Attacks, Threats, and Vulnerabilities
Significant Historical Cyber-Intrusion Campaigns Targeting ICS (CISA) Protecting our Nation’s critical infrastructure is the responsibility of federal and state, local, tribal, and territorial (SLTT) governments and owners and operators of that infrastructure. The cybersecurity threats posed to the industrial control systems (ICS) that control and operate critical infrastructure are among the most significant and growing issues confronting our Nation.
Norway says cyber attack on parliament carried out from China (Reuters) Norway said on Monday that a March 10 cyber attack on parliament’s e-mail system was carried out from China, calling on authorities there to take steps to prevent such activities.
China accused of cyber-attack on Microsoft Exchange servers (BBC News) The UK, US and EU have accused China of carrying out an attack on Microsoft Exchange email servers.
How to know you’re the target of Chinese state-sponsored hackers, according to US intelligence (Quartz) The US, UK, EU, and NATO linked a large-scale hack of Microsoft Exchange to individuals affiliated with China’s government.
US Accuses China of Using Criminal Hackers in Cyber Espionage Operations (Dark Reading) DOJ indicts four Chinese individuals for alleged role in attacks targeting intellectual property, trade secrets belonging to defense contractors, maritime companies, aircraft service firms, and others.
China Spy Agency Blamed by US, Others of Using Contract Hackers (Voice of America) U.S. President Joe Biden said he is to receive a detailed report Tuesday about the role China’s civilian intelligence agency played in using ransomware to extort American businesses.
Chinese Hackers Hid Hacked Data Inside a Donald Trump Picture (Motherboard) The US government has indicted four Chinese government hackers for crimes spanning from 2011 to 2018.
U.S., Allies Officially Accuse China of Microsoft Exchange Attacks (SecurityWeek) The United States and its allies have officially accused China of being behind the Microsoft Exchange attacks disclosed in early March.
Details Emerge on Iranian Railroad Cyberattack (SecurityWeek) On Sunday July 16, 2021, Iran International reported further details on the railroad system cyberattack from “an information security office at the presidential administration.”
DragonForce Malaysia – #OpsBedil (Radware) #OpsBedil is a hacktivist operation currently targeting several verticals and government agencies in the Middle East. It is the latest digital campaign to target the region and is being conducted by threat actors in Southeast Asia, specifically Malaysia and Indonesia.
Radware reveals hacktivists flying under the radar (iTWire) GUEST RESEARCH: An in-depth survey of hacktivists by Radware has revealed new information on their activities. The data security specialist says that while some well-established threat actors are carrying out major ransomware attacks that capture news headlines, other cyber actors warrant companies&…
50,000 Phone Numbers Worldwide on List Linked to Israeli Spyware: Reports (SecurityWeek) Israel’s NSO Group has been linked to a list of 50,000 smartphone numbers, including those of activists, journalists, business executives and politicians around the world
Amazon Shuts Down NSO Group Infrastructure (Motherboard) The move comes as activist and media organizations publish new findings on the Israeli surveillance vendor.
iPhones running latest iOS hacked to deploy NSO Group spyware (BleepingComputer) Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple’s latest iOS release, hacked using zero-day zero-click iMessage exploits.
Fifty people linked to Mexico’s president among potential targets of NSO clients (the Guardian) Numbers of 15,000 Mexicans including politicians, journalists, judges, activists and teachers appear in leak
Forensic Methodology Report: How to catch NSO Group’s Pegasus (Amnesty International) NSO Group claims that its Pegasus spyware is only used to “investigate terrorism and crime” and “leaves no traces whatsoever”. This Forensic Methodology Report shows that neither of these statements are true. This report accompanies the release of the Pegasus Project, a collaborative investigation that involves more than 80 journalists from 17 media organizations in 10 countries coordinated by Forbidden Stories with technical support of Amnesty International’s Security Lab.
Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware (The Citizen Lab) Citizen Lab’s peer review of Amnesty International’s forensic techniques to identify Pegasus spyware concludes they are sound.
Key question for Americans overseas: Can their phones be hacked? (Washington Post) NSO says phones with U.S. +1 numbers can’t be hacked anywhere in the world. But Americans using foreign-based numbers outside the U.S. are vulnerable.
What the latest Pegasus spyware leaks tell us (MIT Technology Review) New documents show journalists and activists are being surveilled using the tools built by secretive Israeli security company NSO.
