Dateline Moscow, Kyiv: Cyberskirmishing continues during a (relative) pause of maneuver on the ground.
Ukraine at D+48: A look at a thwarted grid hack. (The CyberWire) Russia continues artillery strikes and cyberattacks as it prepares for a renewal of its ground offensive in the Donbas.
Putin vows to press invasion until Russia’s goals are met (AP NEWS) Vladimir Putin vowed Tuesday that Russia’s bloody offensive in Ukraine would continue until its goals are fulfilled and insisted the campaign was going as planned, despite a major withdrawal in the face of stiff Ukrainian opposition and significant losses.
Russia’s New Top Commander in Ukraine Is ‘Willing to Sell His Soul’ (Foreign Policy) A veteran of Russia’s brutal campaign in Syria, Aleksandr Dvornikov will have his work cut out for him as Moscow doubles down in eastern Ukraine.
EXPLAINER: New front, same challenges for Russian offensive (AP NEWS) Russia is readying a massive, new offensive in eastern Ukraine, hoping to reverse its fortunes on the battlefield after a catastrophic start to seven weeks of war.
Putin Unbound (Foreign Affairs) Repression at home presaged belligerence abroad.
The Month That Changed a Century (Foreign Policy) Putin seeks to destroy not just Ukraine but the entire postwar global system. He may yet succeed.
It’s Time to Beat Putin at Poker and Call His Bluff (Foreign Policy) The West must understand the high-stakes game Russia is engaging in, and use calculated aggression to expose the Kremlin’s weak hand.
We Assumed Small States Were Pushovers. Ukraine Proved Us Wrong (World Politics Review) In the immediate aftermath of Russia’s invasion of Ukraine, the widespread shock made it difficult to think through its unanticipated consequences on the international system. Yet after five weeks of brutal war, a few indicators give a sense of how the world is changing and what the long-term impact of these changes might be.
Russia ‘may use chemical weapons’ in its push to take Mariupol, warns US (The Telegraph) US says it has ‘credible information’ as Britain ‘urgently’ looks into claims Moscow has already deployed chemical weapons
Fighting in Ukraine impedes investigation of poison-gas claims (Washington Post) Syrian cases highlight the difficulty of proving allegations of chemical weapons use
Nato weakness has left the gates open for a chemical attack (The Telegraph) If the West no longer has the courage to police the rules-based order, war in Ukraine will mark a terrible turning point
When Russian troops arrived, their relatives disappeared (Vox) A local official and a journalist’s father were abducted. Their families’ stories are part of a pattern of disappearances in Russia-occupied Ukraine.
Why Russia’s Cyber Warriors Haven’t Crippled Ukraine (The National Interest) It would be a mistake to conclude that the war in Ukraine undermines the notion that cyber operations are a critical part of modern warfare.
In Ukraine, a ‘Full-Scale Cyberwar’ Emerges (Wall Street Journal) Russians haven’t pulled off a catastrophic cyberattack but have kept Ukraine’s defenders busy with a relentless campaign.
Russian hackers tried to bring down Ukraine’s power grid to help the invasion (MIT Technology Review) As Russia’s ground war stalls, hackers attempted to cause a blackout for two million people.
Russia’s Sandworm Hackers Attempted a Third Blackout in Ukraine (Wired) The attack was the first in five years to use Sandworm’s Industroyer malware, which is designed to automatically trigger power disruptions.
Ukraine Thwarts Cyberattack on Electric Grid, Officials Say (Wall Street Journal) The attack, which was set for last Friday, used software similar to the ‘industroyer’ code used in a 2016 hack of Kyiv’s grid, experts noted.
Russian spies launch cyber attack on Ukraine’s electrical grid (The Telegraph) Sandworm group blamed for planting malicious software “bomb”
Ukraine says potent Russian hack against power grid thwarted (AP NEWS) Russian military hackers attempted to knock out power to millions of Ukrainians last week in a long-planned attack but were foiled, Ukrainian government officials said Tuesday. At one targeted high-voltage power station, the hackers succeeded in penetrating and disrupting part of the industrial control system, but people defending the station were able to prevent electrical outages, the Ukrainians said.
