Robin's Newsletter - Volume 5
Volume 5 of Robin’s Newsletter covers the year 2022.
Vol. 5, Iss. 52
LastPass customer vault data stolen in breach. EternalBlue-style vulnerability in Windows. Okta source code stolen.
Vol. 5, Iss. 51
Microsoft certs used to sign malware. AWS API exposed ability to modify, delete container images. BEC scammers are targeting sugar and milk powder.
Vol. 5, Iss. 50
Apple offers encrypted iCloud backups. Medibank takes ysstems offline for security improvements. Attack on NZ MSP affects Justice and health bodies.
Vol. 5, Iss. 49
UK managed security businesses to be regulated. Medibank attackers release data. Anker's Eufy smart camera 'local only' claims disputed.
Vol. 5, Iss. 48
Massive UK fraud crackdown. Russia designated state sponsor of terrorism by EU Parliament. Cyber Partisans claim compromise of Roskomnadzor agency.
Vol. 5, Iss. 47
Crypto-exchange FTX's governance failures. Medibank attackers release stolen mental health data. Majority of UK COBRA meetings are about ransomware.
Vol. 5, Iss. 46
How Qatar hacked the World Cup. Calls for a law on 'failing to prevent fraud'. Australia's new offensive cybercrime team. Mistrust at a root CA.
Vol. 5, Iss. 45
Slovkia's parliamentary business suspended. Mondelez & Zurich settle NotPetya insurance claim. US Treasury says ransomware losses are over $1 billion.
Vol. 5, Iss. 44
Zero Truss: Former-PMs phone allegedly compromised by Russian intelligence. UK ICO says 'complacency' is biggest cyber risk. FTC sanctions Drizly CEO for breach.
Vol. 5, Iss. 43
Microsoft leaves 2.4TB of 'business transaction data' in public Azure bucket. Head of Germany's cyber agency suspended for links to Russian intelligence. Optus unilaterally blocks data breach victim's passports.
Vol. 5, Iss. 42
Critical authentication bypass in Fortinet devices. NHS vendor Advanced says cyberattack was LockBit 3.0 ransomware. CSAM Scanning rebuttal.
Vol. 5, Iss. 41
Ex-Uber CSO found guilty of obstructing justice. Microsoft is botching 'ProxyNotShell' Exchange vulnerabilities. Australian man arrested in connection with Optus breach.
Vol. 5, Iss. 40
Optus breach attacker retracts demands as attention grows. Rise in fake LinkedIn CISO profiles. Microsoft Exchange Zero-Day.
Vol. 5, Iss. 39
Uber points the finger at Lapsus$; GTA games copmany rockstar, Aussie telco Optus, and fintech Revolut all suffer breaches.
Vol. 5, Iss. 38
Welcome to 2022: Uber comprehensively owned via hardcoded PAM credentials, IHG password vault alleged secured using 'Qwerty1234'.
Vol. 5, Iss. 37
Ex-Uber CISO trial underway for bug bounty handling of data breach. UK, US, Albania condemn Iranian cyber-attacks. China accuses NSA of spying.
Vol. 5, Iss. 36
The US gov simultaneously using, and suing a provider of, commercial geolocation data. Uncovering Russian agents in hacktivist data breaches.
Vol. 5, Iss. 35
Lloyd's market bulletin tightens wording for cyber cover. Group behind Twilio attack has compromised 'over 130 organisations'. Mudge complaint alleges woeful security practices at Twitter.
Vol. 5, Iss. 34
Cl0p ransomware gang mistakes attack on South Staffs Water for Thames Water. DigitalOcean caught up in latest Mailchimp breach. Apple security vulnerabilities.
Vol. 5, Iss. 33
Twilio, Cloudflare & Cisco attacks also targeted employee's personal devices and accounts. NHS 111 outage may last weeks. Sanctions for Tornado Cash.
Vol. 5, Iss. 32
Outage at NHS 111 service provider. Tory party balots delayed over security fears. Top malware strains. Peak inside a disinformation bot farm.
Vol. 5, Iss. 31
Facial recognition use at Co-Op convenience stores and 'secret blacklists' challenged in the UK. The opportunity cost in action bias. And protestware, the 'insider threat' of hacktivism.
Vol. 5, Iss. 30
Should climate change feature on cyber risk registers? FBI gets a warrant to force-unlock encrypted app. Alibaba execs hauled in by Shanghai police.
Vol. 5, Iss. 29
False cyber security claims lands US defence contractor in $9 million settlement. Log4J features in the first Cyber Safety Review Board report.
