Cyberattacks reported and claimed as Quds Day approaches. Conti in Costa Rica, Emotet tests new tactics. Crimeware free trials. | #cybersecurity | #cyberattack


Dateline Moscow, Kyiv, Berlin, Ramstein, London, and Washington: Diplomacy and long-range strikes.

Ukraine at D+61: Russia warns that its good will has limits. (The CyberWire) Russia denounces a Western “proxy war,” and says that, believe it or not, there are limits to its good will. Nobody in Russia wants a nuclear war, Foreign Minister Lavrov says, but we have to consider the grim possibility of a third world war. NATO seems unimpressed, and steps up air defense and counterfire materiel support to Ukraine. Cyberspace is relatively quiet, but there appear to have been kinetic Ukrainian strikes against Russian oil facilities.

Russia’s invasion of Ukraine: List of key events from day 62 (Al Jazeera) As the Russia-Ukraine war enters its 62nd day, we take a look at the main developments.

Ukraine takes war behind enemy lines as Russian fuel depots set ablaze (The Telegraph) Two facilities in Bryansk believed to have been hit by Ukrainian missiles or sabotage teams in south-western city

Russia pounds eastern Ukraine as West promises Kyiv new arms (AP NEWS) Russia pounded eastern Ukraine on Tuesday as the U.S. defense secretary promised to “keep moving heaven and earth” to get Kyiv the weapons it needs to repel the new offensive even as Moscow warned such support risked widening the war .

Russia hits rail, fuel facilities in attacks deep in Ukraine (AP NEWS) Russia unleashed a string of attacks against Ukrainian rail and fuel facilities Monday, striking crucial infrastructure far from the front line of its eastern offensive, which Britain said has yet to achieve a significant breakthrough.

Welcome to the Black Sea Era of War (Foreign Policy) It has been the world’s bloodiest body of water since the Cold War—and not just because of Ukraine.

Tensions surge after attacks in Moldova’s Russia-backed breakaway region (Reuters) Moldova’s president said a series of attacks in the Russia-backed breakaway region of Transdniestria on Tuesday were an attempt by factions within the territory to increase tensions, and the Kremlin voiced serious concern.

Wily Belarus dictator sees Putin’s war as an opportunity to end his isolation (Atlantic Council) Wily Belarus dictator Alyaksandr Lukashenka is seeking to leverage his reluctant supporting role in Vladimir Putin’s Ukraine War in order to revive relations with the Western world and end his international isolation.

Central Asia Is Keeping a Nervous Eye on Russia’s War in Ukraine (World Politics Review) The fallout of Russia’s invasion of Ukraine is especially complex for the post-Soviet states of Central Asia, which maintain extensive ties to both countries. With Russia facing a long period of isolation and sanctions, they will likely try to further reduce their dependence on Russia—without provoking a forceful response.

Finland, Sweden to begin NATO application in May, say local media reports (Reuters) Finland and Sweden will together express their wish to join NATO in May, tabloid newspapers Iltalehti in Finland and Expressen in Sweden reported on Monday, citing sources close to the matter.

‘Thanks, Putin’: Finnish and Swedish Lawmakers Aim for NATO Membership (Foreign Policy) Politicians who have long called for Finland and Sweden to join NATO seem poised to finally get their wish.

World War Three now a ‘real’ danger, Russian foreign minister Sergei Lavrov warns (The Telegraph) Kremlin’s foreign minister says ‘goodwill has its limits’ after apparent Ukrainian missile strike

Moscow cites risk of nuclear war as U.S., allies pledge heavier arms for Ukraine (Reuters) Russia accused NATO of creating a serious risk of nuclear war by arming Ukraine in a proxy battle as Washington and its allies met on Tuesday to pledge the heavy weapons Kyiv needs to achieve victory.

Russia Warns of Nuclear War Risk as Ukraine Talks Go On (Bloomberg) Russian Foreign Minister Sergei Lavrov warned there’s a “serious” risk of nuclear war over Ukraine, even as he signaled the Kremlin is willing to talk to the U.S. to try to resolve the confrontation.