Ukraine Says Russian Hackers Tried To Attack Ukrainian Power Grid Again (RadioFreeEurope/RadioLiberty) Ukraine says Russian hackers sought to attack and disable Ukraine’s electricity grid for a second time last week but were thwarted.
Russian Hackers Tried Damaging Power Equipment, Ukraine Says (Bloomberg) Sandworm group stopped from achieving goals, Ukraine says. Hacking unit previously tied to Russian military intelligence.
Sandworm hackers fail to take down Ukrainian energy provider (BleepingComputer) The Russian state-sponsored hacking group known as Sandworm tried on Friday to take down a large Ukrainian energy provider by disconnecting its electrical substations with a new variant of the Industroyer malware for industrial control systems (ICS) and a new version of the CaddyWiper data destruction malware.
Researchers find new malware variant after stopping attack on Ukrainian energy provider (The Record by Recorded Future) Ukrainian officials said they stopped an attack on an energy facility by APT group Sandworm.
Zhadnost strikes again… this time in Finland. (SecurityScorecard) Zhadnost strikes again… this time in Finland.
Anonymous Hits Russian Ministry of Culture- Leaks 446GB of Data (HackRead) The Anonymous hacktivists collective has targeted the Russian Ministry of Culture and leaked 446 GB worth of data online. The cyberattack was carried out as part of the collective’s ongoing operation OpRussia against the country’s invasion of Ukraine.
Russia Is Mimicking Open-Source Intelligence Methods to Discredit Bucha Atrocities (Foreign Policy) The Kremlin is desperate to muddy the waters around its war crimes.
Putin is holding GPS hostage – Here’s how to get it back (C4ISRNet) Just the threat of interfering with GPS can help Putin keep the U.S. at bay.
To Prosecute Putin for War Crimes, Safeguard the Digital Proof (Foreign Policy) Holding Russia accountable for atrocities in Ukraine requires the painstaking collection and preservation of evidence in the face of rampant disinformation.
Russia-Ukraine latest news: Finland to decide on Nato membership within ‘weeks’ despite Kremlin warning (The Telegraph) Finland will make a decision on whether to apply to join the 30-member Nato alliance within weeks despite a warning from the Kremlin, Prime Minister Sanna Marin has said.
Ukraine secret service says it has arrested top Putin ally (Reuters) Ukraine’s security services on Tuesday said they had arrested pro-Russian politician Viktor Medvedchuk, who is President Vladimir Putin’s closest and most influential ally in Ukraine.
Washington Post columnist, prominent Kremlin critic arrested in Moscow (The Hill) A Washington Post columnist and vocal critic of the Kremlin has been arrested in Moscow, his wife said in a social media post on Monday evening. “Twice have the Russian authorities tried to k…
Russia has yet to slow a Western arms express into Ukraine (AP NEWS) Western weaponry pouring into Ukraine helped blunt Russia’s initial offensive and seems certain to play a central role in the approaching, potentially decisive, battle for Ukraine’s contested Donbas region .
Pentagon: ‘Roughly 8 to 10 Flights a Day’ Full of Aid for Ukraine Pouring into Europe (Air Force Magazine) Defense Department press secretary John F. Kirby said the U.S. is helping to oversee and coordinate delivery of aid to Ukraine.
Pentagon looks to vastly expand weapons for Ukraine (Washington Post) Ukrainian officials also met recently with the maker of Reaper and Predator drones, a company official said
Pentagon summons top U.S. defense companies to discuss military aid to Ukraine (NYSE:LMT) (SeekingAlpha) The Pentagon is set to host a meeting on Wednesday with eight of the largest U.S. defense contractors, including Lockheed Martin (LMT), Raytheon (RTX) and L3Harris Technologies (LHX)
Polish, Baltic presidents head to Ukraine in show of support (AP NEWS) The presidents of four countries on Russia’s doorstep headed to Kyiv on Wednesday in a show of support for Ukraine, after Russian President Vladimir Putin vowed to continue his bloody seven-week offensive until its “full completion.”
