The recent history of ICS attacks. Four reports on novel or evolving cyber threats. Updates from Project Pegasus. – The CyberWire

Attacks, Threats, and Vulnerabilities

FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics (BleepingComputer) The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered.

U.S. Government Attributes ICS Attacks to Russia, China, Iran (SecurityWeek) The U.S. government has attributed several past ICS attacks to Russian, Chinese and Iranian state-sponsored threat actors.

China Compromised U.S. Pipelines in Decade-Old Cyberattack, U.S. Says (Wall Street Journal) The Biden administration also issued cybersecurity requirements on the pipeline industry following the Colonial Pipeline ransomware attack in May that disrupted U.S. fuel deliveries.

Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013 (CISA) This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise (IOCs), provided in this advisory in 2012 to affected organizations and stakeholders.

Pegasus Issue | What are zero-click attacks and how do they infect smartphones? (The Hindu) At the heart of the hack is a powerful spyware called Pegasus, which uses zero day vulnerability in the operating systems (OS) to enter into a targeted individual’s phone.

Pegasus row: Is your iPhone safe? (Business Today) The hackers used the zero-click iMessage exploit on the iPhones running iOS 14.6 to install Pegasus software

New MosaicLoader malware targets software pirates via online ads (BleepingComputer) An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader advertising camouflaged as cracked software via search engine results to infect wannabe software pirates’ systems.

Debugging MosaicLoader, One Step at a Time (Bitdefender) Bitdefender researchers have identified a new family of malware while investigating processes that add local exclusions in Windows Defender for specific file names.

Debugging MosaicLoader, One Step at a Time (Bitdefender) Bitdefender researchers have noticed a new malware strain spiking in our telemetry. What caught our attention were processes that add local exclusions in Windows Defender for specific file names (prun.exe, appsetup.exe, etc.), that all reside in the same folder, called PublicGaming. Further investigation revealed that this malware is a downloader that can deliver any payload to the infected system. We named it MosaicLoader because of the intricate internal structure that aims to confuse malware analysts and prevent reverse-engineering.

Fresh Malware Hunts for Crypto Wallet and Credentials (Fortinet Blog) The FortiGuard Labs team recently discovered a new phishing campaign with a fresh malware delivered by a Word document which is designed to steal crypto wallet information and credentials from vict…

New Attacks on Kubernetes via Misconfigured Argo Workflows (Intezer) Key Points Intezer has detected a new attack vector against Kubernetes (K8s) clusters via misconfigured Argo Workflows instances. Attackers are already taking advantage of this vector as we detected operators dropping cryptominers using this method in the wild. We have identified infected nodes and there is the potential for larger scale attacks due to hundreds of misconfigured deployments. […]

Groundhog day: NPM package caught stealing browser passwords (Secure.Software) Today almost everyone knows that they need to protect their publicly exposed services and applications against the potential attacks from the outside

Hackers abuse single bit change in Intel CPU register to evade detection (IT PRO) Palo Alto Networks discovers that Trap Flag is being abused to notify malware it is being analyzed

Joker Joking in Google Play (Zscaler) Android Joker Malware, posing as legitimate apps, continues to find its way into the Google Play store using new tactics.

SeriousSAM bug impacts all Windows 10 versions released in the past 2.5 years (The Record by Recorded Future) A security researcher has discovered a major vulnerability in the Windows 10 operating system that can allow threat actors to gain access to elevated privileges and user accounts passwords.

Vulnerability Exposes MicroLogix PLCs to Remote DoS Attacks (SecurityWeek) A vulnerability affecting Rockwell Automation’s MicroLogix 1100 controllers can be exploited for remote DoS attacks that cause the device to enter a persistent fault condition.

Ohio city hit by new strain of ransomware ‘AvosLocker’ (StateScoop) Actors associated with a new ransomware gang known as AvosLocker stole a trove of data from Geneva, Ohio, with a threat to publish it.

Cloudstar attack brings new focus to security, vulnerabilities (Title Report) Cloudstar is still working to get its cloud-hosting system back online after a July 19 ransomware attack. The company says it’s “too early to speculate” on whether there was a data breach. Industry cybersecurity experts explain what happens during such attacks, what the far-reaching consequences might be and how title companies can protect themselves and their customers. Read on for more.

Judson ISD pays ransom to hackers (San Antonio Express-News) It was unclear if the Northeast Side district had regained access to all its systems….

Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach (WizCase) WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types of …

Intermountain facilities affected by Elekta data breach (AuntMinnie.com) Intermountain Healthcare announced it has issued notice of a recent data security breach that may have affected the confidentiality of information related to facilities in southern Nevada that had patient data stored in software developed by radiation oncology firm Elekta.

Why the Bank of England has it head in the cloud over data security (the Guardian) Rapid digitalisation of banking services and increasing reliance on just three tech giants has made the Bank uneasy

Security Patches, Mitigations, and Software Updates

Apple iPhone patches are out – no news if recent Wi-Fi bug is fixed (Naked Security) Remember that weird iPhone Wi-Fi bug from a week or so ago? Let’s hope this update patches it!

Mitsubishi Electric MELSEC-F Series (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a denial-of-service condition in communication with the product. System reset may be required for recovery.

Fatigued IT Teams and Ill-Prepared Employees are Losing the War on Phishing, Ivanti Study Confirms | Ivanti (Ivanti) Nearly three-quarters of organizations have fallen victim to a phishing attack in the last year and more than half have suffered from IT talent shortages

Q2 Ransomware Roll Up (Digital Shadows) Take a look at all the significant events from the world of ransomware in Q2 2021 and analyze the key trends arising from our coverage of the ransomware space.

5 Key Takeaways from Our 2021 State of Zero Trust Security Report (Okta) How important is it to implement Zero Trust? We asked over 600 business and security leaders across North America, Asia Pacific (APAC), Europe, the Middle Ea…

Sontiq’s® 2021 Mid-Year Cybercrime Report Highlights Key Fraud Trends, Significant Data Breaches (BusinessWire) Sontiq’s Mid-Year 2021 Cybercrime Report highlights the most impactful data breaches, trending crimes, and key risks consumers face this year.

51% of exploits sold on underground forums are for Microsoft products (Atlas VPN) Cybercriminals sell found software vulnerabilities to each other, increasing their profits and causing more damage along the way. They target the most used software to affect as many people as possible.

Life in Lockdown: Offices Are Empty of People, Full of Risky IoT Devices (SecurityWeek) A study of more than 500 million IoT device transactions between December 15 and December 31, 2020 discovered a 700% increase in IoT malware over a previous study of pre-lockdown 2019

Marketplace

Cybersecurity M&A Roundup for July 9-19, 2021 (SecurityWeek) A total of 11 cybersecurity-related acquisitions were announced July 9 – 19, 2021.

Hat Trick: Three DataTribe Portfolio Company Exits in Q2 2021 (Yahoo Finance) DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, closed Q2 2021 with three of the Foundry’s portfolio companies, Attila Security, Code Dx and ReFirm Labs, achieving meaningful exits through acquisition by industry leaders in their respective categories.

Kameleon Security Adds Investment from Xilinx to Deliver Hardware Cybersecurity for Servers (Caster Communications) Kameleon Security today announces it has secured funding from Xilinx Inc.

Solarwinds spin-off N-able goes public on Nasdaq (CRN Australia) As company looks to bolster MSP security offerings.

Why SolarWinds Stock Tanked More Than 40% Today (The Motley Fool) The embattled tech company completed its planned spinoff of N-able.

Baltimore’s Fearless expects to add ‘dozens’ of jobs thanks to $120M federal contract (Baltimore Business Journal) Fearless has been awarded a blanket purchase agreement by the General Services Administration.

Zerto Placed in 2021 Magic Quadrant for Enterprise Backup and Recovery Software Solutions (BusinessWire) Zerto, an industry leader in cloud data management and protection, today announced that the Zerto Platform has been positioned by Gartner as a Niche P

Huawei fails latest (pointless) UK security check-up (Light Rwading) A UK government report card on the security of Huawei’s equipment would seem largely redundant. The Chinese vendor, after all, was hit with a 5G ban last year. All three operators that use Huawei – BT, Three and Vodafone – have identified alternative suppliers and are discarding their Chinese products like mouldy fortune cookies.

Huawei Spending on Lobbyists Surges in Push to Counter U.S. Bans (Bloomberg Law) Huawei Technologies Co. ramped up spending on Washington lobbyists last quarter as a U.S. ban on the company’s equipment means it would be left out of projects associated with the billions Congress plans to spend on infrastructure. Huawei spent $1.06 million in the second quarter of 2021, up from $180,000 in the first quarter this year, according to disclosures filed Tuesday. The company listed broadband and infrastructure bills as specific interests, as well as trade and a digital privacy measure.

