Assessing the Colonial Pipeline incident. Ransomware gangs go dark (but not Conti). Slovenly stalkerware.

Dateline Houston, Texas, to Linden, New Jersey: Colonial Pipeline’s ransomware incident.

2 Bills Introduced in Wake of Colonial Pipeline Attack (BankInfo Security) The ransomware attack that targeted Colonial Pipeline Co. earlier this month, which continued to cause gas shortages Monday, has prompted lawmakers to introduce

Lessons from the Colonial Pipeline Ransomware (Ward and Smith, P.A.) Thankfully, it appears that the Colonial Pipeline ransomware attack is behind us and the panic over gas lines and hoarding can subside. But after an episode …

Critical infrastructure really is critical. The US must act now (WENY) By Charles Riley, CNN Business What do businesses need to operate? Electricity, water and gasoline are near the top of the list, and recent infrastructure failings suggest the foundations of…

Who’s next on ransomware’s hit list (POLITICO) Locking down the pipelines — Pentagon’s promised cyber data

Maloney, Thompson Statement on Staff Briefing with Colonial Pipeline (House Committee on Homeland Security) The Official Website of the House Committee on Homeland Security

Attacks, Threats, and Vulnerabilities

More ransomware websites disappear in aftermath of Colonial Pipeline hack (iTnews) In another potential aftershock.

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized (The Hacker News) U.S. Colonial Pipeline Ransomware Attackers Went Dark After Servers and Bitcoin Are Seized

Double-extortion ransomware attacks on the rise (Help Net Security) According to Zscaler ThreatLabZ, many different industries have been targeted over the past two years by double-extortion ransomware attacks.

Ransomware’s Dangerous New Trick Is Double-Encrypting Your Data (Wired) Even when you pay for a decryption key, your files may still be locked up by another strain of malware.

Android stalkerware threatens victims further and exposes snoopers themselves (WeLiveSecurity) ESET research shows that Android stalkerware apps are riddled with security flaws that may also expose the privacy and security of the stalkers themselves.

Android stalkerware may be even more dangerous than thought (TechRadar) Stalkerware apps are reportedly filled with security vulnerabilities

Android malware Flubot takes control of entire device: ESET (iTWire) Android malware, which has been given the name Flubot, has spread across a number of unspecified European countries, the Slovakian security firm ESET says, adding that once infected, the entire device is open to the malware. In a blog post, ESET researcher Tony Anscombe said the malware was installe…

Take action now – FluBot malware may be on its way (WeLiveSecurity) As FluBot continues to spread, we look at how this Android malware operates and how you can get rid of it if your device has already been compromised.

New WastedLoader Campaign Delivered Through RIG Exploit Kit (Bitdefender Labs) In February 2021, Bitdefender researchers have identified a new RIG Exploit Kit campaign exploiting two scripting engine vulnerabilities in unpatched Internet Explorer browsers (CVE-2019-0752 and CVE-2018-8174). The delivered malware looks like a new variant of WastedLocker, but this new sample…

FBI spots spear-phishing posing as Truist Bank bank to deliver malware (BleepingComputer) Threat actors impersonated Truist, the sixth-largest U.S. bank holding company, in a spear-phishing campaign attempting to infect recipients with what looks like remote access trojan (RAT) malware.

The Synonym Attack: Using Similar Words to Get By Scanners (Avanan) Attackers are using synonyms of popular attack words to get past scanners.

Student health insurance carrier suffers a data breach (BleepingComputer) Student health insurance carrier has taken their website offline after a vulnerability allowed a threat actor to access policyholders’ personal information.

UniSA locks down devices and Citrix solution after cyber attack (ARN) ​The University of South Australia was hit by a cyber attack over the weekend, causing “major outages” across student applications.

The Cybersecurity 202: Cybercriminals scammed a record number of victims with cryptocurrency (Washington Post) Scams luring people with fraudulent offers of cryptocurrency investments have skyrocketed, the Federal Trade Commission yesterday reported. Nearly 7,000 people reported losses of more than $80 million from October through March. That’s a nearly 1,000 percent increase in financial losses compared to the same time period last year and 12 times as many victims.

