Kaseya will patch on Sunday, as the US considers its response. Cyberattack in Ukraine? More ransomware. Assange’s extradition. – The CyberWire

Dateline Miami, Dublin (and probably Moscow): the Kaseya ransomware incident.

Update Regarding VSA Security Incident (Kaseya) We are in the process of resetting the timelines for VSA SaaS and VSA On-Premises deployment. We apologize for the delay and changes to the plans as we work through this fluid situation.

Kaseya: assessment and lessons learned. (The CyberWire) How well has Kaseya responded to the ransomware campaign? The company is providing regular updates, and says a full patch will be available Sunday. In the meantime, the US Administration considers its retaliatory or diplomatic options.

Kaseya pushes back server restart as CEO says impact of attack has been ‘made larger than what it is’ (CRN) Fred Voccola claims the company’s actions ‘prevented what could have been something much greater’

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours (Dark Reading) Sometime after 14:30 UTC on Friday, July 2, network traffic combining three vulnerabilities started compromising scores of Internet-connected Kaseya Virtual System Administrator (VSA) servers hosted by managed service providers. The attackers’ code synchronized to a specific time and then hibernated.

The Cybersecurity 202: The Kaseya attack is a revolution in sophistication for ransomware hackers (Washington Post) The Kaseya ransomware attack, which paralyzed hundreds of businesses over the Fourth of July weekend, marks a major strategic advancement for the criminal hacking gangs that have wreaked havoc on U.S. businesses.

The Kaseya Ransomware Attack Is a Really Big Deal (Lawfare) If you’re not already paying attention to the Kaseya ransomware incident, you should be.

Kaseya Ransomware Attack: ‘This Is a Dramatic Escalation’ (BankInfoSecurity) The Kaseya VSA ransomware attack was discussed exhaustively over the Fourth of July holiday weekend. But there’s one big question that hasn’t been answered, says

Cold War 2.0: set in cyberspace (BusinessLIVE) The latest hack involves a network supplier you’ve never heard of — whose weak security was targeted to reach bigger fish

Biden is weighing how to response to the latest ransomware attacks. (New York Times) The meeting came as several recent attacks test the red lines set by President Biden during his high-stakes summit with President Vladimir V. Putin of Russia last month.

New cyberattacks ramp up tensions with Russia (TheHill) The massive cyberattack on U.S.

Ransomware: US warns Russia to take action after latest attacks (ZDNet) US warns Russia to take care of cybercrime operating in its own backyard or the US will take care of it themselves.

Russia hacking claims pose challenge for Biden (BBC News) After a string of Russian-linked hacks, how will US President Joe Biden respond?

Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack (SecurityWeek) SecurityWeek is covering all the new information on the Kaseya ransomware attack and here you can find a summary of all articles on this topic, as well as other useful resources.

Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails (Trustwave) On, July 2nd, a massive ransomware attack was launched against roughly 50 managed services providers (MSPs) by criminals associated with the REvil ransomware-as-a-service (RaaS) group. The attack leveraged the on-premises servers deployed by IT Management Software vendor Kaseya.

Scammers exploiting Kaseya ransomware attack to deploy malware (Tech Republic) A new phishing campaign claims to offer a security update for Kaseya’s VSA software but actually tries to install malware, says Malwarebytes.

Fake Kaseya VSA Security Update Drops Cobalt Strike (Threatpost) Threat actors are planting Cobalt Strike backdoors by malspamming a bogus Microsoft update along with a SecurityUpdates.exe.

Code in huge ransomware attack written to avoid Russian computers (NBC News) “They don’t want to annoy the local authorities, and they know they will be able to run their business much longer if they do it this way,” said an expert.

Researchers Reproduce Exploit Used in Kaseya Hack (SecurityWeek) Researchers have reproduced the exploit used in the Kaseya hack, just as the company’s CEO downplayed the impact of the attack.

Researchers uncovered the network infrastructure of REVil – The notorious ransomware group that hit Kaseya (Security Affairs) Resecurity® HUNTER, cyber threat intelligence and R&D unit, identified a strong connection to a cloud hosting and IoT company servicing the domain belonging to cybercriminals. According to the recent research published by ReSecurity on Twitter, starting January 2021 REVil leveraged a new domain ‘decoder[.]re’ in addition to a ransomware page available in the TOR network. […]

Software Flaw Opened the Door to a Global Cyber Attack (GovTech) A previously unknown flaw in IT management code was exploited to push ransomware around the world to servers that used the software and were connected to the Internet, according to researchers.