Fake Flash: Attackers Targeting macOS Users with Malicious Updates (Broadcom Symantec Enterprise Blogs) Using behavior based technologies to block threats on macOS with Symantec Endpoint Protection
“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13 (Malwarebytes Labs) Kaseya VSA had “seven or eight” zero-day vulnerabilities, revealed DIVD Chair Victor Gevers in the latest episode of Lock and Code.
Ransomware incident at major cloud provider disrupts real estate, title industry (The Record by Recorded Future) A ransomware incident at Cloudstar, a cloud hosting service and managed service provider for several industry sectors, has disrupted the activities of hundreds of companies.
CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1) (Qualys Security Blog) The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can…
Hundreds of millions of HP, Xerox, and Samsung printers vulnerable to new bug (The Record by Recorded Future) Security experts have found a severe vulnerability in a common printer driver used by HP, Xerox, and Samsung.
Cisco Discloses Details of Critical Advantech Router Tool Vulnerabilities (SecurityWeek) Cisco Talos has disclosed the details of several critical Advantech router tool vulnerabilities after the vendor failed to respond.
Enhanced BazarBackdoor Poses New Cybersecurity Risks (Softpedia) Malware developers are becoming more innovative and have designed new file infection spreading methods
Over 60% of Android apps have security vulnerabilities (Atlas VPN) When a developer leaves a mistake in application code, it can create a security vulnerability that criminals may exploit.
Saudi Aramco data breach sees 1 TB stolen data for sale (BleepingComputer) Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world. The sales price, albeit negotiable, is set at $5 million.
Hacker behind LinkedIn scraping did it “for fun” (Computing) ‘Tom Liner’ compromised LinkedIn’s API to create the massive database
Virginia Tech Says it Was Targeted in 2 Recent Cyberattacks (SecurityWeek) Virginia Tech said the malware the hackers pushed out to Kaseya customers could have exposed student data but the university found no evidence that happened.
Law Firm Campbell Conroy & O’Neil Discloses Ransomware Attack (SecurityWeek) Campbell Conroy & O’Neil says unauthorized actors potentially accessed data stored on the law firm’s servers
US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach (Register) Those affected get free protection services – but only if their Social Security numbers were exposed
MAT falls victim to data leak after $8m ransom demand (Tes) Cyberattack on Harris cost academy trust more than £500K despite it standing firm against Russian hackers’ calls for cash
FBI investigating crippling cyberattack on city of Geneva computer systems (WKCY) City officials will not confirm whether they received a ransom, but a newer ransomware gang claimed to be behind the attack, say cybersecurity experts.
Northern’s ticket machines hit by ransomware cyber attack (BBC News) Northern rail’s new self-service machines were installed at 420 stations two months ago.
The ICO Investigate Alleged Data Breach on Department of Health and Social Care CCTV (Chadwick Lawrence) The Information Commissioner’s Office has confirmed that it is investigating an alleged data breach of CCTV images which involved the then Secretary of State for Health and Social Care, Mr Matt Hancock, leading to headline news. The CCTV images were published by The Sun newspaper on 25 June 2021 by an individual/(s) obtaining the…
Security Patches, Mitigations, and Software Updates
Juniper Patches Critical Third-Party Flaws Across Product Portfolio (SecurityWeek) Networking gear vendor Juniper Networks ships product updates to address critical security vulnerabilities.
2021 Ransomware Impact Report (Keeper Security) Download the report and understand the aftereffects ransomware attacks have on employees’ daily work life, an organization’s reputation and more.
Netskope Research Shows Growing Risk of Company Data Exposure As Employees Depart Their Jobs (PR Newswire) Netskope, the SASE leader, today revealed new research showing the continued growth of malware delivered by cloud applications and also the…
Fatigued IT Teams and Ill-Prepared Employees are Losing the War on Phishing, Ivanti Study Confirms (BusinessWire) Ivanti, the automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today announced the results of a survey t
Cyber the top D&O concern in pandemic era (Insurance Business) WTW examines the risks on the top of executives’ minds amid global upheaval
The State of Consumer Home Cybersecurity 2021 (Sophos) The overwhelming majority of Americans are concerned about their online security – and cyber threats like malware and identity theft, in particular. In the last year, changes brought on by the pandemic further escalated concerns for many.
