108 Matching Annotations
  1. Oct 2022
    1. Iran's atomic energy organization says e-mail was hacked

      TITLE: Iran’s nuclear energy agency’s email got hacked from a foreign country

      CONTENT: Iran's atomic energy organization announced on Sunday that an e-mail server belonging to one of its subsidiaries had been hacked from a foreign country and material had been published online.

      Black Reward, an Iranian hacker collective, claimed in a statement posted on Twitter that it has made leaked information about Iranian nuclear programs, calling the move a gesture of support for Iranian protesters.

      According to Black Reward, the documents released included atomic development contracts and agreements with domestic and foreign partners, management and operational schedules of different parts of the Bushehr power plant, and passports and visas of Iranian and Russian specialists working there.

      In a statement made on October 21, Black Reward threatened to reveal hacked data within 24 hours if the government did not free political prisoners and those detained during the uprising.

      EXCERPT: An e-mail server belonging to Iran's atomic energy organization was hacked from a foreign country. Black Reward, an Iranian hacker collective, claims it has made leaked information about Iran's nuclear programs public. Documents include atomic development contracts, management and operational schedules of different parts of Bushehr power plant.

      TOPIC: Cybercrime, Cyberconflict and warfare

      DATE: 23.10.

      LINK: https://www.reuters.com/world/middle-east/irans-atomic-energy-organization-says-e-mail-was-hacked-state-media-says-2022-10-23/

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. New Phishing Campaign Targets Saudi Government Service Portal

      TITLE: Saudi government’s service site becomes a target of a new phishing campaign

      CONTENT: Multiple phishing domains imitating Absher, the Saudi government service site, have been set up to supply citizens with fake services and steal their passwords.

      CloudSEK cybersecurity researchers made the finding and published an advisory about the threat on Thursday.

      Government services in the Saudi region have reportedly recently been a top target for cybercriminals looking to steal user credentials and exploit them in other cyberattacks, according to CloudSEK.

      In order to lessen the effects of these assaults, CloudSEK urged government agencies to keep an eye on phishing attempts that target citizens and warn and educate them about the risks, such as by advising them not to click on questionable links.

      EXCERPT: Saudi citizens are being targeted by phishing websites that mimic Absher, the Saudi government service site. Cybercriminals are looking to steal user credentials and exploit them in other cyberattacks, researchers say. Government services in the Saudi region have reportedly been a top target for cybercriminals.

      LINK: https://www.infosecurity-magazine.com/news/phishing-campaign-saudi-government/

      DATE: 21.10.

      TOPIC: Cybercrime, Cybersecurity, Cyberconflict and warfare

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Ransomware is Being Used As a Precursor to Physical War: Ivanti

      TITLE: Ivanti’s Ransomware Index Report Q2–Q3 2022: Ransomware leads to physical war

      CONTENT: Since 2019, ransomware has expanded by 466%, and it is increasingly being utilized as a precursor to actual combat.

      The findings came from Ivanti's Ransomware Index Report Q2-Q3 2022, which the company released earlier today to Infosecurity.

      The data also suggests that ransomware groups are becoming more sophisticated and widespread, with 35 vulnerabilities becoming related with ransomware in the first three quarters of 2022 and 159 trending active exploits. Based on the report, 47.4% of ransomware vulnerabilities threaten healthcare systems, 31.6% damage energy systems, and 21.1% affect key manufacturing.

      The Ivanti research claims that hostile nations are increasingly using state-sponsored threat groups to infiltrate, destabilize, and disrupt operations in their target countries. As shown in the recent Russia-Ukraine war, ransomware is being utilized as a precursor to physical warfare in many of these operations.

      Ivanti executive also noted that IT and security teams need to work on employing automation technology that can not only correlate data from disparate sources, but also quantify risk, provide early warning of weaponization, predict assaults, and prioritize remedial actions.

      TOPIC: Cyberconflict and warfare, Cybercrime, Critical infrastructure

      DATE: 20.10.

      LINK: https://www.infosecurity-magazine.com/news/ransomware-precursor-to-physical/

      EXCERPT: Ivanti's Ransomware Index Report Q2-Q3 2022 states that ransomware is being utilized as a precursor to physical warfare. The report shows percentage of ransomware expansion since 2019, as well as ransomware vulnerabilities that threaten some of the most critical infrastructure. It is suggested that IT and security teams work on quantifying risk, providing early warning of weaponization, predicting assaults, and prioritizing remedial actions.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Hackers compromised Hong Kong govt org's network for a year

      TITLE: Hong Kong’s government org’s network compromised by hackers for a year

      CONTENT: Cyberattacks on government institutions in Hong Kong by the China-linked espionage actor APT41 (also known as Winnti), which compromised them, went unnoticed for up to a year in certain cases, have been discovered by Symantec researchers.

      The threat actor has been employing a piece of customized malware known as Spyder Loader that has previously been linked to the organization.

      The newly detected Hong Kong activity appears to be a component of the same operation, according to Symantec's research, and the targets of Winnti are local governments in the special administrative area.

      Although Symantec was unable to recover the full malware, it appears that the objective of APT41's most recent effort was to gather intelligence from significant Hong Kong institutions.

      EXCERPT: Symantec has discovered a year long China-linked cyberattacks, coming from espionage actor known as Winnti. They have been compromising government institutions in Hong Kong. The full malware was not yet found, but their most recent object is local governments special administrative area.

      LINK: https://www.bleepingcomputer.com/news/security/hackers-compromised-hong-kong-govt-orgs-network-for-a-year/

      DATE: 18.10.

      TOPIC: Cybercrime, Cyberconflict and warfare

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Pro-Russia Hackers DDoS Bulgarian Government

      TITLE: Bulgarian government attacked with DDoS by pro-Russian hackers

      CONTENT: Over the weekend, the Bulgarian government was subject to a wave of DDoS attacks, with Russia being the main suspect, according to sources.

      According to various local reports, traffic flooded the websites of the Bulgarian President, the National Revenue Agency, and the departments of internal affairs, defense, and justice.

      The campaign on October 15 also targeted telecom businesses, airports, banks, and a few media outlets, Sofia Globe reported.

      The suspects were recognized as being from the Russian city of Magnitogorsk by the authorities, according to Borislav Sarafov, the director of Bulgaria's National Investigation Service.

      However, according to some reports, the notorious Russian cybercrime group Killnet had already taken responsibility for the said DDoS attack.

      LINK: https://www.infosecurity-magazine.com/news/prorussia-hackers-ddos-bulgarian/

      DATE: 18.10.

      TOPIC: Cyberconflict and warfare, cybercrime

      EXCERPT: The Bulgarian government was subject to a wave of DDoS attacks, with Russia being the main suspect. Traffic flooded the websites of the Bulgarian President, National Revenue Agency, and departments of internal affairs, defense, and justice. Some reports claim Russian cybercrime group Killnet had already taken responsibility for the attack.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Australian police secret agents exposed in Colombian data leak

      TITLE: Colombian data leak exposes personal information of Australian Federal Police

      CONTENT: Following the release of data taken from the Colombian government by hackers, the identities of covert agents for the Australian Federal Police (AFP) have been made public.

      More than five terabytes of sensitive information, including emails, documents, and strategies AFP agents were employing to prevent drug cartels from conducting business in Australia, were leaked by the hacktivist collective Guacamaya.

      Details exposed this way come from 35 AFP operations, some of them still active, and also contain surveillance reports from agents, phone tap recordings, and salary data for Colombian personnel.

      LINK: https://www.bleepingcomputer.com/news/security/australian-police-secret-agents-exposed-in-colombian-data-leak/

      DATE: 14.10.

      TOPIC: Cyberconflict and warfare, Cybercrime

      EXCERPT: The identities of covert agents for the Australian Federal Police (AFP) have been made public. This follows the release of data taken from the Colombian government by hackers. More than five terabytes of sensitive information were leaked by the hacktivist collective Guacamaya.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Education Sector Experienced 44% Increase in Cyber-Attacks Over Last Year

      TITLE: Education sector recorded a 44% increase in cyberattacks since last year

      CONTENT: According to Check Point's 2022 Mid-Year Report, the education sector saw a 44% increase in cyberattacks from 2021 to 2022, with an average of 2297 attacks against organizations every week.

      The research illustrates that a factor in the attraction is the enormous amount of personal information that threat actors can amass by picking on businesses in this industry.

      According to the monthly threat index produced by the research team, the education sector will be most negatively affected in 2022. It is obvious that cybercriminals are finding success with these operations, and schools and colleges should be planning for a rise in the frequency of these attacks.

      In contrast to most businesses, which only have employees, academic institutions also have students. This makes the sector's networks much larger, more accessible, and harder to secure.

      TOPIC: Cyberconflict and warfare, Cybercrime, Cybersecurity

      LINK: https://www.infosecurity-magazine.com/news/education-experienced-44-increase/

      DATE: 14.10.

      EXCERPT: The education sector saw a 44% increase in cyberattacks from 2021 to 2022, with an average of 2297 attacks against organizations every week. Cybercriminals are finding success with these operations, and schools and colleges should be planning for a rise in the frequency of these attacks.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Microsoft says Ukraine, Poland targetted with novel ransomware attack

      TITLE: Microsoft discovers new novel ransomware attack on Ukraine and Poland

      CONTENT: According to a blog post by Microsoft on Friday, a recently identified hacker group has used a novel kind of ransomware to assault logistics and transportation firms in Poland and Ukraine.

      In less than an hour on Tuesday, the attackers targeted a variety of computers, according to Microsoft, which added that it had not yet been able to connect the attacks to any known group.

      Researchers discovered that the cyberattacks, however, closely resembled past assaults by a cyber team connected to the Russian government that had affected Ukrainian government services.

      LINK: https://www.reuters.com/technology/microsoft-says-ukraine-poland-targetted-with-novel-ransomware-attack-2022-10-14/

      TOPIC: Cyberconflict and warfare, Cybercrime

      EXCERPT: A hacker group has used a novel kind of ransomware to attack logistics and transportation firms in Poland and Ukraine. In less than an hour on Tuesday, the attackers targeted a variety of computers. Microsoft has not yet been able to connect the attacks to any known group.

      DATE: 15.10.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Turkey: new ‘disinformation’ law could jail journalists for three years

      TITLE: Turkey’s new disinformation law imposes threats to domestic journalism and social media

      CONTENT: A comprehensive new rule that could result in up to three years in prison for people suspected of disinformation spreading has been approved by the Turkish parliament.

      Wide-ranging clauses of the contentious bill, put out by the government's Justice and Development party (AKP), are designed to control domestic journalism as well as social media.

      The bill provides a framework for extensive censorship of online information and the criminalization of journalism, which will enable the government to further subdue and control public debate in the run-up to Turkey's general elections in 2023, according to a coalition of 22 press freedom organizations.

      Additionally, the new law mandates that messaging services like WhatsApp, which is also owned by Meta, submit user information to the government upon request from the nation's Information and Communication Technologies Authority.

      EXCERPT: Turkey's parliament has approved a bill that could result in up to three years in prison for people suspected of spreading disinformation online. The bill, put out by the government's Justice and Development party (AKP), is designed to control domestic journalism as well as social media.

      LINK: https://www.theguardian.com/world/2022/oct/13/turkey-new-disinformation-law-could-jail-journalists-for-3-years

      DATE: 13.10.

      TOPIC: Freedom of the press, Freedom of expression, Content policy

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Report Shows How China Has Been Using Cyberattacks Over the Past Decade

      TITLE: Report documents China's use of cyberattacks over the past ten years

      CONTENT: According to a report released on October 12, by consultancy firm Booz Allen Hamilton, Chinese state-sponsored cyberattacks pose a growing threat to US national security.

      ‘Same Cloak, More Dagger: Decoding How the People's Republic of China (PRC) Uses Cyber Attacks’ is a report aimed at CISOs of American companies and their allies, as well as threat analysts. It provides a thorough examination of more than 13 case studies of Chinese-sponsored cyberattacks over the last decade.

      According to their results, China is creating and using cyberattack capabilities to further its 'core interests' at home. These cyberattacks are a supplement to China's more well-known and varied efforts to use legal, financial, cultural, political, and technical tools to further its objectives online.

      Booz Allen did clarify that the report's main source of research was open-source. It is likely impossible to properly determine the exact extent of China's cyberattack capabilities from open sources. It's probable that China decided not to use all of its resources or that it did so secretly, based on the study.

      LINK: https://www.infosecurity-magazine.com/news/report-china-cyberattacks-past/

      DATE: 14.10.