WSJ News Exclusive | Software Firm at Center of Ransomware Attack Was Warned of Cyber Flaw in April (Wall Street Journal) A Dutch security researcher group says it notified Kaseya Ltd. of a serious cybersecurity hole in its software that has affected hundreds of organizations around the world.

‘When are they going to learn?’ – Cybersecurity bosses slam Kaseya and other RMM vendors for neglecting security basics (CRN) 50 MSPs and up to 1,500 businesses were affected by the Kaseya attack. Cyber security bosses tell CRN how RMM tools provide an easy way in for threat actors

Kaseya Responds Swiftly to Sophisticated Cyberattack, Mitigating Global Disruption to Customers (EEJournal) Kaseya, the leading provider of IT and security management solutions for managed service providers (MSPs) and small to medium-sized busine…

The Channel Angle: Weighing The Risk Of Remote Monitoring and Management After The Kaseya Attack (CRN) Ryan Heidorn, co-founder and managing director at Steel Root, writes that in light of the Kaseya ransomware attack, “understanding and managing risk is the first step in an MSP adopting a ‘security-first’ approach.”

Concerns among Dutch entrepreneurs after the cyber attack (DodoFinance) Affected Dutch SMEs are concerned about the consequences of a major cyber attack last weekend. Many cyber security officials have been receiving calls

Cyber attack reaches Leonardtown, North Beach (SoMdNews.com) A cyber attack that affected businesses around the world reached Leonardtown and North Beach.

‘Shut down everything:’ Global ransomware attack takes a small Maryland town offline (Washington Post) Leonardtown, Md., lost access to its computer systems Friday, falling victim to a massive ransomware attack that has hit organizations around the world.

Attacks, Threats, and Vulnerabilities

Hackers attack websites of Ukraine’s president and security service (Reuters) A cyber attack hit the websites of Ukraine’s president, security service and other institutions on Tuesday afternoon but they were working again by the evening, the state service for special communications said on Wednesday.

Russian SolarWinds Hackers Carry Out RNC Hack During Kaseya Attack (Channel Futures) Russian government hackers are behind last week’s Republican National Committee (RNC) hack. The hacker is known as APT 29 or Cozy Bear.

Russia ‘Cozy Bear’ Breached GOP as Ransomware Attack Hit (Washington Post) Russian government hackers breached the computer systems of the Republican National Committee last week, around the time a Russia-linked criminal group unleashed a massive ransomware attack, according to two people familiar with the matter.

Ryuk Ransomware Now Targeting Webservers (McAfee) Ryuk is a ransomware that encrypts a victim’s files and requests payment in Bitcoin cryptocurrency to release the keys used for encryption. Ryuk is used exclusively in targeted ransomware attacks.

SideCopy cybercriminals use new custom Trojans in attacks against India’s military (ZDNet) SideCopy imitates Sidewinder, poaching the same infection chains to deliver different malicious tools.

Rural Alabama Electric Cooperative Hit by Ransomware Attack (SecurityWeek) A utility that provides power in rural southeastern Alabama was hit by a ransomware attack that meant customers temporarily can’t access their account information, but an executive said Tuesday that systems were beginning to be brought back online.

Pentagon office left military designs for body armor, vehicle gear open to hackers, watchdog finds (CyberScoop) The office in charge of the U.S. military’s 3D printing left designs for defense technology vulnerable to theft by hackers and adversaries, according to a watchdog report made public on Wednesday. If left unfixed, the security gaps could lead to a number of nightmare scenarios, including adversaries stealing military designs, compromising Department of Defense networks or even introducing flaws into design data that could make its way into battlefield products, the report’s authors concluded.

Pentagon Watchdog Warns Services About Cyber Threat In 3D Printing – Breaking Defense (Breaking Defense) A Pentagon watchdog’s new report brings together the services’ lacking efforts in cybersecurity and ambitious strides in additive manufacturing.

Cloud Cryptomining Swindle in Google Play Rakes in Cash (Threatpost) At least 25 apps have lured in tens of thousands of victims with the promise of helping them cash in on the cryptomining craze.