Elon Musk impersonators have stolen more than $2 million in cryptocurrency since October (The Verge) Cryptocurrency scams are skyrocketing

Magecart Group 12 unleashes stealthy PHP skimmer against vulnerable Magento e-commerce sites (The Daily Swig) Server-side requests to malicious domain conceal malware from endpoint security tools

Magecart Goes Server-Side in Latest Tactics Changeup (Threatpost) The latest Magecart iteration is finding success with a new PHP web shell skimmer.

AXA Confirms Ransomware Attack Impacted Operations in Asia (SecurityWeek) France-based insurance giant AXA has confirmed that some of its operations in Asia have been impacted by a ransomware attack.

DDoS attacks: Stronger than ever and increasingly used for extortion (CSO Online) Low cost and ease of execution drive a resurgence in distributed denial of service attacks as criminals profit from extorting victims.

PoC released for wormable Windows IIS bug (The Record by Recorded Future) A security researcher has published over the weekend proof-of-concept exploit code for a wormable Windows IIS server vulnerability. Tracked as CVE-2021-31166, the vulnerability was discovered internally by Microsoft’s staff and patched last week in the May 2021 Patch Tuesday.

Market for software exploits is often focused on Microsoft flaws, years-old technology (CyberScoop) Every month Microsoft releases software updates to fix vulnerabilities across the company’s vast line of technology products.

PowerShell Is Source of More Than a Third of Critical Security Threats (eSecurityPlanet) The number one source of critical security threats is Microsoft’s CLI management tool, according to Cisco endpoint security data.

Irish Prime Minister rules out paying ransom to cyber gang after health service attack (Computing) The Conti ransomware operators have reportedly demanded a $20 million ransom from HSE

Cyber-crime: Irish government briefed by cyber security authorities (BBC News) Cyber security authorities believe they have identified the gang behind the ransomware hacks.

Dark web ‘dump sites’ being monitored for HSE data after hack (The Irish Times) Expert says it is ‘highly unlikely’ gang believed to be based in Russia will be caught

Conti ransomware also targeted Ireland’s Department of Health (BleepingComputer) The Conti ransomware gang failed to encrypt the systems of Ireland’s Department of Health (DoH) despite breaching its network and dropping Cobalt Strike beacons to deploy their malware across the network.

EXCLUSIVE: Sensitive alumni data made available in Pembroke College telethon leak (Cherwell) Sensitive data about some of Pembroke College’s alumni from the 2021 telethon was made available to current Oxford University SSO users in a data breach. This included the full names, ages, addresses, and telephone numbers of alumni, alongside notes taken during calls held between telethon workers and alumni. The calling sheets also held information about […]

7,500 Ascension patients added to tally of CaptureRx data breach victims: 8 hospitals, healthcare providers affected (Becker’s Hospital Review) Two Ascension hospitals in Michigan have been added to the tally of CaptureRx data breach victims. The San Antonio-based health IT company notified the hospitals in April, making them part of eight hospitals and healthcare organizations that had patients’ data exposed by a ransomware attack.

Ransomware attack cuts wide and deep for Buffalo teachers, parents, and even vendors (News 4 Buffalo) Buffalo Public Schools parents and teachers are receiving some alarming news about a cyber security breach two months ago. School officials now confirm, it was a ransom…

“Those aren’t my kids!” – Eufy camera owners report video mixups (Naked Security) Hey, that’s not my kitchen! Those aren’t my kids! And that dreadful wallpaper’s certainly not mine!

A botched server upgrade exposed Eufy video camera feeds to random users (The Record by Recorded Future) Chinese electronics company Anker has patched a bug today that mistakenly connected users of its Eufy security cameras with video streams of random accounts from across the world.

TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software (Trend Micro) We found new evidence that the cybercriminal group TeamTNT has extended its credential harvesting capabilities to include multiple cloud and non-cloud services.

Legacy IT as ‘carbon monoxide’: Lessons from Hackney’s cyber-attack (Cities Today) In October 2020, the London borough of Hackney suffered a serious cyber-attack from which it is still recovering. Matthew Cain, Head of Digital, Data and Customer Services at Hackney Council, shared his frank insight into the lessons learned from the incident.