      TOPIC: Cyberconflict and warfare

      EXCERPT: 'Same Cloak, More Dagger: Decoding How the People's Republic of China Uses Cyber Attacks' is a report aimed at CISOs of American companies and their allies. It provides a thorough examination of more than 13 case studies of Chinese-sponsored cyberattacks over the last decade. It is shown that Chinese state-sponsored cyberattacks pose a growing threat to US national security.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Kazakh outlet Orda, staff subjected to months of threats, online harassment, cyberattacks

      TITLE: Kazakh media outlet Orda’s staff suffer from months of cyberattacks and online harassment

      CONTENT: The Committee to Protect Journalists said on Wednesday that Kazakhstani authorities should fully examine recent threats against independent news website Orda and its head editor Gulnara Bazhkenova and safeguard the safety of the publication and its personnel.

      Following the publishing by the outlet of an investigation into suspected lobbying methods by a corporation apparently related to Kazakhstan's former president, Nursultan Nazarbayev, there have been several internet harassments and cyberattacks against Bazhkenova, her family, and Orda.

      While Orda has improved its cybersecurity, Bazhkenova claims that DDoS and other types of cyberattacks have been ongoing since July, with perpetrators constantly looking for ‘weak spots’ that cause the site to go offline for brief periods.

      In addition to the website cyberattacks, she claims that unidentified users have flooded Orda's Telegram chat with derogatory images and insults aimed at Bazhkenova and Orda staff. However, most recently, the online insults have been replaced by threats against her and her 7-year-old son. LINK: https://cpj.org/2022/10/kazakh-outlet-orda-staff-subjected-to-months-of-threats-online-harassme nt-cyberattacks/

      EXCERPT: Cyberattacks against independent news outlet Orda have been ongoing since July, with perpetrators constantly looking for 'weak spots' that cause the site to go offline for brief periods. The Committee to Protect Journalists said on Wednesday that Kazakhstani authorities should fully examine recent online threats.

      DATE: 12.10.2022.

      TOPIC: Freedom of the press, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Greece: At a meeting with RSF, the government commits to ban the use of spyware

      TITLE: Greek government promises ban on spyware of journalists at the meeting with RSF

      CONTENT: At their meeting on October 10th, the representative of RSF requested that the Deputy Minister to the Prime Minister and Government Spokesperson, Ioannis Oikonomou, initiate discussions for a complete reform of the legal safeguards against the arbitrary surveillance of journalists.

      The recent revelations of the intelligence agency's surveillance of reporters using spyware have increased the gap of mistrust between Greek journalists and the authorities, according to Pavol Szalai, head of RSF's European Union and Balkans desk. He further stated that the new legal framework the government promised must be both ambitious and properly consult with the main stakeholders: journalists.

      The government ‘will soon submit a bill to make the use of spyware illegal,’ according to Ioannis Oikonomou, who also reiterated that the Greek authorities did not acquire or use Predator, in response to Pavol Szalai's call for legislation on spywares.

      LINK: https://rsf.org/en/greece-meeting-rsf-government-commits-ban-use-spyware

      EXCERPT: Reporters Without Borders (RSF) has called for a complete reform of the legal safeguards against the arbitrary surveillance of journalists in Greece. The government 'will soon submit a bill to make the use of spyware illegal,' according to Ioannis Oikonomou, who also reiterated that the Greek authorities did not acquire or use Predator.

      TOPIC: Freedom of the press

      DATE: 12.10.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Ukraine Enhances Cooperation With EU Cybersecurity Agencies

      TITLE: Ukraine tightens collaboration with EU cybersecurity agencies

      CONTENT: Recently, representatives from the European Union Agency for Cybersecurity (ENISA) and the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) met to explore enhancing networking and collaboration.

      The working meeting took place as part of the Cybersecurity East Project trip to the ENISA headquarters in Athens.

      After the conference, Viktor Zhora, the deputy head of the SSSCIP, stated: ‘Cooperation with the European partners includes two key vectors for our country. On the one hand, Ukrainian experience in cyber-war, confronting cyber-threats from Russia would definitely be beneficial for other democracies.’

      The SSSCIP claimed that the meeting was essential for European integration as well, with ENISA special partner status being a key step in that direction since the Ukrainian conflict has pushed the country even further toward its Western peers.

      According to SSSCIP, achieving this accreditation is a crucial step in the process of aligning national cybersecurity laws with EU law.

      DATE: 10.10.

      TOPIC: Cybersecurity, Cyberconflict and warfare

      EXCERPT: Ukraine and the European Union have met to discuss enhancing networking and collaboration. The meeting took place as part of the Cybersecurity East Project trip to the ENISA headquarters in Athens. SSSCIP claimed that the meeting was essential for European integration as well, with ENISA special partner status being a key step in that direction. This will also push the country's aligning of national cybersecurity laws with EU law.

      LINK: https://www.infosecurity-magazine.com/news/ukraine-cooperation-with-eu/

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. US airports' sites taken down in DDoS attacks by pro-Russian hackers

      TITLE: US airports’ hit with DDoS by pro-Russian hackers

      CONTENT: The websites of numerous major airports in the United States have allegedly been subjected to widespread distributed denial-of-service (DDoS) attacks, according to the pro-Russian hacktivist organization 'KillNet.'

      Travelers are unable to login and receive information about their booked flights or make reservations for airport services because the servers hosting these sites are being overloaded by trash requests as a result of the DDoS attacks.

      The Hartsfield-Jackson Atlanta International Airport (ATL), one of the nation's major air traffic hubs, and the Los Angeles International Airport (LAX), which is occasionally offline or very slow to reply, are notable examples of airport websites that are now inaccessible.

      DATE: 10.10.

      LINK: https://www.bleepingcomputer.com/news/security/us-airports-sites-taken-down-in-ddos-attacks-by-pro-russian-hackers/

      TOPIC: Cyberconflict and warfare, Cybercrime

      EXCERPT: The websites of numerous major airports in the U.S. have allegedly been subjected to widespread distributed denial-of-service attacks caused by pro-Russian hackers. The Hartsfield-Jackson Atlanta International Airport (ATL), and the Los Angeles International Airport are notable examples of airport websites that are now inaccessible.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. How Cyberfeminism Is Helping Women Forge Solidarities In Conservative Societies

      TITLE: Expansion of cyberfeminism in the Middle East and South Asia

      CONTENT: Feminist activists in Iraq started a social media campaign in September last week to call for the Ministry of Education to issue a formal resolution that will forbid ‘the imposition of the veil as a condition for academic enrollment.’

      The online campaign, which emphasized the value of women's personal freedom, provided another illustration of how cyberfeminism is taking a dynamic shape in the Middle East and South Asian countries through the hashtag #No_for_forced_veiling on Iraqi social media networks.

      LINK: https://www.outlookindia.com/national/how-cyberfeminism-is-helping-women-forge-solidarities-in-conservative-societies-news-228660

      DATE: 09.10.

      TOPIC: Gender rights online

      EXCERPT: Feminist activists in Iraq started a social media campaign to call for the Ministry of Education to issue a formal resolution that will forbid 'the imposition of the veil as a condition for academic enrollment'. The online campaign, which emphasized the value of women's personal freedom, generated #No_for_forced_veiling on Iraqi social media networks.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Germany's cybersecurity chief faces dismissal, reports say

      TITLE: Germany's cybersecurity chief may be dismissed

      CONTENT: Due to potential interactions with individuals associated with Russian security services, German Interior Minister Nancy Faeser wants to fire the nation's cybersecurity director, according to late-Sunday reports in German media that cited official sources.

      According to numerous sites, Arne Schoenbohm, the head of the federal information security organization BSI, may have had these contacts through the German Cyber Security Council.

      Schoenbohm founded the organization, which includes a German firm that is a subsidiary of a Russian cybersecurity firm founded by a former KGB employee.

      EXCERPT: Germany's interior minister reportedly wants to fire the nation's cybersecurity director. Arne Schoenbohm may have had contacts with individuals associated with Russian security services. His organization, BSI, is a subsidiary of a Russian cybersecurity firm founded by a former KGB employee.

      LINK: https://www.reuters.com/world/europe/germanys-cybersecurity-chief-faces-dismissal-reports-2022-10-09/

      TOPIC: Cybersecurity

      DATE: 10.10.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Taliban shuts down two news websites in Afghanistan 

      TITLE: Taliban deactivate two news websites due to ‘false propaganda’ in Afghanistan

      CONTENT: According to a tweet from the ministry's spokesperson Anayatullah Alokozay and a report by the London-based independent Afghanistan International TV station, the Taliban's Ministry of Telecommunications and Information Technology shut down the websites of Hasht-e Subh Daily and Zawia News on Monday, October 3, due to 'false propaganda' against the Taliban.

      In separate statements on Monday, the Hasht-e Subh daily and Zawia News sites, which are run by Afghan journalists who have been reporting from exile since the August 2021 Taliban takeover, said the Taliban had deactivated their website domain names.

      Since then, Hasht-e Subh Daily has resumed its online presence under a new domain. According to Zawia News, it will keep publishing news on the website of Zawia Media, its parent firm.

      LINK: https://cpj.org/2022/10/taliban-shuts-down-two-news-websites-in-afghanistan/

      EXCERPT: Afghanistan's Ministry of Telecommunications and Information Technology shut down the websites of Hasht-e Subh Daily and Zawia News on Monday, October 3. The sites are run by Afghan journalists who have been reporting from exile since the August 2021 Taliban takeover.

      DATE: 04.10.

      TOPIC: Freedom of the press

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. FBI and CISA Publish Advisory on Malicious Cyber Activity Against Election Infrastructure

      TITLE: FBI and CISA joined in a public announcement on malicious cyber activities against election infrastructure

      CONTENT: An official public service announcement about hostile cyber activity intended to compromise election infrastructure has been released by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA).

      The agencies stated in the letter made public on Tuesday that it is unlikely that attempts to breach election infrastructure will result in widespread disruptions or stop voting.

      The notice also made clear that authorities employ a range of safeguards to lessen the possibility of hostile cyber activity compromising the security, reliability, or accessibility of election infrastructure systems.

      The Election Security Group (ESG), a body created at the end of August by the US Cyber Command (USCYBERCOM) and the National Security Agency (NSA), was created to safeguard electoral processes from hacking and disinformation before and during the November elections.

      EXCERPT: An official public service announcement about hostile cyber activity intended to compromise election infrastructure has been released by the FBI and CISA. The agencies stated that it is unlikely that attempts to breach election infrastructure will result in widespread disruptions or stop voting. Election Security Group (ESG) was created to safeguard electoral processes from hacking and disinformation.

      LINK: https://www.infosecurity-magazine.com/news/fbi-cisa-advisory-cyber-activity/

      DATE: 06.10.

      TOPIC: Cyberconflict and warfare, Cybersecurity, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. US govt shares top flaws exploited by Chinese hackers since 2020

      TITLE: US government agencies reveal top weak points exploited by Chinese hackers since 2020

      CONTENT: In order to attack government and critical infrastructure networks, hackers supported by the People's Republic of China (PRC) most frequently use certain security flaws, according to information released today by the NSA, CISA, and the FBI.

      In a combined alert, the three government agencies claimed that Chinese-sponsored hackers are targeting tech businesses and networks in the United States and its allies in order to enter private networks and steal intellectual property.

      The report also includes suggestions for addressing each of the security holes that Chinese threat actors use the most, as well as detecting techniques and weak technologies to aid defenses in identifying and thwarting incoming attacks.

      TOPIC: Cyberconflict and warfare, Cybercrime

      LINK: https://www.bleepingcomputer.com/news/security/us-govt-shares-top-flaws-exploited-by-chinese-hackers-since-2020/

      DATE: 06.10.

      EXCERPT: NSA, CISA, and FBI warn that Chinese-sponsored hackers are targeting tech businesses and networks in the U.S. and its allies to steal intellectual property. Report also includes suggestions for addressing each of the security holes that Chinese threat actors use the most.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Mexico continued to use spyware against activists

      TITLE: Spyware still used by Mexico against activists

      CONTENT: Despite a commitment by President Andrés Manuel López Obrador to halt such activities, it is reported that the Mexican government or army has continued to utilize spyware meant to hack into the cellphones of activists.

      Press freedom advocacy organizations reported on Monday that they had discovered proof of recent attempts to target activists looking into Mexican army human rights violations using the Israeli spyware tool Pegasus. The University of Toronto group Citizen Lab conducted a forensic study to confirm the Pegasus virus.

      The targets included rights campaigner Raymundo Ramos, according to a report by the press freedom organization Article 19, The Network for the Defense of Digital Rights, and Mexican media outlets.

      TOPIC: Cybercrime, Freedom of expression

      LINK: https://apnews.com/article/technology-mexico-caribbean-hacking-cd4e4a0bcf13705072af19b2d97bbf63

      EXCERPT: Despite a commitment by President Andrés Manuel López Obrador to halt such activities, it is reported that the Mexican government or army has continued to utilize spyware. Targets included rights campaigner Raymundo Ramos, according to a report by the press freedom organization Article 19.