Top 10 most successful active blockchain scams have netted $13.7 million to date (Atlas VPN) As the popularity of cryptocurrencies grows, so does the number of blockchain scams. According to the data analyzed by the Atlas VPN team, the top ten most successful currently active blockchain scams have collected $13,692,245 to date.

Ransomware Gangs are Starting to Look Like Ocean’s 11 (Kela) Victoria Kivilevich, Threat Intelligence Analyst

Ransomware group Conti likely responsible for city’s cyber attack, experts say (Tulsa World) The Tulsa World asked multiple cybersecurity firms to review information it has gathered regarding the source of the attack on the city of Tulsa’s computers to verify its authenticity.

No, open source Audacity audio editor is not “spyware” (Ars Technica) The community’s telemetry concerns were received and addressed two months ago.

API Crash Course: Broken Object Level Authorization Found in Coursera (Checkmarx) Through our research, we discovered multiple API issues, such as user/account enumeration via the reset password feature, lack of resources limiting on both a GraphQL and REST API, and a GraphQL misconfiguration. But specifically, the Broken Object Level Authorization (BOLA) issue we found perfectly fits Coursera’s access control concerns.

Data Breach Exposes One Medical Customer Email Addresses (Health IT Security) Customers of One Medical, a direct paid, membership-based primary care practice, inadvertently had their email addresses shared with fellow customers.

Phishing in New Waters: Exploiting Live Chat to Deliver Malware (Kroll) Phishing schemes are always evolving. This past year, email thread hijacking took phishing to new depths of subterfuge. Read more.

Kaspersky Password Manager Generated Passwords That Could Quickly Be Brute-Forced (SecurityWeek) A vulnerability in the Kaspersky Password Manager resulted in the created passwords being weak enough to allow an attacker to brute-force them in seconds

Webroot warns illegal sports streaming sites are mega mosh pits of malware (iTWire) Webroot research has found 92% of illegal streaming sites were found to contain some malicious content, in a warning that targets not only Euro 2020 viewers, but for anyone hoping their illegal sports streaming doesn't end up souring your computer like a lemon. “Sports lemon” is one of a…

Top Turkish Bank Suffers System Outage, Sees No Cyber Attack (Bloomberg) Akbank TAS, Turkey’s second-largest lender by market value, said it will gradually restore operations after suffering widespread system outages since early Tuesday, which prompted it to accept a delay in payments owed by customers.

Security Patches, Mitigations, and Software Updates

PrintNightmare official patch is out – update now! (Naked Security) Patch now! This security hole could allow almost anyone to take over your whole network from almost any account on almost any computer.

Microsoft issues urgent security warning: Update your PC immediately (CNN) Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system.

Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability (Ars Technica) Game-over code-execution attacks are still possible even after fix is installed.

Microsoft’s patch for critical ‘PrintNightmare’ vulnerability is incomplete and can be bypassed, researchers warn (Computing) The bug could allow malicious actors to take control of vulnerable systems remotely and also run arbitrary code through local privilege escalation

Microsoft’s “PrintNightmare” patch doesn’t fix issue, researchers say (CRN Australia) Alleges the emergency patch still has holes.

PrintNightmare vulnerability explained: Exploits, patches, and workarounds (CSO Online) Public exploits are available for a remote code execution vulnerability in the Windows Print Spooler that could allow attackers to take full control of systems. The vulnerability affects all editions of Windows and organizations are urged to deploy the patches as soon as possible.

CISA Says Philips Vue Healthcare Products Affected by 15 Vulnerabilities (SecurityWeek) CISA says Vue healthcare products made by Philips are affected by 15 vulnerabilities, including ones rated critical and ones that impact third-party components.

Insider Risk Caused By Data Exposure and Leaks Siphons Vast Revenue from Organizations (BusinessWire) As companies emerge from the pandemic, and 40% of employees are planning to switch jobs1, corporate data is at risk. Files are being uploaded, shared,

4 Takeaways from the Aberdeen Report on Understanding Your Insider Risk (Code42) With remote work during the pandemic, digital transformation shifted from a growth and productivity strategy to a business imperative necessary to keep organizations running.

Faces Are the Next Target for Fraudsters (Wall Street Journal) Hackers are pioneering new ways of tricking facial-recognition systems, from cutting the eyes out of photos to making a portrait ‘nod’ with artificial intelligence.

