attack
Russia-Ukraine war update: what we know on day 143 of the invasion (the Guardian) At least three killed and 15 hurt in Dnipro missile strike; UK says Kremlin responsible for British captive’s death; Ukraine reports May peak in military losses
Russia prepares for next Ukraine offensive in face of new Western weapons (Reuters) As Western deliveries of long-range arms begin to help Ukraine on the battlefield, Russian rockets and missiles have pounded cities in strikes that Kyiv says have killed dozens in recent days.
Ukraine braces for further Russian missile strikes as civilian death toll rises (the Guardian) At least 37 deaths across country since Thursday as residential areas appear to be targeted
Russian War Report: Russian missiles strike Vinnytsia (Atlantic Council) Russian forces launched a missile attack on the Ukrainian town on Vinnytsia, Russia’s public death toll grows, and Iran’s coverage of the war.
Russia escalating attacks on civilians, says top Ukrainian official (the Guardian) Head of national security council says ‘more and more civilian targets’ being hit, after deadly Vinnytsia attack
‘They have come to destroy us’: Ukrainians on the frontline in Donbas (the Guardian) Many fighters are from the Donbas and say it is wrong to assume pro-Russian views predominate in the region
Kharkiv Sketches (Wilson Center) Thirty-year-old Kharkiv graphic designer Sasha Anisimova did not believe there would be a war. Focused on her daily life and artistic projects, she ignored her boyfriend’s entreaties to prepare for a quick getaway until there was no time left. Hearing Russian bombs strike her city on the morning of February 24, Anisimova beat a hasty retreat to find refuge in western Ukraine. Once safe, she could think of nothing else than returning to her beloved hometown.
No jobs, no homes: Ukrainians forced back to frontline towns (Guardian) Even when people are able to flee towns under bombardment, a lack of financial support sends many back
‘Bang, bang’: Children live and play near Ukraine front line (AP NEWS) The children flicker like ghosts on the empty playgrounds in weedy courtyards deep in a city whose residents have been told to get out now. Six-year-old Tania has no more playmates left on her street in the eastern Ukraine city of Kramatorsk.
Ukraine’s Zelenskyy fires top security chief and prosecutor (AP NEWS) As Russia’s military pressed its efforts to expand into Ukraine’s east, Ukrainian President Volodymyr Zelenskyy fired the head of the country’s security service and its prosecutor general on Sunday, citing hundreds of criminal proceedings into treason and collaboration by people within their departments.
Zelenskiy Ousts Ukraine’s Security Chief and Top Prosecutor (Bloomberg) Ukrainian authorities pledged to clean up law-enforcement agencies after President Volodymyr Zelenskiy removed the nation’s security chief and suspended its top prosecutor.
Volodymyr Zelensky sacks top aides over ‘Russian collaboration’ (The Telegraph) The president said more than 60 officials from the pair’s agencies were now working against Ukraine in Russian-occupied territories
Predicting Military Performance Can’t Be Perfect. But It Can Be Better (World Politics Review) In the immediate aftermath of Russia’s invasion of Ukraine, many military analysts found that their prewar predictions about the Russian military’s performance were wildly off the mark. It’s worth examining the broader lessons of that analytic failure, in order to apply them to similar exercises with major implications.
EU candidate status is an historic opportunity to transform Ukraine (Atlantic Council) The decision to grant Ukraine official EU candidate status does not guarantee the country’s future membership but the process of further integration can dramatically boost Ukraine’s domestic reform momentum, writes Kira Rudik.
Europe ‘must get its act together’ on defense, says Dutch defense minister (Atlantic Council) Ollongren spoke about supporting Ukraine and shoring up European defense with allies at an Atlantic Council Front Page event.
U.S., Italian Defense Leaders Discuss Shared Interests, Concerns for Ukraine (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III thanked his Italian counterpart for supporting Ukraine in the face of Russia
Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine (Dark Reading) Researchers who helped thwart the Russian nation-state group’s recent attack on Ukraine’s power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team.