Which countries have expelled Russian diplomats? (Washington Post) As Russia batters Ukraine and NATO countries send troops to Eastern Europe, a separate conflict between Moscow and the West is playing out in the world of diplomacy.
Why India Won’t Condemn Russia (Foreign Policy) The world’s largest democracy is under pressure to join the West in sanctioning Moscow. But New Delhi wants to keep its options open.
‘I bought a plane ticket and left 12 hours later’: Engineers at Yandex, Russia’s Google rival, are fleeing abroad and leaving spouses and salaries behind (Business Insider) 50,000 to 70,000 Russian tech workers have fled the country since the invasion of Ukraine. Tens of thousands more are expected to flee in April.
World Bank planning to give support worth $1.5bn to Ukraine (the Guardian) Funds will help to pay hospital workers and pensions, and continue social programmes for the vulnerable
Russia’s Oil Industry, Linchpin of Economy, Feels Sting of Ukraine War Disruptions (Wall Street Journal) Refiners are trimming output and in some cases closing down because of falling demand at home and abroad.
Russia-Germany trade rupture could “move the macro needle” and cause a financial shock, says S&P Global (Markets Insider) A breakdown in trade between Russia and Germany could deliver a financial shock to Europe’s largest economy, S&P Global’s chief economist said.
French Retailer Shuts Ukraine Outlets but Stays in Russia, Angering Ukrainian Staff (Wall Street Journal) Leroy Merlin cut off Ukrainian employees’ access to email and social media after they protested and Russia bombed its Kyiv store.
Nokia and Ericsson halt new business in Russia. Is Huawei next? (CTVNews) Nokia has announced its exit from Russia, while rival Ericsson is putting its business there on hold indefinitely, throwing into doubt the country’s ability to build super-fast 5G networks.
Nokia to ‘exit’ Russia as Huawei reportedly stops work (Light Reading) Letter-writing and the old-fashioned telegraph could stage a comeback in Russia. Just a day after Ericsson said it would suspend its business there “indefinitely,” Finnish rival Nokia has gone even further, revealing plans this morning to exit the Russia market. Amid reports that China’s Huawei is also suspending Russia activities and furloughing staff, local networks may effectively have nowhere left to turn.
Huawei reportedly furloughs Russian staff, may quit country (Register) Chinese giant still hiring in Moscow – for some very interesting gigs
Attacks, Threats, and Vulnerabilities
Tarrask malware uses scheduled tasks for defense evasion (Microsoft Security Blog) Microsoft Detection and Response Team (DART) researchers have uncovered malware that creates “hidden” scheduled tasks as a defense evasion technique. In this post, we will demonstrate how threat actors create scheduled tasks, how they cover their tracks, and how the malware’s evasion techniques are used to maintain and ensure persistence on systems.
Enemybot: A Look into Keksec’s Latest DDoS Botnet (Fortinet Blog) FortiGuard Labs observed a new DDoS botnet calling itself “Enemybot” and attributing itself to the Keksec threat group. Read our blog to learn how this malware leverages vulnerabilities and execute…
Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene (ZDNet) The botnet borrows a few tricks from Mirai.
Qbot malware switches to new Windows Installer infection vector (BleepingComputer) The Qbot botnet is now pushing malware payloads via phishing emails with password-protected ZIP archive attachments containing malicious MSI Windows Installer packages.
Identifying a Vulnerability in the SAP Software Supply Chain (Dark Reading) Make sure you’re using the patch to block this supply chain attack.
Amazon RDS Vulnerability Led to Exposure of Credentials (SecurityWeek) AWS recently addressed a vulnerability in Amazon Relational Database Service (RDS) that could lead to the exposure of internal credentials.
Microsoft: New malware uses Windows bug to hide scheduled tasks (BleepingComputer) Microsoft has discovered a new malware used by the Chinese-backed Hafnium hacking group to maintain persistence on compromised Windows systems by creating and hiding scheduled tasks.
Fresh Phish: Supreme Court Lure Follows Phishing Precedent (INKY) In the past two weeks, INKY engineers detected a new variant on an existing phishing campaign, this one crafted around the Supreme Court of the United States. Read more in this latest fresh phish.