Security Patches, Mitigations, and Software Updates

Vulnerability Summary for the Week of May 10, 2021 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

At RSA Conference, CEO Rohit Ghai reveals what’s coming next in cybersecurity (SiliconANGLE) As the annual RSA Conference gets underway Monday morning in digital form, it will be a coming-out of sorts for RSA Security LLC, the venerable cybersecurity company that owns the conference.

Despite Warnings, Cloud Misconfiguration Problem Remains Disturbing (SecurityWeek) Misconfigurations are often introduced by cloud users either by actions or failure to implement available controls, are often left unremedied even when known, and take too long to be fixed when they are fixed.

Research Uncovers Ransomware Susceptibility for Pharmaceutical Manufacturing Supply Chain, with $31.1M at Risk (PR Newswire) New research in Black Kite’s 2021 Ransomware Risk Pulse: Pharmaceutical Manufacturing reveals one in 10 global pharmaceutical manufacturers are…

New research reveals today’s biggest application security challenges (Barracuda Networks) Organizations are struggling with bad bots, broken APIs, and supply chain attacks

Your Data for Profits: How Much Do People Know? (Invisibly) 77% of respondents want to control who can access their data.

An analysis of the top 10 most cybercrime-ridden states (Atlas VPN) According to Atlas VPN analysis, the top 10 US states by losses to cybercrime are California, New York, Texas, Florida, Ohio, Illinois, Missouri, Pennsylvania, Virginia, and Colorado. Last year, citizens in these states lost $2.39 billion to various types of internet crime. In the earliest reporting period – 2013, losses reached $327.89 million.


Cybersecurity M&A Roundup for May 10-16, 2021 (SecurityWeek) Nearly a dozen cybersecurity-related mergers and acquisitions were announced during the week of May 10, 2021.

Splunk Announces Intent to Acquire TruSTAR (BusinessWire) Splunk Inc. (NASDAQ: SPLK), provider of the Data-to-Everything Platform, today announced it has signed a definitive agreement to acquire TruSTAR, a Sa

HelpSystems acquires Beyond Security to expand cyber protection portfolio (Help Net Security) HelpSystems announced the acquisition of Beyond Security to help organizations around the world understand and address information security.

UL Acquires Clear Sky Analytics (PR Newswire) UL, the global safety science leader and one of the world’s top advisors on the development, evaluation and optimization of renewable energy…

Query.AI Closes $4.6M in Funding (Dark Reading) Cyber security’s comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

‘The Network Is Dead’ and Future Looks SASE, Palo Alto Networks SVP Says (SDxCentral) Palo Alto Networks sees the acquisition of CloudGenix’s SD-WAN as the pivotal moment in its secure access service edge journey.

LaunchTech Communications Wins Gold in the 2021 Cyber Security Global Excellence Awards® (BusinessWire) LaunchTech Communications wins 2021 Globee Award. Named Agency of the Year for Cyber and Info Security.

ZeroNorth Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021 (ZeroNorth) ZeroNorth, the only company to unite security, DevOps and the business for the good of software wins the following awards from Cyber Defense Magazine: Hot Company in DevSecOps and Cutting Edge in Application Security

Keeper Security Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2021 (Cherokee Tribune Ledger News) CHICAGO, May 17, 2021 /PRNewswire/ — Keeper Security is proud to announce it has won the following awards from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine:

XM Cyber Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021 (PR Newswire) XM Cyber, the multi-award-winning leader in cyberattack path management, is proud to announce that it has won the following award from Cyber…

Sonrai Wins InfoSec Awards At RSA Conference 2021 (Security Boulevard) Sonrai Security, the leader in identity and data security for public cloud, is proud to announce it has won the Next-Gen in Cloud Security and Next-Gen in Identity Management awards from Cyber Defense Magazine (CDM).

Centrify Named Winner of the Global InfoSec Awards at RSA Conference 2021 (Security Boulevard) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders Thycotic and Centrify, is proud to announce that Centrify has won Editor’s Choice in Identity & Access Management from Cyber Defense Magazine (CDM), an industry-leading electronic information security magazine.