Russia tried to spy on the US, NATO and Brazil (The Catholic Transcript) Microsoft said in a statement this week that Russia is trying to spy on 42…
Europe Takes Position on Sending Personal Data to Russia (cyber/data/privacy insights) On 12 July 2022, the European Data Protection Board (EDPB) adopted Statement 02/2022 on Personal Data Transfers to the Russian Federation, in which it confirmed that data transfers to Russia require a data transfer impact assessment (DTIA). A DTIA is a case-by-case evaluation that determines whether
Putin’s Use of War in Ukraine to Tidy Up Loose Ends at Home (Wilson Center) Many military analysts have rightly pointed out that the Russian invasion of Ukraine was based on incorrect assumptions about the state of Ukrainian society and its armed forces. From a value-free, professional point of view, this war does not make sense.
Putin’s Captives (Foreign Affairs) How a Ruinous Imperial War Has Strengthened His Rule at Home
Putin is already at war with Europe. There is only one way to stop him | Simon Tisdall (the Guardian) He has spread economic and political pain across the continent. Sanctions don’t work, a land for peace deal would be a disaster. Only the military route remains
Killer in the Kremlin: New book explores Vladimir Putin’s bloody reign (Atlantic Council) British journalist John Sweeney’s new book “Killer In The Kremlin” offers a chilling portrait of Russian President Vladimir Putin as a menace to global security whose entire reign has been marked by death and destruction.
Kremlin Critic Pivovarov Sentenced to 4 Years in Prison for ‘Undesirable’ Activity (The Moscow Times) Pivovarov led Open Russia, a pro-democracy movement, until it disbanded under increasing government pressure.
Russia jails opposition figure for criticizing its military (ABC News) A court in Russia has ruled to remand a prominent opposition politician in custody pending an investigation and trial over his public criticism of Russia’s military actions in Ukraine
The Gorinov Case Sets New Benchmark in the Kremlin’s War against Dissent (Wilson Center) On July 8, 2022, a Moscow court handed down its first prison sentence to an antiwar dissenter. It jailed Alexei Gorinov, a Moscow municipal councilor, for an astonishing seven years for speaking out against Russia’s invasion of Ukraine at a local council meeting.
Russian journalist who staged TV protest over Ukraine invasion briefly detained (the Guardian) Marina Ovsyannikova detained days after she demonstrated near the Kremlin holding placard criticising Putin and Ukraine war
US sends Syracuse-based National Guard soldiers to help train Ukrainian military (Stars and Stripes) More than 100 Syracuse-based National Guard soldiers from the 27th Infantry Brigade Combat Team left Friday for Fort Bliss, Texas, to prepare for a trip to Europe.
White House: Russian officials visited Iran to see drones (AP NEWS) Russian officials visited an airfield in central Iran at least twice in recent weeks to view weapons-capable drones it is looking to acquire to use in its war against Ukraine, the White House said.
Making War More Difficult to Wage (Foreign Affairs) How Ukraine is changing the West’s use of export controls.
Putin Signs Ban on Crypto Payments in Russia (Decrypt) The Russian President enacted prohibitions on using Bitcoin, Ethereum, or other digital assets to buy goods or services.
‘Gas blackmail’: how Putin’s weaponised energy supplies are hurting Europe (the Guardian) After gas supplies through Nord Stream 1 stopped on Monday, European leaders plan for a future without Russian energy
Attacks, Threats, and Vulnerabilities
A massive cyberattack hit Albania (Security Affairs) A synchronized criminal attack from abroad hit Albania over the weekend, all Albanian government systems shut down following the cyberattack. Albania was hit by a massive cyberattack over the weekend, the government confirmed on Monday. A synchronized criminal attack from abroad hit the servers of the National Agency for Information Society (AKSHI), which handles many […]
Albania closes down online gov’t systems after cyber attack (ANI News) Tirana [Albania], June 18 (ANI/Xinhua): All online public services and government websites in Albania were closed on Sunday following a synchronized cyber attack from outside the country, the Albanian National Agency for the Information Society (AKSHI) said in a press statement.
Pakistani APT Hackers Attack Indian Education Institutes & Students With New Malware (Cyber Security News) APT hackers from Pakistan have carried out a malicious campaign against several educational institutions located throughout India in order to inflict harm on students.
Health Ministry Site Hit By Iranian Cyberattack (Hamodia) A group of hackers affiliated with Iran carried out a cyberattack on the website of the Health Ministry on Sunday, restricting access to the site from
Hackers pose as journalists to breach news media org’s networks (BleepingComputer) Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors.
