Cyber Attacks, Threats, and Vulnerabilities
Egypt based hackers attempted cyber attacks on Ethiopian gov't sites (Borkena Ethiopian News) Egypt based hackers reportedly attempted cyber attacks to put pressure on Ethiopia in connection with filling and operation of GERD
Targeted attacks on Australian Networks (ACSC Advisory) (Zscaler) Earlier today ACSC released an advisory regarding a cyber campaign targeting Australian networks. Zscaler ThreatLabZ is actively monitoring this campaign.
Indian agencies issue alerts for possible Chinese cyber attack (Outlook India) Indian security agencies have issued a cyber alert following an advisory from the Computer Emergency Response Team-India (CERT-In) regarding a potential "cyber offensive attack from the Chinese Army".
Post Galwan attack, Chinese hackers attempt cyber attack on Indian Cyber space (Republic World) The data available with the Maharashtra Cyber department suggests that since June 15, Chinese hackers have attempted to hack Indian cyberspace 40,300 times
Dark Web Chatter Reveals Cyber Threat To Top Companies, Govt Departments As India-China Tensions Escalate (Inc42 Media) According to chatter uncovered on the dark web by cybersecurity research firm Cyfirma, Chinese state-sponsored hacker groups could target Indian businesses and government establishments.
Malware campaign using Office documents to target South Asian militaries (iTWire) A malware campaign that uses military-themed malicious Microsoft Office documents to spread a remote access trojan has been observed by Cisco's Talos Intelligence Group, with the group adding that the RAT was spread using customised Cobalt Strike beacons. Talos researcher Asheer Malhotra said in...
IndigoDrop spreads via military-themed lures to deliver Cobalt Strike (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike (Symantec) Organizations in the healthcare, services, and food sectors among victims.
New WastedLocker ransomware demands payments of millions of USD (ZDNet) Evil Corp, one of the biggest malware operations on the planet, has returned to life after the December 2019 DOJ charges with a new ransomware strain.
Moroccan journalist targeted by NSO Group spyware, Amnesty International says (CyberScoop) Amnesty International said Sunday its security team found evidence of abuse on a Moroccan journalist’s cell phone that can be tied back to spyware developed by NSO Group.
Anonymous Stole and Leaked a Megatrove of Police Documents (Wired) The so-called BlueLeaks collection includes internal memos, financial records, and more from over 200 state, local, and federal agencies.
BlueLeaks: Data from 200 US police departments & fusion centers published online (ZDNet) Activist group DDoSecrets published 296 GB of police data on Friday, June 19.
FBI Ransomware Election Warning: Fears Revealed in Leaked Document (Computer Business Review) The FBI assesses ransomware infections delivered through managed service providers to US and state government networks likely will threaten...
Web-skimming scam infected e-commerce sites on three continents (SC Media) About two dozen e-commerce websites in North America, South America and Europe were recently “web-skimmed” through a ruse pretending to be Google
Web skimming with Google Analytics (Securelist) Web skimming is a common class of attacks generally aimed at online shoppers. The principle is quite simple: malicious code is injected into the compromised site, which collects and sends user-entered data to a cybercriminal resource. If the attack is
()
New Mac malware reveals Google searches can be unsafe (The Mac Security Blog) Intego has discovered new Mac malware in the wild, actively spreading through malicious results in Google searches. The new malware tricks victims into bypassing Apple’s built-in macOS securi…
Nefilim Ransomware Gang Tied to Citrix Gateway Hacks (GovInfo Security) Hackers wielding Nefilim ransomware have been targeting unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking
Akamai Mitigates Sophisticated 1.44 Tbps and 385 Mpps DDoS Attack (Security Boulevard) It always surprises me how easily a community can adapt to a new situation or reality. What was once considered an outlier or even an unimaginable situation can quickly become our new normal....
