Dateline Moscow, Kyiv, Chisinau, Brussels, and Washington: Action during an operational slow-down.

Ukraine at D+153: Action during an operational pause. (The CyberWire) Ukrainian artillery continues to strike Russian logistical targets, and Russian artillery continues to strike whatever is within range. Moldova fears it may be the next item on Mr. Putin’s territorial menu, and it’s seeking assistance to help defend itself in the event of a hybrid war. Privateers are useful in wartime, but their usefulness is limited: their operations need to be, at a certain point, paying propositions.

Russia-Ukraine war: List of key events, day 154 (Al Jazeera) As the Russia-Ukraine war enters its 154th day, we take a look at the main developments.

Russia-Ukraine war latest: what we know on day 154 of the invasion (the Guardian) Ukrainian forces strike Antonivskiy Bridge in Russian-occupied Kherson to disrupt Moscow’s supply routes

Russia-Ukraine live news: Ukraine attacks key Kherson bridge in bid to isolate Russian forces (the Guardian) Kyiv’s forces seek to disrupt major Russian supply route through Antonivskiy bridge in bid to retake Kherson

New Russian airstrikes target Black Sea regions of Ukraine (AP NEWS) Russia targeted Ukraine’s southern Black Sea regions of Odesa and Mykolaiv with airstrikes Tuesday, hitting private buildings and port infrastructure with missiles fired from long-range bomber aircraft, the Ukrainian military said.

Bridge closed in Russia-held Kherson after HIMARS shelling, official says (Reuters) Authorities in the Russian-controlled Ukrainian city of Kherson have closed the city’s only bridge across the Dnipro river after it came under fire from U.S.-supplied high mobility artillery rocket systems (HIMARS), an official from the Russian-installed administration said on Wednesday.

‘We will win, it’s just a case of when’: Ukrainians prepare for intense battle to retake Kherson (The Telegraph) Front-line soldiers are in a state of hyper-vigilance as they get ready to reclaim the strategic southern city amid ongoing Russian shelling

The Lion Roars: Zelensky Soldiers On (ClearanceJobs) Like a man born to lead his country through a war no one thought they could win, Zelensky has never wavered.

There is a dark war we cannot see that could decide Ukraine’s fate (Evening Standard) The fighting goes on in Ukraine, and despite huge losses on both sides, all seems stuck in bloody impasse. Against the odds, Ukrainian forces are mounting a counter-attack on Kherson, the first city taken by the Russians.

Opinion | Ukraine Is the Next Act in Putin’s Empire of Humiliation (New York Times) There seems to be nothing in Russia’s mainstream discourse that takes responsibility for the past and imagines a different path forward.

Putin’s New Police State (Foreign Affairs) In the shadow of war, the FSB embraces Stalin’s methods.

Ukraine app captures thousands of videos that could help prosecute Putin (the Guardian) eyeWitness to Atrocities enables timed and dated recordings that cannot be edited, enhancing their evidential value

Analysis | Putin Sent a Message by Attacking Odesa. The World Should Listen (Haaretz) By attacking Odesa’s seaport, Putin has signaled that no agreement will make him give up control of the Black Sea and with it the ability to pressure global food supply

Moscow shattered two illusions with one missile strike. The White House needs to accept reality. (Atlantic Council) The Biden team is blowing an uncertain trumpet as it tries to project US leadership.

Russia Still Has Willing Partners in the Middle East (Foreign Policy) Despite Moscow’s military shortcomings and Western efforts to make it an international pariah, Vladimir Putin remains a capable player in the region.

Opinion | Germany’s Gepard Tanks Finally Reach Ukraine (Wall Street Journal) Three Cheetahs arrive, but three months late and at a turtle’s pace.

Latvia requests HIMARS weapon to bolster Baltic defense (Defense News) The country also aims to purchase coastal defense missile systems and is currently evaluating submitted offers.

Moldova Plans Cyber Overhauls Amid War in Neighboring Ukraine (Wall Street Journal) A big challenge for Moldova, one of Europe’s poorest countries, is finding cybersecurity experts to fill new jobs, and money to pay them, authorities said.

Estonia ex-leader calls for ‘digital alliance’ to combat cyber threats (Focus Taiwan) Taipei, July 26 (CNA) Visiting former Estonia President Toomas Hendrik Ilves on Tuesday called on the world’s democracies to form a “digital alliance” that is bound not by geography, but by shared values, to combat growing cyber threats in a new digital era.