Marketplace

Sophos Acquires Capsule8 to Beef up Linux Protection (SecurityWeek) Sophos has acquired Capsule8 to beef up the Linux protection capabilities to its endpoint detection and response product stack

Sophos Acquires Capsule8 to Bring Powerful and Lightweight Linux Server and Cloud Container Security to its Adaptive Cybersecurity Ecosystem (ACE) (Sophos) Deal Expands the Sophos Portfolio of Detection and Response Solutions and Services for Underprotected Server and Cloud Environments

Parsons Closes $203M BlackHorse Solutions Acquisition Deal (GovCon Wire) Looking for the latest GovCon News? Check out our story: Parsons Closes $203M BlackHorse Solutions Acquisition Deal. Click to read more!

Tesserent invests $600k into biometric security firm Daltrey (CRN Australia) With a further $1.1m committed based on growth targets.

AnyVision, the controversial facial recognition startup, has raised $235M led by SoftBank and Eldridge (TechCrunch) Facial recognition has been one of the more conflicted applications of artificial intelligence in the wider world: using computer vision to detect faces and subsequent identities of people has raised numerous questions about privacy, data protection, and the ethics underpinning the purposes of the …

Baltimore cyber firm ZeroFox makes second acquisition in nine months (Baltimore Business Journal) Baltimore’s ZeroFox has acquired Pheonix-based Vigilante, a company that specializes in identifying and monitoring cybercriminal activity on the dark web.

What physicians need to know about cyberliability coverage (Medical Economics) Your practice will at some point be attacked by hackers. Are you prepared for the financial fallout that will follow?

Darktrace launches UK internship programme with CyberFirst to boost cyber skills (Cambridge Network) Darktrace, a leading cyber security AI company, today announced that it has launched an internship programme in partnership with the UK’s National Cyber Security Centre’s (NCSC) CyberFirst initiative, welcoming its first intake of students this week.

Relentless Cyber Attacks Aid Prospects of These 3 Security Stocks (Nasdaq) Cybersecurity is gaining prominence due to the rising number of ransomware attacks in 2021. Notably, ransomware infects a computer to encrypt files or systems. Typically, the victim has to cough up a ransom amount for data retrieval.

Axio Names Robert Dudley Chairman of the Board (Yahoo) Axio, the leader in cyber risk management software, today announced that Robert “Bob” Dudley has joined the company as Chairman of the Board of Directors. Mr. Dudley served as the CEO of BP from 2010 to 2020 and currently serves as the Chairman of the Oil and Gas Climate Initiative (OCGI).

NetAbstraction Appoints Scott Greaux Vice President of Products (PR Newswire) NetAbstraction, the network obfuscation company, today announced the appointment of Scott Greaux as Vice President of Products. The former head…

Aussie security vendor Firstwave CEO Neil Pollock departs (CRN Australia) After one year in the role.

Fujitsu Australia taps NTT’s Mark Trumble to lead ANZ cybersecurity (CRN Australia) Mark Trumble joins from NTT Ltd.

Origina Appoints Cybersecurity Leader to Head of Security Services (Yahoo Finance) Origina, the only provider of third-party IBM software support and value-added services, today announced the appointment of Ben Lipczynski to its newly created Head of Security Services position. Lipczynski will play an integral role in further developing the company’s cybersecurity capabilities and delivering a proactive, layered approach to IBM software security.

Products, Services, and Solutions

Fluid Networks Selects Cyren Inbox Security to Protect MSP Customers’ Inboxes (Cyren) Fluid Networks Assures MSP Client Protection and Profitability with Cyren Inbox Security

Panorays Introduces Unique Features to Shorten the Vendor Sales Cycle (Panorays) Panorays has introduced “Panorays for Vendors,” which significantly shortens the vendor sales cycle with its Security Passport and Profile.