Amazon Records Record 2.3Tbps DDoS Attack (Silicon UK) Amazon says its AWS Shield mitigated a DDoS attack peaking at 2.3Tbps, far larger than previous assaults, amidst increasing cloud security threats
Imperva Research Labs Reveals Abnormal Increase in DDoS Attack Length, Despite Popularity of Short Term Attacks (GlobeNewswire) May 2020 Cyber Threat Index also finds ATO attacks primarily targeted loyalty card programs and streaming services
()
Ryuk ransomware deployed two weeks after Trickbot infection (BleepingComputer) Activity logs on a server used by the TrickBot trojan in post-compromise stages of an attack show that the actor takes an average of two weeks pivoting to valuable hosts on the network before deploying Ryuk ransomware.
Warning: ‘Invisible God’ Hacker Sold Access To More Than 135 Companies In Just Three Years (Forbes) Cybersecurity researchers believe they’ve uncloaked a Kazakhstan national responsible for a massive three-year hacking campaign selling access to well over 100 company networks.
MaxLinear targeted by Maze ransomware attack (IT PRO) According to MaxLinear, threat actors gained unauthorized access to personal customer information
How scammers harvested credentials using US DoJ campaign (Enterprise Times) Inky deconstructs an credential harvesting attack by scammers that is designed to steal email address and password credentials from unsuspecting victims.
Anatomy of a survey scam – how innocent questions can rip you off (Naked Security) We take part in a fraudulent survey so you don’t have to. Show your friends and family how these scams unfold.
()
Hackers threaten Indiabulls with ransom after allegedly stealing sensitive data (ETCIO) Indiabulls claims none of the customer data was comprised in the incident.
CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group (Security Affairs) CLOP ransomware operators have allegedly hacked IndiaBulls Group, an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group, its primary businesses are housing finance, consumer finance, and wealth management. Indiabulls Group has around 19,000 employees, the company has been earning an average revenue of 25,000 crore Indian rupees. The […]
'CyberBunker' Malicious Activity Continues Months After Police Raid, SANS Technology Institute's Internet Storm Center Research Finds (Benzinga) SANS Technology Institute, a college known for its cutting-edge cybersecurity research, has been able to show that victims continue to...
80,000 printers are exposing their IPP port online (ZDNet) Printers are leaking device names, locations, models, firmware versions, organization names, and even WiFi SSIDs.
Privacy Incident (North Shore Pain Management) North Shore Pain Management (“NSPM”) values the privacy and confidentiality of our patients’ information. Regrettably, we are notifying patients of a recent incident that resulted in unauthorized access to some of our patients’ information.
£16 million lost to eCommerce fraud during lockdown (SC Magazine) Research shows that 16,352 people in the UK fell victim to online shopping fraud, with young people most at risk, posing a threat to trust in ecommerce as 76 percent see shopping online as risky.
Scam uses Elon Musk’s name to trick people out of US$2 million in bitcoin (WeLiveSecurity) Scammers use Elon Musk's name as part of Bitcoin addresses, fleecing victims out of more than US$2 million worth of bitcoin in the past two months.
This top security software is crashing Windows 10 version 2004 (TechRadar) Malwarebytes users are experiencing performance issues after the latest Windows update
Vulnerability Summary for the Week of June 15, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms (Threatpost) Adobe will prompt Flash Player users to uninstall the application before the Dec. 31, 2020 end of life date hits.
Google is on a mission to stop you from reusing passwords (The Verge) "Passwords are one of the worst things on the internet."
BitDefender fixes bug allowing attackers to run commands remotely (BleepingComputer) Security solutions are designed to keep an organization safe, but those models crumble when that same software becomes a threat vector for the attackers to exploit. Such is the case with a new Bitdefender remote code execution vulnerability, dubbed CVE-2020-8102, lurking in its Safepay browser component.
Apple Suddenly Confirms Hidden Problem Impacting All iPhone, iPad Users (Forbes) Apple has just announced that a fix is in the works for a worrying security problem—one that it has previously denied.
