Robin's Newsletter - Volume 5

Volume 5 of Robin’s Newsletter covers the year 2022.

September 2022

September 2022


Vol. 5, Iss. 39
Robin’s Newsletter #223
Vol. 5, Iss. 39

Uber points the finger at Lapsus$; GTA games copmany rockstar, Aussie telco Optus, and fintech Revolut all suffer breaches.


Vol. 5, Iss. 38
Robin’s Newsletter #222
Vol. 5, Iss. 38

Welcome to 2022: Uber comprehensively owned via hardcoded PAM credentials, IHG password vault alleged secured using 'Qwerty1234'.


Vol. 5, Iss. 37
Robin’s Newsletter #221
Vol. 5, Iss. 37

Ex-Uber CISO trial underway for bug bounty handling of data breach. UK, US, Albania condemn Iranian cyber-attacks. China accuses NSA of spying.


Vol. 5, Iss. 36
Robin’s Newsletter #220
Vol. 5, Iss. 36

The US gov simultaneously using, and suing a provider of, commercial geolocation data. Uncovering Russian agents in hacktivist data breaches.

August 2022

August 2022


Vol. 5, Iss. 35
Robin’s Newsletter #219
Vol. 5, Iss. 35

Lloyd's market bulletin tightens wording for cyber cover. Group behind Twilio attack has compromised 'over 130 organisations'. Mudge complaint alleges woeful security practices at Twitter.


Vol. 5, Iss. 34
Robin’s Newsletter #218
Vol. 5, Iss. 34

Cl0p ransomware gang mistakes attack on South Staffs Water for Thames Water. DigitalOcean caught up in latest Mailchimp breach. Apple security vulnerabilities.


Vol. 5, Iss. 33
Robin’s Newsletter #217
Vol. 5, Iss. 33

Twilio, Cloudflare & Cisco attacks also targeted employee's personal devices and accounts. NHS 111 outage may last weeks. Sanctions for Tornado Cash.


Vol. 5, Iss. 32
Robin’s Newsletter #216
Vol. 5, Iss. 32

Outage at NHS 111 service provider. Tory party balots delayed over security fears. Top malware strains. Peak inside a disinformation bot farm.

July 2022

July 2022


Vol. 5, Iss. 31
Robin’s Newsletter #215
Vol. 5, Iss. 31

Facial recognition use at Co-Op convenience stores and 'secret blacklists' challenged in the UK. The opportunity cost in action bias. And protestware, the 'insider threat' of hacktivism.


Vol. 5, Iss. 30
Robin’s Newsletter #214
Vol. 5, Iss. 30

Should climate change feature on cyber risk registers? FBI gets a warrant to force-unlock encrypted app. Alibaba execs hauled in by Shanghai police.


Vol. 5, Iss. 29
Robin’s Newsletter #213
Vol. 5, Iss. 29

False cyber security claims lands US defence contractor in $9 million settlement. Log4J features in the first Cyber Safety Review Board report.


Vol. 5, Iss. 28
Robin’s Newsletter #212
Vol. 5, Iss. 28

Apple's extreme 'Lockdown Mode' to protect against NSO Group. Apparent breach of 1 billion Chinese citizens data. Bad week for NPM ecosystem.


Vol. 5, Iss. 27
Robin’s Newsletter #211
Vol. 5, Iss. 27

'Hacktivists' execute cyber attack against Iranian steel works, 'mercenary hackers' swaying legal battles, and malicious insiders

June 2022

June 2022


Vol. 5, Iss. 26
Robin’s Newsletter #210
Vol. 5, Iss. 26

Infosec 2022 thoughts and trends. Privacy and reproductive rights. Cyber-warefare and lessons from the Ukraine conflict. Plus Cyber 911?


Vol. 5, Iss. 25
Robin’s Newsletter #209 — 4th Birthday Edition
Vol. 5, Iss. 25

Looking back over the last four years. US and UK proposed data protection changes. Interpol announces arrests of 2,000 scammers.


Vol. 5, Iss. 24
Robin’s Newsletter #208
Vol. 5, Iss. 24

LockBit distances themselves from Conti. Round-up from RSA Conference 2022. And 'predicting thunderstorms not lightning strikes'.


Vol. 5, Iss. 23
Robin’s Newsletter #207
Vol. 5, Iss. 23

Zero-day vulnerabilities in Office/Windows and Confluence. New ransowmare tactics. US federal privacy law moves a step closer.

May 2022

May 2022


Vol. 5, Iss. 22
Robin’s Newsletter #206
Vol. 5, Iss. 22

Verizon DBIR 2022. ICO fines Clearview AI. Suspected leader of 'SilverTerrier' arrested. Fake IDs for everyone!