Russia Is Quietly Ramping Up Its Internet Censorship Machine (Wired) Since Vladimir Putin blocked Facebook, Instagram, and Twitter in March, Russia has been pushing away from the global internet at a rapid pace.

Financial Incentives May Explain the Perceived Lack of Ransomware in Russia’s Latest Assault on Ukraine (Council on Foreign Relations) Ransomware has been notably absent the barrage of cyberattacks faced by Ukraine since the Russian invasion in February. Financial concerns are likely the reason ransomware groups have stayed out of t…

Ukraine app captures thousands of videos that could help prosecute Putin (the Guardian) eyeWitness to Atrocities enables timed and dated recordings that cannot be edited, enhancing their evidential value

More Russians must face personal sanctions over Ukraine invasion (Atlantic Council) As the world seeks ways to end the Russian invasion of Ukraine, Oleksandr Novikov of Ukraine’s National Agency on Corruption Prevention says dramatically expanded personal sanctions are the most effective available tool.

Grain drain: Why Turkey can’t afford to ignore Russian grain smuggling from Ukraine (Atlantic Council) The diplomatic goodwill Turkey won in its key role in the deal to unlock Ukrainian grain export is at risk as Russia may prove a spoiler.

Attacks, Threats, and Vulnerabilities

How the cyberwar between Iran and Israel has intensified (Washington Post) Three things to know about the not-so-covert cyber-operations between these two adversaries

Luca Stealer malware spreads after code appears on GitHub (Register) Cool, another Rust project … Oh

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection (The Hacker News) Cybercriminals are increasingly leveraging WebAssembly (Wasm)-coded cryptocurrency miners to make detection and analysis difficult.

New Ducktail Infostealer Targets Facebook Business Accounts via LinkedIn (SecurityWeek) Marketing and HR professionals have been targeted with Ducktail malware through LinkedIn spear phishing campaigns to hijack Facebook business accounts.

Malicious IIS extensions quietly open persistent backdoors into servers (Microsoft Security Blog) Attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers, which hide deep in target environments and provide a durable persistence mechanism for attackers. While prior research has been published on specific incidents and variants, little is generally known about how attackers leverage the IIS platform as a backdoor.

Microsoft: IIS extensions increasingly used as Exchange backdoors (BleepingComputer) Microsoft says attackers increasingly use malicious Internet Information Services (IIS) web server extensions to backdoor unpatched Exchange servers as they have lower detection rates compared to web shells.

SIEM Detections for Okta PassBleed (Splunk, Microsoft Sentinel, IBM QRadar, Sumo Logic) (CardinalOps) SIEM detections for the Okta PassBleed vulnerabilities (Splunk, IBM QRadar, Microsoft Sentinel, Sumo Logic), plus MITRE ATT&CK mappings for its adversary techniques.

LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top (Dark Reading) Just ahead of its headline-grabbing attack on the Italian tax agency, the infamous ransomware group debuted an improved version of the malware featuring parts from Egregor and BlackMatter.

Data Stolen in Breach at Security Company Entrust (SecurityWeek) Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files.

Twitter Data Breach From Former Gartner Cybersecurity Analyst (Information Security Buzz) Following the news that Twitter suffered a data breach that saw 5.4 million users’ details leaked online please find a comment below from Cyber security experts.

Twitter hacker touts 5.4 million users’ data, including celebs and companies, for $30k (Fortune) Phone numbers and email addresses of millions of users were apparently accessed, and are now being sold via the dark web.

A Retrospective on the 2015 Ashley Madison Breach (KrebsOnSecurity) It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison users, and to at least two suicides.…

Cyber-Attack Vectors in the Automotive Sector – Part 1: Signal Attacks (TechHQ) Vehicular cyber-attack is novel right now, but it may grow more and more frequent as we move towards data-rich, connected vehicles.

Hackers scan for vulnerabilities within 15 minutes of disclosure (BleepingComputer) System administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a new report shows threat actors scanning for vulnerable endpoints within 15 minutes of a new CVE being publicly disclosed.

Employees That Circumvent Access Introduce Risk (Security Boulevard) We are not a patient society, and we are made less patient as technology continues to evolve. Productive business operations thrive on faster internet

Vulnerability Summary for the Week of July 18, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Security Patches, Mitigations, and Software Updates

Microsoft Will Change a Windows Security Default to Block Ransomware – ExtremeTech (ExtremeTech) In the latest Insider builds of Windows 11, Microsoft has changed a default setting that could keep ransomware out of your PC. Why it didn’t do this years ago is anyone’s guess. 