What did it take for stubborn IBM to fix flaws in its Data Risk Manager security software? Someone dropping zero-days (Register) The other kind of DRM strikes: Bod baffled after attempt to raise alarm over vulnerabilities is ignored
Cyber Trends
Sponsored content: What treadmills tell us about the state of the office during Covid-19. (The CyberWire) (This article was contributed and sponsored by Extrahop.) Everything from IP phones to printers to treadmills in your office gym connect to a network somewhere—except now there’s nobody in the building to turn them off. A recent security report from ExtraHop did find that most businesses remembered to shut down the exercise equipment when shuttering their doors in an attempt to slow the spread of COVID-19, but can the same be said for other connected devices?
Bugcrowd Report Highlights Critical Need for Blend of Human Ingenuity and AI-Powered Security Solutions to Protect Critical Infrastructure (Global Security Mag Online) Bugcrowd released its 2020 Inside the Mind of a Hacker report, the most comprehensive study to date on the global hacking community. Among the report’s key findings, human ingenuity supported by actionable intelligence of the Bugcrowd platform were found to be critical ingredients to maintaining a resilient infrastructure. In fact, 78% of hackers indicated AI-powered cybersecurity solutions alone aren’t enough to outmaneuver cyber attacks over the next decade.
As More Americans Turned to Streaming Entertainment During Coronavirus, Cyber Attacks from Use of Piracy Devices Increases, New Survey Finds (Digital Citizens Alliance) Americans using illegal piracy devices are much more likely to bring malware and hackers into the home, a new Digital Citizens Alliance survey* of 1,512 U.S consumers found.
Working from Home with a False Sense of Security: Less than One in Three (31%) Americans Concerned About Cyber Crime Despite 400% Rise in COVID-19-related Cyberattacks - New Unisys Security Index™ (Unisys) Less than one in three (31%) Americans are concerned about their data security while working from home during the COVID-19 global health crisis, according to the new 2020 Unisys Security Index™.
2020 Unisys Security Index™ (Unisys) For more than a decade, the Unisys Security Index™ has measured global consumer concerns related to national, personal, financial and Internet security.
Turf Battles and Silo Issues in 64% of Organizations Damage SOC ROI, Even for High-Performing Teams (Devo.com) Despite gains in budget and strategic priority for SOCs, survey says burnout, overload, and chaos persist in many organizations; Major reforms in security operations required … Turf Battles and Silo Issues in 64% of Organizations Damage SOC ROI, Even for High-Performing Teams Read More »
Which Industries Are Most Likely to Pay Ransomware? (Wall Street Journal) More than 40% of companies say they would at least consider paying, according to a WSJ survey.
The Industries Most Vulnerable to Cyberattacks—and Why (Wall Street Journal) A survey of corporate technology officers reveals that while many companies are worried about all sorts of threats, they also don’t feel they’re prepared to defend against them.
Five cybersecurity experts give their predictions for H2 (CRN) Execs and analysts from Bytes, Computacenter, Sapphire, Canalys and Omdia on how they expect the cybersecurity industry to unfold in the second half of the year
Marketplace
Microsoft acquires CyberX to accelerate and secure customers’ IoT deployments (The Official Microsoft Blog) CyberX will complement the existing Azure IoT security capabilities, and extends to existing devices including those used in industrial IoT, Operational Technology and infrastructure scenarios. With CyberX, customers can discover their existing IoT assets, and both manage and improve the security posture of those devices. With CyberX, customers can see a digital map of thousands of devices across a factory floor or within a building and gather information about their asset profile and vulnerabilities.
Microsoft doubles down on IoT cybersecurity with CyberX acquisition (VentureBeat) Microsoft acquired industrial control systems cybersecurity startup CyberX to shore up its position in the autonomous systems market.
Microsoft acquires a startup that will help it monitor corporate hardware like alarms, cameras and phones (CNBC) The start-up's technology spots security issues on corporate hardware, alongside the other surfaces Microsoft software can already monitor.
Zscaler plans $1 billion convertible debt offering (MarketWatch) Zscaler Inc. undefined said Monday that it plans a private offering of $1 billion of convertible senior notes, due 2025. The notes will be convertible "under...