White Paper: Inside Complex RansomOps and the Ransomware Economy (Cybereason) Ransomware operations have transformed dramatically over the last few years from a small cottage industry conducting largely nuisance attacks to a highly complex business model that is extremely efficient and specialized with an increasing level of innovation and technical sophistication.
500,000 Impacted by Email Breach at Illinois Healthcare Firm (SecurityWeek) Christie Clinic says the data breach occurred after a business email account was compromised.
Experts urge politicians improve cybersecurity after San Jose mayor hacked (San José Spotlight) Cybersecurity experts are urging public officials to beef up their online security in the wake of San Jose mayor’s Twitter account getting hacked.
T-Mobile Secretly Bought Its Customer Data from Hackers to Stop Leak. It Failed. (Vice) After hackers targeted T-Mobile in August, T-Mobile hired a third-party firm that went undercover and bought exclusive access to the data.
Insurer Baloise Targeted in Cyber Attack (Finews) The Basel-based insurer suffered a cyber attack early this week.
Security Patches, Mitigations, and Software Updates
Zero Day Initiative — The April 2022 Security Update Review (Zero Day Initiative) Another Patch Tuesday is upon, and Adobe and Microsoft have released a bevy of new security updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for April 2022 For April, Adobe released four updates
OpenSSH Moves to Prevent ‘Capture Now, Decrypt Later’ Attacks (SecurityWeek) OpenSSH 9.0 has been fitted with new defaults to prevent “capture now, decrypt later” attacks linked to advancements in quantum computing.
Five critical bugs fixed in hospital robot control system (Naked Security) Fortunately, we’re not talking about a robot revolution, or about hospital AI run amuck. But these bugs could lead to ransomware, or worse…
Microsoft’s April 2022 Patch Tuesday tackles two zero-day vulnerabilities (ZDNet) Microsoft has dealt with zero-day bugs in the firm’s customary monthly batch of security fixes.
Microsoft April 2022 Patch Tuesday fixes 119 flaws, 2 zero-days (BleepingComputer) Today is Microsoft’s April 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 119 flaws.
Microsoft Patches 128 Windows Flaws, New Zero-Day Reported by NSA (SecurityWeek) Microsoft drops a massive Patch Tuesday bundle and warns of an in-the-wild zero-day attack hitting Windows users.
Microsoft Releases April 2022 Security Updates (CISA) Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s April 2022 Security Update Summary and Deployment Information and apply the necessary updates.
Google Releases Security Updates for Chrome (CISA) Google has released Chrome version 100.0.4896.88 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update.
Citrix Releases Security Updates for Multiple Products (CISA) Citrix has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Citrix security bulletins and apply the necessary updates.
Apache Releases Security Advisory for Struts 2 (CISA) The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Apache’s security advisory S2-062 and upgrade to the latest released version.
Valmet DNA (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable from an adjacent network /low attack complexity Vendor: Valmet Equipment: DNA Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute commands remotely with system privileges.
Mitsubishi Electric MELSEC-Q Series C Controller Module (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC-Q Series C Controller Module Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition or allow remote code execution.
Inductive Automation Ignition (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inductive Automation Equipment: Ignition Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker with network access to execute code by uploading a malicious zip file.
Mitsubishi Electric GT25-WLAN (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Wireless LAN communication unit GT25-WLAN in GOT2000 Series GT25 or GT27 Vulnerabilities: Improper Removal of Sensitive Information Before Storage or Transfer, Inadequate Encryption Strength, Missing Authentication for Critical Function, Injection, Improper Input Validation 2.
Aethon TUG Home Base Server (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Aethon (owned by ST Engineering) Equipment: TUG Home Base Server Vulnerabilities: Missing Authorization, Channel Accessible by Non-endpoint, Cross-site Scripting 2.
Q1 2022 Ransomware Roundup (Digital Shadows) As the new year has reached the end of its first quarter, it’s time for us to go back and take a look at all the most important ransomware-related events that happened during Q1 2022. The beginning of the year has shown that ransomware gangs have remained motivated—despite increased pressure from law enforcement—but we have
The State of Security 2022 | Splunk (Splunk) New research highlights today’s biggest security challenges — and the strategies organizations need to overcome them.