Microsoft Securing its Position with Cybersecurity Investments (Yahoo Finance) Microsoft Corporation (MSFT) has come a long way in the last few years. It has transformed itself into a diversified business with a leading market share in several fast-growing industries such as cloud computing, social media, video communication, and video gaming. Today, the company is focused on expanding its footprint in the cybersecurity industry as well, which is likely to improve Microsoft’s long-term earnings potential in more ways than one. (See Microsoft stock charts on TipRanks) Micro

Jumio Announces Record Quarter with 150% Growth Fueled by Financial Services, Mobile and Social (Financial Post) Q2 highlights include record transaction volumes, KYX and AML platform enhancements and global channel momentum

IBM is boring again. That’s good news (Fortune) Big Blue finally has a strategy to grow in the age of Amazon and Microsoft.

Former Atlassian Executive Joins Keyfactor as Chief Revenue Officer to Lead Company’s Hyper Growth Trajectory (Keyfactor) Musierowicz will be responsible for leading the strategic design and execution of Keyfactor’s global go-to-market operatives, including direct sales, marketing and channel. 

Former Honeywell VP Mark Bendza Joins Telos as EVP, CFO (GovCon Wire) Looking for the latest GovCon News? Check out our story: Mark Bendza appointed as Telos executive vice president, chief financial officer. Click to read more!

Open Systems Appoints Cybersecurity Expert Tom Corn as Chief Product Officer to Further Expand its Lead in Managed Security Services (Open Systems) Veteran of VMware and RSA to drive development of Open Systems’ Security Solutions as enterprises face growing cyberthreats.

Jerry Kelly Joins Globalization Partners as New VP of Partners and Alliances as Team Experiences Accelerated Growth (Globalization Partners) Globalization Partners Jerry Kelly Joins Globalization Partners as New VP of Partners and Alliances as Team Experiences Accelerated Growth. Eliminate the hurdles that come with onboarding and managing a global workforce.

Products, Services, and Solutions

David Ziska: NSA Program Offers Pre-Vetted Commercial Tech Products for Classified Telework (Executive Gov) The U.S. Army and the Air Force Research Laboratory (AFRL) have turned to a National Security Agency

TLS 1.3 Sniffer Support in wolfSSL Release 4.8.0 (PRWeb) wolfSSL has announced TLS 1.3 support for sniffer users. The wolfSSL sniffer can be used to passively sniff SSL/TLS traffic including https traffic. wolfSSL s

PerimeterX Human Challenge Now Default Option for Bot Defender (PerimeterX) Human Challenge is a user-friendly verification that protects web applications from CAPTCHA-solving bots while improving the customer’s experience.

Expel Introduces Offering for Detecting Business Email Compromise (Expel) Expel for Email monitors security signal from Microsoft O365 or GSuite, along with Duo, Okta, AzureAD and OneLogin to detect attacker activity

Cryptomathic and SIGNIUS Partner to Launch Qualified e-Signature Platform (Cryptomathic) Cloud portal with on-premise and hybrid deployment models addresses full range of customer demand from SMBs to Government and Enterprise

GigaOm Radar for Evaluating Secure Service Access  (Versa Networks) Versa Networks is a leader in the GigaOm independent market survey on Secure service access (SSA),which includes Secure Access Service Edge (SASE).

Google Cloud rolls out new security tools as threat landscape heats up (ZDNet) New tools for the public sector will help agencies comply with President Joe Biden’s cybersecurity executive order, while other tools give Google Cloud customers more automated security operations and access to Palo Alto Networks’ threat detection technologies.

DuckDuckGo launches new Email Protection service to remove trackers (The Verge) Goosing privacy protections.

Votiro Sanitizes Files for Streamlined Transfer and Storage Within AWS (BusinessWire) Votiro introduces an AWS S3 bucket connector to allow customers working with AWS storage to securely view, download, and engage with files.

Intezer Expands Platform, Replacing Sandboxes and other Legacy Malware Analysis Solutions (PR Newswire) Intezer just gave malware analysis a fresh look with the addition of major new capabilities to its platform, Intezer Analyze. This expansion…

This CompTIA Security bundle offers training from top instructors (BleepingComputer) Featuring seven courses from top instructors, The CompTIA Cyber Security Pathway Certification Prep Bundle has everything you need. You can grab it today for just $34.99.