Cyberattacks in Africa comparable to other parts of the globe, says Kaspersky (EIN News) With digital transformation a top priority on the corporate agenda as companies identify new ways to grow their business, cyber attackers and opportunist cybercriminals remain very active.
Ex-Military Cyber Experts To Take Game-Changing $1.5 Billion Startup Public (Forbes) From hacking tools for U.S. intelligence agencies to software meant to shame companies doing a terrible job at security, QOMPLX is a Beltway unicorn fighting against cyber criminals.
Tampa firm OPSWAT acquires a leading provider of cybersecurity solutions (St Pete Catalyst) Tampa-based cybersecurity firm OPSWAT announced on Monday that it has acquired all assets of Bayshore Networks, the leading provider of active industrial cybersecurity protection solutions. Financial terms were not disclosed. With the recent spike in cybersecurity and ransomware attacks in the industrial infrastructure industry, like the Colonial Pipeline and Florida water supply attack, there’s an […]
Rapid7 acquires threat intelligence platform IntSights for $335M (VentureBeat) Rapid7 announced it has acquired threat intelligence platform IntSights for $335 million in cash and stock.
Rapid7 Acquires Threat Intelligence Leader IntSights and Provides Strong Preliminary Second Quarter 2021 Financial Results (Rapid7) IntSights delivers best-in-class, cloud-native external threat detection to further extend Rapid7’s industry-leading security operations platform, providing customers with end-to-end external and internal threat detection, automation and remediation. New combined capabilities will enhance Rapid7’s best-in-class, cloud-native, extended detection and response (XDR) offering by enabling greater signal-to-noise ratio, earlier threat detection, and accelerated response.
Wipro walks away from Israeli startup IntSights bagging 4.5x returns (VCCircle) Wipro has fully exited its investment in threat intelligence platform developer IntSights Cyber Intelligence as part of the Israeli
Cybereason Acquires empow to Enhance XDR Offerings (Cybereason) Cybereason, the leader in operation-centric attack protection, today announced the acquisition of empow, a security analytics company based in Tel Aviv. The empow acquisition adds innovative predictive response technology, a library of out-of-the-box data integrations, and top-tier engineering and product talent.
SentinelOne IPO: 13 Things to Know About S Stock as the Cybersecurity Company Goes Public (Nasdaq) SentinelOne (NYSE:S) stock started trading Wednesday and the shares aren’t performing well during their initial public offering (IPO).
IBM’s Revenue Rises for Second Straight Quarter (Wall Street Journal) Cloud computing boosted revenue with 13% growth in the second period, while IBM’s net profit edged lower.
M&A Moves: Bethesda’s BoxBoat Technologies plans growth following acquisition by IBM (Technical.ly DC) Plus, Intrepid Solutions and Services acquired Virginia intelligence services firm Darkblade, and ID Technologies adds Attila Security.
Startups Are Acquiring Other Startups At An Unprecedented Pace (Crunchbase News) Venture-backed startups are buying other startups at the fastest pace in at least a decade, according to Crunchbase data.
Anna Harrington Joins KnectIQ as Chief Operating Officer (PR Newswire) KnectIQ Inc., an innovator in cybersecurity technology, today announced Anna Harrington has joined the KnectIQ leadership team in the role of…
Ostendio Announces 2 New Board Members – Jean Foster and Ken Walters (PR Newswire) Ostendio, a leading provider of always-on integrated risk management technology, is pleased to announce the appointment of Jean Foster and Ken…
BitTitan Appoints Craig McDonogh as Vice President of Marketing (BusinessWire) BitTitan®, a global leader in migrations and managed services automation with its family of solutions including MigrationWiz®, Voleer® and Perspectium
Exciting news to share! (LinkedIn) I’m excited to announce that I’ve joined GitHub as VP, Security Operations! Not only am I thrilled to be leading such a foundational area for securing the GitHub platform and by extension much of the world’s software, I’m also honored to be a part of this world-class team. I’ve had an amazing run a
Products, Services, and Solutions
MITRE Engenuity Releases First ATT&CK® Evaluations for Industrial Control Systems Security Tools (MITRE Engenuity) ATT&CK® Evaluations for ICS Emulated Threats from Triton Malware McLean, Va., and Bedford, Mass., July 19, 2021 — MITRE Engenuity today released results from its first round of independent ATT&CK® Evaluations for Industrial Control Systems (ICS). The evaluations examined how cybersecurity products from five ICS vendors detected the threat of Russian-linked Triton malware. TRITON malware […]
Armis Secures 100% Visibility of all OT, ICS & IT Assets and Real-Time Detection Tactics in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) (GlobeNewswire News Room) Armis Also Attained 100% Coverage When Tested Against the Threat of Russian-Linked TRITON Malware Tactics…
Exclusive Networks launches SentinelOne MSSP offering in A/NZ (ARN) Exclusive Networks has signed a deal with endpoint security vendor SentinelOne to bring the latter’s managed security service provider offering to Australia and New Zealand.