From Jordan to Japan: US invites 14 non-NATO nations to Ukraine defense summit (Breaking Defense) Over 40 nations were invited to attend, according to a list reviewed by Breaking Defense. For some, like Finland and Sweden, Ukraine’s fate is intertwined with their own, but for others from Africa, the US could be sending a signal all the way to Beijing.

Russia accuses Nato of ‘proxy war’ in Ukraine as US hosts crucial defence summit (the Guardian) Ukraine dismisses Sergei Lavrov’s war comments as diplomats gather in Germany for US-hosted talks to navigate ‘critical’ phase

Pentagon chief’s Russia remarks show shift in US’s declared aims in Ukraine (the Guardian) Defense secretary Lloyd Austin said he ‘wants to see Russia weakened’ – a sign Washington now defines its goals differently

Ukraine can win war with Russia, U.S. defense secretary says (Reuters) U.S. Defense Secretary Lloyd Austin kicked off defense talks with more than 40 countries on Tuesday by expressing confidence that Ukraine can prevail against Russia in the two-month-old conflict.

EC chief: Russian aggression is threat to Europe’s security (AP NEWS) Russia’s aggression in Ukraine is a direct threat to Europe’s security, European Commission President Ursula von der Leyen said during a visit to India on Monday. “Targeting and killing innocent civilians.

Ukraine prepares war crimes charges against Russian military personnel, including pilots (Reuters) Three Russian pilots suspected of bombing civilian buildings in the Kharkiv and Sumy regions are among at least seven Russian military personnel that Kyiv is preparing war crimes charges against, the Ukrainian prosecutor general’s office told Reuters.

‘You’ll help us find others’: Ukrainian rape victim ordered to help Russian troops hunt for women (The Telegraph) Anna describes how she was forced to find victims as drunken soldiers conducted a night of murder and mayhem in her small Ukrainian village

Opinion | The Strategic Logic of Russia’s War on Ukraine (Wall Street Journal) Putin’s invasion was the product of miscalculation. But his calculations were driven by realpolitik.

How Zelensky Tamed Ukraine’s Fractious Politics and Stood Up to Putin (New York Times) Ukrainian politics were known for sharp-elbowed infighting. But as he defends his country against the Russian invasion, President Volodymyr Zelensky has his government presenting a unified front.

Macron’s election win positions him to lead Europe’s response to Russia (Newsweek) Macron’s decisive victory and German vacillation give the president a window to seize control of directing European support for Ukraine.

US Looks to Shift Ukraine from Soviet to NATO Weapons (Defense One) “It would just be easier if we were using similar systems,” said one expert, as U.S. officials mull long–term efforts to resupply Ukraine’s arsenal.

How one US intelligence agency is supporting Ukraine (C4ISRNet) “We’ve been able to be a key part of the how the West has helped Ukraine prevent Russia from overrunning Kiev,” says NGA Director Vice Adm. Robert Sharp.

Germany to supply Ukraine with heavy weaponry for first time (Reuters) Germany announced on Tuesday its first delivery of heavy weapons to Ukraine to help it fend off Russian attacks following weeks of pressure at home and abroad to do so amid confusion over its stance.

Germany to send anti-aircraft systems to Ukraine in policy shift (the Guardian) Defence minister tells meeting of military leaders that government has agreed to sign off delivery

‘The race is on’: Britain moves to get heavy artillery to Ukraine (Defense News) “The race is on to equip Ukraine with the same long-range capability that Russia has so they are not outranged and indeed pinned down,” Ben Wallace told Parliamentarians April 25.

How Much Can US Howitzers Help Ukraine? (Defense One) Everybody’s talking about the fabled long-range guns. Here’s why.

Biden should deploy ‘great arsenal of democracy’ to defend Ukraine (Atlantic Council) Today, FDR’s message to President Joe Biden would be: Do more now to stop Vladimir Putin.

US promises more Ukraine aid, Biden announces veteran envoy (AP NEWS) Secretary of State Antony Blinken and Defense Secretary Lloyd Austin said Monday after a secrecy-shrouded visit to Kyiv that Ukrainian President Volodomyr Zelenskyy is committed to winning his country’s fight against Russia and that the United States will help him achieve that goal.