Alion Secures $75M Navy Deal | WashingtonExec (WashingtonExec) Alion Science and Technology has been awarded a $75 million contract to support research, development, test and evaluation of all Navy Minotaur software
Criticism of eBay rattled executives. But why? (Silicon Valley Business Journal) Current and former EBay executives sound off on former CEO Devin Wenig and what federal prosecutors allege was a plot to harass the editor and publisher of a blog that had been critical of the e-commerce platform.
New company will provide cyber support to U.S. Army (Albany Herald) Gov. Brian Kemp announced recently that Perspecta Inc., a leading U.S. government services provider, is opening a regional office at the Georgia Cyber Center in Augusta. This investment
Job alert! Demand for cybersecurity professionals doubles in two months; these are the top skills needed (Moneycontrol) The salary scale of these professionals ranges from Rs 4 lakh a year to as much as Rs 4 crore per annum.
Top 10 VPNs had 31 million installs YTD, generating $23M in revenue (Atlas VPN) According to data analyzed by Atlas VPN, 10 best-known VPN applications hit 31 million mobile downloads in total during the first five months of 2020. At the same time, these VPN services generated 23 million dollars through in-app purchases.
Injazat opens cyber security centre in Abu Dhabi to develop next-generation technologies (The National) Opened in the first quarter, the centre is offering services to Abu Dhabi’s Mubadala, its group of companies and various other entities
XM Cyber Earns European Commission Seal of Excellence (PR Newswire) XM Cyber, the multi-award-winning leader in attack modeling and security posture management, today announced it has been awarded with the...
Axis Security Included in Gartner’s Market Guide for Zero Trust Network Access (Axis Security) Axis Security, the secure application access company, today announced that it has been identified as a Representative Vendor in Gartner’s Market Guide for Zero Trust Network Access (ZTNA). According to Gartner’s report, “ZTNA augments traditional VPN technologies for application access, and removes the excessive trust once required...
Advisory Board Strengthened with Expert Mark Pribish (Breach Clarity) The call of industry experts for stronger consumer protection from identity crime risks created by data breaches grew today, with the addition of identity theft and data breach risk management expert Mark Pribish.
Forcepoint appoints Chief strategy and trust officer (Zawya) Myrna Soto brings more than 25 years' experience in Information Technology and Security strategy and execution
Palo Alto Networks CFO Kathy Bonanno Announces Departure (PR Newswire) Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today announced the departure of chief financial officer (CFO) Kathy Bonanno,...
Cellebrite Appoints Alon Klomek Chief Business Officer (PR Newswire) Cellebrite, the global leader in Digital Intelligence (DI) solutions for public and private sectors, today announced the appointment of Alon...
MITRE’s CTNS names five national security officials to its newly established advisory board (Help Net Security) MITRE’s Center for Technology & National Security (CTNS), named five highly esteemed national security officials to its newly established advisory board.
Guy Sereff Joins Michael Best as Privacy & Cybersecurity Senior Counsel - Michael Best & Friedrich LLP (Michael Best & Friedrich LLP) Michael Best is pleased to announce the addition of Guy Sereff, who joins the firm as Senior Counsel in the Privacy and Cybersecurity group in the Broomfield office.
Products, Services, and Solutions
BlackBerry Introduces AtHoc Managed Service (BlackBerry) BlackBerry today introduced BlackBerry® AtHoc® Managed Service. BlackBerry AtHoc Managed Service delivers the full featured BlackBerry AtHoc system as a service managed and delivered by BlackBerry.
Teekay signs up to digital security system by Risk Intelligence (Digital Ship) Risk Intelligence has announced an agreement with Teekay Shipping for the company’s Risk Intelligence System, MaRisk+PortRisk. The Risk Intelligence S...
Israeli startup to secure IoT binary code natively (eeNews Europe) Founded a couple of years ago, IoT security startup Sternum aims to secure the whole IoT market, irrespective of operating systems.
Deloitte Unveils Expanded Industry Cloud Innovation Portfolio (Data Economy) The company’s commitment to cloud innovation coincides with SAP’s announcement of the SAP Industry Cloud program.