TruKno Launches Cyber Threat Intelligence For The 99% (AiThority) TruKno announced a new Cyber Threat Intelligence SaaS subscription that aims to help organizations reduce the risk of a breach
TechAssure Launches Cyber Threat Sharing Community to Fight Ransomware (PR Newswire) TechAssure, the international nonprofit association of insurance and risk management experts for technology-related risks, has announced a new…
Vodafone Fiji Rides WAN Wave with Managed Cloud-First SD-WAN Offering by Aryaka (Aryaka) Pacific Islands’ largest telecom company can now offer secure connectivity and high performance to enterprises and their workers across the region
Votiro Sanitizes Files for Streamlined Transfer and Storage Within AWS (BusinessWire) Votiro introduces an AWS S3 bucket connector to allow customers working with AWS storage to securely view, download, and engage with files.
Technologies, Techniques, and Standards
Rounding Up Your IoT Security Requirements: Draft NIST Guidance for Federal Agencies (NIST) IoT devices are becoming integral elements of federal information systems, which is why NIST has released for
This tool tells you if NSO’s Pegasus spyware targeted your phone (TechCrunch) The toolkit scans iPhone and Android backup files for evidence of a compromise.
How Gaming Attack Data Aids Defenders Across Industries (Dark Reading) Web application attacks against the video game industry quadrupled in 2020 compared to the previous year, but companies outside entertainment can learn from it.
Data Privacy Principles: Full Breakdown of the 7 Principles (Invisibly) Gain a full understanding of data privacy principles of the GDPR with this article. A complete rundown of all 7 data privacy principles.
Research and Development
Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection (Yahoo Finance) Bugcrowd, the crowdsourced cybersecurity platform, today announced the United States Patent & Trademark Office has granted the company two patents for its proprietary systems and methods for identifying vulnerabilities in IT assets utilizing a crowdsourcing approach. U.S. Patent No. 10,972,494 and U.S. Patent No. 11,019,091 validate Bugcrowd’s unique ability to leverage and integrate the expertise of the Crowd with its platform, common service infrastructure, workfl
Montville High Students Recognized by NJ Office of Homeland Security (TAPinto) In the hours before the 2021 graduation ceremony in the Mustangs’ stadium at Montville Township High School, two 100% virtual seniors, Safi Patel and David Piwowarski, received…
Legislation, Policy, and Regulation
Biden administration eyeing new sanctions on Iran oil sales if nuclear talks fail: report (TheHill) The Biden administration is reportedly considering slapping new sanctions on Iran’s oil sales to China if talks to revive the Iran nuclear deal fail.
China rejects hacking charges, accuses US of cyberspying (Washington Post) China on Tuesday rejected an accusation by Washington and its Western allies that Beijing is to blame for a hack of the Microsoft Exchange email system and complained Chinese entities are victims of damaging U.S. cyberattacks.
The United States, Joined by Allies and Partners, Attributes Malicious Cyber Activity and Irresponsible State Behavior to the People’s Republic of China (The White House) The United States has long been concerned about the People’s Republic of China’s (PRC) irresponsible and destabilizing behavior in cyberspace. Today, the United States and our allies and partners are exposing further details of the PRC’s pattern of malicious cyber activity and taking further action to counter it, as it poses a major threat to…
Background Press Call by Senior Administration Officials on Malicious Cyber Activity Attributable to the People’s Republic of China (The White House) 6:02 P.M. EDT SENIOR ADMINISTRATION OFFICIAL: Hi, everyone. Thank you for joining us on a Sunday evening. So, we wanted to give you an embargoed preview of tomorrow’s announcement by the U.S. government and our allies and partners about the People’s Republic of China and malicious cyber activities. This call is on background, attributable to…
Statement from Assistant Director Bryan Vorndran on Joint Cybersecurity Advisory Regarding Chinese State-Sponsored Cyber Operations (Federal Bureau of Investigation) FBI Cyber Division Assistant Director Bryan Vorndran released a statement in response to a joint cybersecurity advisory regarding Chinese state-sponsored cyber operations.