Unbound Security partners with HashiCorp for integrated encryption key management (PR Newswire) Unbound Security, leader in cryptographic key management and protection solutions, today announced its partnership with HashiCorp®, the leader…

Telus and Palo Alto Networks launch new managed cloud security service for Canadian businesses (IT World Canada) Telus has launched a new managed cloud security service in collaboration with Palo Alto Networks to help Canadian organizations securely access data and applications from anywhere.

BlueVoyant Launches Modern SOC for Splunk® Cloud Platform (PR Newswire) BlueVoyant, a cybersecurity company, today announced the launch of its BlueVoyant Modern SOC for Splunk® Cloud Platform, designed to empower…

New Index from Sepio Systems Helps Enterprises Measure and Understand Risk Exposure to Hardware-based Cyber Attacks (PR Newswire) Sepio Systems announced today the launch of the Hardware Access Control Index (HACx), an objective assessment, based on a range of variables,…

Fighting new Ransomware Techniques with McAfee’s Latest Innovations (McAfee Blogs) In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprised to see that McAfee’s June 2021 Threat

Kasten by Veeam Announces Availability of Kasten K10 Data Management Platform for Kubernetes Application Backup and Mobility on Red Hat Marketplace (PR Newswire) Kasten by Veeam, the market leader for Kubernetes data management, today announced that the Kasten K10 data management platform is now…

Fastly Launches New Era of Highly-Secure Serverless JavaScript With Zero Cold Starts (Fastly) Fastly’s edge cloud platform helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences.

TeamViewer Remote Control App Adds Biometric Security Protection (PR Newswire) TeamViewer, a leading global provider of remote connectivity and workplace digitalization solutions, today announced it has added another layer…

Segmint To Launch Omnichannel Message Delivery Solution Leveraging Tokenized Data (GlobeNewswire News Room) Segmint’s new partnership with TokenEx combats the financial services industry challenge of sharing secured data; multi-channel message delivery in…

Ermetic Automates Identity Governance for Cloud Infrastructure (Ermetic) Ermetic’s new capabilities enable orgs to define & automatically know when custom security policies are violated in multi-cloud infrastructures.

Cognito Launches Cognito Flow, First Complete No-Code Online Identity Verification Service for Global Customers (GlobeNewswire News Room) New Drop-in-Identification Solution Blocks Fraud at Global Scale, Helping Financial Service Companies Securely Onboard International Customers in Minutes…

Technologies, Techniques, and Standards

Mitigating Threats to Encryption From Quantum and Bad Random (SecurityWeek) Any encrypted data that has ever been stolen and is being stored by our larger adversaries should be considered lost, as it has or will soon be decrypted through the power of quantum computing.

Download Applying ISO/IEC 27001/2 and the ISA/IEC 62443 Series for Operational Technology Environments (Global Security Alliance) Download your copy of Applying ISO/IEC 27001/2 and the ISA/IEC 62443 Series for Operational Technology Environments today.

Beware the top three blind spots that precede cloud data breaches (Security Brief) The ability to correlate individual events/alerts over time into an attack ‘storyline’ can help mitigate major cloud security blind spots.

US Army matures tactical tools for trustworthy data, cyber op action plans (C4ISRNet) The service sought to improve two technologies at this year’s NetModX event focused on cyber defense of the network and integrity of soldier data.

Utah’s Camp Williams hosts nation’s largest cyber defense exercise (Standard-Examiner) Hundreds of Army National Guard soldiers are in Utah this week for the U.S. Department of Defense’s “largest unclassified cyber defense exercise” hosted by the Utah National Guard.

Research and Development

New technology shows promise in detecting, blocking grid cyberattacks (EurekAlert!) Researchers from Idaho National Laboratory and New Mexico-based Visgence Inc. have designed and demonstrated a technology that can block cyberattacks from impacting the nation’s electric power grid.

Academia

How California schools are fighting ransomware attacks (CalMatters) As ransomware attacks target them, some California schools are scrambling to respond while others have done little to protect themselves.

Midwestern Higher Education Compact (MHEC) Approves CampusGuard as Cybersecurity and Compliance Vendor (EIN News) CampusGuard, a full-service cybersecurity and compliance services firm, has been awarded a competitively procured contract with MHEC.

Advancing an inclusive, diverse security industry (Google Online Security Blog) Posted by Sarah Morales, Community Outreach Manager, Security  It’s no secret that lack of diversity in corporate America is a well-document…

Legislation, Policy, and Regulation

EU-U.S. Data Privacy Talks Enter Second Year With No Timeline for Resolution (Wall Street Journal) The Biden administration is considering executive actions to provide greater privacy to EU citizens and certainty for firms that transfer people’s data to the U.S.