3 Years Later, the U.S. Could Finally Send an Ambassador to Ukraine (Foreign Policy) The nomination of career diplomat Bridget Brink comes as Washington begins sending its diplomats back into Ukraine.

Send Ukraine Cyber Help, Not Bureaucratic Gridlock (Real Clear Defense) The United States has sent Ukraine a variety of military equipment, including killer drones, Stinger surface-to-air missiles, Javelin anti-tank missiles, small arms, and ammunition. We should do more.

Ukraine War Prompts Europe’s New Emergency Rules for the Internet (Wired) The Digital Services Act has granted the European Commission unprecedented power over tech companies in times of war.

Technology Lessons from the Ukraine Crisis (Observer Research Foundation) The war in Ukraine is not just a kinetic war, but also a digital one. Technology has been weaponised to create havoc in Ukraine through cyber-attacks, which have also threatened the service of the country’s biggest internet service provider.

How Cybersecurity Businesses are Tackling the War in Ukraine (Heimdal Security Blog) Rates of state-initiated cyberattacks skyrocketed to impossible heights, with a big part of them focused on acquiring further funding for on-land warfare.

Don’t ban Russian energy, Gerhard Schroder tells Germany as he defends Vladimir Putin (The Telegraph) In an interview published on Saturday, former chancellor says image people have of Putin ‘is only half the truth’

German ex-Chancellor Schroeder urged to leave Scholz party (AP NEWS) The co-leader of German Chancellor Olaf Scholz’s party said Monday that former Chancellor Gerhard Schroeder, whose ties to the Russian energy industry have left him increasingly isolated at home, should leave the party.

The EU’s plans to replace Russian gas: Aspiration and reality (Atlantic Council) The implementation of the EU’s REPowerEU plan looks to be a monumental task. The authors offer insight into the EU’s various options in its effort to remove Russia from its gas balance and greatly reduce its hold over the continent.

Russian rouble hits near 2-year high vs euro (Reuters) The Russian rouble strengthened on Monday, firming past 77 against the euro to a near two-year high, helped by tax payments that companies are due to make this week and as the market looked ahead to a central bank rate decision on Friday.

Attacks, Threats, and Vulnerabilities

Conti ransomware cripples systems of electricity manager in Costa Rican town (The Record by Recorded Future) Conti’s wide ranging ransomware attack on Costa Rica has expanded, taking down the administrative systems of the government agency managing the electricity in Cartago. 

Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw (Dark Reading) Threat actor is using the flaw to deliver Core Impact backdoor on vulnerable systems, security vendor says.

State TV says Iran foiled cyberattacks on public services (AP NEWS) Iran’s state television said authorities have foiled massive cyberattacks that sought to target public services, both government and privately owned. The report late on Sunday said Iran thwarted the attacks that planned to target the infrastructure of more than 100 public sector agencies.

State TV Says Iran Foiled Cyberattacks on Public Services (SecurityWeek) Iran on April 24th said it thwarted cyberattacks that planned to target the infrastructure of more than 100 public sector agencies.

Iranian hackers claim they’ve hit the Bank of Israel – but ‘no proof,’ cyber authority says (Haaretz) Cyber Directorate says it sees no evidence supporting claim by group called ‘Hackers of Savior’ that they broke into Israel’s wire transfer system and hacked personal accounts.

North Korean hackers targeting journalists with novel malware (BleepingComputer) North Korean state-sponsored hackers known as APT37 have been discovered targeting journalists specializing in the DPRK with a novel malware strain.

The ink-stained trail of GOLDBACKDOOR (Stairwell) Over the past 10 years, the Democratic People’s Republic of Korea (DPRK) has adopted cyber operations as a key means of supporting the regime. While significant attention has been paid to the purported use of these operations as a means of funding DPRK’s military programs, the targeting of researchers, dissidents, and journalists likely remains a key area for supporting the country’s intelligence operations.

