Ukraine at D+264: Diplomacy, but not peace negotiations. (CyberWire) Ukraine works to return Kherson to some semblance of normal life. Russia encounters increased diplomatic isolation in the UN and at the G20.
Russia-Ukraine war: List of key events, day 265 (Al Jazeera) As the Russia-Ukraine war enters its 265th day, we take a look at the main developments.
Visiting liberated Kherson, Zelensky sees ‘beginning of the end of the war’ (Washington Post) Ukrainian President Volodymyr Zelensky made a triumphant visit to Kherson on Monday morning, saying that the city’s liberation marked “the beginning of the end of the war” and pledging to drive Russia entirely out of his country.
Hero’s reception for Zelensky as he hails Kherson liberation as ‘beginning of the end’ (The Telegraph) President cheered on surprise visit to city, but hard work of recovering from war damage and rooting out Russian infiltrators remains
After a long hibernation under Russian control, Kherson nervously embraces a new dawn (The Telegraph) Blinking in disbelief, Ukrainian city slowly adapts after months under Kremlin command, with residents not knowing who to trust
Liberation of Kherson ‘Significant Accomplishment’ for Ukraine (U.S. Department of Defense) The withdrawal of Russian forces from Kherson, a city of more than 280,000 in Ukraine, is a big win for the Ukrainian people and military, a senior U.S. military official said.
Ukraine war latest: Zelensky says Himars made ‘huge difference’ in first visit to liberated Kherson (The Telegraph) Volodymyr Zelensky thanked the West for Himars rockets that helped recapture Kherson as he visited the newly liberated city for the first time.
Fighting-age men in Russia are still hiding in fear of being sent to war (Washington Post) Although Russian President Vladimir Putin and his defense minister, Sergei Shoigu, proclaimed the completion of their mobilization of 300,000 new soldiers, many fighting-age Russian men remain in hiding — still fearful of being seized by military recruiters and sent to fight, and die, in a failing war.
CIA chief in Ankara meeting with Russian counterpart, U.S. official says (Reuters) U.S. Central Intelligence Agency Director William Burns is in Ankara to speak with his Russian intelligence counterpart to convey a message on consequences of any use of nuclear weapons by Russia, a White House official said on Monday.
CIA director meets Russia’s top spy chief for secret Ukraine talks (The Telegraph) The high-level meeting in Turkey will be the first face-to-face summit between a top Kremlin and US official since the invasion
CIA boss talks nuclear weapons and prisoners with Putin’s spy chief (Reuters) U.S. Central Intelligence Agency Director William Burns was expected to caution President Vladimir Putin’s spy chief at talks on Monday about the consequences of any use of nuclear weapons, and to raise the issue of U.S. prisoners in Russia, a White House official said.
CIA director meets Russian counterpart as US denies secret peace talks (the Guardian) Bill Burns says US is not ‘discussing settlement of war’ in Ukraine as Zelenskiy visits Kherson
U.S. scrambles to reassure Ukraine after Milley comments on negotiations (POLITICO) The top general’s remarks about a “window” for talks angered Ukrainian officials, people familiar with the matter said.
LEAK: EU starts reviewing principles for relations with Russia (EURACTIV) EU member states kicked off the discussion about the future of EU-Russia relations on Monday (14 November), with the bloc’s chief diplomat, Josep Borrell, presenting a new draft set of principles for engagement with Moscow, seen by EURACTIV.
Treasury targets electronics supply chains in new sanctions against Russia (The Hill) The Treasury Department on Monday announced a new round of sanctions on Russian military supply chains. Treasury said its sanctions target microelectronics imported by Russia that the country uses …
US announces sanctions targeting Russian military suppliers (Defense News) The U.S. is imposing sanctions on a list of people and firms around the globe that it alleged are financial facilitators of Russia’s military supply chain.
Why did Russia invade Ukraine and what could happen next? (The Independent) Why did Vladimir Putin invade Ukraine?
The Seeds of Russia’s Military Collapse in Ukraine Were Planted by its Bungled Elimination of Conscription (Military.com) In the spring of 1992, shortly after the collapse of the Soviet Union, I was invited to Moscow.
Russian hackers claim cyber attack on FBI website (Newsweek) The hacking group Killnet shared a post on its Telegram page on Monday flagging an “attack” on the law enforcement resources site for the FBI.
Russian Hackers Unleash New “Ransom-less” Ransomware (Tech.co) Ukraine’s cybersecurity response team has seen the attack multiple times, but the goal appears to be disruption, not profit.