      DATE: 03.10.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. A Bolsonaro reelection poses biggest threat to Brazilian press freedom, says RSF

      TITLE: Election campaign and online attacks pose threat to Brazilian press freedom

      CONTENT: The image of the media by President Bolsonaro as an enemy of the state that must be stopped has always resonated strongly with his support base, which is well-organized on social media, but especially during this election campaign.

      Since the campaign's launch on August 16th, RSF has carefully tracked (put this link on ‘carefully tracked’: https://rsf.org/en/press-under-pressure-brazil-rsf-analyzes-online-attacks-against-journalists-during-presidential ) these online attacks and has recorded no less than 2.8 million posts that target and degrade journalists.

      In terms of direct assaults, 86% of victims were female journalists. The president's family and government officials, who have millions of followers on social media, have shared the vast majority of this offensive material.

      LINK: https://rsf.org/en/bolsonaro-reelection-poses-biggest-threat-brazilian-press-freedom-says-rsf

      EXCERPT: RSF has recorded more than 2.8 million posts that target and degrade journalists in Brazil since the beginning of election campaign.

      TOPIC: Freedom of the press

      DATE: 30.09.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries

      TITLE: Lazarus hacker group weaponize open-source software against several countries

      CONTENT: Legitimate open-source software has been weaponized by threat actors connected to North Korea and is now being used to target personnel in businesses from a variety of industries.

      The information was obtained by the Microsoft Threat Intelligence Center (MSTIC), which on Thursday released a warning about the threat.

      The Lazarus Group, also known as the actor Microsoft tracks as Zinc, is said to have carried out the attacks, the technical write-up stated.

      According to the advisory, Zinc has successfully compromised numerous organizations in the media, defense and aerospace, and information technology sectors in the United States, United Kingdom, India, and Russia.

      EXCERPT: Open-source software has been weaponized by threat actors connected to North Korea. The Lazarus Group, also known as the actor Microsoft tracks as Zinc, is said to have carried out the attacks. Targets include media, defense and aerospace, and information technology sectors in the United States, UK, India, and Russia.

      LINK: https://www.infosecurity-magazine.com/news/lazarus-group-weaponize-open/

      TOPIC: Cyberconflict and warfare, Cybercrime

      DATE: 30.09.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

  2. Sep 2022
    1. Vietnam preparing rules to limit news posts on social media accounts - sources

      TITLE: Vietnam is working on a new set of rules to restrict news posts on social media accounts

      CONTENT: According to Reuters, Vietnam is preparing new rules that will restrict which social media accounts can post news-related content, as authorities tighten their grip on the country's news and information sources.

      The regulations would create a legal foundation for regulating news distribution on platforms such as Facebook and YouTube.

      The sources confirmed that government officials have been holding confidential meetings with popular social media and internet firms to brief them on which types of accounts will be allowed to post news content under the new rules. According to them, authorities will be able to order social media companies to ban accounts that violate the rules.

      The rules are anticipated to be announced before the end of the year, with specifics still being worked out.

      TOPIC: Freedom of expression

      LINK: https://www.reuters.com/technology/exclusive-vietnam-preparing-rules-limit-news-posts-social-media-accounts-sources-2022-09-28/

      DATE: 29.09.

      EXCERPT: Vietnam is preparing new rules that will restrict which social media accounts can post news-related content, as authorities tighten their grip on the country's news and information sources. If the rules are announced, authorities will be able to order social media companies to ban accounts that violate the rules.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Human Rights Council Holds Annual Discussion on the Integration of the Gender Perspective, Focusing on Overcoming Gender-Based Barriers to Freedom of Opinion and Expression

      TITLE: HR Council’s annual debate on gender-based barriers to freedom of opinion and expression: online aspects

      CONTENT: The Human Rights Council held its annual debate on the incorporation of a gender perspective, with the focus on overcoming gender-based barriers to freedom of opinion and expression.

      Gender-based online violence against journalists, according to Julie Posetti of the International Centre for Journalists, is one of the most serious contemporary threats to press freedom and the safety of women journalists worldwide. Individual political actors and parties have been identified as perpetrators, instigators, and amplifiers of online violence against female journalists in many countries.

      Irene Khan, Special Rapporteur on freedom of opinion and expression said that states must not use efforts to eradicate online violence, gendered hate speech, and disinformation as an excuse to limit free expression.

      During the discussion that followed, speakers stated that online discrimination plays a role in censoring and silencing the voices of women and girls.

      TOPIC: Gender rights online, Freedom of expression, Freedom of the press

      LINK: https://www.ohchr.org/en/press-releases/2022/09/human-rights-council-holds-annual-discussion-integration-gender-perspective

      EXCERPT: Human Rights Council held its annual debate on the incorporation of a gender perspective. The focus was on overcoming gender-based barriers to freedom of opinion and expression. Gender-based online violence against journalists is one of the most serious contemporary threats to press freedom, and states must not use efforts to eradicate online violence, gendered hate speech, and disinformation as an excuse to limit free expression.

      DATE: 28.09.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Women more vulnerable on cyber space: FWRM

      TITLE: Fiji Women’s Rights Movement claims that women are more vulnerable to online violence

      CONTENT: Nalini Singh, Executive Director of the Fiji Women's Rights Movement, made remarks on gender rights in cyberspace, while praising the government's intention to join the Convention on Cyber Crime.

      According to Singh, cybercrime should not be approached from a gender-neutral standpoint.

      She claims that women who have regular access to online spaces are more vulnerable to online violence. Singh also states that dissecting how cybercrime occurs can help the state respond more effectively.

      LINK: https://www.fbcnews.com.fj/news/women-more-vulnerable-on-cyber-space-fwrm/

      DATE: 28.09.

      EXCERPT: Nalini Singh, Executive Director of the Fiji Women's Rights Movement made remarks on gender rights in cyberspace. She claims that women who have regular access to online spaces are more vulnerable to online violence.

      TOPIC: Gender rights online

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Indonesian activists deplore latest cyberattack as ‘assault on press freedom’

      TITLE: Indonesian advocates condemn latest cyberattack on press freedom

      CONTENT: Indonesian advocates have condemned a series of widespread and coordinated cyberattacks on journalists and employees of the state’s media company Narasi and urged police to act immediately. This media company is known for its criticism of the government.

      The attacks aimed to take control of its employees' Telegram, Instagram, Facebook, and Twitter accounts, states the head of newsroom, Laban Laisila.

      Advocates condemned the attack on press freedom and urged law enforcement not to take sides when dealing with cyberattacks.

      Discrepancy between the way law treated cyberattacks involving state or government institutions and those involving the press is noticeable.

      EXCERPT: Indonesian advocates have condemned a series of widespread and coordinated cyberattacks on journalists and employees of the state's media company Narasi. This media company is known for its criticism of the government. Press freedom is at stake as the country deals with cyberattacks differently depending on whether they occurred against the government than against the press.

      LINK: https://asianews.network/indonesian-activists-deplore-latest-cyberattack-as-assault-on-press-freedom/

      DATE: 28.09.

      TOPIC: Freedom of the press, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Meta dismantles massive Russian network spoofing Western news sites

      TITLE: Meta takes down Russian network spoofing Western news sites

      CONTENT: According to Meta, it took down a vast network of Facebook and Instagram profiles spreading misinformation that had been spoofed on more than 60 websites across Europe.

      The primarily targeted countries were Germany, France, Italy, Ukraine, and the U.K. Original articles were attacking Ukraine and Ukrainian refugees and suggesting that Western sanctions on Russia will backfire.

      Meta said it succeeded to take down around thousands of Facebook and Instagram accounts, while stating that this is ‘the largest and most complex Russian-origin operation that we've disrupted since the beginning of the war in Ukraine.’

      EXCERPT: Social media company Meta says it has disrupted 'the largest and most complex Russian-origin operation that we've disrupted since the beginning of the war in Ukraine'. The primarily targeted countries were Germany, France, Italy, Ukraine, and the U.K. Original articles were attacking Ukrainian refugees and suggesting that Western sanctions on Russia will backfire.

      LINK: https://www.bleepingcomputer.com/news/security/meta-dismantles-massive-russian-network-spoofing-western-news-sites/

      DATE: 27.09.

      TOPIC: Cybersecurity, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Ukraine warns allies of Russian plans to escalate cyberattacks

      TITLE: Ukrainian military intelligence warns allies of major upcoming Russian cyber-attacks

      CONTENT: The key infrastructure of Ukraine and its allies will be the target of ‘major cyber-attacks,’ according to a warning issued today by the Ukrainian military intelligence service.

      According to the Main Directorate of Intelligence of the Ukrainian Ministry of Defence (HUR MO), this upcoming ‘massive’ wave of strikes will likely target disrupting and destroying institutions and facilities related to the energy sector.

      The Russian cyberattacks' most likely objective would also be to disrupt the Ukrainian Army's on-going advance and heighten the destruction caused by missile strikes against the country's eastern and southern energy supply facilities.

      EXCERPT: 'Major cyber-attacks' will target key infrastructure of Ukraine and its allies, warns Ukrainian military intelligence service. Main objective would be to disrupt the Ukrainian Army's advance and heighten destruction caused by missile strikes against the country's eastern and southern energy supply facilities.

      DATE: 26.09.2022.

      TREND: Ukraine

      TOPIC: Cyberconflict and warfare

      LINK: https://www.bleepingcomputer.com/news/security/ukraine-warns-allies-of-russian-plans-to-escalate-cyberattacks/

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. RSF calls on Azerbaijan to end online harassment of Swedish journalist

      TITLE: RSF urges Azerbaijan to stop harassing Swedish journalist online

      CONTENT: Reporters Without Borders (RSF) demands that supporters of Azerbaijani President Ilham Aliyev stop smearing Swedish freelance journalist Rasmus Canbäck, particularly on Twitter.

      Canbäck has been called a ‘Islamophobe,’ a ‘terrorist,’ a ‘spy,’ and ‘funded by the Armenian lobby’ on Twitter as a result of his articles about Azerbaijan, particularly for the online magazine Blankspot. He has been writing about Nagorno-Karabakh, a region with an Armenian majority where a long-running conflict has recently resurfaced, as well as Azerbaijan's alleged use of bribes in its ‘caviar diplomacy’ and lobbying.

      According to RSF, Canbäck's account was mentioned in nearly 900 tweets between September 1 and September 21. Therefore, RSF also requests that Swedish Foreign Minister Ann Linde remind Azerbaijan's Ambassador Ahmadov to maintain press freedom and journalistic independence. Nevertheless, Ambassador himself participated in the online harassment.

      TOPIC: Freedom of the press

      LINK: https://rsf.org/en/rsf-calls-azerbaijan-end-online-harassment-swedish-journalist

      DATE: 23.09.2022.

      EXCERPT: Reporters Without Borders (RSF) demands that supporters of Azerbaijani President Ilham Aliyev stop smearing Swedish freelance journalist Rasmus Canbäck, highlighting the one on Twitter. His account was mentioned in nearly 900 tweets between September 1 and September 21, and he suffers from online harassment in all of them. RSF also urges Swedish Foreign Minister Ann Linde to remind Azerbaijan's Ambassador Ahmadov to maintain press freedom and journalistic independence.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Ukraine dismantles hacker gang that stole 30 million accounts

      TITLE: The Security Service of Ukraine dismantles hacker group which stole around 30 mil. accounts

      CONTENT: The Security Service of Ukraine (SSU) has dismantled a group of hackers who stole the accounts of nearly 30 million people and sold them on the dark web.

      On victim systems in the European Union and Ukraine, the hackers deployed malware to steal login information and other sensitive data. Several hard drives containing stolen personal data, as well as computers, SIM cards, mobile phones, and flash drives, were discovered and confiscated during raids on the perpetrators' homes in Lviv, Ukraine.

      Although the number of people detained is still unknown, they are all being prosecuted on criminal accusations related to the illegal sale or dissemination of information with restricted access kept in computers and networks. Sentences for these offenses carry long prison terms.

      Since the first days of the Russian invasion, spreading false information about the conflict has become common throughout Ukraine. Misinformation and deception are still flooding the internet.

      EXCERPT: The Security Service of Ukraine (SSU) has dismantled a group of hackers. They stole the accounts of nearly 30 million people and sold them on the dark web. Hard drives containing stolen personal data, as well as computers, SIM cards, mobile phones, and flash drives were all discovered and confiscated during raids in Lviv. The number of detained people remains unknown, but sentences for the offenses in question will be quite long.

      DATE: 23.09.2022.

      LINK: https://www.bleepingcomputer.com/news/security/ukraine-dismantles-hacker-gang-that-stole-30-million-accounts/

      TOPIC: Cybercrime, Cyberconflict and warfare

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Iran reins in access to Instagram and WhatsApp, last platforms available to Iranians

      TITLE: Iranians lose access to Instagram and WhatsApp: RSF sees it as an attack on the right to news and information

      CONTENT: According to Reporters Without Borders, the Iranian government's decision to restrict access to Instagram and WhatsApp, which had been circulating information about a wave of protests triggered by the death of Mahsa Amini in police custody following her arrest by the morality police on September 16, is an unprecedented attack on the right to news and information in Iran.