Inductive Automation Ignition (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inductive Automation Equipment: Ignition Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain file contents.

Honeywell Safety Manager (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Safety Manager 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for configuration and firmware manipulation or remote code execution.

Honeywell Saia Burgess PG5 PCD (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable on adjacent network/low attack complexity Vendor: Honeywell Equipment: Saia Burgess PG5 PCD Vulnerabilities: Authentication Bypass, Use of a Broken or Risky Cryptographic Algorithm CISA is aware of a public report known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors.

MOXA NPort 5110 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.2
ATTENTION: Exploitable remotely/low attack complexity
Vendor: MOXA
Equipment: NPort 5110
Vulnerabilities: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to change memory values and/or cause the device to become unresponsive.

Mitsubishi Electric MELSEC and MELIPC Series (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric
Equipment: MELSEC and MELIPC Series
Vulnerabilities: Uncontrolled Resource Consumption, Improper Handling of Length Parameter Inconsistency, Improper Input Validation

2022 Incident Response Interactive (Palo Alto Networks) The 2022 Unit 42 Incident Response Report offers insights from our IR cases on today’s threat landscape and how to best prepare for future threats.

Palo Alto Networks Unit 42 Incident Response Report Reveals that Phishing and Software Vulnerabilities Cause Nearly 70% of Cyber Incidents (Yahoo) According to a new report from Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, the heavy use of software vulnerabilities matches the opportunistic behavior of threat actors who scour the internet for vulnerabilities and weak points on which to focus. The 2022 Unit 42 Incident Response Report offers a multitude of insights gleaned from Unit 42 by Palo Alto Networks extensive incident response (IR) work, leveraging a sampling of over 600 Unit 42 IR cases, to help CISOs and secu

IBM Report: Consumers Pay the Price as Data Breach Costs Reach All-Time High (IBM Newsroom) IBM Security released the annual Cost of a Data Breach Report,1 revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations.

Cost of a Data Breach Report 2022 (IBM Security) The Cost of a Data Breach Report offers IT, risk management and security leaders a lens into factors that can increase or help mitigate the rising cost of data breaches.

The global average cost of a data breach reaches an all-time high of $4.35 million (Help Net Security) IBM Security revealed the global average cost of a data breach in 2022 reached an all-time high of $4.35 million for studied organizations.

Global State of Ransomware Survey Reveals One in Three Organizations See Malicious Insiders as a Route for Ransomware (Business Wire) Gigamon, the leading deep observability company, today launched its first State of Ransomware 2022 and Beyond report aimed at providing valuable insig

Security Pros ‘Running to Keep Up’: Delinea Research Highlights That 60% of IT Security Decision Makers are Held Back from Delivering on IT Security Strategy (PR Newswire) Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today announced findings from a global…

Cybersecurity: Benchmarking Security Gaps & Privileged Access (Delinea) What are IT security leaders doing to reduce the risk of attack, and where are they making investments? Global research report.

NCC Group Monthly Threat Pulse – June 2022 (Mynewsdesk) Ransomware threat scene continues to evolve with newly established Lockbit 3.0 ramping up activity and Conti, as we knew it, all but disappearing completely

Check Point Research: Weekly Cyber Attacks increased by 32% Year-Over-Year; 1 out of 40 organizations impacted by Ransomware (Check Point Software) Highlights:        ·  Average weekly attacks per organization worldwide reached a peak of 1.2K attacks, a 32% increase year-over-year        ·  Education/

Geopolitical strife impacting shift in ransomware attacks (Insurance Times) The cyber security firm discovered 59,259 cases of never before seen malware in March 2022 alone

Ransomware attacks fall in SonicWall’s cyber threat report (Register) Be ready for a rebound, and protect yourself with patching and segmentation

Facing plenty of phish, employees need to get schooled (TechBeacon) Phishing attacks are getting costlier, more sophisticated, and more prolific. Cut the risk of being lured in when targeted by phishers. Go to school!

Tessian | 1 in 3 Employees Do Not Understand the Importance of Cybersecurity at Work, According to New Report (RealWire) Data from Tessian reveals the disconnect between security leaders and employees when it comes to security cultures July 26 2022 – New research from email security company Tessian reveals that a significant percentage of employees are not engaged in their organizations’ cybersecurity efforts and don’t understand their role in keeping their company secure

Marketplace

Resecurity acquires Cybit Sec to expand its threat intelligence capabilities in the Middle East (Help Net Security) Resecurity has acquired Cybit Sec, a vulnerability assessment and penetration testing (VAPT) company based in the United Arab Emirates (UAE).