Vol. 5, Iss. 28
Apple's extreme 'Lockdown Mode' to protect against NSO Group. Apparent breach of 1 billion Chinese citizens data. Bad week for NPM ecosystem.
Vol. 5, Iss. 27
'Hacktivists' execute cyber attack against Iranian steel works, 'mercenary hackers' swaying legal battles, and malicious insiders
Vol. 5, Iss. 26
Infosec 2022 thoughts and trends. Privacy and reproductive rights. Cyber-warefare and lessons from the Ukraine conflict. Plus Cyber 911?
Vol. 5, Iss. 25
Looking back over the last four years. US and UK proposed data protection changes. Interpol announces arrests of 2,000 scammers.
Vol. 5, Iss. 24
LockBit distances themselves from Conti. Round-up from RSA Conference 2022. And 'predicting thunderstorms not lightning strikes'.
Vol. 5, Iss. 23
Zero-day vulnerabilities in Office/Windows and Confluence. New ransowmare tactics. US federal privacy law moves a step closer.
Vol. 5, Iss. 22
Verizon DBIR 2022. ICO fines Clearview AI. Suspected leader of 'SilverTerrier' arrested. Fake IDs for everyone!
Vol. 5, Iss. 21
Conti increases its demands against Costa Rica while also restructuring. REvil potentially back on the scene. DoJ won't prosecute 'good faith' security research under CFAA.
Vol. 5, Iss. 20
Costa Rica declares state of emergency over ransomware incidents. Civil penalties proposed for Colonial Pipeline over safety breaches.
Vol. 5, Iss. 19
Mandiant identified stealthy APT actor targeting M&A teams in large corporates. Heroku mishandles breach of customer paswords, environment secrets. $1.6 billion of cryptocurrency has been stolen so far this year.
Vol. 5, Iss. 18
Conti ransomware gang targets Costa Rica following election. Timeline of Russian cyberatacks against Ukraine. Facebook doesn't know where your data flows.
Vol. 5, Iss. 17
Okta breach affected two customers. Russian invasion leaves it 'fair game' for cyberattacks. Java’s ‘psychic signatures’ and conceptualising cybercrimes.
Vol. 5, Iss. 16
Industroyer2: Cyberattack on Ukraine power grid averted. $600 million crypto-heist linked to North Korea's Lazarus group. RaidForums seized by UA authorities.
Vol. 5, Iss. 15
Russian 'Cyclops Blink' botnet disrupted by the US. The value of Mailchimp distribution lists. Fundemental security metrics.
Vol. 5, Iss. 14
Okta says it made a mistake. Wiper malware used against Viasat modems during Russian invasion of Ukraine. DCMS' cyber survey stats.
Vol. 5, Iss. 13
The rise, and fall?, of Lapsus$ as Okta confirm breach. US CNI cyberattack warning. Build capabilities, not plans for resilience.
Vol. 5, Iss. 12
Russia/Ukraine roundup. Mysterious incident affecting satcom terminals. Ransomware group adds wiper capability. Law firm gets GDPR fine for not patching.
Vol. 5, Iss. 11
Conti's involvement in crypto 'rug pulls'. Unintended consequences of isolating Russia from the Internet.
Vol. 5, Iss. 10
The 'pandemonium' of modern warfare.
Vol. 5, Iss. 9
Russia invades Ukraine.
Vol. 5, Iss. 8
DDoS attacks on Ukraine MoD and banks. French signal jamming. New version of 27002 security control framework.
Vol. 5, Iss. 7
Slovenian TV disruption. 500 ecommerce sites compromised by MageCart. 2021 was a bumper year for cyber M&A.
Vol. 5, Iss. 6
News Corp targeted in 'advanced persistent' attack. US launches Cyber Safety Review Board. One guy knocks North Korea off the 'net.
Vol. 5, Iss. 5
Activists ransomware Belarus' state-woned railway company. New UK cyber strategy for government. Let's Encrypt re-issuing 2M certs.
Vol. 5, Iss. 4
UK government advertising campaign against E2EE. Merck win 'act of war' cyber insurance lawsuit. More Russian action against cyber crims.
Vol. 5, Iss. 3
Russian authorities scoop up members of REvil. Google Analytics and GDPR. Using a cyberattack to accelerate dgitial transformation.
Vol. 5, Iss. 2
Potential FTC legal action over Log4shell. Phishing using Google Docs. New UK Information Commissioner. Reframing cybersecurity.
Vol. 5, Iss. 1
What does 2022 hold for cyber and the world?