      Since the beginning of the protests, the Islamic Republic has imposed numerous Internet shutdowns, and the shutdown is now complete in western Iran's Kurdistan province, where Amini was born and where the first protests began. Other major cities, including Tehran, have reported partial Internet restrictions.

      The government has made contradictory statements about Internet censorship. ICT Minister Issa Zarepour insisted he had been misquoted after initially saying on September 21 that Internet restrictions could be imposed for security reasons.

      However, since 2011, the government has invested in a ‘national Iranian Internet’ project that attempts to force Iranians to connect through a network controlled by the authorities before accessing content located elsewhere.

      LINK: https://rsf.org/en/iran-reins-access-instagram-and-whatsapp-last-platforms-available-iranians

      EXCERPT: According to Reporters Without Borders, the Iranian government's decision to restrict access to Instagram and WhatsApp is an unprecedented attack on the right to news and information in Iran. Internet shutdowns are complete in some regions - such as Western Iran’s Kurdistan province. These shutdowns follow the beginning of a wave of protests triggered by the death of Mahsa Amini. The Iranian government has started a ‘national Iranian Internet’ project that attempts to force Iranians to connect through a network controlled by the authorities before accessing content located elsewhere. This may seriously affect some basic human rights of the Iranian people.

      TOPIC: Freedom of expression

      DATE: 22.09.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Optus Hit By Cyber-Attack, Breach Affects Nearly 10 Million Customers

      TITLE: Optus hit by cyberattack which affected around 10 million customers

      CONTENT: Optus, the Australian subsidiary of Singapore Telecommunications, announced earlier today that it was investigating unauthorized access to customer data following a cyber-attack.

      The company confirmed that the attack was instantly stopped, preventing customers' payment information and account passwords from being compromised. However, Optus confirmed that the attacker may have obtained some home addresses, driver's license numbers, and passport numbers.

      Optus, which has 9.7 million subscribers according to publicly available data, said it also notified key financial institutions about the attack and subsequent breach.

      Optus customers are now more vulnerable to phishing, with their credentials potentially already on the dark web, according to the executive.

      EXCERPT: Optus, the Australian subsidiary of Singapore Telecommunications, was hit by a cyber-attack. Customers' payment information and account passwords were not compromised, but personal details may have been accessed. Optus customers are now more vulnerable to phishing, with their credentials potentially already on the dark web.

      LINK: https://www.infosecurity-magazine.com/news/optus-hit-by-cyberattack/

      DATE: 22.09.2022.

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Expanding broadband safely and inclusively to reach digital gender equality

      TITLE: Insight by UN Women Executive Director on reaching digital gender equality

      CONTENT: Ms. Sima Bahous, Broadband Commissioner, UN Under-Secretary-General and UN Women Executive Director has shared her ‘Insight’ regarding digital gender equality.

      Sexual harassment, stalking, and zoom bombing are all examples of online and ICT-facilitated violence against women and girls that are expanding. Misogyny and sexual violence are finding new digital homes in virtual reality and the metaverse. Women journalists, politicians, and activists who rely on an online presence for their work are therefore especially impacted. A concerning fact is that more than half of girls and young women surveyed globally have already experienced some form of online violence.

      She firstly recommends that governments should establish strong and clear codes of conduct for law enforcement officials dealing with online violence against women and girls, as well as to invest in specialized justice officers to deal with such violence in a human rights and gender-sensitive manner. Secondly, she suggested that internet intermediaries make high-level, clear commitments to ensure the safety of women and girls in online spaces.

      You can read more about her recommendations on the topic here (please insert link on ‘here’).

      DATE: 18.09.2022.

      LINK: https://www.unwomen.org/en/news-stories/op-ed/2022/09/expanding-broadband-safely-and-inclusively-to-reach-digital-gender-equality

      TOPIC: Gender rights online

      EXCERPT: Sima Bahous, Broadband Commissioner, UN Under-Secretary-General and UN Women Executive Director has shared her 'Insight' regarding digital gender equality. One of her recommendations for achieving online gender equality is that governments establish strong and clear codes of conduct for law enforcement officials dealing with online violence against women and girls.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. ‘Anonymous’ hacks Iran state websites after Mahsa Amini’s death

      TITLE: Iranian websites hacked after Mahsa Amini’s death

      CONTENT: After a Twitter account connected to the ‘Anonymous’ hacking collective claimed to have conducted cyberattacks on them in support of protests following the tragic death of 22-year-old Mahsa Amini, multiple government and state-affiliated media websites in Iran were taken down.

      The attacks appear to have targeted the Iranian government's two main websites. One is the government's ‘smart services’ website, which provides a variety of online services, and another is dedicated to publishing government news and interviews with officials.

      ‘All databases have been deleted,’ a social media linked to Anonymous claimed. claimed a social media account linked to Anonymous. The Iranian government has yet to issue an official response to the attacks.

      LINK: https://www.aljazeera.com/news/2022/9/21/anonymous-hacks-iran-state-websites-after-mahsa-aminis-death

      EXCERPT: ‘Anonymous’ hackers have taken down government and state-affiliated media websites in Iran. ‘All databases have been deleted,’ a social media account linked to ‘Anonymous’ claimed. The Iranian government has yet to issue an official response to the attacks.

      DATE: 21.09.2022.

      TOPIC: Cyberconflict and warfare

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Microsoft 365 phishing attacks impersonate U.S. govt agencies

      TITLE: Microsoft 365 phishing attacks pose as US government agencies

      CONTENT: There is an ongoing phishing campaign aimed at the US government contractors that has grown to include higher-quality lures and better-crafted documents. Phishing emails show a request for bids on lucrative government projects, which leads them to phishing pages that look exactly like legitimate federal agency portals.

      This appears to be the same operation that INKY reported on in January this year, with the threat actors attaching PDFs with instructions on how to bid on US Department of Labor projects.

      This campaign's operatives don't appear to be stopping anytime soon, since they are now expanding their targeting scope while refining their lures.

      Given that the emails, PDFs, and websites used in the phishing operation are primarily copies of the actual state’s content, detecting signs of fraud may be difficult.

      TOPIC: Cyberconflict and warfare, Cybercrime

      DATE: 19.09.2022.

      EXCERPT: US government contractors are being targeted by an ongoing phishing campaign that has grown to include higher-quality lures and better-crafted documents. Given that the emails, PDFs, and websites used in the phishing operation are primarily copies of the actual state's content, detecting signs of fraud may be difficult.

      LINK: https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-impersonate-us-govt-agencies/

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Russian authorities revoke Novaya Gazeta’s online media license

      TITLE: Novaya Gazeta’s online media license revoked

      CONTENT: Only 10 days after a Moscow Court revoked Novaya Gazeta’s print license, the Russian Supreme Court has revoked its online media license. This media outlet has been working independently for nearly 30 years, and now it lost its right to exist.

      ‘You are depriving hundreds of people of jobs. You are depriving readers–there were 27 million in March–of the right to information,’ Novaya Gazeta chief editor Dmitry Muratov stated in court on September 15. He referred to the verdict as ‘media genocide’ outside of court, claiming that it would prevent Novaya Gazeta reporters from contacting authorities, remove their accreditation status, and impose several restrictions on their operations.

      LINK: https://cpj.org/2022/09/russian-authorities-revoke-novaya-gazetas-online-media-license/

      TOPIC: Freedom of the press

      EXCERPT: Only 10 days after a Moscow Court revoked Novaya Gazeta's print license, the Russian Supreme Court has revoked its online media license. This media outlet has been working independently for 30 years. Novaya Gazeta’s chief editor Dmitry Muratov referred to this action as ‘media genocide.’

      DATE: 15.09.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. The second Summit for Information and Democracy to be held in New York on 22 September 2022

      TITLE: The second Summit for Information and Democracy will be held on the sidelines of the UNGA

      CONTENT: The Second Summit of the Partnership for Information and Democracy will be held on September 22, 2022 on the sidelines of the UN General Assembly. The Partnership is currently supported by 45 countries, and serves as a framework for multilateral reflection on the implementation of democratic guarantees in the global communication and information space.

      The Summit's second edition will bring together Foreign Ministers from the Partnership's member countries as well as representatives from civil society. Among other initiatives, the recommendations of the Forum's working group on accountability regimes (please insert this link for ‘accountability regimes’: https://informationdemocracy.org/working-groups/accountability-regimes/) for social networks and their users will be published.

      In its 4 years of work, launched by Reporters Without Borders in 2018, one of the International Initiative on Information and Democracy key results is an international coalition of 43 civil society and research organizations formed to promote democratic principles in the digital space. Therefore, the Summit will allow for better coordination of efforts to create a democratic digital space.

      EXCERPT: The Second Summit of the Partnership for Information and Democracy will be held on September 22, 2022 on the sidelines of the UN General Assembly. It is currently supported by 45 countries, and serves as a framework for multilateral reflection on the implementation of democratic guarantees in the global communication and information space. The Summit aims for better coordination in creating a safe democratic digital space.

      TOPIC: Freedom of expression, Freedom of the press

      LINK: https://rsf.org/en/second-summit-information-and-democracy-be-held-new-york-22-september-2022 & https://informationdemocracy.org/working-groups/accountability-regimes/

      DATE: 19.09.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Bridging the Digital Literacy Gender Gap in Developing Countries

      TITLE: New Policy Brief: Bridging the Digital Literacy Gender Gap in Developing Countries

      CONTENT: An international team worked on a Policy Brief, Bridging the Digital Literacy Gender Gap in Developing Countries to urge the G20 and other countries to address the digital literacy challenges women face.

      According to the data, when it comes to women being included in the digital sector, it is clear they are left behind. The gender gap in digital literacy in some economies, cultures, and locations inhibits women from taking advantage of improved educational possibilities and career prospects.

      This policy brief assesses the correlation between sociocultural and digital literacy gaps. The article goes on to explain why gaps in digital literacy start developing in young age and how most programs for developing digital skills miss the challenges that women confront in integrating into the digital world. In its conclusion, it identifies solutions to these problems and implores the G20 and other nations to deal with the particular difficulties associated with women's digital literacy.

      The main issue with women's access to digital resources is not the technology itself, but rather where women are situated in society. The gender digital gap is widened by elements including lack of autonomy, unequal access to education, and the perception of women as dangerous and unsafe in digital areas. You can read the full policy brief here (please insert this link on ‘here’: https://www.fenews.co.uk/wp-content/uploads/2022/09/Bridging-the-digital-literacy-gender-gap-in-developing-countries-2.pdf).

      EXCERPT: An international team worked on a Policy Brief, Bridging the Digital Literacy Gender Gap in Developing Countries. It urges the G20 and other countries to address the digital literacy challenges women face. The main issue with women's access to digital resources is not the technology itself, but rather where women are situated in society.

      DATE: 15.09.2022.

      LINK: https://www.fenews.co.uk/exclusive/bridging-the-digital-literacy-gender-gap-in-developing-countries/ & https://www.fenews.co.uk/wp-content/uploads/2022/09/Bridging-the-digital-literacy-gender-gap-in-developing-countries-2.pdf

      TOPIC: Gender rights online

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Meta-owned apps most vulnerable to cyberattacks, research suggests

      TITLE: Research shows that Meta-owned apps are the most vulnerable to cyberattacks

      CONTENT: TechShielder conducted a review of ten popular apps in the social, entertainment, and communication categories to determine which are the most likely to be hacked and what types of user data they store are at risk of being compromised.

      According to the study, the average number of Google searches each app receives about being hacked indicates its vulnerability to cybercrime. Facebook ranks first with an average of 550,000 monthly searches for ‘Facebook hacked.’ Following that, there are 246,000 searches for ‘Instagram hacked’ and 135,000 for ‘WhatsApp hacked.’

      With 49,500 and 27,100 searches, respectively, Snapchat and Twitch round out the top five. Netflix, YouTube, Telegram, Twitter, and Facebook's Messenger app were also included in the study. All of the apps reviewed by TechShielder store user email addresses and phone numbers, according to the company. Most collect names, credit card information, and cookies, which can provide a "in-depth" look into users' online lives.

      The survey also showed that Meta-owned products have the most information on their users when compared to other popular apps, and Telegram has the least.

      EXCERPT: TechShielder conducted a review of ten popular apps in the social, entertainment, and communication categories to determine which are most likely to be hacked. The average number of Google searches each app receives about being hacked indicates its vulnerability to cybercrime. Facebook ranks first with an average of 550,000 monthly searches for 'Facebook hacked'.

      LINK: https://cybernews.com/security/meta-owned-apps-vulnerable-cyberattacks/

      DATE: 14.09.2022.