BlackCloak Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2021 (PR Newswire) BlackCloak is proud to announce we have won the following award from Cyber Defense Magazine (CDM), the industry’s leading electronic…

Check Point Harmony Mobile Featured on the 2021 CRN® Mobile 100 List (Check Point Software) By Oleg Mogilevsky, Product Marketing Manager, Threat Prevention CRN recently released its annual Mobile 100 list highlighting – among others – key

Huawei’s Global Cloud Strategy – Reconnecting Asia (Reconnecting Asia) As many developed economies restrict Huawei from their 5G networks, developing economies are still welcoming the Chinese tech champion into the center of their government operations. The CSIS Reconnecting Asia Project identified 70 deals in 41 countries between Huawei and foreign governments or state-owned enterprises (SOEs) for cloud infrastructure and e-government services.

Illusive Recognized as a Microsoft Security 20/20 Partner Awards Winner for Identity Trailblazer, Finalist in Security Trailblazer (PR Newswire) Illusive, the leader in Active Defense, today announced it has been named a winner for the Microsoft Security 20/20 Identity Trailblazer award…

Social app Parler is cracking down on hate speech — but only on iPhones (Washington Post) Shut down after the Jan. 6 riot, Parler is using a new artificial intelligence moderation system with more stringent standards for the App Store than other platforms.

Adam Ely Joins Fidelity as New CISO (SecurityWeek) Cybersecurity industry veteran Adam Ely is the new Chief Information Security Officer (CISO) at Fidelity Investments.

Aryaka Announces Ian McEwan New Chief Revenue Officer (ResponseSource Press Release Wire) Cloud-First WAN Pioneer fills key position as it accelerates growth for managed SD-WAN and SASE solutions San Mateo, Calif.

Forcepoint Appoints Global Channel Leader to Transform Next-Generation Partner Ecosystem (PR Newswire) Forcepoint, a global leader in data-first cybersecurity solutions that protect critical information and networks for thousands of customers…

Vince Steckler – Nord Security’s first Independent Board Member (Nord Security) Vince Steckler is joining Nord Security as its first Independent Board Member. He’s going to share his experience helping us build best cybersecurity solutions.

National Plaintiffs’ Firm DiCello Levitt Adds Leading Cybersecurity and Technology Law Partner to Growing New York Office (BusinessWire) DiCello Levitt is pleased to announce that David Straite has joined the firm as a partner in its New York office.

Products, Services, and Solutions

New security training videos that will help build security culture (AwareGO) We are constantly adding new security training videos to help train and warn employees of current threats and teach them good cybersecurity habits.

Blumira Expands Its Cloud Security Coverage With AWS Security Monitoring (Blumira) Blumira has achieved Amazon Web Services (AWS) Independent Software Vendors (ISV) Partner Status, and has launched AWS security monitoring into its cloud security platform.

Eclypsium Enhances Platform to Extend Deep Visibility and Security to Network and Unmanaged Devices (Eclypsium) Eclypsium® today announced a major new extension to their enterprise device integrity platform, which lets organizations easily extend visibility and security beyond their traditional endpoints to now include network and unmanaged devices that can impact overall security posture.

ThycoticCentrify Announces New Solution to Govern and Manage Privileged Access to Cloud Platforms (Centrify) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders Thycotic and Centrify, today unveiled its cloud provider solution to centrally manage AWS billing accounts, identity and access management (IAM) accounts, and AWS EC2 instances in real-time.

Vector Solutions Successfully Completes Annual SOC® 2 Type 1 Examinati (PRWeb) Vector Solutions, the leading provider of software solutions for learning, operational readiness, workforce management, and risk reduction, today announced the su

F Secure Oyj : Secure launches modular platorm designed or servitization o cyber security (MarketScreener) Today, cyber security provider F-Secure launched F-Secure Elements: a new cloud-based platform that streamlines how organizations provision cyber…

Microsoft releases free online ‘playbooks’ to help businesses defend against cyber-attacks (The Daily Swig) Tech giant provides advice for organizations on how to protect their networks

Arctic Wolf Joins Microsoft Intelligent Security Association (BusinessWire) Arctic Wolf®, a leader in security operations, today announced it has joined the Microsoft Intelligent Security Association (MISA), a collation of sec

CrowdStrike Deepens Security Ties with Google (Security Boulevard) CrowdStrike has extended its relationship with Google Cloud to make it possible to bi-directionally share telemetry and data between CrowdStrike Falcon cloud service for protecting endpoints and security offerings from Google such as Chronicle, VirusTotal Enterprise and Google Cloud Security Command Center (SCC).