Cybersecurity Firm: What US Journalists Need To Know About The Foreign Hackers Targeting Them (Forbes) Proofpoint research details what US journalists need to know about cyber attacks from China, Iran, North Korea, and elsewhere – plus how to stay safe.
Elastix VoIP systems hacked in massive campaign to install PHP web shells (BleepingComputer) Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months.
Powerful ‘Mantis’ DDoS Botnet Hits 1,000 Organizations in One Month (SecurityWeek) Cloudflare warns that a small but powerful botnet has launched DDoS attacks on roughly 1,000 organizations over the past month alone.
Linux Ransomware, Cryptojacking, and Cobalt Strike Are Targeting Multi-Cloud Infrastructure (HackerNoon) Linux systems are being increasingly targeted by ransomware, cryptojacking, and other malicious attacks, according to a recent report.
New malware poses danger to mobile banking (The Manila Times) A LEADING provider of cybersecurity solutions reports on new Android banking malware, MaliBot.The latest Check Point Software Technologies’ Global Threat Index for June 2022…
Supply Chain Attack Technique Spoofs GitHub Commit Metadata (SecurityWeek) Checkmarx security researchers say threat actors could spoof GitHub commit metadata to add legitimacy to their malicious code.
Hackers can spoof commit metadata to create false GitHub repositories (HackRead) Checkmarx security researchers have warned about an emerging new supply chain attack tactic involving spoofed metadata commits to present malicious GitHub repositories as legit.
How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub (Dark Reading) Developers need to be cautious about whom they trust on GitHub because it’s easy to establish fake credibility on the platform, security vendor warns.
Sign commits or face being lured into poisoned repositories, researchers warn developers (SC Magazine) Security researchers say even if commits get signed and vigilant mode gets enabled, companies really need to monitor these activities.
Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems (The Hacker News) Hackers Distributing Password Cracking Tool for PLCs and HMIs to Infect Industrial Systems with Sality Malware
Beware of password-cracking software for PLCs and HMIs! (Help Net Security) A threat actor is targeting industrial engineers and operators with trojanized password-cracking software for PLCs and HMIs.
Anatomy of a Windows Network File System vulnerability (Register) Follina was all very exciting, but did you patch CVE-2022-30136?
LendingTree denies connection to data breach affecting 200,000, but confirms a different one (The Record by Recorded Future) LendingTree denied any connection to reports of a data breach involving 200,000 loan applications found on the dark web but announced two other breaches.
Rhode Island sewer-system operator hit by cyber attack (The Providence Journal) There was no disruption to sewage treatment, according to the Narragansett Bay Commission, but it’s unclear if customer data was taken.
EXCLUSIVE: California AG Apologizes For Mass Gun Data Leak, Offers One Year Of ‘Credit Monitoring Services’ (Daily Caller) California Attorney General Rob Bonta has sent a letter Friday to gun owners who fell victim to a massive leak of their private information from a gun database.
Colorado Springs Utilities customers instructed to stay alert after info was compromised in a “data event” (KRDO) Colorado Springs Utilities is now notifying customers of a data breach that took place on June 15. Though Springs Utilities says the “unauthorized party” didn’t access any sensitive financial data, customers should still be on alert for scammers.
Security Patches, Mitigations, and Software Updates
CISA adds Windows bug to exploited list, urges agencies to patch by August 2 (The Record by Recorded Future) CISA ordered all federal civilian agencies to patch a Windows vulnerability by August 2 after Microsoft said it had detected exploitation of the bug.
Patch these Juniper Networks bugs, CISA says (Register) Hate to ruin your Friday
Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking (The Hacker News) Juniper Releases Critical Patches for Vulnerabilities in Junos OS, Contrail Networking, Northstar Controller Products
Lenovo fixes trio of UEFI vulnerabilities (Register) Déjà vu all over again for laptop maker as researchers poke holes in its code
Microsoft investigates July updates breaking Access applications (BleepingComputer) Microsoft is investigating user reports that MS Access runtime applications stop opening after installing this month’s Patch Tuesday Office/Access security updates.
API security moves mainstream (WeLiveSecurity) APIs are becoming a point of heavy security focus as the heavyweights are moving into this space, cementing API security as “A Thing”.