U.S. and key allies accuse China of Microsoft Exchange cyberattacks (Axios) It’s the first time that NATO has specifically called out China for its actions.
White House defends Biden’s ‘coordinated’ response to Chinese government-sponsored hackers (Yahoo) The White House defended President Joe Biden’s response to China for sponsoring cybercriminals infiltrating global systems, despite a decision to hold off on sanctions four and a half months after a major hack was discovered.
Biden opens new cyber fight with China (TheHill) President Biden is putting new pressure on China by publicly attributing the wide-ranging Microsoft Exchange Server cyberattack to hackers affiliated with Beijing.
Biden administration debating whether and how to sanction China for ransomware attacks (CNN) The Biden administration has been debating internally whether and how to impose sanctions on China for its malfeasance in cyberspace, according to people familiar with the matter, as experts question why the White House has not gone further in penalizing China for its alleged hack of Microsoft’s email system in the spring.
How China’s Hacking Entered a Reckless New Phase (Wired) The country’s hackers have gotten far more aggressive since 2015, when the Ministry of State Security largely took over the country’s cyberespionage.
How China Transformed Into a Prime Cyber Threat to the U.S. (New York Times) Over the past decade, China reorganized its hacking operations, turning into a sophisticated and mature adversary.
Response from NSO and governments (the Guardian) What the Israeli technology firm and governments have said in response to the Pegasus project
Pegasus project turns spotlight on spyware firm NSO’s ties to Israeli state (the Guardian) Disclosures about political figures put Israel under increasing pressure over extent of surveillance
Pegasus Scandal Shows Risk of Israel’s Spy-tech Diplomacy: Experts (SecurityWeek) Reports that Israel-made Pegasus spyware has been used to monitor activists, journalists and politicians around the world highlight the diplomatic risks of nurturing and exporting “oppressive technology”, experts warned.
How Washington power brokers gained from NSO’s spyware ambitions (Washington Post) The surveillance giant has failed to build a big business in the U.S. But an influential network of consultants, lawyers and lobbyists still made money representing the company.
Edward Snowden calls for spyware trade ban amid Pegasus revelations (the Guardian) NSA whistleblower warns of world in which no phone is safe from state-sponsored hackers if no action taken
Pegasus: NSO clients spying disclosures prompt political rows across world (the Guardian) Concerns that phone-hacking software may have been used to spy on political opponents spark fury
India Used Israeli Firm’s Malware To Target PM Khan’s Phone (UrduPoint) An Israeli newspaper reports that the same malware was used for spying several Pakistani officials, Kashmiri freedom fighters, Indian Congress leader Rahul Gandhi and even Indian Supreme Court judge.
Hungary’s spyware scandal is a crisis for Europe (Washington Post) Hungary’s prime minister, Viktor Orban, was already seen as a boogeyman stalking the West. In nearly a dozen years in power, he has transformed his nation’s fledgling liberal democracy into a thorn in the side of the European Union. Critics accuse Orban of presiding over a “post-communist mafia state,” where the media is dominated by his allies, the courts are stacked with his loyalists, the electoral map gerrymandered in favor of his right-wing Fidesz party and a network of kleptocratic patronage traces its way back to the prime minister.
One Year After Europe’s Schrems II Decision, Privacy Activist Bemoans Lack of Progress (SecurityWeek) One year after the so-called Schrems II decision was made by the European Court of Justice (CJEU), little has changed
Biden Seeks to Clarify Comments on Facebook, Vaccine Misinformation (Wall Street Journal) The president said the company isn’t to blame for deaths, but adds it needs to do more to stop social-media users from spreading falsities.
Report Finds Big Telecom Spends $230,000 on Lobbying Every Day (Motherboard) Telecom giants spent $234 million during the 116th Congress to ensure US broadband remained spotty, crappy, and expensive.