OPSWAT Unveils Next Gen Cybersecurity Kiosk for Critical Infrastructure Protection (OPSWAT) New MetaDefender Kiosk, L1001, Dramatically Simplifies Maintenance Requirements; Boosts Performance for Secure File and Device Transfer into Air-Gapped or Connected SCADA Environments 

Nozomi Networks Launches ADVantage Partner Program (Nozomi Networks) New global reseller program raises the bar on incentives and programs for top performers

Secureworks Enhances Vulnerability Detection and Response with Proprietary CTU Threat Intelligence (Secureworks) Identifies and helps eliminate the latest and highest-risk security vulnerabilities before they are exploited

GRIMM Private Vulnerability Disclosure Program Reveals Beagle Software’s ClockWatch Enterprise Vulnerability (Yahoo Finance) GRIMM, a forward-looking cybersecurity organization led by industry experts, today announced they performed dedicated vulnerability research against Beagle Software’s ClockWatch Enterprise time synchronization software and discovered a vulnerability in the software’s remote administration feature. This research stems from GRIMM’s Private Vulnerability Disclosure (PVD) Program where research targets are selected based on extensive threat modeling and our team’s deep

Risk Strategies Selects IDX as Preferred Privacy and Security Provider (InsuranceNewsNet) IDX, the leading privacy platform and data breach services provider, announced a strategic partnership with Risk Strategies, a leading national specialty insurance brokerage and risk management firm, to offer its award-winning IDX Privacy software and services to Risk Strategies’ employee benefits clients. We are excited to partner with IDX to help our…

Bitglass Achieves ISO 27001 Certification (BusinessWire) Bitglass, the Total Cloud Security company, today announced it has achieved ISO/IEC 27001:2013 certification for its information security management s

F-Secure Receives STAR-FS Accreditation from CREST (F-Secure Oyj) F-Secure Consulting, a research-led cyber security consultancy, has been accredited by CREST, the international accreditation and certification body supporting the technical information security market, to provide intelligence-led penetration testing services for the financial sector as part of the STAR-FS framework.

Devo Introduces Security Vendor Partnerships with Recorded Future, Anomali and ThreatConnect (Yahoo Finance) Customers Gain Streamlined Analyst Experience with Access to Out-of-the-Box Integrations

Buchanan Technologies Joins Fortinet’s Engage Partner Program (Yahoo Finance) Buchanan Technologies, a leading IT managed services provider, today announced that it has joined Fortinet’s Engage Partner Program. As a global leader in broad, integrated, and automated cybersecurity solutions, Fortinet’s Engage Partner Program offers partners the flexibility to build solutions aligned with customer growth markets, differentiate themselves with an industry-leading security platform and training program, and deliver consumptio

PSafe Offers Insurance Against Ransomware (TechRound) Cybersecurity Insurance Coverage Will Be Offered to Business Customers of PSafe’s dfndr Enterprise – See Full Feature at TechRound >>

AdaptiveMobile Security’s 5G security platforms protect mobile networks against cyber threats (Help Net Security) AdaptiveMobile Security announced a new trio of interconnected 5G security platforms to protect mobile networks against cyber threats.

DynTek Joins the Microsoft Intelligent Security Association (Yahoo Finance) DynTek Services, Inc., a leading provider of professional technology solutions, today announced it has joined the Microsoft Intelligent Security Association, an ecosystem of independent software vendors and managed security service providers that have integrated their solutions with Microsoft to increase visibility and better protect against threats. “We are honored to be a part of the Microsoft Intelligent Security Association and its exceptiona

Vodafone NZ partners with CrowdStrike on endpoint security offering (Reseller News) ​Vodafone NZ has teamed up with cyber security vendor CrowdStike to serve up a new cloud-based endpoint cyber security offering for business customers.

New Net Technologies (NNT) Launches SecureOps-as-a-Service Platform to Ensure Security for IT Infrastructures (PR Newswire) New Net Technologies (NNT), a leader in cybersecurity and compliance software, announced today the launch of its SecureOps-as-a-Service (SOaaS)…

Contrast Security Joins Forces With Secure Code Warrior to Deliver Secure Development Training for Customers (Newswire) Integration delivers industry-leading just-in-time security training for developers embedded in Contrast UI, IDE plugins, and Secure Code Warrior Jira plugin

Socure Unveils Industry’s First BNPL-Specific Solution, Extending Its Leadership in Identity Verification and Trust for Alternative Payment Providers (BusinessWire) Socure, the leading platform for digital identity verification and trust, today announced the introduction of the first identity verification and frau

Transmosis’s Small Business Cybersecurity Service with $500,000 in Liability Coverage Expands Globally (PR Newswire) U.S. cybersecurity workforce developer, Transmosis, today announced $500,000 of expanded cyber liability coverage and international growth of…

Technologies, Techniques, and Standards

Why Public Internet Routing Sucks (Cato Networks) One of the main promises of edge-based SD-WAN vendors is that by using the Internet, you will be able to offload MPLS traffic while maintaining the same level of availability, and by doing so, achieve a positive ROI.