Cryptocurrency sent to mixers reaches an all-time high thanks to illicit activity (The Record by Recorded Future) The amount of cryptocurrency sent to mixing services reached an all-time monthly high in April of $51.8 million, according to Chainalysis.
Approov and Osterman Research Issue “The State of Mobile App Security in 2022” (Business Wire) Osterman Research/Approov survey reveals mobile app API vulnerabilities. Mobile apps are now essential to 75% of companies (3x more than 2 years ago).
Healthcare data breaches hit all-time high in 2021, impacting 45M people (Fierce Healthcare) As health systems and hospitals are under unprecedented stress from the COVID-19 pandemic, their IT departments also are facing critical skills and staffing shortages as they battle unrelenting cyb | Cybersecurity breaches hit an all-time high in 2021, exposing a record number of patients’ protected health information, according to a report. In 2021, 45 million individuals were affected by healthcare attacks, up from 34 million in 2020.
Zero-day attacks climb as hackers get more sophisticated (SecurityBrief Australia) Hackers are moving fast to exploit security vulnerabilities. There was a surge in widespread zero-day attacks last year, with the average time to exploitation down from 42 days in 2020 to just 12 days in 2021.
Azerbaijan divulges number of cyber threats in national segment of Internet in 1H2022 (Azernews.Az) The number of requests in Azerbaijan related to computer security amounted to 3 million in the first half of 2022, Azernews reports with reference to the Center for Combating Computer Incidents (CERT).
Report: Data of millions at risk if Malaysia faces cyberattack (Sun Daily) PETALING JAYA: The data of Malaysians could fall into the wrong hands if the country becomes a target of cyberwarfare, experts said. According to a re…
Advance Intelligence Group acquires risk management startup Jewel Paymentech (Business Times) SINGAPORE-BASED Advance Intelligence Group, the parent company of buy now, pay later (BNPL) service Atome, has acquired local fintech Jewel Paymentech for an undisclosed sum.
TikTok’s Chief Security Officer to Step Down (Wall Street Journal) TikTok’s chief security officer will step back from that role in September, in a move the company said wasn’t related to widening concerns in Washington over the security risks posed by the popular short-video app.
TikTok shakes up security team as it faces renewed U.S. scrutiny (The Record by Recorded Future) Last month BuzzFeed reported that private U.S. user data was repeatedly accessed from China.
Employers struggle to fill cybersecurity positions amidst competition (WCIV) Employers right now are struggling to fill more than 700,000 vacant cybersecurity positions across the United States, according to a new report.
Why SolarWinds just may be one of the most secure software companies in the tech universe (SC Magazine) SC Media spoke with Tim Brown, director of security operations at SolarWinds, and Chip Daniels, the company’s head of government affairs, to dig deeper into the response and long term implications that the Sunburst attack had on its own security posture and that of the software market at large. Said Brown: We are hoping to be a poster child for a new model.
MetaMask Co-Founders: ‘We Can’t Stop People From Making Ponzis on Blockchains’ (Vice) Co-founder Aaron Davis says in his first joint interview with Dan Finlay that “it feels too little too late, but putting your money in cryptocurrencies is gambling.”
Let’s keep the welcome wagon rolling with another new KSG team member! (Krebs Stamos Group) Caroline Stephens has led engagements improving clients’ GRC capabilities through Program Evaluation and Risk Assessments as well as illuminated technical risks via Wireless Assessments, Physical Security Reviews, Incident Response Activities, and Penetration Testing.
Cerby Appoints Former Palo Alto Networks CSO Matthew Chiodi as Chief Trust Officer (Business Wire) Cerby, the world’s first security platform for unmanageable applications with a ‘zero trust’ approach that optimizes security practices while empowering both employees and security teams, today announced that Matthew (Matt) Chiodi, CISSP and CCSK, has joined the company as Chief Trust Officer.
Products, Services, and Solutions
With new contract, Army’s integrated EW and intel system for brigades reaches next phase (Breaking Defense) Lockheed Martin will deliver three prototypes of the vehicle-mounted technology suite under the new contract.