      TOPIC: Cybersecurity, Cybercrime, Network security

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. DDoS Attacks on UK Firms Surge During Ukraine War

      TITLE: Increased DDoS attacks on UK companies during Ukraine war

      CONTENT: According to new Freedom of Information (FoI) data obtained from the industry regulator, the volume of DDoS attacks against UK financial institutions increased during the first few months of the Ukraine war.

      The Financial Conduct Authority (FCA) has given information that 14 DDoS attacks have occurred in 2022, compared to only five in all of 2021.

      Picus Security co-founder, Suleyman Ozarslan has explained: ‘UK financial institutions are in the crossfire of the ongoing war between Russia and Ukraine and have become a direct target for nation-state attackers and hacktivists seeking to disrupt Ukraine’s allies.’ With the importance of the finance sector as critical national infrastructure, Picus Security understands these attacks were carried out by state-sponsored and hacktivist operations.

      LINK: https://www.infosecurity-magazine.com/news/ddos-attacks-uk-firms-surge-during/

      EXCERPT: DDoS attacks against UK financial institutions increased during the Ukraine war. 14 DDoS attacks have occurred in 2022, compared to only five in all of 2021. Picus Security believes these attacks were carried out by state-sponsored and hacktivist operations

      DATE: 14.09.2022.

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Iranian Hackers Launch Renewed Attack on Albania

      TITLE: Albania is yet again the target of new Iranian hacker attacks

      CONTENT: The office of Albanian Prime Minister Edi Rama tweeted over the weekend that the attacks targeted the Total Information Management System (TIMS), which assists in tracking individuals entering and exiting the country. Following a July 15 ransomware attack that knocked out multiple government services, Tirana decided last week to cut all diplomatic ties with Iran.

      The NATO member nation has long been Iran's adversary, providing refuge to tens of thousands of members of the Iranian opposition movement Mujahedeen-e-Khalq (MEK). The attack in July occurred just before the Free Iran World Summit that was scheduled to take place in Albania.

      Albania had joined forces with Microsoft and the FBI on attribution in order to ensure that the act was the result of state aggression.

      EXCERPT: The office of Albanian Prime Minister Edi Rama tweeted over the weekend that the attacks targeted the Total Information Management System (TIMS), which assists in tracking individuals entering and exiting the country. The FBI and Microsoft worked with the Albanian government to ensure that the act was the result of state aggression.

      LINK: https://www.infosecurity-magazine.com/news/iranian-hackers-launch-renewed/

      DATE: 13.09.2022.

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Cyberspies drop new infostealer malware on govt networks in Asia

      TITLE: New infostealer malware dropped on Asian government networks by cyberspies

      CONTENT: Security researchers have discovered new cyber-espionage action targeting Asian governments, along with state-owned aerospace and defense companies, telecom companies, and IT organizations.

      This activity is being carried out by a distinct threat group previously associated with the "ShadowPad" RAT (remote access trojan). Recently, the threat actor used a much broader set of tools.The most current campaign appears to be almost entirely focused on Asian governments or public entities, such as some of the following: head of government/Prime Minister's office, government-owned aerospace and defense companies, state-owned media companies etc.

      Chinese hackers are most likely behind these espionage campaigns, but the evidence isn't credible enough to make a certain conclusion.

      EXCERPT: This cyber-espionage activity is being carried out by a distinct threat group previously associated with the "ShadowPad" RAT. The most current campaign appears to be almost entirely focused on Asian governments. Chinese hackers are most likely behind these espionage campaigns, but the evidence isn't credible enough to make a certain conclusion.

      DATE: 13.09.2022.

      LINK: https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/

      TOPIC: Cyberconflict and warfare, Cybercrime, Cybersecurity

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Vietnamese journalist gets five years in prison for “abusing democratic freedoms”

      TITLE: Vietnamese journalist gets five years of prison for his online criticism

      CONTENT: Le Anh Hung, a 49 year old journalist, was given a five-year prison sentence by a Hanoi court on August 30 for "abusing democratic freedoms" and "infringing upon the interests of the state." Hung frequently contributed to the Voice of America website and wrote on politics. He also frequently attacked Hoang Trung Hai, a former deputy prime minister and industry minister, whom he accused of corruption, abuse of authority, and espionage for China in his posts that criticized the ruling party's corruption and dominance.

      He published an open letter on his Facebook page that went viral three days prior to his arrest. The letter criticized government actions and demanded that a draft law designating "special economic zones" in three different regions of Vietnam be changed. The planned law had received harsh public criticism and had ignited demonstrations that were ruthlessly put down. Despite Hung's repeated claims that his mental health was excellent, he was detained in a mental institution in Hanoi for the first three years and ten months following his detention.

      This five-year prison sentence that Vietnam's authorities secretly handed down to independent journalist Le Anh Hung after imprisoning him for four years in appalling conditions apalls Reporters Without Borders (RSF). According to RSF, the authorities continue to abuse the legal system to impose draconian punishments in an effort to silence any criticism of media.

      EXCERPT: Journalist Le Anh Hung was sentenced to five years in a Hanoi court for "abusing democratic freedoms" and "infringing upon the interests of the state". Reporters Without Borders (RSF) says the authorities continue to abuse the legal system to impose draconian punishments in an effort to silence any criticism of media. Despite claims that his mental health was excellent, he was detained in a mental institution for the first three years and ten months following his detention.

      LINK: https://rsf.org/en/vietnamese-journalist-gets-five-years-prison-abusing-democratic-freedoms

      DATE: 12.09.2022.

      TOPIC: Freedom of the press, Freedom of expression

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies

      TITLE: Iranian Minister Sanctioned by US Treasury for Hacking Government and Allies

      CONTENT: The Office of Foreign Assets Control (OFAC) of the US Department of the Treasury has sanctioned Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for allegations in engaging in cyber-enabled activities against the United States and its allies.

      "We will not tolerate Iran's increasingly aggressive cyber activities targeting the United States or our allies and partners," stated Brian E. Nelson, Treasury Undersecretary for Terrorism and Financial Intelligence.

      The MOIS would have guided several network connections of cyber threat actors engaged in cyber-espionage and ransomware attacks in assistance of Iran's political goals under Esmail Khatib's leadership.

      The MuddyWater ransomware operations against Turkish government entities in November 2021, the APT39 wide - spread theft of personally identifiable information (PII) in 2020, and, most recently, the cyber activity that directly impacted Albanian government websites are examples of these. These sanctions come just weeks after Microsoft revealed details of alleged hacking campaigns linked to MuddyWater that targeted Israeli organizations by exploiting Log4j 2 vulnerabilities in SysAid applications.

      EXCERPT: United States Office of Foreign Assets Control has sanctioned Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for cyber-enabled activities against the U.S. and its allies. "We will not tolerate Iran's increasingly aggressive cyber activities targeting the United States, …" said Brian E. Nelson, Treasury Undersecretary for Terrorism and Financial Intelligence.

      LINK: https://www.infosecurity-magazine.com/news/us-sanctions-iranian-ministry/

      DATE: 12.09.2022.

      TOPIC: Cyberconflict and warfare

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. North Korean Lazarus Group Hacked Energy Providers Worldwide

      TITLE: Energy providers hacked globally by North Korean Lazarus Group

      CONTENT: Between February and July 2022, the North Korean threat actor Lazarus Group ran a malicious campaign against energy providers all over the world. The campaign was previously revealed in part by Symantec and AhnLab in April and May, and Cisco Talos is now providing additional details.

      The security researchers stated in an advisory on Thursday that the Lazarus campaign involved the exploitation of vulnerabilities in VMWare Horizon to gain initial access to targeted organizations. Cisco Talos states that the recent Lazarus attacks targeted energy providers from various countries, including the United States, Canada, and Japan.

      The new Cisco Talos advisory is just the latest in a long line of documents detailing the Lazarus Group's hacking operations this summer. Elliptic, a blockchain analytics company, suggested in June that the threat actor was responsible for the $100 million theft from cryptocurrency firm Harmony. The Block recently linked the group to Axie Infinity's $600 million hack.

      LINK: https://www.infosecurity-magazine.com/news/lazarus-group-hacked-energy/

      DATE: 12.09.2022.

      TOPIC: Cyberconflict and warfare, Cybercrime

      EXCERPT: Between February and July 2022, the Lazarus Group ran a malicious campaign against energy providers all over the world. The campaign was previously revealed in part by Symantec and AhnLab in April and May. Cisco Talos is now providing additional details on the North Korean threat actor's operations.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Freedom House report on Beijing’s Global Media Influence: cyber aspects

      CONTENT: (For the next two paragraphs please use this link: https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html) Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing’s efforts to influence media in democracies, and their response. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

      Sarah Cook, Freedom House's research director for China, Hong Kong, and Taiwan, and one of the report's authors said: ‘The Chinese government is using more sophisticated, more covert and more coercive tactics, like cyberbullying, or cyberattacks, or just phone calls to journalists, to try to pressure and influence coverage in countries around the world.’

      (From here on, please use this link: https://freedomhouse.org/report/beijing-global-media-influence/2022/authoritarian-expansion-power-democratic-resilience) Since 2019, more aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. Also, from 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. These cyberattacks increase the financial burden on media outlets to improve their defenses, and data theft hacking could endanger journalists and their sources.

      Nigeria has been identified as the country most vulnerable to Beijing's media influence campaigns.

      LINK: https://freedomhouse.org/report/beijing-global-media-influence/2022/authoritarian-expansion-power-democratic-resilience & https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html

      TOPIC: Freedom of the press, Cybercrime

      DATE: 08.09.2022.

      EXCERPT: Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing's efforts to influence media in democracies. Since 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. More aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

    2. Beijing's Global Media Influence 2022

      TITLE: Freedom House report on Beijing’s Global Media Influence: cyber aspects

      CONTENT: (For the next two paragraphs please use this link: https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html) Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing’s efforts to influence media in democracies, and their response. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

      (From here on, please use this link: https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html) Sarah Cook, Freedom House's research director for China, Hong Kong, and Taiwan, and one of the report's authors said: ‘The Chinese government is using more sophisticated, more covert and more coercive tactics, like cyberbullying, or cyberattacks, or just phone calls to journalists, to try to pressure and influence coverage in countries around the world.’

      Since 2019, more aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. Since 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. These cyberattacks increase the financial burden on media outlets to improve their defenses, and data theft hacking could endanger journalists and their sources.

      Nigeria has been identified as the country most vulnerable to Beijing's media influence campaigns.

      LINK: https://freedomhouse.org/report/beijing-global-media-influence/2022/authoritarian-expansion-power-democratic-resilience & https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html

      TOPIC: Freedom of the press, Cybercrime

      DATE: 08.09.2022.

      EXCERPT: Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing's efforts to influence media in democracies. Since 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. More aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Increased Mortality Rates Linked to Cyber-Attacks Against Healthcare Organizations

      TITLE: Increased Mortality Rates as a Result of Cyber-Attacks on Healthcare Organizations

      CONTENT: According to new research from Proofpoint's Ponemon Institute, cyber-attacks on healthcare organizations increase mortality rates by more than 20%. The report surveyed 641 healthcare IT and security practitioners, and found out that 89% of them experienced an average of 43 attacks in the previous 12 months, with more than 20% experiencing one of these types of attacks: cloud compromise, ransomware, supply chain, and phishing.

      The most common consequences of these attacks, according to Proofpoint, were delayed procedures, which resulted in poor patient outcomes for 57% of healthcare providers and increased complications from medical interventions for approximately half of them.

      Ransomware was the most likely type of attack to have a negative impact on patient care, causing procedure or test postponements in 64% of cases and longer patient stays (59%).

      LINK: https://www.infosecurity-magazine.com/news/mortality-rates-linked-cyber/

      DATE: 11.09.2022.

      TOPIC: Cyberconflict and warfare, Cybercrime, Cybersecurity

      EXCERPT: Cyber-attacks on healthcare organizations increase mortality rates by more than 20%. 89% of healthcare IT and security practitioners experienced an average of 43 attacks in the previous 12 months. Cloud compromise, ransomware, supply chain, and phishing were the most common types of attacks.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Draft EU rules target smart devices with cybersecurity risks

      TITLE: Draft EU regulations direct smart devices that pose cybersecurity risks

      CONTENT: According to a European Commission document obtained by Reuters on Thursday, smart devices connected to the internet, such as refrigerators and televisions, will have to comply with strict European Union cybersecurity rules or risk being fined or banned from the bloc.

      On September 13, the EU executive will unveil its Cyber Resilience Act proposal. Following input from EU countries, it is likely to become law. Companies will be required to notify the EU cybersecurity agency ENISA of incidents within 24 hours of becoming aware of them, and to take corrective action.

      The paper states that if companies fail to comply, national surveillance authorities have the authority to ‘prohibit or restrict that product being made available on its national market, to withdraw it from that market or recall it.’

      EXCERPT: On September 13, the EU executive will unveil its Cyber Resilience Act proposal. Following input from EU countries, it is likely to become law. Smart devices connected to the internet, such as refrigerators and televisions, will have to comply with strict European Union cybersecurity rules.