Corvus Insurance Reports Ransomware Attacks are Down from Recent Peaks, as Costs and Frequency of Claims Trend Downward (Business Wire) Corvus Insurance, the leading provider of smart commercial insurance products powered by AI-driven risk data, today released findings from its second
New Cloud Security Alliance Survey Finds SaaS Misconfigurations (CSA) Proper visibility into SaaS security application settings and automated tools can mitigate risk
Managed detection and response provider Critical Start lands $215M (VentureBeat) Critical Start, which provides a 24/7 managed detection and response service, announced it has raised $215 million in new growth funding.
HacWare lands $2.3M to expand cybersecurity awareness training (TechCrunch) The New York-based cybersecurity startup says it’ll use the funding to expand its engineering and sales teams.
KKR to Acquire Barracuda Networks From Thoma Bravo (SecurityWeek) Investment giant KKR has agreed to acquire Barracuda Networks from private equity firm Thoma Bravo
KKR to buy Barracuda Networks from Thoma Bravo for nearly $4B (Silicon Valley Business Journal) Barracuda Networks Inc. could soon be in the hands of another private equity giant.
ClearShark to Acquire FedBiz IT (GlobeNewswire News Room) Expands Contracts Portfolio including NASA SEWP V and Other Key Agency-Specific Contracts…
Thoma Bravo Doubles Down On Cybersecurity With $6.9B Buy Of SailPoint As Identity Management Remains Hot (Crunchbase News) Thoma Bravo’s $6.9 billion agreement to buy Austin, Texas-based SailPoint reflects not just a booming interest in the identity management sector but also the private equity giant’s ravenous appetite for cybersecurity.
Several Companies Join Forces for New OT Cybersecurity Coalition (SecurityWeek) Honeywell, Claroty, Nozomi and Forescout have teamed up to create the Operational Technology Cybersecurity Coalition.
Ermetic Announces New Cloud Security Research Organization (Business Wire) Ermetic Cybersecurity Lab will focus on uncovering threats and vulnerabilities that affect AWS, Azure and GCP platforms.
PerimeterX Named a Leader in Bot Management by Top Industry Research Firm (PerimeterX) Analyst Firm Ranks PerimeterX as One of Only 3 Leaders in Evaluation of “15 Providers That Matter Most and How They Stack Up”
Products, Services, and Solutions
PAM as-a-Service (Optiv) Optiv’s Privileged Access Management as-a-Service offers planning, implementation & maintenance to protect privileged accounts in a flexible as-a-service model.
Mastercard and Interos Launch Partnership to Address Fast-Changing Global Risk Landscape (Yahoo) Mastercard today announced a new partnership with Interos, the hyper-growth operational resilience company, to further expand its security strategy and bring Interos’ multi-tier risk monitoring capabilities to financial institutions. This new offering allows organizations to proactively detect and eliminate risk across multiple areas – including cyber, financial, ESG, restrictions, geopolitical and operational – throughout their network of business and merchant relationships.
DuckDuckGo’s Privacy Browser Finally Lands on Desktop (Wired) DuckDuckGo started out as a private search engine. Now its web browser is debuting on Macs to rival Chrome, Safari, Edge, and Brave.
Druva Delivers Industry’s First Cloud Data Protection for Nutanix Workloads (Druva) With Nutanix Ready Certification, Druva Brings Nutanix Customers a New Level of Simplicity for Ransomware Recovery, Cloud Backup, and Disaster Recovery
Major French Hospital Group Stops Ransomware Attack With Darktrace AI (PR Newswire) Darktrace, a global leader in cyber security AI, today announced that Antigena, its autonomous response technology, stopped a sophisticated…
Ellucian and The Burning Glass Institute to Collaborate on Data-Driven Insights to Inform Student Success (PR Newswire) Ellucian, the leading higher education technology solutions provider, and The Burning Glass Institute (BGI), a non-profit center advancing…
Finite State’s New Exploit Intelligence Capability Powers Threat-Based Product Security Prioritization (Business Wire) Finite State announces new exploit intelligence capability powering threat-based product security prioritization.