Stryker Cyber And Electronic Warfare Suite Gets $59 Million Order From Lockheed (Defence Aviation Post) The Terrestrial Layer System-Brigade Combat Team initiative, which aims to provide soldiers with a useful set of electronic warfare, cyber, and signals intelligence capabilities, Lockheed Martin was awarded a $58.8 million contract to provide prototypes.
KnowBe4 and IDC Raise the Cybersecurity Flag in Sub-Saharan Africa – African Business (African Business) Cyberextortion remains an ongoing threat in sub-Saharan Africa with data leakages and targeted attacks in top two positions; Growing investment into
Vodafone Ireland launches new tool to help mitigate cyberattacks (Silicon Republic) The tool from Vodafone can detect malware and phishing, and also has parental controls that can be adjusted via an app or online portal.
SecurityScorecard Partners with The National Association of Counties to Improve Cybersecurity Posture of Local Governments Across the U.S. (Business Wire) In its ongoing effort to improve the security posture of federal, state and local government agencies, SecurityScorecard, the global leader in cyberse
Technologies, Techniques, and Standards
Standards: The CPSO’s Best Friend (NIST) Workshop Shines Light on Role of Standards in Cybersecurity for IoT What do Chief Product Security Officers (CPSOs) want to make t
What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’ (Security Intelligence) What does the U.S. cyber expertise in Ukraine teach about certified ethical hacking? Learning from attackers can be a useful, but legally murky, tool.
Migration to Post-Quantum Cryptography
(NIST/NCCOE) Project Abstract The initial scope of this project is to demonstrate the discovery tools that can provide automated assistance in identifying where and how public-key cryptography is being used in hardware, firmware, operating systems, communication protocols, cryptographic libraries, and applications employed in data centers whether on-premise or in the cloud and distributed computer, storage, and network infrastructures.
NIST Announces Collaborating Vendors in the Migration to Post-Quantum Cryptography Project – Quantum Computing Report (Quantum Computing Report) The National Cybersecurity Center of Excellence (NCCoE), part of the National Institute of Standards and Technology (NIST), is a collaborative hub of industry organizations, government agencies, and academic institutions that work together to address cybersecurity challenges. They have created a project called Migration to Post-Quantum Cryptography to develop white papers, playbooks, demonstrations, tools that can help other organizations implement their conversions to Post-Quantum-Cryptography (PQC) . Although NIST has announced their first selections of recommended algorithms to use for PQC, there is still a great amount of work to do. It is not a simple matter of unplugging the module that uses […]
How to defend critical national infrastructure from a cyber attack (Thales Group) Tom Westenberg, Senior OT Security Consultant at Thales, shares his insights into the evolving landscape of cyber security for critical national infrastructure (CNI) such as energy and water supplies…
The US military wants to understand the most important software on Earth (MIT Technology Review) Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted
Design and Innovation
DIU seeks a ‘thought leader’ to oversee cutting-edge cyber, tech work for US military (SC Magazine) The organization is headquartered not in Washington, but Silicon Valley, and its primary mission involves working with nascent startups and other companies on new or innovative forms of technology and acclimating them to the byzantine rules and regulations of doing business with the federal government.
User Experience Plays a Critical Role in Cybersecurity (MeriTalk) From the earliest days of the internet, bad actors have found ways to breach security protocols to disrupt operations, steal sensitive information, and even extort money through ransomware attacks.
WSCC Computer Science Department designated National Center of Academic Excellence in Cyber Defense (The Cullman Tribune) WSCC Computer Science Department designated National Center of Academic Excellence in Cyber Defense – The Cullman Tribune – Wallace State
Legislation, Policy, and Regulation
Major changes are coming to the EU’s digital landscape. Will they take hold in the US? (The Parliament Magazine) The Digital Services Act (DSA) and the Digital Markets Act (DMA) are poised to remake the EU’s regulatory environment. Julia Tréhu explains how, an…
Kazakh President Signs Bill Allowing Social Media To Be Shut Down (RadioFreeEurope/RadioLiberty) Kazakh President Qasym-Zhomart Toqaev has signed into law a controversial bill that allows the authorities to shut down social media and messaging platforms to protect users from cyberbullying.