Emotet Tests New Delivery Techniques (Proofpoint) Proofpoint identified low-volume Emotet activity that drastically differed from typical Emotet threat behaviors. The activity occurred while Emotet was on a “spring break,” not conducting its typical high volume threat campaigns. The threat actor has since resumed its typical activity. Proofpoint assesses that the threat group distributing Emotet is likely testing new tactics, techniques, and procedures (TTPs) on a small scale before adopting them in broader campaigns or to deploy them in parallel with the broad campaigns. The messages contained OneDrive URLs that hosted a zip archive containing XLL files dropping Emotet malware. This activity is attributed to TA542.

SocGholish and Zloader – From Fake Updates and Installers to Owning Your Systems (Cybereason) The Cybereason Global Security Operations Center (GSOC) Team issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them.

Attacker Adds Evasive Technique to Their Ongoing Attacks on NPM (Checkmarx.com) A few weeks ago, we wrote about a new threat actor we called RED-LILI and described their capabilities, including an in-depth walkthrough of the automated system for publishing malicious NPM packages from automatically created user accounts. After our publication, we have seen this same attacker changing their techniques and adding new exfiltration targets, enhancing evasive abilities in an attempt to slow down researchers, and even trying to communicate with the researchers using package names.

Quantum ransomware seen deployed in rapid network attacks (BleepingComputer) The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react.

Quantum Ransomware (The DFIR Report) In one of the fastest ransomware cases we have observed, in under four hours the threat actors went from initial access, to domain wide ransomware.

Months Later, Are You Still Vulnerable to Log4Shell? (Rezilion) Unfortunately, four months after the Log4Shell vulnerability was discovered, things are far from ideal and many applications vulnerable to Log4Shell still exist in the wild. Our new Rezilion report examines new findings and what organizations need to do today to minimize future potential exploitation.

What Does a 5G Cyber-Attack Look Like? (Infosecurity Magazine) 5G signals a huge change in the way we manage connected infrastructure

Bored Ape Instagram account hacked: NFTs worth $2.8 million stolen (The Block) Bored Ape Yacht Club’s official Instagram account was hacked. A hacker stole 91 NFTs from users who connected their wallet to receive the fake airdrop.

Kansas Hospital Discloses Data Breach (Infosecurity Magazine) Email accounts compromised for nearly a year in breach impacting 52,224 people

YRMC faces potential cyber attack – KYMA (KYMA) Yuma Regional Medical Center says they faced a potential cyber attack on Monday, April 25.

Mailpac customers affected by Aeropost data breach (Jamaica Gleaner) Courier company Mailpac Group Limited, and Florida, United States-based logistics management and package delivery company, Aeropost, have come under fire over an email informing customers of a credit card breach.

UK army recruitment portal still closed one month after data breach (Computing) The UK Army’s Capita-run Defence Recruitment System (DRS) continues to experience technical troubles more than a month after it was shut down as a precautionary measure, when data relating to more than 100 candidates was discovered for sale on the dark web.

Cyberkriminelle bieten Schadsoftware kostenlos an (IT-Markt) Anbieter legitimer Software locken Neukunden schon länger mit kostenlosen Testversionen ihrer Produkte. Auch Entwickler von Malware haben dieses Geschäftsmodell nun entdeckt, wie das Beispiel des Information Stealers “Ginzo” zeigt.

Everscale blockchain wallet shutters web version after vulnerability found (The Record by Recorded Future) The company behind Ever Surf, a wallet for the Everscale blockchain ecosystem, is shuttering its web version after a vulnerability was found.

April Consumer Cyber Safety Pulse Report – From Norton Labs (Norton Labs) What you need to know about deepfakes, romance scams, and crypto scams. Plus, some of the latest phishing pages we have caught.

A taste of what’s to come: poisoned AI is the next big cybersecurity risk (TimesLIVE) The cat-and-mouse game between hackers and cybersecurity experts has moved to the next level

Vectra Research: 74% of organizations experienced a significant security incident in the past year (PR Newswire) Vectra AI, a leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises, today released the findings of its…

Fortune 1000 CISOs: Active Protection is Key to Cloud Native Security (Aqua Security) In the latest Aqua Security survey, CISOs at Fortune 1000 companies share perspectives on cloud native security emphasizing a need for active protection.