Lindy Cameron: Ukraine’s cyber-defences have been exemplary (New Statesman) While Russia’s brutal war has sought to redraw the physical map, its consequences have been felt in cyberspace.
Five people arrested in Ukraine for participating in transnational fraud scheme (Cybernews) Europol and Ukraine’s Cyber Police arrested five Ukrainian citizens for their role in a pseudo-investment scheme, which defrauded victims of more than €200 million ($206,5 million) per year.
Ukraine: Zelensky snubs Russia as he addresses ‘G19’ at G20 (BBC News) Ukraine’s president called on world leaders to end the war, and extend a crucial grain deal.
G-20 to hold tough on Russia, urge end to Ukraine war (AP NEWS) Leaders of the world’s largest economies appeared ready Tuesday to convey a strong message from most condemning Russia’s invasion of Ukraine, as President Joe Biden and Ukrainian President Volodymyr Zelenskyy pressed the group to maintain pressure on Moscow over its nine-month war that has devastated Ukraine and roiled the global economy.
Russia strives to avoid G20 isolation as China and India distance themselves (the Guardian) Traditional allies China and India begin to distance themselves from Ukraine war
Ukraine-Russia war: Xi Jinping ‘calls for respect of Ukraine’s territorial integrity’ (The Telegraph) Russia is now engaged in a defensive operation in Ukraine following its withdrawal from the southern city of Kherson, a Western official said on Tuesday.
Rishi Sunak calls on Putin to end Russia’s ‘barbaric’ war (The Telegraph) At the G20 Summit, the Prime Minister singled out the ‘weaponisation’ of energy and food exports by the Kremlin
UK ambassador digs in against Russia (The Hill) British Ambassador to the U.S. Dame Karen Pierce said she’s likely spent as much time with Russians as she has Americans over her diplomatic career, and as Moscow’s war in Ukraine reaches its ninth…
UN adopts call for Russia to pay Ukraine war reparations (Arab News) The UN General Assembly adopted Monday a resolution supporting a mechanism for Russia to pay reparations for human and property destruction from its invasion of Ukraine. The resolution, which is non-binding, calls for creation of a framework for Russian reparations for the war which began on February 24 and has left well over 200,000 people on both sides dead or injured, according to US estimates.
Sergei Lavrov blames foreign press for ‘rumours’ he was taken to hospital at G20 (The Telegraph) Russian foreign minister dodged suggestion he had been treated for a heart condition on arrival at Bali
Italy preps new Ukraine arms shipment. Is SAMP/T air defense included? (Defense News) With Russia using Iranian-made drones to knock out vital infrastructure in Ukrainian cities, Kyiv has appealed for more air defense systems.
The US is sending Avenger air defense systems to Ukraine to keep the skies free of Russian aircraft (Task & Purpose) Avengers assemble!
Army awards Lockheed $500M deal to replenish rockets stockpile (Defense News) Lockheed Martin has won a deal to replenish the U.S. military’s Guided Multiple Launch Rocket Systems stockpile.
Attacks, Threats, and Vulnerabilities
ESET APT Activity Report T2 2022 (WeLiveSecurity) ESET’s APT Activity Report T2 2022 features an overview of the activities of selected APT groups analyzed by ESET Research from May to August 2022.
Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries (Symantec) Campaign has been ongoing for at least the last six months.
Chinese hackers target government agencies and defense orgs (BleepingComputer) The Chinese espionage APT (advanced persistent threat), tracked as ‘Billbug’ (aka Thrip, or Lotus Blossom), is currently running a 2022 campaign targeting government agencies and defense organizations in multiple Asian countries.
Researchers Say China State-backed Hackers Breached a Digital Certificate Authority (The Hacker News) A suspected Chinese state-sponsored actor breached a digital certificate authority as well as government and defense agencies in Asia.
Fangxiao: a Chinese threat actor (Cyjax) Phishing campaigns continue to grow more common globally, with over one million attacks observed in Q2 2022. They offer an easy and attractive way for cybercriminals to generate revenue, steal credentials and spread malware.
Fangxiao: A Phishing Threat Actor (Tripwire) Researchers at Cyjax have investigated a sophisticated, large-scale campaign and developed a comprehensive report providing valuable insights about Fangxiao’s operations.
Russia-based Pushwoosh tricks US Army into running its code (Register) Russian data trackers … what could possibly go wrong?