Costa Rica’s ‘War’ Against Ransomware Is a Wake-Up Call for the Region (World Politics Review) In May, Costa Rican President Rodrigo Chaves declared that the country was at war. It was significant, because Costa Rica is one of few countries that does not have a military. Also atypical is the opponent in this war: a Russia-based hacking group that has taken significant portions of the government’s computer systems offline.
Ex-Spies No Longer Legally Allowed to Become ‘Mercenaries’ (The Daily Beast) A new law signed by Biden looks to keep more secrets from trickling to other governments through former spies.
U.S. needs $3 billion more to remove Huawei, ZTE from U.S. networks, regulator says (Reuters) The U.S. telecoms regulator needs an additional $3 billion dollars to fund the removal from U.S. networks of equipment made by Chinese telecoms giants Huawei and ZTE , bringing the total cost to $4.9 billion, the agency told Congress on Friday.
U.S. Department of Defense Tightens Screws on Cybersecurity Compliance (Holland & Knight) The U.S. Department of Defense (DoD) recently released a memorandum signaling its increasing willingness to review contractor compliance with cybersecurity standards in its contracts and take action against noncompliant contractors.
DoD Seeks Executive to Lead Defense Innovation Unit (U.S. Department of Defense) The Department of Defense today released a posting for the role of Director of the Defense Innovation Unit. The current Director, Michael Brown, will step down when his term ends this September.
At CISA, even the chief of staff has been marinated in cybersecurity (Federal News Network) The Cybersecurity and Infrastructure Security Agency known as CISA keeps getting higher budgets, more people and more programs.
CISA’s CIO Talks About the Cyber Agency’s Growth and Expanding Mission (HS Today) Costello charts the road ahead for CISA and details how the agency has been working to achieve its mission of improving federal agency and public cybersecurity.
US Legislative Developments in Children’s Privacy (cyber/data/privacy insights) “It’s time to strengthen privacy protections, ban targeted advertising to children, [and] demand tech companies stop collecting personal data on our children.” – President Joe Biden, State of the Union, March 1, 2022 On May 19, 2022, the Federal Trade Commission publicly renewed its focus on chil
Litigation, Investigation, and Law Enforcement
The Pegasus Project: One year on, spyware crisis continues after failure to clamp down on surveillance industry (Amnesty International) One year after the Pegasus Project revelations, the lack of a global moratorium on the sale of spyware is allowing the surveillance industry to continue unchecked, Amnesty International warned today. The Pegasus Project uncovered how governments worldwide were using NSO Group’s invasive Pegasus spyware to put human rights activists, political leaders, journalists and lawyers around […]
Researchers say Thai pro-democracy activists hit by spyware (AP NEWS) Cybersecurity researchers reported details Monday of cases where Thai activists involved in the country’s pro-democracy protests had their cell phones or other devices infected and attacked with government-sponsored spyware.
NSO Fails to Explain Targeting of Human Rights Watch Employee (Human Rights Watch) When NSO Group, purveyor of the spyware Pegasus, told Human Rights Watch it would investigate the targeting of Lama Fakih, Middle East and North Africa director, we had good reason to be skeptical.
SEBI files FIR in cyber security incident; no sensitive data lost (Business Today) CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.
Maharashtra police creates team of 30 cyber hawks to patrol cyberspace (The Times of India) NAGPUR: City police chief Amitesh Kumar, supplementing efforts of his cyber cell and social media monitoring unit, has created a team of private influ
Jan. 6 panel subpoenas Secret Service for erased texts (AP NEWS) The House committee investigating the Capitol riot has subpoenaed the Secret Service for text messages agents reportedly deleted around Jan.
Mike Lindell’s Own Cybersecurity Expert Admits There’s No Proof of Election Fraud (TheWrap) Josh Merritt calls Lindell’s data “a turd”
Imprisoned, Beaten, and Tased: The Trafficking Victims Being Forced to Scam the World (Vice) Thousands of imprisoned and abused workers are propping up Southeast Asia’s ‘pig butchering’ industry, an online fraud emptying bank accounts across the world.
Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment (Security Affairs) The high-end British jeweler Graff paid a £6 million ransom after the ransomware attack it suffered in 2021. In September 2021, the Conti ransomware gang hit high society jeweler Graff and threatens to release private details of world leaders, actors and tycoons The customers of the company are the richest people on the globe, including […]