CrowdStrike Falcon Fusion Streamlines Security Operation Center with Automated Workflows, Drastically Reducing Threat Response Time and Remediation (Yahoo Finance) CrowdStrike, a leader in cloud-delivered endpoint protection and workload protection, today announced Falcon Fusion, a unified and extensible framework purpose-built on the CrowdStrike Falcon® platform to orchestrate and automate complex workflows improving security operation center (SOC) efficiency.

BT Expands SD-WAN Offering with Fortinet (Explica) BT throw a new secure SD-WAN managed service impulsed by Fortinet, which allows organizations to create networks and have security in a single solution.

Atlas VPN completes an independent security audit (PCR) Atlas VPN has completed its first independent cybersecurity audit. The security test was conducted by an acknowledged US-based cybersecurity consulting firm VerSprite.

Center for Internet Security (CIS) Releases CIS Controls v8 to Reflect Evolving Technology, Threats (PR Newswire) As enterprises continue to integrate cloud resources and mobile devices into their networks, the Center for Internet Security, Inc. (CIS®)…

1Password Unveils Application to Protect Linux Users and Developers (PR Newswire) 1Password, the leader in enterprise password management, today announced it has launched a full-featured desktop app for Linux, providing users…

Detectify Research Team releases Ugly Duckling, a web scanner for hackers (Detectify Blog) Detectify released a web scanner for ethical hackers called Ugly Duckling on github. It’s open-source and available for anyone to try out.

Wisetail and Intertek NTA Partner to Launch Cybersecurity Awareness Training (BusinessWire) Wisetail and Intertek NTA announced the availability of their joint Cybersecurity Awareness Training program.

Barracuda launches Cloud Application Protection 2.0 to defend web apps from evolving attack vectors (Barracuda Networks) Platform blocks supply chain attacks, uses machine learning to stop bad bots, adds containerized WAF to protect apps deployed in containers.

Arctic Wolf Revolutionizes Security Awareness and Training with New Managed Security Awareness Solution (BusinessWire) Arctic Wolf Revolutionizes Security Awareness and Training with New Managed Security Awareness Solution

Proofpoint Introduces NexusAI for Compliance (Proofpoint) Newest solution leverages machine learning to cut false positives by 65 percent while significantly reducing reviewer fatigue and deployment time

Corelight Introduces Command And Control Collection For Targeted Insights And Detections (PR Newswire) Corelight, provider of the industry’s first open network detection and response (NDR) platform, today launched the Corelight Command and…

Gigamon Partners with New Relic to Provide Unified Observability and Solve the Critical Cloud Visibility Gap (BusinessWire) Gigamon, the leader in cloud visibility and analytics, today announced the integration of New Relic, the leader in observability, with Gigamon Hawk.

ConnectWise Launches New Partner Program for TSPs and MSPs with Inaugural Offering to Support Cybersecurity Practice Development (GlobeNewswire) Program will first help partners build winning cybersecurity practices to address critical client needs while accelerating their own success and profitability

XM Cyber Partners with UK-based Value-Added Distributor Cyber Fusion (PR Newswire) XM Cyber, the multi-award-winning leader in cyberattack path management, today announced that it has signed an agreement with UK-based…

Specops Partners with Duo Security to Secure Password Resets (PRWeb) Specops Software announced that it is now a Duo Security Technology Partner. The technology partnership demonstrates a commitment to provide customers with solution

Pathlock Unleashes New Features in Latest Version of Access Orchestration Platform (PR Newswire) Pathlock, the leading provider of unified access orchestration, today announced the preview availability of version 5.0 of its flagship…

Synopsys Unveils Technology Alliance Partner Program, Adds Integrations for Application Security Orchestration Solution at RSA Conference (PR Newswire) Synopsys, Inc. (Nasdaq: SNPS) today announced the expansion of the Technology Alliance Partner (TAP) segment of the Software Integrity Group’s…

WatchGuard Provides Advanced Endpoint Security for Windows on Qualcomm Snapdragon PCs | WatchGuard Technologies (WatchGuard) WatchGuard Endpoint Security Solutions for 5G PCs powered by Snapdragon compute platforms protect distributed work environments from sophisticated threats