Not just the money: Ransomware a growing political threat to U.S. interests (The Washington Times) A growing number of cybersecurity experts are warning that ransomeware attacks represent a new cyberwar trend that U.S. adversaries are poised to exploit for geopolitical gain.
The Cybersecurity 202: TSA is about to announce new ransomware protection requirements for pipelines (Washington Post) The Transportation Security Administration is today mandating that pipelines implement protections against ransomware and other cyberattacks, according to a statement shared with The Cybersecurity 202.
The Colonial Pipeline Attack: Rethinking Cyber Regulations on Utility Companies (The Legal Intelligencer) In the wake of the May 2021 DarkSide ransomware attack on the Colonial Pipeline, lawmakers have begun to rethink cybersecurity for our nation’s utilities.
Does Canada Need a New National Security Policy? (Homeland Security Today) Canada’s international security partners release national security policies annually, bi-annually, quadrennially, etc.
Singapore goes online in hunt for intelligence officers (ZDNet) Some 55 years after it was established, the country’s external intelligence agency launches its official website in a bid to widen its recruitment net and attract Singaporeans from diverse backgrounds.
Second cybersecurity bill may be needed in Ohio to protect against other breaches (Journal-News) Ohio cybersecurity bill would not have stopped foreign country from attacking Sheriff’s Office dispatch center.
Litigation, Investigation, and Law Enforcement
French prosecutor opens probe after Pegasus spyware complaint (Reuters) The Paris prosecutor’s office opened a probe on Tuesday into allegations by investigative news website Mediapart and two of its journalists that they had been spied on by Morocco using the Pegasus spyware at the heart of a global scandal.
Fighting an emerging cybercrime trend – Microsoft On the Issues (Microsoft On the Issues) Microsoft’s Digital Crimes Unit (DCU) has again secured a court order to take down malicious infrastructure used by cybercriminals using “homoglyph” – or imposter – domains. In the Eastern District of Virginia a court order has been issued requiring domain registrars to disable service on malicious domains that have been used to impersonate Microsoft customers and commit fraud.
Microsoft takes control of 17 domains used by West African BEC gang (The Record by Recorded Future) Microsoft has obtained a court order on Friday allowing it to seize control of 17 domains that were being abused in a business email compromise (BEC) campaign against some of its Office 365 customers.
US indicts four members of Chinese hacking group APT40 (The Record by Recorded Future) The US Department of Justice has indicted four Chinese nationals today for hacking companies, government agencies, and universities across the world on behalf of the Chinese government.
US charges members of APT40, Chinese state-sponsored group (SearchSecurity) Four members of the Chinese state-sponsored threat group known as APT40 have been indicted by the Department of Justice.
US indicts members of Chinese-backed hacking group APT40 (BleepingComputer) Today, the US Department of Justice (DOJ) indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018.
Easter Sunday attacks: Lanka’s failure to act on Indian intel highlighted in Parliament (Yahoo) Colombo, Jul 19 (PTI) Sri Lanka’s former prime minister Ranil Wickremesinghe on Monday highlighted in Parliament the police’s failure to act upon the intelligence provided by India on the impending Easter Sunday suicide bombings that killed 270 people, including 11 Indians, in 2019.
Robinhood Expects $30 Million Fine in Cyber, Money-Laundering Probe of Crypto Arm (Wall Street Journal) Robinhood Markets Inc.’s cryptocurrency arm expects to pay a $30 million fine to settle a New York state probe into its cybersecurity and anti-money-laundering practices, the mobile investing firm said in regulatory filings Monday, a sharp increase from an earlier estimate of the potential penalty.
Ex-Mossad chief accused of sharing classified intel with flight attendant — TV (Times of Israel) Complaint alleging Yossi Cohen leaked information to close personal contact reportedly being reviewed by AG; he flatly denies claims
Up to 200 Americans have reported possible “Havana Syndrome” symptoms (NBC News) Almost half of those reporting symptoms are linked to the CIA, say officials, with possible cases in Berlin and Vienna and on every continent but Antarctica.
Justice Department curtails seizure of reporters’ phone, email records in leak investigations (Washington Post) Attorney General Merrick Garland has sharply limited how and when prosecutors can secretly obtain reporters’ phone and email records, formalizing a Biden administration decree that the government would stop using secret orders and subpoenas for journalists’ data to hunt for leakers.