EU to tighten rules on cryptoasset transfers (Reuters) Companies that transfer bitcoin or other cryptoassets must collect details of senders and recipients to help authorities crack down on dirty money, EU policymakers proposed on Tuesday in the latest efforts to tighten regulation of the sector.

The Cybersecurity 202: Russia’s the capital of ransomware but it’s not the only player (Washington Post) Is China primed to become a global hot spot for ransomware and other cybercrimes?

Protests erupt in India’s Parliament over spyware scandal (Washington Post) India’s Parliament erupted in protests on Tuesday as opposition lawmakers accused Prime Minister Narendra Modi’s government of using military-grade spyware to monitor political opponents, journalists and activists.

IDF intel chief says Israel under nonstop cyber-threats, is retaliating (Times of Israel) Maj. Gen. Tamir Hayman says defense alone does not suffice, steps must be taken to ‘preserve Israel’s superiority’

U.S. and allies accuse China of global hacking spree (Reuters) The United States and its allies accused China on Monday of a global cyberespionage campaign, mustering an unusually broad coalition of countries for an initiative angrily rejected by Beijing.

China accused of cyber-attack on Microsoft Exchange servers (BBC News) The UK, US and EU have accused China of carrying out an attack on Microsoft Exchange email servers.

China calls UK cyber attack accusations ‘groundless and irresponsible’ (Central Fife Times) The Foreign Secretary accused China of being behind the ‘reckless’ attack on Microsoft Exchange servers earlier this year.

VIDEO: US and Australia accuse China of major cyber attack (ABC) The attack targeted Microsoft exchange servers around the world earlier this year, allowing hackers to acquire personal information and intellectual property. Greg Jennett reports.

Inside China’s vast network of hackers and how it became a prime cyber threat to the US (The Economic Times) On Monday, the United States again accused China of cyberattacks. But these attacks were highly aggressive, and they reveal that China has transformed into a far more sophisticated and mature digital adversary than the one that flummoxed U.S. officials a decade ago.

The White House Blamed China For Hacking Microsoft. China Is Pointing Fingers Back (NPR.org) One day after the Biden administration accused China of a massive hack of Microsoft’s email server software, Beijing said the U.S. has been mounting cyberattacks for the past 11 years.

Mexican president decries reports of cyber spying (Reuters) Mexican President Andres Manuel Lopez Obrador on Tuesday described as “shameful” reports of purported government-ordered cyber spying several years ago that may have targeted him and his close allies and said his government did not spy on anyone.

U.S. and E.U. security officials wary of NSO links to Israeli intelligence (Washington Post) Officials and analysts say the Israeli surveillance tech firm makes a world-class product, but some suspect a relationship with Israel’s government

Opinion: Global spyware such as Pegasus is a threat to democracy. Here’s how to stop it. (Washington Post) For years, the global spyware industry has operated in the shadows, exposed only by human rights organizations and journalists. The industry claims it’s in the business of fighting crime and terrorism. But its members often sell to governments that equate “criminal” and “terror” with “critic” and “dissent.”

Biden puts cyber at center of his agenda (TheHill) A series of disruptive cyberattacks targeting sectors from food to energy to technology has forced President Biden to put cybersecurity at the center of his agenda in his first six months in office.

DHS unveils second round of new pipeline security requirements (SearchSecurity) The U.S. Department of Homeland Security (DHS) announced a second cybersecurity directive Tuesday with new requirements for oil and gas pipeline security.

DHS escalates cybersecurity mandates for key US pipelines (CNN) The Department of Homeland Security mandated additional cybersecurity measures this week for critical US pipelines, a move meant to protect against ransomware and other known threats months after a crippling cyberattack on one of America’s most important pipelines.

DHS announces new cybersecurity requirements for critical pipeline owners and operators (Transportation Security Administration) Today, in response to the ongoing cybersecurity threat to pipeline systems, DHS’s Transportation Security Administration (TSA) announced the issuance of a second Security Directive that requires owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions.

Hillicon Valley: Biden to appoint Big Tech critic to DOJ antitrust role | House passes host of bills to strengthen cybersecurity in wake of attacks | Bezos returns from flight to space (TheHill) Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

House approves raft of cyber bills in wake of ransomware attacks (The Record by Recorded Future) The House on Tuesday approved a host of bipartisan bills meant to strengthen and expand CISA’s role in the country’s cybersecurity and better secure critical infrastructure networks.