Marketplace

Source Defense Secures $27 Million in Growth Funding to Accelerate Prevention of Web Client-Side Cyber Risks (Source Defense) Springtide Ventures joins existing investors, including JVP and AllegisCyber, as the leader in web application client-side protection increases client deployments by 240% year-over-year, and solidifies dominance in third-party risk mitigation with nearly 24 billion compliance policy violations thwarted in that same timeframe ROSH HA’AYIN, Israel and NEW HAVEN, Conn., April 26, 2022 – Source Defense, a

Google’s $5 billion Mandiant acquisition just hit another snag (TechRadar) The search giant wants to bolster its cybersecurity credentials by buying Mandiant

Twitter Accepts Elon Musk’s Offer to Buy Company in $44 Billion Deal (Wall Street Journal) Twitter accepted Elon Musk’s bid to take the company private, giving the world’s richest man control over the influential social-media network.

Twitter accepts Elon Musk’s buyout deal (CNBC) The announcement ends a weekslong saga Musk kicked off when he offered to buy the company at $54.20 per share, his “best and final.”

Twitter accepts buyout, giving Elon Musk total control of the company (The Verge) It’s Elon’s show now

Elon Musk pledges to ‘authenticate all humans’ as he buys Twitter for $44 billion. Here’s how the site may change now that he’s in charge. (Business Insider) Tesla billionaire Elon Musk has big plans for changes at the influential social media company, from authenticating all humans to banning spam bots.

Buying Twitter, Elon Musk Will Face Reality of His Free-Speech Talk (New York Times) Tech’s big shots have learned again and again that free speech isn’t so simple. What happens when Mr. Musk owns Twitter?

Elon Musk spent nearly 7 times Jack Dorsey’s net worth to buy Twitter (Newsweek) Dorsey, who resigned as CEO last fall, has a net worth of $6.6 billion, according to Forbes. Musk bought Twitter for $44 billion.

Analysis: Musk tears up buyout playbook with $46.5 billion Twitter financing (Reuters) It is the biggest acquisition financing ever put forward for one person. Elon Musk is doing it his way.

Elon Musk Lands Deal to Take Twitter Private for $44 Billion (Bloomberg) Billionaire’s purchase would be one of the largest LBOs ever. Musk touts social network as place for vital online debates.

4 ways Twitter could change under Elon Musk. (New York Times) The Tesla chief executive has criticized Twitter’s content moderation policies and advocated open-source algorithms.

Can Musk deliver on his vision for Twitter? Questions remain (AP NEWS) Tesla CEO Elon Musk stands to be the next owner of Twitter, having pledged roughly $44 billion to buy the social platform and take it private. Assuming that happens, next up on his agenda will be planning how to fulfill his promises to develop new Twitter features, open its algorithm to public inspection and defeat “spambots” on the service that mimic real users.

Twitter Employees Search for Answers as Musk Takeover Becomes Reality (New York Times) Workers say they have been left largely in the dark about what a sale to the billionaire will mean for them and their shares in the company.

How Elon Musk Won Twitter (Wired) His weeks-long pursuit of the company has resulted in a $44 billion deal. But how did it happen, and what the hell comes next?

Bravo, Thoma Bravo (Strategy of Security) A deeper look into Thoma Bravo, the audacious private equity firm that’s reshaping the cybersecurity ecosystem.

Huawei Pumps $22 Billion Into R&D to Beat U.S. Sanctions (Yahoo) Few companies devote more of their revenue to research than Huawei Technologies Co., for which developing new technologies is a matter of thwarting crippling U.S. trade and investment sanctions.Most Read from BloombergElon Musk Lands Deal to Take Twitter Private for $44 BillionUkraine Latest: Lavrov Warns of Nuclear War; Biden Names Envoy‘Weak Sauce’: Elon Musk’s 2018 Feud With Saudi Fund RevealedAnger in Japan as Ukraine Links Emperor Hirohito to Adolf HitlerKetanji Brown Jackson

authID.ai Names Annie Pham Chief Financial Officer; Stuart Stoller to Retire (GlobeNewswire News Room) Annie Pham to Assume CFO Role with 20+ Years of Corporate Finance Experience. Stuart Stoller to Retire after Decades of Corporate Service. LONG…