Check Point Partners with Coursera to Deliver Free Online cyber-security courses (Express Computer) Online learning series on enterprise network security, orchestration and management now available on leading education and training platform, to help close the cyber-security skills gap
VirusTotal Adds Cynet's Artificial Intelligence-Based Malware Detection (The Hacker News) Google's multi-antivirus scanning service VirusTotal adds Cynet artificial intelligence-based malware detection
Tech Mahindra, Lucideus to partner on cyber risk assessment (The Economic Times) Post the assessment, all the participating companies will receive a personalised report that will rate and score them on their present cyber risk posture and the probability of a breach occurring in the next 12 months, the statement added.
Illumio Extends Zero Trust to the Endpoint (GlobeNewswire) Illumio Edge, available via Illumio or the CrowdStrike Store, introduces the world’s first Zero Trust solution for endpoints that reduces the risk of destructive ransomware and malware attacks
Illumio Edge Endpoint Zero Trust (Illumio) Give your endpoints the Zero Trust edge and contain ransomware to a single endpoint. See how Illumio Edge will be your endpoint security force multiplier.
Semperis Extends Industry’s Most Comprehensive Active Directory Threat Detection and Response Platform (BusinessWire) Semperis, the pioneer of identity-driven cyber resilience for enterprises, today announced new vulnerability assessment, security reporting, and auto-
Threatscape | Threatscape Recognised by Microsoft as Gold Security Partner (RealWire) Threatscape, the specialist cyber-security service provider with offices in London and Dublin, announced today that it has been awarded the coveted Gold Security Partner designation by Microsoft
What's the Cyber Score? Akouto Offers Free Tool for Small and Medium Businesses to Check Cyber Defences (PR Newswire) Canadian cybersecurity firm Akouto has released a free tool to help small and medium businesses better protect themselves against cybercrime...
Keyfactor and PrimeKey Partner to Enable Highly Scalable PKI for Moder (PRWeb) Keyfactor, the leader in securing digital identities, and PrimeKey, a leading provider of open-source public key infrastructure (PKI) and digital s
QuoLab Technologies Launches Partner Program to Unite Organizations Against Cyber Threats (BusinessWire) QuoLab Technologies has announced it's new QuoLab Partner Program, arming partners with a common, unified workspace and strategic integrations.
Information Builders Unveils the new ibi at Virtual Summit 2020 (GlobeNewswire) CEO Frank Vella Introduces New Company Vision, Branding, Product Innovations, Customer Success, and Customer and Partner Community to Help Build Better Insights With Data
Zeva Launches ZevaCrypt™, a Solution to Simplify Use of End-to-End PIV Encryption Across Federal Agencies Including Contractors (GlobeNewswire) Zeva, Inc. a leader in Public Key Enablement, IT modernization and encryption solutions, today announced the launch of ZevaCrypt™, Zeva’s end-to-end encryption service to help federal agencies more easily use their existing PIV encryption infrastructure with emails and documents exchanged between agencies and with contractors.
Safety, Simplicity, Peace Of Mind In 'Value Size': Dashlane Launches Family Plans (Olean Times Herald) Dashlane today announced the availability of new family plans, providing its leading password and online identity management services for up to six family
ForgeRock Go Eliminates Need for Usernames and Passwords (GlobeNewswire) ForgeRock Go delivers higher security and convenience, making user journeys without usernames and passwords possible in minutes
ForgeRock Identity Platform Delivers New Functionality, Simplicity to the Industry's Most Comprehensive Identity Solution (GlobeNewswire) Significant platform advancements give organizations the tools needed to provide secure, friction-free digital experiences and accelerate digital transformation
ForgeRock Powers New Era of Digital Identity with Artificial Intelligence and Cloud (GlobeNewswire) ForgeRock announces new cloud and AI capabilities for consumers, workforce and things, including new ways to automate and elevate digital experiences
Technologies, Techniques, and Standards
Maersk, me & notPetya (gvnshtn) Maersk is the world’s largest integrated shipping and container logistics company. And I was massively privileged (no pun intended) to be their Identity & Access Management SME, later IAM Service Owner and played a role in the recovery and cybersecurity response to the events of the well-publicised notPetya malware attack in 2017. I left Maersk […]
Companies Battle Cybersecurity Risks of Having More Remote Workers (Wall Street Journal) Hackers see working-from-home employees as weak points into company networks. Here’s what businesses are doing to shore up their defenses.