After hack, Thales defense and security project data yet to appear on dark web (Breaking Defense) Sources expressed confidence that military and security projects were not affected by the breach, but admitted that it’s possible information was stolen that has yet to be discovered or made public.
Thales position on LockBit 3.0 (Thales Group) At this stage, on November 11, 2022, at 3pm (CET time) Thales is able to confirm the following information:
Lockheed Martin loses billions in stock value amid fake Twitter accounts, tweets (Washington Business journal) The Fortune 500 company was one of a few brands that fell victim to Twitter’s altered verification policy.
A fake tweet sparked panic at Eli Lilly and may have cost Twitter millions (Washington Post) The pharmaceutical giant halted ad spending after fake blue-check accounts went viral. For $8, Twitter is ‘losing out on millions of dollars in ad revenue,’ a former Eli Lilly official said.
Cyberattack forces public schools in Jackson, Hillsdale counties to remain closed Tuesday (WILX) All public schools in Jackson and Hillsdale counties will remain closed Tuesday due to a cyberattack.
Personal data breached in Hartnell ransomware attack, college says (KSBW) A third-party investigator looking into the Oct. 2 ransomware attack confirmed the personal data was present in the affected network, college officials said.
Medibank hackers dump fresh customer data on dark web (7NEWS) ‘There is (sic) some more records for everybody to know.’
Twitter’s SMS Two-Factor Authentication Is Melting Down (WIRED) Problems with the important security feature may be some of the first signs that Elon Musk’s social network is fraying at the edges.
Varonis Threat Labs Discovers SQLi and Access Flaws in Zendesk (Varonis) Varonis Threat Labs found a SQL injection vulnerability and a logical access flaw in Zendesk Explore, the reporting and analytics service in the popular customer service solution, Zendesk.
Microsoft identifies issues with Kerberos authentication on certain Windows Servers (SC Media) Security researchers say Microsoft has been cautious with this Kerberos issue, promising a fix in a couple of weeks, but point out that the issue is likely buried in complex OS code.
Windows Kerberos authentication breaks after November updates (BleepingComputer) Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates released during this month’s Patch Tuesday.
Potential cyber threats to FIFA World Cup Qatar 2022 (Intelligent CIO Middle East) Digital Shadows Photon Research Team set up a detailed alert system to collect examples of the critical threats to the Qatar 2022 World Cup organising bodies and their key partners and sponsors, over the course of 90 days. These potential incidents fall under four categories: brand protection, cyberthreat, physical protection and data leakage. Most incidents […]
FIFA World Cup apps have privacy experts on edge (Cybernews) Joy for football fans, a nightmare for their data security. The FIFA World Cup in Qatar starts in less than a week, and privacy experts are calling out the event organizers for planning to snoop on the participants’ devices.
KmsdBot, a new evasive bot for cryptomining activity and DDoS attacks (Security Affairs) Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials. Akamai Security Research discovered a new evasive Golang-based malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak login credentials. The malware was employed in cryptocurrency mining campaigns and to launch […]
Researchers Sound Alarm on Dangerous BatLoader Malware Dropper (Dark Reading) BatLoader has spread rapidly to roost in systems globally, tailoring payloads to its victims.
Oxeye Warns of “SandBreak” vm2 Vulnerability with CVSS Score of 10.0 (Oxeye) At 16 Million vm2 Downloads Every Month, Potential Impact of SandBreak Widespread and Critical.
Enter “Sandbreak” – Vulnerability In vm2 Sandbox Module Enables Remote Code Execution (CVE-2022-36067) (Oxeye) The Oxeye research team has found a critical remote code execution vulnerability in the popular sandbox library VM2.
One More Chrome Extension? You Need an Intervention! – Chrome Extensions Research (Incogni Blog) Our research shows that 1 in 2 Chrome extensions are poised to wreak havoc on your digital privacy and security. But what does that mean, exactly, and how did
Worok Hackers Abuse Dropbox API to Leak Data via Backdoor Hidden in Images (IT Security News) Worok, a newly discovered cyber espionage group, has been hiding malware in seemingly innocuous image files, corroborating a critical link in the threat actor’s infection chain. Worok appears to be a complex cyber-espionage operation, with individual stages that remain largely unknown. Two security firms, however, have confirmed the operation’s final target. How Exactly Does Worok
When Good Bots Go Bad This Holiday Season (RH-ISAC) Akamai explores holiday season bot trends including the recent increase in good bots and how these may still be doing damage to your retail business.