The U.S. says humans will always be in control of AI weapons. But the age of autonomous war is already here. (Washington Post) The Pentagon says a ban on AI weapons isn’t necessary. But missiles, guns and drones that think for themselves are already killing people in combat, and have been for years.

Not like TV: Unisys on convincing the masses biometrics isn’t about surveillance (ZDNet) The police aren’t conducting mass surveillance on you and biometrics is just a useful tool in the identity management lifecycle, Unisys’ director of identity and biometrics would argue.

Design and Innovation

Reid Hoffman surprised by crypto growth, says regulation hurts startups (NASDAQ:MSFT) (SeekingAlpha) Reid Hoffman, partner at Greylock Partners and co-founder of Microsoft’s (MSFT) LinkedIn, said Wednesday that he has been surprised by the growth of cryptocurrencies in recent years.

We tried out the first statewide vaccine passport (MIT Technology Review) When we tested New York’s Excelsior Pass, we found privacy concerns, technical glitches, and questions over who it’s really for.

China’s Tencent Says It’ll Use Face Recognition to Keep Minors From Gaming at Night (Gizmodo) “This is such desperate news for us high school graduates who are two months away from being 18,” one WeChat user reportedly wrote.

Fast & Secure: Unlock Dashlane With Biometrics on Chromium Browsers (Dashlane Blog) If you get locked out of Dashlane after closing your Chromium browser, you’ll now be able to unlock the app with your fingerprint.

Nexus Inc. Successfully Launches Bitcoin Multisignature Wallet On YAM-2 Satellite Via SpaceX’s Reusable Falcon 9 Rocket (Parabolic Arc) In another strategic move to further aid cryptocurrency trading platforms circumvent land-based cybercrime, Nexus Inc., the world’s leading digital finance asset custodian company, has successfully launched its bitcoin multisignature wallet in space.

Research and Development

Ransomware Attacks Will End, But Not Anytime Soon (Bloomberg) Game theory can help predict what will happen next, but this battle will continue for a long time.

Academia

Fullstack Academy and The University of Texas at Dallas Partner to Meet State’s Growing Demand for Tech Professionals (BusinessWire) In response to the increasing demand for tech professionals across Texas, Fullstack Academy today announced a partnership with The University of Texas

Legislation, Policy, and Regulation

EU Parliament lets companies look for child abuse on their platforms, with reservations (POLITICO) Privacy-conscious lawmakers say the rules are ‘legally flawed’ and endanger privacy.

EU Passes Emergency Law Allowing Tech Companies To Screen Messages For Child Abuse (Forbes) The European Parliament has approved emergency measures allowing internet companies to scan users’ private messages for material containing child sex abuse.

Russian official urges ensuring control of information environment to fight cybercrime (TASS) A well-controlled information environment where it would be possible to track criminal activities through certain technical means should be established in order to ensure the inevitability of punishment

Joe Biden’s Russian Cyber Dilemma (The National Interest) Biden remembers well the hit President Barack Obama and American credibility took when his Syria redline was crossed without an American response. The stakes now are even higher.   

Will Biden’s red lines change Russia’s behaviour in cyberspace? (The Strategist) When US President Joe Biden and Russian President Vladimir Putin held their first summit in Geneva last month, cyber weapons played a larger role on the agenda than the nuclear kind. Clearly the world has …

With Putin, Biden Tries to Forge a Bond of Self-Interest, Not Souls (New York Times) Theirs seems likely to be a strained and frustrating association, one where the two leaders may maintain a veneer of civil discourse even as they joust on the international stage.

China Considers Closing Loophole Used by Tech Giants for U.S. IPOs (Bloomberg) Securities regulator working to change overseas listing rules. Change would require VIE firms to get nod to list offshore.

White House urges mayors to meet with state cybersecurity officials on ransomware (ZDNet) Deputy National Security Advisor Anne Neuberger spoke about cybersecurity risks during the US Conference of Mayors.

Mayors meet with NSC’s cyber lead as ransomware crisis continues (StateScoop) Anne Neuberger, the deputy national security adviser for cyber, discussed the Biden administration’s ransomware strategy with a group of mayors, the White House said.