Biden Names Tech Foe Jonathan Kanter as DOJ Antitrust Chief (Bloomberg) Kanter has represented Microsoft, Yelp in anti-Google push. Biden’s appointments signal aggressive antitrust agenda.

Bill Would Require Federal Agencies and Contractors to Report Cyber Intrusions Within 24 Hours (Nextgov.com) The bill leaves it up to an interagency rulemaking process to determine whether entities would be required to report incidents they’re aware of but not directly involved in.

New Bill Could Force U.S. Businesses to Report Data Breaches Quicker (The State of Security) A draft Senate bill aims to make some businesses report data breaches within 24 hours or face financial penalties and the loss of contracts.

And Now There are Three …. The Colorado Privacy Act (JD Supra) Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared…

Connecticut Passes Stronger Data Breach Notification and Cybersecurity Liability Statutes (JD Supra) Introduction – The Connecticut legislature recently enacted a pair of new data breach and cybersecurity statutes — Public Act 21-59 and…

Cyber professionals to benefit from UK Government £700,000 fund to grow sector (Business Live) Cyber Wales to receive £50,000 to help provide opportunities for networking and knowledge sharing, as well as supporting skills development and innovation

New Statutory Requirements in Indiana for Reporting Cybersecurity Incidents (Lexology) Under a newly enacted state law, Indiana political subdivisions are required to report cybersecurity incidents to the Indiana Office of…

Litigation, Investigation, and Law Enforcement

The Pegasus Project part 3: cartels, corruption and cyber-weapons (the Guardian) In the latest part of our mini-series, Michael Safi hears from Nina Lakhani on how 15,000 Mexicans including journalists and politicians appeared on a list of possible targets for surveillance

France orders spyware investigation following Pegasus Project reports (Washington Post) The government voiced anger over new revelations by The Washington Post and other news organizations that world leaders had been found on a list that included people targeted by NSO Group’s powerful spyware

Morocco denies using spyware to target French officials (Washington Post) Morocco’s government has denied reports that the country’s security forces may have used spyware made by Israel’s NSO Group to eavesdrop on the cellphones of France’s president and other public figures.

On the list: Ten prime ministers, three presidents and a king (Washington Post) Among 50,000 phone numbers, the Pegasus Project found those of hundreds of public officials

Indian activists jailed on terrorism charges were on list with surveillance targets (Washington Post) The Bhima Koregaon activists were also victims of an unidentified hacker who planted evidence on their computers, recent reports found

Top U.S. Catholic Church official resigns after cellphone data used to track him on Grindr and to gay bars (Washington Post) The top administrator of the U.S. Conference of Catholic Bishops resigned after a Catholic media site told the conference it had access to cellphone data that appeared to show he was a regular user of Grindr, the queer dating app, and frequented gay bars.

Concerns about using surveillance technology to track Catholic bishops and priests (Catholic News Agency) The prospect of private parties using national security-style surveillance technology to track the movements and activities of Catholic bishops, priests, and other Church personnel is raising concerns about civil liberties, privacy rights and what means are ethical to use in Catholic Church reform efforts.

Pillar Investigates: USCCB gen sec Burrill resigns after sexual misconduct allegations (Pillar) Monsignor Jeffrey Burrill, former general secretary of the U.S. bishops’ conference, announced his resignation Tuesday, after The Pillar found evidence the priest engaged in serial sexual misconduct, while he held a critical oversight role in the Catholic Church’s response to the recent spate of sexual abuse and misconduct scandals.

Peters launches bipartisan investigation into increasing ransomware attacks (TheHill) Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) on Tuesday announced the launch of a bipartisan investigation into the recent string of debilitating ransomware attacks agai

Data breach leads to class action lawsuits against hospital (PropertyCasualty360) The plaintiffs allege the hospital should have foreseen the breach due to the information it stores and the increasing number of cyberattacks.

Pa. lawmakers to hold hearings on contact tracing data breach (Yahoo) Pennsylvania lawmakers will hold two hearings this week about a data breach involving the COVID-19 contact tracing vendor hired by the state.

Russian hacker Levashov sentenced to time already served (AP NEWS) A Russian hacker known internationally as the “bot master” was sentenced Tuesday to the 33 months he has already served in custody on federal charges he operated a network of devices used to steal computer credentials, distribute spam and install malicious software.