CISA Has Added One Known Exploited Vulnerability to Catalog (CISA) CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.
Synopsys Research Finds Vulnerabilities in 95% of Applications, 25% Impacted by Critical- or High-Risk Vulnerabilities (Synopsys) This year’s Software Vulnerability Snapshot report examines prevalence of vulnerabilities identified by Synopsys Application Security Testing Services and Synopsys Cybersecurity Research Center…
Cellebrite’s 2022 Industry Trends Survey Reveals the Digital Evidence ‘Tipping Point’ has Been Reached, Creating New Challenges for Law Enforcement Agencies (GlobeNewswire News Room) Digital evidence “more important” than physical evidence and DNA in successfully prosecuting cases New challenges include a growing backlog of devices…
Kaspersky Research Indicates Alarming Rise in Malicious Cryptomining Programmes (The Fintech Times) According to the latest research, 2022 has experienced a sharp increase in the number of new modifications to malicious mining programmes.
Domain Security Report (CSC) As Zero Trust security models become a top defensive security strategy, 2022 has shown how critical it is to include domain security.
Spear phishing to payment vulnerabilities: Cybersecurity predictions for 2023 (Digital Journal) Spear phishing is a phishing method that targets specific individuals or groups within an organization.
Reshaping the Threat Landscape in 2023: Cybersixgill Announces Top Trends in Cybersecurity (Cybersixgill) Partnerships Between Criminal Groups, Geopolitics, Economic Pressures, and AI Combine to Reshape and Create New Collaborative Forces in the Coming Year and Beyond
Hot Market for Cyber Insurance Begins to Stabilize (Wall Street Journal) The market for cyber insurance has begun to stabilize after a surge in ransomware attacks in recent years propelled a steep rise in premiums, observers say.
Bishop Fox Extends Series B Funding to $129M Led by WestCap (Bishop Fox) WestCap, NextEquity, and Rockpool Capital join Carrick Capital Partners to close out oversubscribed funding round
Orange expands Swiss cyber business with double acquisition (Capacity) Orange has bought two Swiss cyber security companies and added them to its Orange Cyberdefense portfolio.
How Google and Mandiant are forging synergies in cyber security (ComputerWeekly) Google’s AI smarts and Mandiant’s intelligence on new and emerging threats could lay the foundation of proactive security.
Amazon Set to Lay Off Thousands of Corporate Workers (Wall Street Journal) The layoffs are targeted for corporate employees and could primarily affect Amazon’s devices business, as well as human resources and retail, according to a person familiar with the matter.
Elon Musk Is Being Forced to Reckon With the Disaster He Created (Vanity Fair) The billionaire appears to have some regrets about laying off half of Twitter’s workforce and announcing a verification policy that could unleash a wave of misinformation.
Salt Security Named 2022 CRN Tech Innovator for Excellence in API Security (PR Newswire) Salt Security, the leading API security company, today announced that the Salt Security API Protection Platform has won the “Data Security”…
CRU Data Security Group Names Jim McCartney Vice President Sales (CRU Data Security Group) McCartney’s breadth of experience across industries and business will help CDSG clients ensure they have the right solutions to secure and protect critical data
Airiam Announces New CEO (Business Wire) Airiam today announced that Conor Quinlan is now the organization’s CEO
AppOmni Names Neill Occhiogrosso Chief Operating Officer (Business Wire) AppOmni, the leading provider of SaaS Security, has expanded its leadership team and added Neill Occhiogrosso as the company’s first chief operating o
Frank Kim of SANS Institute Joins Cybersecurity VC YL Ventures as its New CISO-in-Residence (Business Wire) YL Ventures, a seed-stage venture capital firm investing in Israeli cybersecurity startups, today announced Frank Kim has joined as its new full-time
Cyberpion Expands Executive Leadership Team (PR Newswire) Cyberpion, a cybersecurity leader in external attack surface management (EASM), today introduced its new Chief Revenue Officer, Ido Samson….