      LINK: https://www.reuters.com/technology/draft-eu-rules-target-smart-devices-with-cybersecurity-risks-2022-09-08/

      DATE: 08.09.2022.

      TOPIC: Cybersecurity, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Battling Violence and Censors, Women in China Become ‘Invisible and Absent’

      TITLE: Women in China are being silenced online as a result of violence and censorship

      CONTENT: When an influential woman in China's #MeToo movement, Ms. Zhou Xiaoxuan, went to court against a famous TV anchor, Mr. Zhu Jun, the justice was not on her side. What happened was not the accuser, but the accused - was portrayed as the victim. Other cases of gender violence and gender related incidents also rapidly went viral. In each case, however, the conversation was quickly censored in order to reduce the ways in which the women had been assaulted. China’s Communist Party has used social media censorship to silence critics while amplifying comments that support the government's chosen narrative of social harmony. After carefully analysing the content, censors then remove popular comments or accounts which express views that deviate too far from the party line. Government censors used Weibo, a popular Chinese social media platform to boost the comments supporting the court’s decision against one of the victims of sexual assault mentioned above, while reducing and deleting messages in her support.

      TOPIC: Freedom of expression, Gender rights online

      LINK: https://www.nytimes.com/2022/09/06/business/china-women-metoo.html

      DATE: 06.09.2022.

      EXCERPT: Chinese women are not allowed to post freely about their experiences of gender-related violence. #MeToo movement in China was restricted and censored by the ruling China’s Communist Party. Social media censorship is one of the main tools the government use in order to prevent women to express themselves and point out the unjust situation in the country regarding their mistreatment.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. UK condemns Iran for reckless cyber attack against Albania

      TITLE: Iran is condemned by the United Kingdom for its cyber attack on Albania

      CONTENT: On September 7, the United Kingdom officially condemned the Iranian state for a cyber attack against Albania's government which destroyed data and interrupted crucial government services such as paying utilities, booking medical appointments, and enrolling schoolchildren. According to the National Cyber Security Centre (NCSC), Iranian state-linked cyber actors are almost definitely accountable for a number of cyber attacks against Albanian government infrastructure beginning on July 15, 2022.

      UK Foreign Secretary James Cleverly declared that ‘The UK is supporting our valuable partner and NATO ally. We join Albania and other allies in exposing Iran’s unacceptable actions.’ The UK has already identified and provided advice on several cyberattacks by Iranian actors, starting with 2018.

      TOPIC: Cyberconflict and warfare

      LINK: https://www.gov.uk/government/news/uk-condemns-iran-for-reckless-cyber-attack-against-albania

      DATE: 07.09.2022.

      EXCERPT: This Wednesday, the United Kingdom condemned the Iranian state for a cyber attack against Albania's government which destroyed data and interrupted crucial government services such as paying utilities. The UK has already identified and provided advice on several cyberattacks by Iranian actors, starting with 2018.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages

      TITLE: Ransomware gang’s Cobalt Strike servers receive anti-Russia messages in a series of DDoS

      CONTENT: There has been a flood of anti-Russian messages to Cobalt Strike servers run by former Conti ransomware gang members in order to disrupt their operations. Although the operators of Conti ransomware turned off their infrastructure this year in May, its members are now a part of other ransomware groups, including Quantum, Hive, and BlackCat. At the time, TeamServers (C2) used by ransomware actors to control the Cobalt Strike (CS) Beacon payloads on compromised hosts are being tracked by someone, allowing for lateral network movement. When they go inside the CS servers, the usernames they use are ‘Stop Putin!’, or they change their computer name to messages like ‘Be a Russian patriot!’, and ‘Stop the war!’ It is unknown who is sending these messages, as it could be anyone from a security researcher to law enforcement or even a cybercriminal with a grudge for siding with Russia, BleepingComputer reports. In the end, the disruption was only temporary, and the ransomware actor returned to the scene with a more robust infrastructure, allowing them to keep the stolen data accessible even in the face of distributed denial-of-service (DDoS) attacks. LINK: https://www.bleepingcomputer.com/news/security/ransomware-gangs-cobalt-strike-servers-ddosed-with-anti-russia-messages/ EXCERPT: There has been a flood of anti-Russian messages to Cobalt Strike servers run by former Conti ransomware gang members in order to disrupt their operations. At the time, TeamServers (C2) used by ransomware actors to control the Cobalt Strike (CS) Beacon payloads on compromised hosts are being tracked by someone, allowing for lateral network movement. TOPIC: Cybercrime, Cyberconflict and warfare DATE: 07.09.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Albania blames Iran for the July cyberattack and suspends diplomatic relations

      CONTENT: Albanian Prime Minister, Edi Rama, declared on Wednesday that the entire staff of the Islamic Republic of Iran Embassy in Albania had been asked to leave within 24 hours.

      This decision follows the termination of diplomatic relations with Iran following the identification of an Albanian government infrastructure cyberattack to Iranian threat actors in July. Rama said that: ‘The in-depth investigation provided us with indisputable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran through the engagement of four groups that enacted the aggression.’

      The U.S. government also officially blamed Iran for the July attack on Albania. The U.S. official said that they condemn this attack and that the Islamic Republic of Iran would be held responsible for endangering the security of a NATO ally. Further actions will be taken to held Iran accountable if another attack towards any of their NATO ally happens in the future. EXCERPT: Albanian Prime Minister, Edi Rama, declared on Wednesday that the entire staff of the Islamic Republic of Iran Embassy in Albania had been asked to leave within 24 hours. The U.S. government also officially blamed Iran for the July attack on Albania. The U.S. official said that they condemn this attack and that the Islamic Republic of Iran would be held responsible for endangering the security of a NATO ally. LINK: https://www.bleepingcomputer.com/news/security/albania-blames-iran-for-july-cyberattack-severs-diplomatic-ties/ TOPIC: Cyberconflict and warfare DATE: 07.09.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Japan investigates the potential involvement of a pro-Russian group in cyberattacks

      CONTENT: Japan announced on Wednesday that it is looking into the possible role in cyberattacks of a pro-Russian group after numerous government websites were disrupted the day before. The ransomware group in question is ‘Killnet’, which is considered to be responsible for attacks on the government websites, as media quotes.

      According to Chief Cabinet Secretary Hirokazu Matsuno, the Japanese government is investigating whether problems accessing more than 20 websites across four government ministries were caused by a denial-of-service (DDoS) attack. Matsuno also explained that the government websites could not be reached on Tuesday evening.

      However, services were recovered the same day. He is aware this pro-Russian group is suggesting that they were behind the attack, but the case is still being investigated at the moment.

      EXCERPT: Japan announced on Wednesday that it is looking into the possible role in cyberattacks of a pro-Russian group named Killnet after numerous government websites were disrupted the day before. According to Chief Cabinet Secretary Hirokazu Matsuno, the Japanese government is investigating whether problems accessing more than 20 websites across four government ministries were caused by a denial-of-service (DDoS) attack.

      LINK: https://www.reuters.com/technology/japan-investigating-possible-involvement-pro-russian-group-cyberattack-nhk-2022-09-06/

      DATE: 07.09.2022.

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. The new Worok cyber-espionage group is targeting governments and high-profile corporations

      Worok, a newly discovered cyber-espionage group, has been using a combination of custom and existing malicious tools to hack governments and high-profile companies in Asia since 2020. ESET security researchers were the first to spot it, and they found out that the group also attacked targets from Middle East and Africa.

      Worok has so far been linked to attacks on telecommunications, banking, maritime, and energy companies, along with military, government, and public sector organizations. Although there have been no sightings since February 2022, ESET has linked the group to new attacks against a Central Asian energy company and a public sector institution in Southeast Asia.

      TOPIC: Cyberconflict and warfare, Cybercrime

      LINK: https://www.bleepingcomputer.com/news/security/new-worok-cyber-espionage-group-targets-governments-high-profile-firms/

      DATE: 06.09.2022.

      EXCERPT: Worok, a newly discovered cyber-espionage group, has been using a combination of custom and existing malicious tools to hack governments and high-profile companies in Asia since 2020. Although there have been no sightings since February 2022, ESET has linked the group to new attacks against a Central Asian energy company and a public sector institution in Southeast Asia.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: The JX Fund and Voronezh Mass Media Defence Center launched the information platform Shpargalka | Exile

      CONTENT: The JX Fund - European Fund for Journalism in Exile, in collaboration with the Voronezh Mass Media Defense Center, has launched the information platform Shpargalka | Exile (‘cheat sheet’ in Russian) to assist threatened media professionals in Russia in selecting a country of exile that is appropriate for them and their needs. Since the increase in anti-press legislation in Russia starting from 4 March, even the use of the word "war" can result in a 15-year prison sentence, so this type of platform is useful for media workers.

      Shpargalka | Exile has now compiled answers to 21 of the most pressing questions, like ‘How do I get a work permit?’, or ‘What do I need to do to register a media company in exile?’ All questions are being answered by lawyers from 12 countries, which currently include: Armenia, Azerbaijan, Bulgaria, Germany, Georgia, Israel, Kazakhstan, Latvia, Montenegro, Poland, Serbia, and Turkey.

      The information is regularly updated, as many countries' entry requirements and legal systems constantly change in light of the tense geopolitical situation. In recent months, the JX Fund has helped 14 media outlets rebuild, as well as five start-ups and the creation of a media hub in Tbilisi, Georgia. Since the increase in anti-press legislation in Russia starting from 4 March, even the use of the word "war" can result in a 15-year prison sentence.

      EXCERPT: The JX Fund - European Fund for Journalism in Exile, in collaboration with the Voronezh Mass Media Defense Center, has launched the information platform Shpargalka | Exile (‘cheat sheet’ in Russian) to assist threatened media professionals in Russia in selecting a country of exile that is appropriate for them and their needs. The platform gives answers to 21 of the most pressing questions, which are given by lawyers from 12 countries.

      LINK: https://rsf.org/en/cheat-sheet-media-workers-under-threat Sharpgalka | Exile: https://shpargalka-exile.web.app/

      TOPIC: Freedom of the press

      DATE: 05.09.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. China accuses Washington of cyberspying on university

      TITLE: China accused Washington of breaking into computers and spying on university

      CONTENT: China accused Washington on Monday of breaking into computers at Northwestern Polytechnical University that US officials say conducts military research. Both governments complained about worrying online spying against one another.

      The National Computer Virus Emergency Response Center reported computer break-ins at Northwestern Polytechnical University in June. It stated that the center, in collaboration with a commercial security provider, Qihoo 360 Technology Co., identified the attacks back to the National Security Agency, but did not specify how.

      China accuses the US of spying on universities, energy companies, and internet service providers, among other targets. Washington accuses Beijing of stealing commercial secrets and has charged Chinese military officers with crimes.

      According to Foreign Ministry spokeswoman Mao Ning, the US actions "seriously endanger China's national security." She also accused Washington of using spyware to eavesdrop on Chinese phone calls and stealing text messages.

      As per the security experts, the ruling Communist Party's military wing, the People's Liberation Army, and the Ministry of State Security also fund outside hackers. Alongside with Russia, China and the United States are widely acknowledged as global leaders in cyberwarfare research.

      TOPIC: Cyberconflict and warfare, Cybercrime

      EXCERPT: Chinese government accused Washington of cyberspying on Monday. Northwestern Polytechnical University in June has suffered computer break-ins, according to The National Computer Virus Emergency Response Center. China also accuses the US of spying on universities, energy companies, and internet service providers, among other targets. It stated that the center, in collaboration with a commercial security provider, Qihoo 360 Technology Co., identified the attacks back to the National Security Agency, but did not specify how.

      DATE: 05.09.2022.

      LINK: https://abcnews.go.com/Technology/wireStory/china-accuses-washington-cyber-spying-university-89343366

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. U.S. reporters wary of online, legal threats in the wake of the overturn of Roe v. Wade

      TITLE: In the aftermath of the Roe v. Wade decision, US journalists are wary of online legal threats

      CONTENT: The editors of the pro-abortion rights news website Rewire unusually removed reporter biographies from the site in May.

      The move was made as a precaution after a draft of a majority Supreme Court opinion in Dobbs v. Jackson Women's Health Organization, which sought to overturn the constitutional right to abortion, was leaked. Rewire reporters were concerned about an increase in online harassment.

      Editor-in-chief Galina Espinoza said that: ‘The newsroom has for years kept a repository of harassing messages to track patterns, just in case.’ The current abortion situation in America has some abortion reporters on edge.

      In addition to their fears about online harassment, reporters notified Committee to Protect Journalists (CPJ) that they are concerned about real-world violence and how changing laws may expose them and their sources to legal threats in the aftermath of the Supreme Court's decision to overturn Roe v. Wade in June.