ReversingLabs New Malware Lab Solution Enables Next Generation of Threat Hunting (GlobeNewswire) Enhancements to ReversingLabs Titanium Platform Deliver Unified Threat Detection And Analysis Infrastructure at Scale to Identify Malicious Files

KUDO, Inc. Platform Achieves FedRAMP Ready Approval for Agency Authori (PRWeb) KUDO Inc., creator of the only cloud-based video conferencing platform with real-time multilingual interpretation powered by an enterprise ready marketplace providin

Mediavine’s OpenRTB Technology is the First Solution Enabling SSPs to Transact on Google’s FLoC (PR Newswire) Mediavine, the largest exclusive full-service ad management firm in the U.S., is actively sending Google FLoC IDs in the bid request to The…

Cyber Intrusion Augmented-Reality Software Wins Patent (PR Newswire) Ingalls Information Security was awarded U.S. patent # 10965561 for Viewpoint™software on March 30, 2021. Viewpoint™is a network security…

IGI Cybersecurity Receives First Patent for Nodeware(R) Vulnerability Management Solution (AccessWire) The cybersecurity company has patented the key network scanning components of its Nodeware SaaS Solution

Technologies, Techniques, and Standards

CISA: Disconnect Internet for 3-5 Days to Evict SolarWinds Hackers From Network (SecurityWeek) The United States Cybersecurity and Infrastructure Security Agency (CISA) has published guidance detailing the steps that organizations affected by the SolarWinds attack should take to ensure they evict the attackers from compromised environments.

Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA) Since December 2020, the Cybersecurity and Infrastructure Security Agency (CISA) has been responding to a significant cyber incident. An advanced persistent threat (APT) actor added malicious code to multiple versions of SolarWinds Orion and, in some instances, leveraged it for initial access to enterprise networks of multiple U.S. government agencies, critical infrastructure entities, and private sector organizations.

Top 7 Issues All General Counsel Need to Know About Ransomware (JD Supra) Companies face increasingly tough decision points in preparing for and responding to the proliferation of ransomware attacks. Our Privacy, Cyber &…

When Regulations Don’t Apply, These Data Security Use Cases Still Do (Security Intelligence) Organizations in less regulated industries are not investing as heavily in data security as their peers. See why it behooves you to go the extra step.

DISA Establishes Zero Trust Cybersecurity Reference Architecture (Meritalk) The Defense Information Systems Agency (DISA) on May 13 released the initial Defense Department (DoD) Zero Trust Reference Architecture that aims to boost cybersecurity and “maintain information superiority on the digital battlefield.”

Zero trust moves from vision to reality (GCN) More sophisticated technologies and better access to data are helping agencies pursue dynamic and context-driven security to combat the growing threats.

Using SDR to Build a Trunk Tracker – Police, Fire, and EMS Scanner (Black Hills Information Security) Ray Felch // Introduction  Recently, I came across an interesting article on using software-defined radio (SDR) to create a Police, Fire, EMS, and Public Safety systems scanner. Viewing a few of these Trunk tracking scanners on Amazon, I quickly discovered that they are not cheap at all. You can spend several hundred dollars on a Trunked Radio tracking scanner; however, we […]

Design and Innovation

Cryptography experts trash NFTs on first day of RSA Conference (Mashable) Non-fungible tokens didn’t get a lot of love at the annual RSA Conference.

Research and Development

Boffins find Zero day for Universal Turing Machine (Fudzilla) Takes a couple of days to run A computer science professor from Sweden has discovered an arbitrary code execution vulnerability in the Universal Turing Machine, one of the earliest computer designs in history. Pontus Johnson, a professor at the KTH Royal Institute of Technology in Stockholm, Sweden…

Legislation, Policy, and Regulation

EU extends sanctions against Chinese, Russian, and N. Korean hackers for another year (The Record by Recorded Future) The European Union has extended today the legal framework that allows it to sanction foreign hackers, effectively extending its existing sanctions on Chinese, Russian, and North Korean hackers for another year, until May 18, 2022.