Products, Services, and Solutions
Axis Awarded CRN’s Prestigious 2022 Tech Innovator Award for its Security Service Edge Platform, Atmos (PR Newswire) Axis has announced that CRN®, a brand of The Channel Company, has chosen the company as a winner for the 2022 CRN Tech Innovator Awards. Axis…
DH2i Launches DxEnterprise (DxE) Container Sidecar – DH2I (DH2I) DxE v22 Enables Application-Level High Availability Clustering for Stateful Containers in Kubernetes (K8s) DH2i to Showcase DxE v22 at 2022 PASS Data Community Summit FORT COLLINS, CO – November 14, 2022 – DH2i® the leading provider of always-secure and always-on IT infrastructure solutions, today announced the general availability (GA) launch of DxEnterprise (DxE) version 22…
CybeReady Ranked Among the Top Security Training Platforms in G2 User Reviews (EIN News) CybeReady Receives Score of 4.8 out of 5 Stars for its Fast, Effective Security Training Platform, with High Performer and Highest User Adoption Nods
Device Authority Releases Breakthrough Edge and SBOM Capabilities in KeyScaler 7.0 (Business Wire) Global leader in IoT device identity lifecycle management, Device Authority has today released a major new version of its KeyScaler platform, with bre
The Department of Navy Selects Radiant Logic to Create Naval Identity Service (Business Wire) RadiantOne provides secure access to critical resources across the Department of Navy in accordance with Zero Trust principles.
Dynatrace Extends Grail to Power Business Analytics with Speed and Precision (Business Wire) Software intelligence company Dynatrace (NYSE: DT) announced today that it is extending its Grail™ causational data lakehouse to power business analyt
LookingGlass Cyber Renews and Expands Support for Critical U.S. Federal Agency (GlobeNewswire News Room) Expanded Partnership Provides Timely Cyber Threat Intelligence and Attack Surface Insights to Essential Missions…
Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data (PR Newswire) Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity…
Aqua Security Combats Rising Zero-Day Attacks with eBPF Lightning Enforcer (GlobeNewswire News Room) Aqua Nautilus researchers reveal 1/3 of attacks go undetected in runtime…
Abnormal Security Redefines Cloud Email Security with the Launch of Security Posture Management to Protect Against Email Platform Attacks (Business Wire) Abnormal Security announces new Security Posture Management product to protect against email platform attacks.
ThreatX Launches Robust Online Training to Increase Access to Cybersecurity Expertise (Business Wire) Today, ThreatX announced the launch of ThreatX Academy, an online portal hosting an extensive library of cybersecurity training modules.
Datadobi’s Latest StorageMAP Release Helps Companies Do Much More with Object Storage (Datadobi) Version 6.3 enables companies to archive, pipeline, and replicate unstructured data to object storage on-premises or in the cloud without lock-in.
Egnyte Strengthens Secure File Sharing Platform, Providing Customers w (PRWeb) Egnyte, the secure platform for content collaboration and governance, announced several product enhancements that will improve the overall user exp
Bearer Launches Data-First Security Solution (GlobeNewswire News Room) Automates data security and privacy protection for developers to bring shift left security with no engineering friction to accelerate creating more secure…
Arizona Department of Homeland Security Selects Tanium for Statewide Cyber Readiness Program (Business Wire) Tanium, the industry’s only provider of converged endpoint management (XEM), today announced that the state of Arizona has chosen Tanium to protect ci
Anomali Announces New Platinum Elite Technical Certifications for Global Partner Engineers (Business Wire) Anomali, the leader in modernizing and scaling security operations by delivering breakthrough levels of visibility and intelligence-driven threat dete
Technologies, Techniques, and Standards
Pentagon to unveil zero-trust cyber strategy (C4ISRNet) Zero trust is often likened to “never trust, always verify.” Or, as Pentagon CIO John Sherman put it: “You truly trust no one or no thing.”
Face It, Password Policies and Managers Are Not Protecting Users (Data Center Knowledge) Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?
Design and Innovation
Microsoft announces the Microsoft Supply Chain Platform, a new design approach for supply chain agility, automation and sustainability (Microsoft) Microsoft Supply Chain Platform harmonizes the data estate, introduces “command center” for enterprise supply chain
K-12 schools lack resources, remaining top target for cyberattacks (SC Media) A CIS report this week notes that the education sector’s cyber maturity lags behind other sectors due to limited internal resources for defense against threat actors, with nearly a fifth of K-12 schools spending less than 1% of their IT budget on cybersecurity. It also found that K-12 schools lack cybersecurity strategies, with 81% not fully implementing multi-factor authentication (MFA) and 29% not using MFA at all.
K-12 cyber maturity improving, but still lags behind other sectors (StateScoop) A report from the Center for Internet Security found that K-12 schools are getting better at cyber, but still have a long way to go.