State and local groups press Congress to pass cyber grants (StateScoop) A coalition of groups, including NASCIO and the National Governors Association, is asking Congress to come through on a long-sought grant program.

Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say (Wall Street Journal) Companies shouldn’t be allowed to strike back against hackers, cybersecurity specialists and former government officials warned, after senators last week introduced legislation floating the idea of such counterattacks.

ProtonMail, DuckDuckGo, others ask EU & US regulators to ban surveillance-based advertising (The Record by Recorded Future) A group of privacy-first tech companies, including the likes of ProtonMail, DuckDuckGo, Vivaldi, Tutanota, and Startpage, have published an open letter today asking EU and US regulators to take action and ban surveillance-based advertising.

Government’s ‘Critical Software’ Rules Could Drive Away Industry (Breaking Defense) “It’s quite possible that if [the government] doesn’t get this right, then none of those companies will want to do business with government,” defense acquisition expert Bill Greenwalt told Breaking Defense. “That’s extremely problematic.”

Cyber Breach Reporting Requirements: An Analysis of Laws Across the United States (American Academy of Actuaries) According to White House Council of Economic Advisers reporting in 2018, “malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016.”

New Connecticut law nudges businesses to adopt cybersecurity controls (StateScoop) Companies that suffer data breaches can avoid punitive damages if they’re following an established cybersecurity framework, like those from NIST or CIS.

Estonian cyber expert Merle Maigre awarded the French National Order of Merit (Estonian World) The Estonian cyber security expert, Merle Maigre, has been awarded the French National Order of Merit by the government of France.

Litigation, Investigation, and Law Enforcement

Inside the FBI, Russia, and Ukraine’s failed cybercrime investigation (MIT Technology Review) Russia and Ukraine promised to cooperate and help catch the world’s most successful hackers. But things didn’t quite go to plan.

WSJ News Exclusive | WikiLeaks’ Julian Assange Wouldn’t Go to Supermax if Extradited, U.S. Says (Wall Street Journal) The concession is aimed at resolving Washington’s yearslong battle to have the WikiLeaks founder extradited and put on trial on espionage charges.

U.K. High Court agrees to hear U.S. appeal seeking Julian Assange extradition (Washington Post) The British High Court has agreed to hear an appeal by the U.S. government seeking the extradition of WikiLeaks founder Julian Assange to stand trial in federal court in Virginia for espionage.

States Target Google Play Store in Antitrust Suit (Wall Street Journal) Dozens of states filed an antitrust lawsuit against Alphabet’s Google related to practices on its Google Play app store, according to a public court docket and a representative of one state.

36 states, D.C. sue Google for alleged antitrust violations in its Android app store (POLITICO) The lawsuit filed in California federal court is the third by state attorneys general to target the company for alleged antitrust violations.

Apple and Google crowd out the competition with default apps (The Verge) On iOS, Apple Calculator is bigger than YouTube.

Trump sues Twitter, Facebook, Google – and immediately begins fundraising off the effort (CNBC) Trump, who has a history of not following through on legal threats, announced the legal action against Facebook, Twitter and Google from his club in New Jersey.

Trump files class action lawsuits targeting Facebook, Google and Twitter over ‘censorship’ of conservatives (Washington Post) One suit claims Facebook should be considered a ‘state actor’ whose decisions are subject to First Amendment limits on government action

Trump sues Facebook’s Mark Zuckerberg, Twitter’s Jack Dorsey, Google’s Sundar Pichai (Yahoo) Former President Donald Trump, who has complained about censorship by social media giants, filed class-action lawsuits Wednesday against Facebook CEO Mark Zuckerberg, Twitter CEO Jack Dorsey and Google CEO Sundar Pichai.Why it matters: It’s the latest escalation in Trump’s yearslong battle with Twitter and Facebook over free speech and censorship. Trump is completely banned from Twitter and is banned from Facebook for another two years. Get market news worthy of your time with Axios Markets. Sub

Tucker Carlson sought interview with Putin at time of NSA spying claim (Axios) Carlson learned that the U.S. government was aware of his Putin outreach, sources tell Axios.

Tucker FOIAs the NSA (Gizmodo) The pompadoured talk show host with a face made of Play-Doh has decided to kick things up a notch in his feud with America’s surveillance Goliath.