Blackpoint Cyber Welcomes J. Chris Wilkerson, VP of Blackpoint RISK & Head of Insurance (Business Wire) Blackpoint Cyber, a leading technology-focused cybersecurity company, announced a key expansion in its cyber insurance leadership team. The company ap

Products, Services, and Solutions

Trend Micro Launches New Security Platform (Dark Reading) An ecosystem of native and third-party integrations provides visibility and control across the entire attack surface.

Akamai unveils Linode Managed Database to help developers reduce risk and increase efficiency (Help Net Security) Akamai Technologies launched a managed database service powered by Linode with support for MySQL, PostgreSQL, Redis, and MongoDB.

Comodo Security Solutions partners with UAE-based Distilogix (Gulf Business) Both companies aim to assist organisations in moving to a modern and full-proof approach to protecting themselves from cyberattacks and security breaches.

VuWall Introduces its Application Server to Securely Share and Control Websites and Applications on Video Walls

(VuWall) VuWall’s Newest Addition Delivers Unmatched Versatility and Scalability to Video Wall Deployments in AV-Over-IP Environments

IGI CyberLabs Partners With ThreatAdvice to Include Nodeware(R) Solution in Breach Prevention Platform (Yahoo Finance) IGI CyberLabs, a subsidiary of Infinite Group, Inc. (“IGI”) (OTCQB:IMCI) today announced a partnership with ThreatAdvice, a company focused on cybersecurity management solutions for the Managed Service Provider (MSP) space, to integrate its Nodeware solution in ThreatAdvice’s comprehensive cybersecurity management solution.

Akamai Unveils Audience Hijacking Protector and New Application Security Features (Akamai) New Solution and Features Designed to Protect Customers Across Online Environments: In Browsers, Mobile Applications, API Interactions and at the Edge

Corvus Insurance Adds First Organizations to ‘Smart Cyber Partnerships’ Ecosystem to Drive the Future of Cyber Risk Management (Corvus Insurance) Learn more about Corvus’s new Smart Cyber Partnerships

Platform9 Named Industry Leader in “GigaOm Radar for Evaluating Managed Kubernetes Solutions” Report (PR Newswire) Platform9, the world’s #1 open distributed cloud service, today announced that GigaOm named it a Leader and Outperformer in its 2022 “GigaOm…

SecurityScorecard Launches Cyber Risk Quantification Portfolio Providing Customers Various Models to Conduct Security Cost-Benefit Analysis (Yahoo Finance) SecurityScorecard, the global leader in cybersecurity ratings, today introduced its Cyber Risk Quantification (CRQ) capabilities that will enable customers to understand cyber risk in financial terms, enabling organizations to bring cyber risk into holistic business risk analysis, and assisting organizations in a cost-benefit analysis of cyber investment options. SecurityScorecard’s CRQ capabilities help customers understand the financial impact of a cyber-attack, gain insight into the probabili

Varonis Announces Trailblazing Features for Securing Sensitive Data in Salesforce (GlobeNewswire News Room) New capabilities identify excessive permissions and misconfigurations, classify sensitive data in files and attachments, and detect data exfiltration…

LastPass Appoints Karim Toubba Chief Executive Officer (The LastPass Blog) BOSTON, April 26, 2022 —  LastPass, the global leader in zero-knowledge password management, today announced that Karim Toubba has joined the company as its Chief Executive Officer. The cloud security veteran will lead LastPass as it separates from GoTo, formerly LogMeIn, and increases investment to create an even more seamless user experience, modernize go-to-market functions, and continue […]

Exabeam Fusion SIEM Delivers Customers 245% ROI Over Three Years (Exabeam) Independent Consulting Total Economic Impact study revealed significant improvements in security operations efficiency and effectiveness across a diverse customer base FOSTER CITY, Calif., April 26, 2022 –  Exabeam, the leader in Next-gen SIEM and XDR, today announced the results of a commissioned Total Economic Impact™ (TEI) study conducted by Forrester Consulting (NASDAQ: FORR) on behalf… Read more »

CloudSphere Announces SOC 2 Type 2 Accreditation (CloudSphere) CloudSphere’s SOC 2 Type 2 accreditation demonstrates our longstanding dedication to upholding the highest security standards to mitigate Cybersecurity risks.