ITU 2020 Guidelines on Child Online Protection (COP) respond to new challenges and significant shifts in the digital landscape (ITU) ITU today launched the 2020 Guidelines on Child Online Protection (COP) on how to develop a safe and empowering online environment for children and young people
How to fight election cyber attacks while protecting the health of voters during a pandemic | COMMENTARY (Baltimore Sun) In addition to keeping poll workers and voters safe from viral transmission during the upcoming election, there is a second major risk: how to keep the election itself secure from cyber threats.
US govt to enforce HTTPS on new .gov sites starting September 1 (BleepingComputer) Starting September 1, 2020, new .gov sites will only be accessible via HTTPS as they will automatically be preloaded according to an announcement made by the U.S. Government's DotGov Program today.
How to optimize Windows Firewall security (CSO Online) If you're ignoring or have disabled Windows Firewall, you might be missing out on some good, basic protections that are easy to set up and maintain.
The Army will soon allow users to access classified info from home (C4ISRNET) The commercial environment will be rolled out in the next 30 days.
Marine Corps Activates New Battalion to Fight in Cyberspace (DVIDS) An impactful change to Marine Corps cyberspace and information technology modernization occurred on June 4, 2020, aboard Marine Corps Base Camp Pendleton, California, with the activation of 1st Network Battalion, which marked the beginning of the Marine Corps Enterprise Network (MCEN) Command and Control (C2) modernization implementation plan.
Webcast: Durable vs. Ephemeral Threat Intel (Black Hills Information Security) In this Black Hills Information Security webcast John breakdowns why he hates threat intelligence… Again… But, he breaks down some of the cool new projects that are focusing on durable threat intelligence. This is key because many intel feeds are nothing more than domains, hashes, and IP addresses. However, with durable threat intel, we see […]
Design and Innovation
Google adds ClaimReview or Fact Check schema support for images (Search Engine Land) This won't improve your rankings but it may lead to better click-through rates.
()
Academia
University secures funding to address stress in cyber security (Express and Star) A team at the University of Wolverhampton is creating innovative new technology to help cyber security professionals reduce stress and improve performance.
Legislation, Policy, and Regulation
India needs to review its 2013 cyber security policy (The Times of India) India News: India is among the top 10 countries facing cyber-attacks.
()
'Like when the asteroid is heading for Earth': Why Scott Morrison sounded the cyber alarm (The Sydney Morning Herald) Australia is wide open to aggressive internet takedowns.
()
Top European official warns China against targeting hospitals with cyberattacks (TheHill) European Commission President Ursula von der Leyen said Monday that she warned Chinese President Xi Jinping against hacking European hospitals during the COVID-19 pandemic.
Chinese tech companies with government links face curbs (The Economic Times) India is trying to identify Chinese tech firms with direct or indirect links to countrys govt or military.
China Tech Firms Face Backlash Over Beijing’s Policies (Wall Street Journal) As China’s government grows more combative abroad, overseas consumers and regulators have responded by putting pressure on Chinese firms or spurning Chinese brands altogether—particularly its technology players.
Huawei’s courtship of Moscow leaves west in the cold (Financial Times) US and EU sanctions against the Chinese telecoms group have bolstered Sino-Russian co-operation
Weary Russia Tries to Avoid Entanglement in U.S.-China Spat (Wall Street Journal) With the coronavirus pandemic escalating the conflict between Washington and Beijing, Moscow faces a tough challenge: how to preserve its Chinese lifeline without getting dragged into the looming clash.
U.S. Imposes Restrictions on More Chinese Media Outlets (Wall Street Journal) The Trump administration is placing restrictions on four more Chinese media organizations controlled by the government, part of a broader conflict over the press in both countries that has resulted in U.S. reporters being expelled from China.
