What we know about NATO cyber pledges
At a recent NATO summit in Vilnius, Lithuania, countries in the defense organization made new cybersecurity pledges and commitments. The specifics remain classified, but The Record’s Alexander Martin teased out some details. The official communique from the summit reiterates NATO’s Strategic Concept from last year that “cyberspace is contested at all times,” not simply in times of an armed conflict. It also stated that a set of malicious cyber activities could lead to NATO invoking Article 5, it’s provision that an attack on one NATO member would be considered an attack on them all. In new details, NATO also endorsed adding “cyber defense to our overall deterrence and defence posture.” It also said it will integrate political, military, and technical defense level in cybersecurity to better coordinate efforts.
Tax prep companies “recklessly” shared data
Back in November, an investigation by the publication The Markup found tax filing services like H&R Block and TaxSlayer shared data with Google and Meta through analytics tools. A Congressional investigation based on these findings published a report confirming this data sharing. This report determined the tax prep companies added tracking tools like the Meta Pixel without fully realizing how tax filer data would be collected and used by the third-party. Tax data remains tightly regulated. Lawmakers provided the report to several federal agencies asking them to investigate violations for potential prosecution.
Report finds decrease in crypto crime
The blockchain analysts at Chainalysis released their mid-year report on the state of crypto crime. In the first half of the year, it found crypto inflows to known illicit entities decrease 65% on the year. Meanwhile flows to risky, although not known to be illicit, parties decreased 42%. These decreases outpaces declines in legitimate crypto services we’re seen as part of the ongoing crypto winter, which decreased 28%. In terms of types of cybercrime linked to cryptocurrency flows, ransomware remained the only type to see an increase in flows, up $175.8 million compared to last year. Scams saw the biggest decline, revenue down 77% to just over $1 billion. This dip appears directly linked to the sudden disappearance of two large-scale investment scam operators.
Threat actors gain access to US government email
Microsoft published details of how the threat group known as Storm-0558 breached an unnamed customer. Microsoft believes the group shows likes to China, targeting government agencies across Western Europe. The group obtained access on May 15th using forged authentication tokens. A joint advisory from CISA and the FBI say they obtained “unclassified Exchange Online Outlook data.” The impacted customer informed Microsoft to discovered the access on June 16th. Microsoft said it mitigated the attack and that the attackers can no longer used similarly forged tokens in the future.
And now a word from our sponsor, Opal
How ethical hackers are using generative AI
A new report from Bugcrowd looks at how ethical hackers and security researchers use emerging generative AI tools. There remains wide agreement among respondents, 72%, that these tools will not replace human creativity in the field. 55% believe the tools will increase the value of their work. In terms of where these tools receive usage, about half of respondents used them for automation and analyzing data. A little over a third used them for vulnerability identification, validation, and reconnaissance. 98% said they used ChatGPT, with Google Bard and Bing Chat tied for a distant second with 40%.
Deutsche Bank confirms customer data exposed
The banking giant told Bleeping Computer the leak came from a breach at a service provider. The company didn’t squarely place the issue as related to the attack on the managed-file-transfer service MOVEit. However it did say that in addition to the impacted provider “we understand that more than 100 companies in more than 40 countries are potentially affected,” which sounds a lot like the MOVEit vulnerability. It couldn’t confirm how many customers saw data exposed, but said the issue did not impact its systems directly. The German newspaper Handelsblatt said the issue at the service provider also impact other financial services companies, including Commerzbank, Postbank, Comdirect, and ING.
Proton expands encrypted cloud storage
The privacy-focused online service company brough its end-to-end encrypted Proton Drive service to Windows desktops, now offering a dedicated app. It launched Proton Drive in September, but limited it to the web and mobile apps. A beta of a macOS app will become available soon. Proton’s zero-knowledge cloud storage remains differentiated from rivals like Google Drive and OneDrive, with Dropbox planning to offer a similar solution to business subscribers in the near future.
Broadcom-VMware deal gets EU green light
European regulators approved the $61 billion deal after Broadcom offered remedies to assuage competition concerns. It will offer interoperability commitments with Marvel and other rival semiconductor companies in regards to its Fiber Channel Host-Bus Adapters. Broadcom will ensure accessible APIs and support for these device after the acquisition. The source code for these adapters will also remain open source. The deal remains under investigation by the US Federal Trade Commission and UK Competition and Markets Authority.
(Reuters)