Data Security Firm Sotero Raises $8 Million in Seed Funding (SecurityWeek) Data-focused security platform provider Sotero has raised $8 million in an extended seed funding round led by OurCrowd.

CrowdStrike said to target $2B acquisition of Israeli company (NASDAQ:CRWD) (SeekingAlpha) CrowdStrike (CRWD) is said to be close to announcing the acquisition of an Israeli company for as much as $2 billion. CrowdStrike is set to be setting up a large R&D center base on a…

Addressing the cyber skills gap (teiss) The Great Resignation might represent a challenge to the cyber security industry, it’s also an opportunity to rethink how we do things

Zscaler downgrade hits cyber security stocks as BTIG sees signs of slowdown (NASDAQ:ZS) (SeekingAlpha) Zscaler (ZS) shares more than 9% on Tuesday as investment firm BTIG downgraded the cyber security company, hitting other stocks in the sector.Analyst Gray Powell noted that Zscaler…

Startups That Hired Rapidly Learn the Virtue of Slowing Down (The Information) Sometimes slow and steady does win the race. Startups that raised a lot of money during the boom years—and avoided spending sprees—now look smart as venture funding dries up. One measure of whether startups will be able to outlast the current downturn is how many people they’ve hired relative to …

Zuckerberg has a plan to rescue Meta, but can he convince his own employees? (The Verge) “Realistically, there are probably a bunch of people at the company who shouldn’t be here.”

EY launches cybersecurity centers in NZ amidst rising cyber threats (SecurityBrief New Zealand) EY says its launching two of its globally recognised cyber security centers, one in Auckland and the second in Wellington, with a potential third in Christchurch. 

One Identity Appoints Mark Logan as Company’s First-Ever Chief Executive Officer (One Identity) Technology Veteran Will Continue the Company’s Momentum In Becoming the World’s Leading Identity Security Company ALISO VIEJO, Calif., July 26, 2022 – <a href=”/”>One Identity</a>, a leader in unified identity security, today announced that Mark L…

Barracuda Networks appoints regional director for SEA, Korea (Digital News Asia) Philippe Cazaubon has been appointed as regional director for Southeast Asia and Korea at Barracuda Networks.

General Sir Chris Deverell joins Conceal Board of Advisors (Help Net Security) Conceal announced that General Sir Chris Deverell, the former Commander of the UK’s Joint Forces Command, has joined its board of advisors.

Former SSA senior IT adviser joins Accenture Federal Services (FedScoop) Veteran federal IT official Jarrett Booz has joined Accenture Federal Services as a senior manager. Booz moves to the private sector after a 25-year career in government, most recently as senior IT adviser within the Social Security Administration’s Office of Digital Transformation. Earlier in his career, he also worked at the National Security Agency for […]

XONA Bolsters Partner Program and Names Roneeta Lal Head of Channel Sales to Accelerate Adoption of Secure Remote Access Platform for Critical Infrastructure (Business Wire) XONA named Roneeta Lal as head of channel, expanded features of its partner program, and added its first internationally-based partner.

Citi Veteran Carl Froggett Joins Deep Instinct as Chief Information Officer (Deep Instinct) NEW YORK, NY July 27, 2022 – Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today announced the addition of Carl Froggett to its executive leadership team as Chief Information Officer to support accelerating growth and continued international expansion. Froggett was formerly Head of Global Infrastructure Defense, CISO Cybersecurity Services at Citi.

Products, Services, and Solutions

Acuant Integrates with ServiceNow to Automate and Transform Onboarding and KYC Compliance for Financial Institutions (PR Newswire) Acuant, a GBG company and leading identity verification provider, today announced an integration with ServiceNow Financial Services Operations,…

JFrog Announces AWS Security Certification and Support for New AWS Vendor Insights (JFrog) JFrog today announced its DevSecOps tool, JFrog Xray, now supports AWS Security Hub, a cloud security posture management service that performs best practice checks, aggregates alerts, and allows automated remediation. JFrog, already part of the DevSecOps category under the AWS DevOps competency, also revealed it is participating in the new AWS Marketplace Vendor Insights, which helps streamline the complex third-party software risk assessment process by enabling JFrog to make security and compliance information available to customers through AWS Marketplace.