Designation of Additional Chinese Media Entities as Foreign Missions (United States Department of State) Over the past decade and particularly under General Secretary Xi Jinping’s tenure, the CCP has reorganized China’s state propaganda outlets disguised as news agencies and asserted even more direct control over them. He has stated “Party-owned media must. . . embody the party’s will, safeguard the party’s authority … their actions must be highly consistent […]
Defense Authorization Act Clears Key Subcommittee in the House (Nextgov) The legislation includes some recommendations from the Cyberspace Solarium Commission, but not the main one.
House Panel Approves NDAA Cyber, Quantum Provisions (Meritalk) The House Armed Services Committee’s Subcommittee on Intelligence and Emerging Threats today approved by voice vote legislative provisions for cyber education efforts, a report on quantum computing, as well as oversight of the National Guard’s role in responding to cyber incidents.
House bill would elevate Pentagon’s AI hub to the deputy secretary level (C4ISRNET) A House subcommittee's draft of the NDAA would give the deputy secretary of defense oversight of the Joint Artificial Intelligence Center.
Here's what John Bolton's book says about U.S. cybersecurity policy (CyberScoop) John Bolton writes in his new book squabbling in the Trump administration hobbled efforts to overhaul policies on offensive and defense cyber-operations.
Analysis | The Cybersecurity 202: Democratic election officials punch back on Trump mail voting claims (Washington Post) 'White supremacy has no place in our elections and no place in our country,' declares a new digital ad.
DHS Insider Threat Program Expanding to Anyone Who Accesses Agency Info (Nextgov) The Homeland Security Department will begin tracking all personnel—federal employees and contractors, with or without a security clearance—in the hunt for insider threats.
America Is Reopening. Coronavirus Tracing Apps Aren’t Ready. (Wall Street Journal) Smartphone apps meant to track where people have traveled or whom they have been near are mostly buggy, little-used or not ready for major rollouts, raising concerns as restrictions lift and infections rise.
Privacy Concerns Multiply as Digital Contact Tracing Spreads: U.S. Tech Industry Takes the Lead as Congress Fails to Act (JD Supra) As businesses and other organizations in the private sector cautiously open their doors in the wake of the pandemic, DCT enables more efficient...
City funds massive effort to protect Alamo City, smaller cities from cyberattacks (San Antonio Business Journal) The facility aims to be a cybersecurity hub for San Antonio and other cities seeking to protect themselves from cyberattacks.
Litigation, Investigation, and Law Enforcement
China's cyber watchdog punishes livestreaming sites for "low taste" (Nasdaq) China's cyber watchdog has penalised several of the country's leading livestreaming and video platforms for spreading "low taste" content, reprimanding women wearing low cut clothes and men for indecent dancing and using foul language.
Trudeau points to 'direct link' between detained Canadians and arrest of Huawei executive (POLITICO) China has denied that the arrests of Kovrig and Spavor are tied to Meng’s case.
Bolton book could factor into Huawei exec's extradition case (POLITICO) Meng’s case has wedged middle-power Canada into the wider clash between two heavyweights: China and the U.S.
FTC Says Lack Of Staff Limits Privacy Probes, Enforcement (Law360) The U.S. Federal Trade Commission's lack of privacy staff compared to European data protection watchdogs limits its ability to investigate children's privacy abuses and probe the risks of facial recognition technology, the agency told Congress on Friday.
A Massachusetts man is accused of trying to defraud a coronavirus-relief program (Masslive) Buoi, according to authorities, is accused of filing fraudulent loan applications seeking more than $13 million in forgivable loans guaranteed by the Small Business Administration for COVID-19 relief.
Ex-U.S. marine, jailed in Russia, will not appeal 16-year sentence: Ifax cites lawyer (Reuters) Former U.S. marine Paul Whelan, who was sentenced to 16 years in a Russian prison for espionage last week, will not appeal against his sentence, the Interfax news agency reported on Tuesday, citing Whelan's lawyer.
HIA data breach was 'procedural error' (BBC News) An investigation was launched after a newsletter was sent without survivors' details anonymised.
How you can find out if you’re still owed money from the 2017 Equifax data breach (FOX 11 Los Angeles) Millions of Americans’ financial information was compromised in an Equifax data breach in 2017.