      EXCERPT: U.S. reporters shared their concerns with Committe to Protect Journalists (CPJ) about online harassment they face. However, it does not ned there. They are now even concerned about real-world violence in the aftermath of the Supreme Court’s decision to overturn Roe v. Wade in June. The current abortion situation in America has some abortion reporters on edge. The Rewire newsroom is keeping a repository of harassing messaged to track patterns.

      LINK: https://cpj.org/2022/09/u-s-reporters-wary-of-online-legal-threats-in-the-wake-of-the-overturn-of-roe-v-wade/

      DATE: 01.09.2022.

      TOPIC: Freedom of the Press, Freedom of expression

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. New ransomware hits Windows, Linux servers of Chile govt agency

      TITLE: Ransomware attack hits Windows, Linux servers of Chilean government agency

      CONTENT: Chile's national computer security and incident response team (CSIRT) has confirmed that a ransomware attack has affected the country's government agency's operations and online services.

      The attack began on Thursday, August 25, and targeted the agency's Microsoft and VMware ESXi servers. The hackers offered Chile’s CSIRT a communication channel through which they could negotiate the payment of a ransom that would prevent the files from being leaked. The malware used in this attack, according to CSIRT, also had functions for stealing credentials from web browsers, listing removable devices for encryption, and evading antivirus detection via execution timeouts.

      In their announcement, Chile's CSIRT does not title the ransomware group responsible for the attack, nor does it offer enough information to identify the malware. Because it has been used by multiple threat actors, the extension appended to the encrypted files provides no clue. Very limited information provided by Chile's CSIRT on the malware's behavior points to the 'RedAlert' ransomware (aka "N13V"). Nevertheless, indicators of compromise (IoCs) in the announcement could be associated with Conti.

      According to what Chilean threat analyst Germán Fernández told BleepingComputer, the strain appears to be entirely new, and the researchers he spoke with were unable to associate the malware with known families. Based on what BleepingComputer has learned so far about this ransomware, it is a new operation that began in early August.

      EXCERPT: BleepingComputer learned about a brand new ransomware operation that started in August, targeting Chile's national computer security and incident response team (CSIRT). The hackers have affected the agency's Microsoft and VMware ESXi servers with their operations. According to CSIRT, the malware used in this operations had functions for stealing credentials from web browsers, listing removable devices for encryption, and evading antivirus detection via execution timeouts.

      LINK: https://www.bleepingcomputer.com/news/security/new-ransomware-hits-windows-linux-servers-of-chile-govt-agency/

      DATE: 01.09.2022.

      TOPIC: Cyberconflict and warfare

      COUNTRY: Chile

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. China-Taiwan military tension fuels an active cyberwar

      TITLE: Military tensions between China and Taiwan fuel an active cyberwar

      CONTENT: The world was relieved when tensions between China and Taiwan did not escalate into a larger military engagement in August. Nevertheless, both countries are influenced by an active cyberwarfare.

      According to researchers at threat intelligence firm Cyberint, cyber activity between China and Taiwan is defined by multi-vector attacks, similar to what experts have observed happening between Russia and Ukraine. Based on a recent report, cyber tensions are high, and the number of national-level cyberattacks targeting China and Taiwan has recently significantly increased. Cyberint Research Team states that the growing number of cyberattacks will encourage more competing hackers organizations, raising the risk of an escalating cyber conflict.

      One obvious sign of increased activity, according to the researchers, is the increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums, with the number of comments on Chinese data leaks increasing four times in July compared to June. When it comes to Taiwan, the number of comments under data leaks from its companies also increased during July.

      The new tactic may eventually lead to a gradual increase from minor cyberattacks on government websites to more serious crimes involving hacking of critical infrastructure. If the cyber conflict between Taiwan and China resembles what happened in Ukraine, China should prepare its infrastructure to withstand a series of new of distributed denial-of-service (DDoS) attacks.

      EXCERPT: Even though military tensions between China and Taiwan have not escalated, there is an ongoing cyber war between them. The engagement in these attacks is similar to the ones in Ukraine and Russia, and there are clear signs that there is an increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums. The new tactic may include a gradual increase from minor cyberattacks on government websites to more serious crimes involving the hacking of critical infrastructure.

      DATE: 01.09.2022.

      LINK: https://cybernews.com/news/china-taiwan-military-tension-fuels-an-active-cyberwar/

      TOPIC: Cyberconflict and warfare

      COUNTRY: China, Taiwan

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Military tensions between China and Taiwan fuel an active cyberwar

      CONTENT: The world was relieved when tensions between China and Taiwan did not escalate into a larger military engagement in August. Nevertheless, both countries are influenced by an active cyberwarfare.

      According to researchers at threat intelligence firm Cyberint, cyber activity between China and Taiwan is defined by multi-vector attacks, similar to what experts have observed happening between Russia and Ukraine. Based on a recent report, cyber tensions are high, and the number of national-level cyberattacks targeting China and Taiwan has recently significantly increased. Cyberint Research Team states that the growing number of cyberattacks will encourage more competing hackers organizations, raising the risk of an escalating cyber conflict.

      One obvious sign of increased activity, according to the researchers, is the increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums, with the number of comments on Chinese data leaks increasing four times in July compared to June. When it comes to Taiwan, the number of comments under data leaks from its companies also increased during July.

      The new tactic may eventually lead to a gradual increase from minor cyberattacks on government websites to more serious crimes involving hacking of critical infrastructure. If the cyber conflict between Taiwan and China resembles what happened in Ukraine, China should prepare its infrastructure to withstand a series of new of distributed denial-of-service (DDoS) attacks.

      EXCERPT: Even though military tensions between China and Taiwan have not escalated, there is an ongoing cyber war between them. The engagement in these attacks is similar to the ones in Ukraine and Russia, and there are clear signs that there is an increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums. The new tactic may include a gradual increase from minor cyberattacks on government websites to more serious crimes involving the hacking of critical infrastructure.

      DATE: 01.09.2022.

      LINK: https://cybernews.com/news/china-taiwan-military-tension-fuels-an-active-cyberwar/

      TOPIC: Cyberconflict and warfare

      COUNTRY: China, Taiwan

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Ragnar Locker ransomware claims attack on Portugal's flag airline

      TITLE: TAP Air Portugal hit by ransomware: Ragnar Locker claims responsibility

      CONTENT: The Ragnar Locker ransomware gang has claimed responsibility for an attack on Portugal's flag carrier, TAP Air Portugal, which was revealed by the airline after its systems were compromised on Thursday night.

      The company stated that the attack was stopped and that no evidence suggested that the attackers gained access to the customer data stored on the affected servers. The airline also issued an alert on Monday, stating that its website and app are unavailable due to the Thursday ransomware attack.

      TAP has yet to confirm whether this was a ransomware attack. However, the Ragnar Locker ransomware gang posted a new entry on their data leak website today, claiming responsibility for last week's cyberattack on TAP's network.

      The ransomware group believes to have "reasons" to assume that hundreds of Gigabytes of data were compromised in the incident and has threatened to provide "irrefutable evidence" to negate TAP's claim that its customers' data was not accessed. Ragnar Locker also shared a screenshot of a spreadsheet that appears to contain customer data stolen from TAP's servers, such as names, dates of birth, emails, and addresses.

      DATE: 31.08.2022.

      EXCERPT: The Ragnar Locker ransomware gang claims responsibility for the ransomware attack on Portugal’s flag carrier, TAP Air Portugal. The company itself says that the attack was prevented, and customers’ information has been untouched. On the other hand, the ransomware gang states that they can easily provide evidence that the data has been compromised.

      LINK: https://www.bleepingcomputer.com/news/security/ragnar-locker-ransomware-claims-attack-on-portugals-flag-airline/

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

  3. Aug 2022
    1. TITLE: Saudi woman sentenced to 45 years in prison for social media posts

      CONTENT: A Saudi Arabian court convicted Nourah bint Saeed al-Qahtani to 45 years of prison time for posts on social media, according to a rights group. According to a Washington-based DAWN organization, she was convicted by the Saudi Specialized Criminal Court on charges of ‘using the internet to tear the (Saudi) social fabric’ and for ‘violating public order by using social media.’

      DAWN stated that almost nothing is known about Qahtani or even what her social media posts stated and that the investigation into her case was ongoing. Salma al-Shehab, a mother of two and doctoral candidate at the University of Leeds in the United Kingdom, was sentenced to 35 years in prison for following and retweeting dissidents and activists on Twitter just a few weeks before Qahtani's conviction.

      According to Abdullah al-Aoudh, Director of Research for the Gulf Region at DAWN, Saudi authorities used "abusive" laws in both the Shebab and Qahtani cases to target and sanction Saudi citizens for opposing the government on Twitter.

      According to what Saudi officials told Reuters last month, the kingdom has no political prisoners, and the thought of it is ridiculous. On the other hand, a request for comment was not responded to by the Saudi government's media office.

      LINK: https://www.reuters.com/world/middle-east/saudi-woman-gets-45-year-prison-term-social-media-posts-rights-group-2022-08-30/

      DATE: 30.08.2022.

      EXCERPT: Saudi Arabian woman, Nourah bint Saeed al-Qahtani, has been sentenced to 45 years in prison for her posts on social media platforms. A few weeks before that, another woman, Salma al-Shehab was sentenced to 35 years in prison for following and retweeting dissidents and activists on Twitter. A Washington-based DAWN organization is still investigating into al-Quahtani’s case, as it is not clearly known what her posts contained. Presumably, she criticized the government. Saudi authorities are using abusive laws to punish citizens who dare to oppose the rulers.

      TOPIC: Freedom of expression

      COUNTRY: Saudi Arabia

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. UK Spies Fund New Course for Female Coders

      TITLE: UK Spies are funding a new course for female coders

      CONTENT: With a new bootcamp course, the UK's main intelligence agency for dealing with cyber-threats hopes to attract more female coders to its workforce. GCHQ is sponsoring one of Code First Girls' 14-week 'nanodegree' courses, which are designed to appeal to women considering a career switch.

      According to Jo Cavan, the security agency's director of strategy, policy, and engagement, teams such as counter-terrorism have performed better since becoming more diversified. Cavan claims that one key area where GCHQ needs more diversity is in countering threats from the east. She also added: ‘We have been working hard to increase that number so we have more diverse teams and better get across the threats we need to today.’

      According to the certification organization ISC2, women still make up only 25% of cybersecurity roles global level. When it comes to its 2021 industry report, fewer women (38%) than men (50%) came from an IT background, while women have higher rates of entry through self-learning than men (20% vs. 14%). These figures suggest that there may be a sizable group of female job seekers looking to change careers to one that involves cyber.

      LINK: https://www.infosecurity-magazine.com/news/uk-spies-fund-new-course-for/

      DATE: 30.08.2022.

      TOPIC: Gender rights online

      EXCERPT: The UK’s main intelligence agency for dealing with cyber-threats is aiming to attract more female workers, in order to increase diversity. Studies have shown that teams such as counter-terrorism have performed better since becoming more diversified. In this article, you can also see the percentage of women in cybersecurity roles and the level of their entry through self-learning compared to men. The information is provided by the certification organization, ISC2.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Chinese hackers use ScanBox malware to target the Australian government

      CONTENT: Threat actors based in China have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake news media outlet impersonating an Australian news outlet. The sender pretended to be an employee of the hoax media outlet "Australian Morning News," with a link leading to the malicious website. The site included plagiarized content from legitimate news websites.

      Victims started arriving at the fraudulent site after receiving phishing emails with appealing lures, and the ScanBox reconnaissance framework delivered a malware payload. From April to June of this year, the campaign targeted individuals at local and federal Australian Government agencies, Australian news media organizations, and global heavy industry manufacturers which provide maintenance to wind turbines in the South Chinese Sea.

      Proofpoint and PwC (PricewaterhouseCoopers) security researchers who observed the campaign concluded that the goal was cyberespionage. They attribute the activity with moderate confidence to a Chinese-based threat group known as APT40 (a.k.a. TA423, Leviathan, Red Ladon).

      LINK: https://www.bleepingcomputer.com/news/security/chinese-hackers-target-australian-govt-with-scanbox-malware/

      EXCERPT: China-based actors have been targeting Australian government agencies and wind turbine fleets by directing individuals to a fake media outlet, pretending to be an Australian media outlet. The site they were led on, contained plagiarized information from legitimate news websites. From April to June 2022, the campaign targeted individuals at local and federal Australian Government agencies, Australian news media organizations, and global heavy industry manufacturers working to maintain wind turbines in the South Chinese Sea.

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Acronis’ Mid-year Cyberthreat Report warns that global ransomware damage will exceed $30bn by 2023

      CONTENT: Switzerland-based cybersecurity company Acronis reported in its Mid-Year Cyberthreat Report, published on August 24, that almost half of breaches during the first six months of 2022 involved stolen credentials. The primary goal of cybercriminals using these credentials is to launch ransomware attacks, which remain the number one threat to large and medium-sized businesses, including government organizations, the report says.