Lacework Helps Customers Innovate with Confidence On AWS (PR Newswire) Lacework, the data-driven cloud security company, today announced it has again achieved the compliance and privacy distinction in the Amazon…

IaC Security Leader oak9 Announces Native Integration with Microsoft A (PRWeb) oak9, developer-first IaC security leader, today announced it is now a Microsoft Azure IP co-sell partner and released a native integration for Azure Repos, continui

SecurityScorecard Makes Software Procurement Faster, Easier and More… (SecurityScorecard) Organizations can substantially reduce vendor security assessment time from months to hours Boston, MA – July 26, 2022 – SecurityScorecard , the global leader in cybersecurity ratings, announced at the AWS re:Inforce 2022 today it is making its vendor profile available to Amazon Web Services (AWS)…

Movius and Theta Lake Partner to Combine Industry Leading Voice and Text Solutions with Award-Winning Compliance (Business Wire) Movius, providers of trusted, secure, work-from-anywhere solutions for mobile voice, text, and WhatsApp and Theta Lake, a leader in modern communicati

Mastercard launches a new biometric payment system (Verdict) Mastercard launched its version of a biometric payment system. Shoppers will be able to pay by smiling or waving their hand.

Spot by NetApp Announces Continuous Security Solution for Cloud Infrastructure (Business Wire) NetApp® (NASDAQ: NTAP), a global, cloud-led, data-centric software company, today announced the general availability of Spot Security. Built for the c

Rapid7 Introduces New Layered Context Capabilities for InsightCloudSec (GlobeNewswire News Room) New capabilities seamlessly consolidate risk signals into a unified view that helps speed up prioritization, notification, and remediation of critical…

QuSecure’s Cybersecurity Solution Immediately Addresses NIST-Discovered Network Quantum Vulnerabilities (HPC Wire) QuSecure, Inc., a leader in post-quantum cybersecurity (PQC), today announced that QuProtect, the industry’s first end-to-end PQC software-based solution uniquely designed to protect encrypted communications and data with quantum-resilience using quantum secure channels, is positioned to address quantum vulnerabilities outlined by the recently announced National Institute of Standards and Technology’s (NIST) technology collaborators team

Sumo Logic Achieves AWS Security Competency Status for Cloud SIEM and SOAR Solutions (GlobeNewswire News Room) Recognition demonstrates commitment to providing award-winning protection against security threats…

OPSWAT Becomes AWS Security Competency Partner (GlobeNewswire News Room) Designation recognizes that OPSWAT has demonstrated and successfully met AWS’s technical and quality requirements for providing customers with…

CrowdStrike Introduces Industry’s First Cloud Threat Hunting Service Dedicated to Stopping Advanced Cloud-Based Attacks (CrowdStrike) CrowdStrike today introduced Falcon OverWatch Cloud Threat Hunting, the industry’s first standalone threat hunting service for cloud environments.

Censys Introduces Worldwide Channel Partner Program (PR Newswire) Today, Censys, the leader in Attack Surface Management (ASM), introduced its worldwide channel partner program with more than ten companies…

Teleport Eliminates Need for Passwords with Biometric Infrastructure Access Solution (PR Newswire) Teleport, the leading provider of identity-based infrastructure access management, today announced Teleport 10, the latest version of its…

Cyber Security Innovator Coro Launches Incubiz, a Unique Incubator Program to Discover and Develop the Next-Generation of Cyber Security Entrepreneurs (GlobeNewswire News Room) Coro’s new launchpad aims to close the national cyber security skills gap, provide equitable employment opportunities to the Illinois workforce, and…

Technologies, Techniques, and Standards

Banks Start Using Information-Sharing Tools to Detect Financial Crime (Wall Street Journal) Banks have long struggled to spot illicit transactions among the multitudes they process daily because criminals move dirty money from one institution to another to cover their tracks, leaving compliance staff with only a partial road map of their actions.

No More Ransom helps millions of ransomware victims in 6 years (BleepingComputer) The No More Ransom project celebrates its sixth anniversary today after helping millions of ransomware victims recover their files for free.

What Are the NSA K8s Guidelines and Why Should You Care? (Container Journal) The NSA’s Kubernetes hardening guidelines are extensive and can feel overwhelming. Here’s how you can comply with them.