Technologies, Techniques, and Standards

Army progresses on electronic warfare revamp (Breaking Defense) Army systems to give soldiers EW and cyber options on the battlefield are inching towards reality.

Legislation, Policy, and Regulation

U.S. Joins ‘Historic’ Global Group Focused on Data Privacy (Nextgov) The newly-formed Global Cross-Border Privacy Rules Forum aims to promote international data sharing with an emphasis on bridging differences in privacy frameworks.

Part 2: PIPL and GDPR Compliance Obligations on Cross-Border Transfers of Personal Information (cyber/data/privacy insights) As explained in our previous blog post, in addition to the requirements for adopting a cross-border transfer mechanism, China’s Personal Information Protection Law (PIPL) and the European Union’s General Data Protection Regulation (GDPR) set out further compliance obligations on the cross-border tra

Opinion | The Biden White House’s Cyberwarfare Power Grab (Wall Street Journal) The Pentagon needs clarity about its authority, not micromanagement.

Budget-in-Brief Fiscal Year 2023 (US Department of Homeland Security) The President’s Fiscal Year (FY) 2023 Budget for the Department of Homeland Security (DHS) is $97.3B, of which $56.7B is net discretionary funding. This funding supports the Department’s ever-evolving mission set and aligns with key Presidential priorities.

Former DNC CISO Bob Lord Joins CISA Cybersecurity Division (SecurityWeek) CISA has added former DNC and Yahoo CISO Bob Lord to its stable of technical advisors.

DoD names head of new office managing data and artificial intelligence efforts (The Record by Recorded Future) The Defense Department announced on Monday that Craig Martell has been chosen as the new Chief Digital and Artificial Intelligence Officer (CDAO). 

Litigation, Investigation, and Law Enforcement

Mexico’s top court strikes down controversial cellphone registry with biometric data (Reuters) Mexico’s Supreme Court on Monday ruled that a plan to create a national cellphone user registry with biometric data is unconstitutional, in a blow to President Andres Manuel Lopez Obrador’s government, which backed the measure.

Ex-eBay exec pleads guilty to harassing couple whose newsletter raised ire (Reuters) A former eBay Inc security executive pleaded guilty on Monday to harassing a Massachusetts couple who authored a newsletter by arranging anonymous messages on Twitter and home deliveries that included a bloody pig mask and live insects.

Mastermind of Natick couple’s harassment pleads guilty (Boston Globe) Former eBay employee Jim Baugh admitted overseeing deliveries of a bloody pig mask, live spiders, and a funeral wreath to Ina and David Steiner, who published an online newsletter that reported on eBay.

Former eBay Executive Pleads Guilty to His Role in Cyberstalking Campaign (US Department of Justice) A former eBay, Inc. executive pleaded guilty today in connection with his role in a cyberstalking campaign targeting the editor and publisher of a newsletter that eBay executives viewed as critical of the company.

Spain Vows to be Transparent in Probe of Pegasus Spyware Use (SecurityWeek) Spanish authorities are pledging full transparency as they launch inquiries into allegations that the phones of dozens of supporters of Catalan independence were hacked with Pegasus spyware

Ninth Circuit: Web Scraping Does Not Violate CFAA (Mondaq) In a decision that is certain to reverberate through the big data community, the U.S. Court of Appeals for the Ninth Circuit ruled that the primary legal tool that companies tried to…

SolarWinds breach lawsuits: 6 takeaways for CISOs (CSO Online) Civil lawsuits aim to show that SolarWinds and its CISO did not take adequate actions to prevent a breach. Here’s how security leaders can protect themselves and their organizations from similar claims.



Original Source link

Leave a Reply

Your email address will not be published.

sixty one + = 67