Blue Hexagon Debuts World’s First Unified Harden and Defend Platform for Multi-Cloud Security (Business Wire) Blue Hexagon, a leading agentless cloud-native AI platform, today announced the world’s first unified harden and defend multi-cloud security platform
Technologies, Techniques, and Standards
US Government Has Three Weeks to Patch Cyclops Blink Bug (Infosecurity Magazine) CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog
Trusted Connectivity Alliance Publishes Guidance to Support Increased Development and Deployment of Integrated SIM Solutions – Trusted Connectivity Alliance (Trusted Connectivity Alliance) New paper promotes deeper understanding of integration across the mobile ecosystem, by educating on technical and value chain considerations and advocating standardisation for optimal security and interoperability benefits
Terrible cloud security is leaving the door open for hackers. Here’s what you’re doing wrong (ZDNet) A rise in hybrid work and a shift to cloud platforms has changed how businesses operate – but it’s also leaving them vulnerable to cyberattacks.
UD Master’s of Cybersecurity Program Receives Redesignation as NSA Center of Excellence (University of Dallas News) The University of Dallas’ Satish & Yasmin Gupta College of Business has been redesignated by the National Security Agency as a Center of Academic Excellence, a designation that UD has held for the past 20 years.
Legislation, Policy, and Regulation
Singapore to license infosec service providers (Register) Outfits that can rummage around inside customer systems need to prove they’re up to the job – and accountable
Congress aims for next step to safeguard critical infrastructure (Roll Call) Lawmakers are looking to boost the U.S. government’s ability to safeguard from devastating cyberattacks on vital infrastructure sectors.
SEC’s Cybersecurity Proposal Could Hit Small Advisors Hard (Barron’s) A trade group which represents SEC-registered investment advisors is cautioning that small shops could struggle to meet reporting requirements.
John Oliver Targets Congress by Gathering Online Data (TheWrap) On Last Week Tonight, host John Oliver threatened to blackmail congress by using legal means of gathering their online data as a way to get them to act.
Litigation, Investigation, and Law Enforcement
Not just NSO: Was another Israeli spyware used in the Caribbean? (Haaretz) A local newspaper reported that NSO’s Pegasus spyware was sold to Trinidad and Tobago. However, it may be a different Israeli firm’s spyware, recently found on the phone of a Greek journalist, that was actually used
NSO Group Spied on European Union—on French Orders? (Security Boulevard) An espionage attempt was made by an NSO Group customer to hack the phones of senior EU officials.
Cyberattack on Hawaii undersea communications cable thwarted by Homeland Security (Honolulu Star-Advertiser) A major cyber attack targeting an underwater cable linking Hawaii’s telephone, internet, cable and cell phone service was foiled by federal agents with Homeland Security Investigations last week.
Global Operation Takes Down Hackers’ Leaked Data Market (SecurityWeek) An international law enforcement operation took down the “RaidForums” marketplace that sold access to database leaks from U.S. companies including credit card details, user names and passwords for online accounts.
RaidForums hacking forum seized by police, owner arrested (BleepingComputer) The RaidForums hacker forum, used mainly for trading and selling stolen databases, has been shut down and its domain seized by U.S. law enforcement during Operation TOURNIQUET, an action coordinated by Europol that involved law enforcement agencies in several countries.
U.S. crypto researcher sentenced to five years for helping North Korea evade sanctions (Reuters) A former researcher at a high-profile cryptocurrency group was sentenced to five years and three months in prison on Tuesday for conspiring to help North Korea evade U.S. sanctions using cryptocurrency, federal prosecutors in Manhattan said.
Former Ethereum Developer Virgil Griffith Sentenced to 5+ Years in Prison for North Korea Trip (CoinDesk) Griffith previously pleaded guilty to one count of conspiracy to violate international sanctions for giving a talk at a crypto conference in Pyongyang in 2019.
Will Hunter Biden face criminal charges? What we know so far (Newsweek) As the federal investigation into Hunter Biden ramps up, experts spoke to Newsweek on the possibility of an indictment.