Tanium expert on how organisations can build an effective defence against ransomware (Intelligent CIO Middle East) As instances of ransomware increase across EMEA, organisations must adopt a robust approach to cyber defence by prioritising prevention measures. Zac Warren, Chief Security Advisor, EMEA at Tanium, tells Jess Abell, Director of Strategic Content at Lynchpin Media, how organisations can strengthen their defences by enhancing endpoint visibility and reinventing their approach to patching. Despite […]

Design and Innovation

IBM claims it had a hand in NIST’s quantum-resistant crypto (Register) Big Blue says it helped developed the algos, so knows what it’s doing

Academia

Higher ed’s response to ransomware attacks lagged other sectors, survey suggests (Higher Ed Dive) Almost two-thirds of polled higher education institutions said they were hit in the last year by ransomware — and recovery times often exceed a month.

Legislation, Policy, and Regulation

European Commission bans official coordination with UK on key data issues, report (Computing) The move comes as both sides attempt to find a political solution to the deadlock on Northern Ireland protocol

DHS Convenes Regulators, Law Enforcement Agencies on Cyber Incident Reporting (Nextgov.com) The Department of Homeland Security started the clock on a report to Congress for streamlining requirements, amid industry dissatisfaction with the Cybersecurity and Infrastructure Security Agency’s pending reporting regime.

Congress wants further crackdown on spyware makers like NSO, after earlier import ban (9to5Mac) Congress is set to vote on The Intelligence Authorization Act, intended to further punish spyware makers like NSO. It follows evidence that the company’s Pegasus spyware was used to hack iPhones used by American diplomats. The Commerce Department had already named NSO as a threat to US national security, and banned the import and use […]

Congress goes after spyware purveyors. Will it make a difference? (CyberScoop) The crackdown on foreign commercial surveillance comes in the wake of high-profile attacks on diplomats and government officials abroad.

Quantum computing cyber legislation unveiled in Senate (SC Magazine) Sens. Rob Portman, R-Ohio, and Maggie Hassan, D-N.H., have introduced the Quantum Computing Cybersecurity Preparedness Act in the Senate in an effort to bolster quantum computing preparedness among federal agencies, following the legislation’s passage in the House last month, according to SecurityWeek.

How the nation’s premier cybersecurity agency can handle its new procurement authority (Federal News Network) CISA is about to get its own procurement authority but could they grow too large too fast? Alan Thomas, the former commissioner of the GSA’s Federal Acquisition Service, now the chief operating…

NIST’s Expanding International Engagement on Cybersecurity (NIST) In providing a foundation for cybersecurity advancements over the years, NIST has taken the global context into account when determining priorities and appro

Time to Separate CYBERCOM Or Get Off the Pot (OODA Loop) Recently, the U.S. Senate put forth a bill that would require annual briefings on the relationship between CYBERCOM and the NSA, with concerns being expressed how a dual-hatted leadership impacts either organization.  These annual reports would presumably cover important areas such as the division and sharing of resources, how operational risk is being managed, assessments of the operating environment, and the operational effects resulting from the relationship between CYBERCOM and NSA. These reports could be very valuable if CYBERCOM and NSA are separated and under the helm of two different leaders and budget lines.  There is a better chance of showing where the organizations are working well together, and where they are not.  Problem areas can be more easily identified, and fiscal, material, and human resources reallocated accordingly and fairly.  

Litigation, Investigation, and Law Enforcement

European Lawmaker Targeted With Israeli-made Predator Spyware (Haaretz) In wake of the Project Pegasus investigation, the European Parliament began checking lawmakers’ devices – the head of the Greek socialist party’s phone had signs of an attempted infection

Coinbase Faces SEC Probe on Crypto Listings; Shares Tumble (Bloomberg) Regulator probing whether firm offered unregistered securities. Company has asked watchdog to clarify digital-asset rules.

Coinbase Promised Empowerment While Pushing Questionable Assets (Bloomberg) “Surely Coinbase should have found this before randoms on Twitter did?”

Kraken, a U.S. Crypto Exchange, Is Suspected of Violating Sanctions (New York Times) The Treasury Department is investigating whether the crypto exchange allowed users in Iran to buy and sell digital tokens, said people with knowledge of the matter.

Wawa to pay $8M for credit, debit card data breach by hackers (nj) Hackers stole data from 34 million transactions in Wawa stores and at its gas pumps over an eight-month period in 2019.

Southern Co-op’s use of facial recognition system is Orwellian, privacy group (Computing) Southern Co-op says it will appreciate any constructive feedback from the ICO