Vol. 5, Iss. 21
Robin’s Newsletter #205
Vol. 5, Iss. 21

Conti increases its demands against Costa Rica while also restructuring. REvil potentially back on the scene. DoJ won't prosecute 'good faith' security research under CFAA.


Vol. 5, Iss. 20
Robin’s Newsletter #204
Vol. 5, Iss. 20

Costa Rica declares state of emergency over ransomware incidents. Civil penalties proposed for Colonial Pipeline over safety breaches.


Vol. 5, Iss. 19
Robin’s Newsletter #203
Vol. 5, Iss. 19

Mandiant identified stealthy APT actor targeting M&A teams in large corporates. Heroku mishandles breach of customer paswords, environment secrets. $1.6 billion of cryptocurrency has been stolen so far this year.


Vol. 5, Iss. 18
Robin’s Newsletter #202
Vol. 5, Iss. 18

Conti ransomware gang targets Costa Rica following election. Timeline of Russian cyberatacks against Ukraine. Facebook doesn't know where your data flows.

April 2022

April 2022


Vol. 5, Iss. 17
Robin’s Newsletter #201
Vol. 5, Iss. 17

Okta breach affected two customers. Russian invasion leaves it 'fair game' for cyberattacks. Java’s ‘psychic signatures’ and conceptualising cybercrimes.


Vol. 5, Iss. 16
Robin’s Newsletter #200
Vol. 5, Iss. 16

Industroyer2: Cyberattack on Ukraine power grid averted. $600 million crypto-heist linked to North Korea's Lazarus group. RaidForums seized by UA authorities.


Vol. 5, Iss. 15
Robin’s Newsletter #199
Vol. 5, Iss. 15

Russian 'Cyclops Blink' botnet disrupted by the US. The value of Mailchimp distribution lists. Fundemental security metrics.


Vol. 5, Iss. 14
Robin’s Newsletter #198
Vol. 5, Iss. 14

Okta says it made a mistake. Wiper malware used against Viasat modems during Russian invasion of Ukraine. DCMS' cyber survey stats.

March 2022

March 2022


Vol. 5, Iss. 13
Robin’s Newsletter #197
Vol. 5, Iss. 13

The rise, and fall?, of Lapsus$ as Okta confirm breach. US CNI cyberattack warning. Build capabilities, not plans for resilience.


Vol. 5, Iss. 12
Robin’s Newsletter #196
Vol. 5, Iss. 12

Russia/Ukraine roundup. Mysterious incident affecting satcom terminals. Ransomware group adds wiper capability. Law firm gets GDPR fine for not patching.


Vol. 5, Iss. 11
Robin’s Newsletter #195
Vol. 5, Iss. 11

Conti's involvement in crypto 'rug pulls'. Unintended consequences of isolating Russia from the Internet.


Vol. 5, Iss. 10
Robin’s Newsletter #194
Vol. 5, Iss. 10

The 'pandemonium' of modern warfare.

February 2022

February 2022


Vol. 5, Iss. 9
Robin’s Newsletter #193
Vol. 5, Iss. 9

Russia invades Ukraine.


Vol. 5, Iss. 8
Robin’s Newsletter #192
Vol. 5, Iss. 8

DDoS attacks on Ukraine MoD and banks. French signal jamming. New version of 27002 security control framework.


Vol. 5, Iss. 7
Robin’s Newsletter #191
Vol. 5, Iss. 7

Slovenian TV disruption. 500 ecommerce sites compromised by MageCart. 2021 was a bumper year for cyber M&A.


Vol. 5, Iss. 6
Robin’s Newsletter #190
Vol. 5, Iss. 6

News Corp targeted in 'advanced persistent' attack. US launches Cyber Safety Review Board. One guy knocks North Korea off the 'net.

January 2022

January 2022


Vol. 5, Iss. 5
Robin’s Newsletter #189
Vol. 5, Iss. 5

Activists ransomware Belarus' state-woned railway company. New UK cyber strategy for government. Let's Encrypt re-issuing 2M certs.


Vol. 5, Iss. 4
Robin’s Newsletter #188
Vol. 5, Iss. 4

UK government advertising campaign against E2EE. Merck win 'act of war' cyber insurance lawsuit. More Russian action against cyber crims.


Vol. 5, Iss. 3
Robin’s Newsletter #187
Vol. 5, Iss. 3

Russian authorities scoop up members of REvil. Google Analytics and GDPR. Using a cyberattack to accelerate dgitial transformation.


Vol. 5, Iss. 2
Robin’s Newsletter #186
Vol. 5, Iss. 2

Potential FTC legal action over Log4shell. Phishing using Google Docs. New UK Information Commissioner. Reframing cybersecurity.


Vol. 5, Iss. 1
Robin’s Newsletter #185 — 2022 Forecast
Vol. 5, Iss. 1

What does 2022 hold for cyber and the world?