Legislation, Policy, and Regulation
Italy outlaws facial recognition tech, except to fight crime (Reuters) Italy prohibited the use of facial recognition and ‘smart glasses’ on Monday as its Data Protection Agency issued a rebuke to two municipalities experimenting with the technologies.
Australia privacy law proposal sets steep penalty mark for breaches (Compliance Week) The Australian government is weighing stringent new privacy reforms that would establish among the steepest penalty regimes in the world-up to AUD$50 million (U.S. $33.5 million)-for serious or repeated breaches.
OAIC data breach report shows key privacy risks (Technology Decisions) Organisations must have robust information handling practices and up-to-date response plans, says OAIC.
FTX Collapse Sets Back Crypto Agenda in Washington (Wall Street Journal) The company had been pushing lawmakers for a bill widely considered friendly to the crypto industry.
FTX Debacle Could Drag Down Decentralized Crypto Too (Wall Street Journal) Decentralized finance doesn’t provide a solution to many of crypto’s deeply-rooted problems, nor will it be left alone by regulators.
New York-barred attorneys required to complete cybersecurity, privacy, and data protection training (CSO Online) New requirements highlight lawyers’ technical competence duty to meet professional, ethical, and contractual obligations to safeguard client information.
Litigation, Investigation, and Law Enforcement
AFP steps in as Medibank hack data migrates from dark web (The Sydney Morning Herald) The Australian Federal Police are stepping up efforts to contain the fallout of the Medibank hack amid evidence that the sensitive health data leaked by the criminals is becoming more publicly available.
Australia Declares War on Cybercrime Syndicates (Dark Reading) An international counter-ransomware task force has been announced by Australian authorities following the recent Optus and Medibank data breaches.
Google Reaches $391.5 Million Settlement With States Over Location Tracking Practices (Wall Street Journal) Attorneys general found that Google violated state consumer protection laws by misleading consumers about its location-data practices, tracking consumers even when their location history setting was turned off.
Google Agrees to $392 Million Privacy Settlement With 40 States (New York Times) Under the agreement, which state attorneys general said was the largest U.S. internet privacy settlement, Google must also make its location-tracking practices clearer to users.
Google will pay $391M to settle Android location tracking lawsuit (BleepingComputer) Google has agreed to pay $391.5 million to settle a lawsuit filed by a coalition of attorneys general from 40 U.S. states alleging that the search giant tracked Android users’ locations since at least 2014 even when they thought location tracking was disabled.
Is Elon Musk’s Twitter about to fall out of the GDPR’s one-stop shop? (TechCrunch) Helmed by erratic new owner Elon Musk, Twitter is no longer fulfilling key obligations required to claim Ireland as its “main establishment” under the European Union’s General Data Protection Regulation (GDPR), TechCrunch has been told.
FTX, Sam Bankman-Fried Sit in the Crosshairs of U.S. Prosecutors (Wall Street Journal) The crypto exchange’s collapse likely exposed the company and its founder to potential criminal liability.
Crypto exchange FTX expects to have more than 1m creditors (the Guardian) Bankruptcy filing says ‘questions arose’ about founder Sam Bankman-Fried’s leadership
The Risky Business of Sam Bankman-Fried (Wall Street Journal) The FTX founder’s approach to risk fueled his rise to the top of the crypto world. Then came the catastrophic fall.
Central Pa. Medical Operator Sued Over 2021 Data Breach (The Legal Intelligencer) This suit was surfaced by Law.com Radar. Read the complaint here.
Facebook’s $90M Privacy Deal Gets Final Nod Over Objections (Law360) A California federal judge has finalized a $90 million settlement, which includes $26.1 million for attorney fees, to end long-running litigation accusing Facebook of unlawfully tracking logged-out users’ browsing activity, rejecting arguments that the payout to class members could have been much higher.
FTX Faces Growing Regulatory, Criminal Scrutiny Amid Fallout (Law360) The implosion of cryptocurrency exchange FTX Inc. is expected to expose the once giant trading venue to mounting scrutiny from criminal and regulatory investigators, legal experts said on Monday, with ramifications that have yet to fully unfold.
Worker at Canada’s largest electricity producer charged with spying for China, police say (Reuters) An employee at Canada’s largest electricity producer Hydro-Quebec who was involved in researching battery materials has been charged with espionage for allegedly trying to steal trade secrets to benefit China, Canadian police said on Monday.