MSPs could be made to follow new cybersecurity measures under government plans (CRN) UK government wants feedback as it considers enhanced cybersecurity standards

In Cyber, Differentiating Between State Actors, Criminals Is a Blur (Mat-Su Valley Frontiersman) Who’s hacking U.S. networks? It’s not an easy question to answer, defense leaders told lawmakers, as determining if a malicious cyber attacker is a foreign government, a cyber criminal or

Censorship, Surveillance and Profits: A Hard Bargain for Apple in China (New York Times) Apple built the world’s most valuable business on top of China. Now it has to answer to the Chinese government.

Software Supply Chain: Executive Order (NIST) The President’s Executive Order on Improving the Nation’s Cybersecurity (14028) issued on May 12, 2021, charges multiple agencies – including the National Institute of Standards and Technology (NIST) – with enhancing the security of the software supply chain.

NIST Cybersecurity and Privacy Program (NIST) The President’s Executive Order on Improving the Nation’s Cybersecurity (EO 14028), issued May 12, 2021, charges multiple agencies – including the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) – with enhancing the security of the software supply chain.

Biden’s cyber order lays foundation for securing government (Defense Systems) The Biden administration’s long-anticipated cybersecurity executive order lays the groundwork for modernizing cyber defenses and protecting critical services from attack by improving incident response and information sharing between the public and private sectors.

Can NTSB-style oversight work for cybersecurity? (FCW) President Joe Biden’s new cybersecurity executive order calls for a safety review board to examine the attack against SolarWinds as well as other significant cybersecurity incidents moving forward.

CISA chief: cyber order will ‘stretch the system’ (Defense Systems) The executive order, which was published Wednesday night, contains deadlines for CISA, the Department of Homeland Security, the Office of Management and Budget and other agencies to begin reworking the government’s cybersecurity with some timelines as short as 30 days from its signing.

A Duty to Inform the Public on Cyber (The Cipher Brief) “Cyber is now the critical domain to every facet of our National Security.” Those words were spoken last Friday by Rep. Mike Gallagher (R-Wisc.) at …

Gen. Paul Nakasone Informs Congress About the Need for More Cyber Warriors (ExecutiveBiz) Gen. Paul Nakasone, commander of U.S. Cyber Command, director of the National Security Agency and 20

Pentagon weighs keeping Trump-era change to ‘psychological operations’ (POLITICO) The policy change highlights tension between military leaders and diplomats about how the U.S. handles gray-area operations that fall short of all-out war.

Exclusive: Inside the military’s secret army, the largest undercover force ever (Newsweek) Thousands of soldiers, civilians and contractors operate under false names, on the ground and in cyberspace. A Newsweek investigation of the ever-growing and unregulated world of “signature reduction.”

Litigation, Investigation, and Law Enforcement

D.C. police identify man who allegedly reposted data stolen from police computers (Washington Post) D.C. police on Monday posted a photo of a man they believe may have reposted data that was stolen from the department in the recent hack of their computer system.

Global efforts to thwart ‘ransomware heroes’ needed (Gulf-Times) A flurry of cyberattacks in a few countries has once again brought to the fore the need for unabated and concerted global efforts to thwart the ‘ransomware heroes.’

Landry’s ordered to pay $20M over 2015 data breach (Houston Chronicle) A federal judge ruled that Tilman Fertitta’s restaurant business violated security…

Facebook Dodges Android Users’ Data Scraping Suit, Again (Law360) A California federal judge tossed a proposed class action accusing Facebook of surreptitiously scraping Android users’ call and text logs and then selling that data to advertisers, ruling that the Facebook users’ third amended complaint still doesn’t prove Facebook’s scraping of metadata was unlawful.

Justices Won’t Touch 5th Amendment Exception In NJ Case (Law360) The U.S. Supreme Court on Monday refused to take a closer look at the legitimacy of the “foregone conclusion” exception to the Fifth Amendment right against self-incrimination, as the justices declined to second-guess a New Jersey Supreme Court decision that the doctrine enabled prosecutors to compel a suspect to disclose his cellphone passcodes.

US investigates second suspected case of mystery ‘syndrome’ near White House (CNN) Two White House officials were struck by a mysterious illness late last year — including one who was passing through a gate onto the property — newly revealed details that come as investigators are still struggling to determine who or what is behind these strange incidents.