      Acronis found that out of 600 malicious email campaigns in the first half of 2022, 58% were phishing attempts, and 28% featured malware. Unpatched or software vulnerabilities are now also being targeted by cybercriminals in order to extract data, with a recent increase in Linux operating systems and managed service providers (MSPs) and their network of SMB customers.

      The Swiss firm is highlighting: ‘Ransomware is worsening, even more so than we predicted.’ They also mentioned Conti and Lapsus gangs as the prime targets for international security services. It is expected that global ransomware damage will exceed up to $30bn by next year.

      EXCERPT: Swiss-based cybersecurity company Acronis reports in their Mid-Year Cyberthreat that the first six months of this year involved stolen credentials. With hacking methods in development, like targeting unpatched or software vulnerabilities, and malicious email campaigns, ransomware is worsening. It is excepted that global ransomware will exceed up to $30bn by 2023.

      LINK: https://www.infosecurity-magazine.com/news/ransomware-exceed-30bn-dollars-2023/

      TOPIC: Cybercrime, Cyberconflict and warfare

      DATE: 29.08.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Montenegro says Russian cyberattacks threaten key state functions

      TITLE: Montenegro suspects the cyberattacks are coming from Russia

      CONTENT: Cyberattacks are persistent in Montenegro and targets are the main infrastructure objects, such as electricity and water supply systems, transportation services, and online portals citizens use. At the time of writing, Bleeping Computer states that the official website of the government of Montenegro is unreachable.

      The country's Defense Minister has blamed Russian actors for the attacks, telling local media on Saturday that there is enough evidence to suspect the attack was "directed by several Russian services."

      The country's currently battling polarization which has been impacted by the current government's decision to support sanctions against Russia. This has sparked outrage from certain demographic groups and, in some cases like now, even external attacks.

      Montenegro is currently receiving assistance from NATO allies to block the attacks. Most notable efforts come from France. The country has deployed an ANSSI (French Agency for Information Systems Security) team to assist in the defense of critical systems and the restoration of compromised networks.

      DATE: 29.08.2022.

      TOPIC: Cyberconflict and warfare

      LINK: https://www.bleepingcomputer.com/news/security/montenegro-says-russian-cyberattacks-threaten-key-state-functions/

      EXCERPT: Montenegro suffers a series of cyberattacks directed toward their vital infrastructure. The country’s Defense Minister is attributing these attacks to Russia, as Montenegro decided to support sanctions against them. Currently, Montenegro receives help from NATO allies, but mainly from France.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Montenegro’s digital infrastructure hit by a unprecedented cyberattack

      CONTENT: Montenegro's government digital infrastructure has been hit by a ‘unprecedented’ cyber attack, and swift measures have been taken to minimize the impact, officials said on Friday. ‘A persistent and ongoing cyber-attack is in process in Montenegro,’ The U.S. Embassy in Podgorica posted a warning on its website.

      ‘Certain services were switched off temporarily for security reasons but the security of accounts belonging to citizens and companies and their data have not been jeopardised,’ said Public Administration Minister Maras Dukaj on Twitter.

      According to Reuters, in 2016, cyber criminals also targeted Montenegro's state digital infrastructure on election day, and again several months later in 2017, as this small Balkan state prepared to join NATO.

      The Western military alliance is aware of reports of cyber attacks in Montenegro and is prepared to assist its authorities if needed, according to an unidentified NATO official quoted by Voice of America.

      EXCERPT: Montenegro’s government digital infrastructure has been hit with an unprecedented cyber attack. The hacker’s origin is still not officially known, but it woke concerns among NATO members. This is not the first time the cyber attack of this range happened in Montenegro, but it is considered to be a persistent and ongoing according to the U.S. Embassy in Podgorica.

      DATE: 26.08.2022.

      LINK: https://www.reuters.com/world/europe/montenegros-state-infrastructure-hit-by-cyber-attack-officials-2022-08-26/

      TOPIC: Cyberconflict and warfare, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: CPJ joins letters urging the U.S. government to hold the NSO Group accountable for spyware that surveilled journalists

      CONTENT: In August, the Committee to Protect Journalists joined human rights and press freedom organizations in separate actions demanding the US government to hold NSO Group accountable for providing Pegasus spyware to governments that have secretly surveilled journalists around the world. The Israeli-owned NSO Group claims that it only licenses its Pegasus spyware to government agencies investigating crime and terrorism and that it should be immune from prosecution in US courts because it acted as an agent of foreign governments under the doctrine of sovereign immunity.

      Nevertheless, according to the CPJ’s letter it is clear their actions are malicious: ‘The evidence of the use of Pegasus spyware against human rights defenders, journalists, opposition parties, and state officials by repressive regimes continues to mount, contrary to NSO Group’s claim that their spyware is used as a tool for investigating criminal activity and terrorism.’

      EXCERPT: Committee to Protect journalists (CPJ) joins the letters of human rights and press freedom organizations in their separate actions urging the U.S. government to hold the Israeli-owned NSO Group accountable for providing Pegasus spyware to governments that have secretly surveilled journalists.

      LINK: https://cpj.org/2022/08/cpj-joins-letters-urging-u-s-government-to-hold-nso-group-accountable-on-spyware/

      DATE: 25.08.2022.

      TOPIC: Freedom of expression, Freedom of the press, Cybercrime

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: RSF’s new investigation on online media attacks throughout the Brazilian election campaign

      CONTENT: Throughout Brazil's election campaign, Reporters Without Borders (RSF) will track and analyze internet threats, violence, and attacks against the media as a part of their ongoing project. The election campaign was launched on 16 August and it will end with the election of a new president, members of both houses of the national congress, governors and members of the legislative assemblies in Brazil’s states on 2 or 30 October.

      During the campaign, RSF's Latin America bureau will monitor, analyze, and denounce online attacks on journalists in collaboration with the Laboratory for Image and Cyberculture Studies (LABIC), a leading research center specializing in social media analysis and digital trends affiliated with the Federal State University of Espirito Santo.

      The results of this research will be collected and posted on the RSF website on a regular basis. Following the elections, a detailed report analyzing the main trends and attacks observed during the project will be published. The project's goal is to better understand the origin, structure, and spread of these online attacks, to expose the main perpetrators, and to find effective and long-term solutions to combat this phenomenon.

      RSF published the findings of a survey of Twitter users' behavior in 2021, the platform used for the majority of attacks against the media and journalists in Brazil. Bolsonaro supporters were the primary perpetrators of these attacks, with the main targets being female journalists and media outlets critical of the government.

      EXCERPT: RSF is planning to investigate the online attacks on Brazilian media during the ongoing election in their new project. The results will be posted on a regular basis, and after the elections end, a detailed report on main trends and attacks during the project will also be published. The main goals of this analysis are to better understand what caused the spread of these online attacks, as well to expose the main perpetrators whilst finding a solution to combat this phenomenon.

      DATE: 23.08.2022.

      LINK: https://rsf.org/en/rsf-will-analyse-online-attacks-against-media-during-brazilian-election-campaign

      TOPIC: Freedom of the press, Freedom of expression

      COUNTRY: Brazil

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Dominican Republic government agency was disrupted by a quantum ransomware attack

      CONTENT: The Quantum ransomware assault that affected the Instituto Agrario Dominicano in the Dominican Republic and encrypted numerous services and workstations, occurred on August 18, local media reports. ‘They ask for more than 600 thousand dollars. We were affected by four physical servers and eight virtual servers; virtually all servers,’ Walixson Amaury Núñez, the IAD's director of technology, told the local press.

      As IAD does not have enough money to pay the ransom and with only basic security software systems - the company’s data was completely compromised.

      According to the National Cybersecurity Center (CNCS), who has been helping the agency recover from the attack, the attackers' IP addresses came from the United States and Russia.

      BleepingComputer investigated the case and found out that the Quantum ransomware operation was the attacker. If IAD did not pay the ransom publicly, the threat actor, who claimed having stolen over 1TB of data, threatened to release it. This ransomware actor is supposedly an offshoot of the Conti ransomware operation which adopted the earlier name of the MountLocker ransomware operation.

      EXCERPT: Instituto Agrario Dominicano, Dominican Republic’s government agency, suffered a ransomware attack by the Quantum ransomware operation. They are threatening them with a ransom of around 650.000 dollars. As the agency is not able to afford the ransom, and with only basic software security, their data is at stake. As the National Cybersecurity Center reports, the IP addresses of the attackers come from the U.S. and Russia.

      LINK: https://www.bleepingcomputer.com/news/security/quantum-ransomware-attack-disrupts-govt-agency-in-dominican-republic/

      TOPIC: Cyberconflict and warfare, Cybercrime

      COUNTRY: Dominican Republic

      DATE: 24.08.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Russia’s Yandex to sell off news service as state tightens grip on online media

      TITLE: Russia's Yandex sells news and blogging services as state tightens control over online media

      CONTENT: In a transaction that would expand direct state control over the news that many Russians view online, the largest internet firm in Russia will sell off its news and blogging services to the state-controlled social media site VK.

      Yandex.ru's main page, which was sold together with the news aggregator and blogging platform Zen, is expected to turn into a social media-style news feed managed by Gazprom-owned VK as a result of the transaction, with its chief executive being the son of a Kremlin official tasked with integrating the occupied territories of Ukraine.

      News articles on Yandex were already perceived as having been deliberately selected to abstain from controversial subjects in Russia, particularly criticism of the war in Ukraine. By reducing Yandex's exposure to politics, the sale of the company's media holdings is reportedly an effort to protect it from the threat of western sanctions.

      LINK: https://www.theguardian.com/world/2022/aug/23/russia-yandex-sell-news-service-state-tightens-grip-online-media

      DATE: 23.08.2022.

      TOPIC: Freedom of the press

      COUNTRY: Russia

      EXCERPT: Russia’s Yandex sells its news and blogging services to the state-controlled social media site VK. Yandex.ru’s main page is expected to turn into a social media-style news feed managed by Gazprom-owned VK, as a result of this transaction. The goal was reportedly an effort to loosen up the threats from western sanctions.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Greece’s largest natural gas distributor DESFA suffered ransomware-related data breach

      CONTENT: Greece’s largest natural gas distributor (DESFA) suffered a limited scope data breach and IT system outage which were followed by a cyberattack, this Saturday.

      DESFA shared in a public statement that hackers tried to infiltrate its network, but were faced with a quick response from their IT team. Nevertheless, the attack possibly caused the leakage of some files and data and a network intrusion was definitely made, although limited. DESFA is working on returning to normal operations and is ensuring the customers this incident would not impact the gas supplies.

      The attack was confirmed on Friday by Ragnar Locker ransomware operation, a threat actor. It is said in a recent FBI report that Ragnar Locker made 52 intrusions in critical U.S. infrastructure entities since January this year.

      This ransomware actor is threatening to publish all files that would victimize DESFA, if they do not answer their demands. The timeline of this attack is tough for European gas suppliers after being cut from Russia’s natural gas.

      The upcoming period is believed to be full of shortages, power cuts, and growing energy prices, leaving everyone involved even more vulnerable to ransomware attacks against gas distributors.

      EXCERPT: DESFA, Greece’s largest gas distributor was targeted with an ransomware attack. This attack was confirmed to be made by Ragnar Locker - a ransomware operation, familiar to FBI for their previous intrusions. This attack comes at a vulnerable time for European gas suppliers after being cut from Russian gas, and it is believed that the situation will get worse if similar attack should happen in this region again.

      LINK: https://www.bleepingcomputer.com/news/security/greek-natural-gas-operator-suffers-ransomware-related-data-breach/

      COUNTRY: Greece

      TOPIC: Cyberconflict and warfare, Cybercrime

      DATE: 22.08.2022.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. TITLE: Jordanian journalist arrested for allegedly violating Jordan’s cybercrime law by writing posts on Facebook

      CONTENT: On August 15, Adnan Al-Rousan, a Jordanian journalist, has been arrested by seven unidentified men, with two of them being in military uniform. The reasons behind this arrest are Al-Rousan’s posts on his Facebook profile, which were considered to be ‘insulting to Jordan.’ His most recent one, on August 14, was directed towards the ruler of Jordan, King Abdullah II bin Al-Hussein, saying ‘Jordan isn’t your property, it’s for us Jordanians.’

      He is believed to be violating Jordan’s cybercrime law with these posts on social media, while regularly publishing political commentary of similar content as above mentioned. Committee to Protect Journalist asks for an immediate release of the reporter, while trying to get any contact information for the Jordanian public prosecutor.

      EXCERPT: Adnan Al-Rousan, a Jordanian journalist has been arrested for allegedly violating the country’s cybercrime law. He regularly posts on his Facebook profile, criticizing the regime. Recently he wrote a post directed towards the King Abdullah II bin Al-Hussein, which caused his arrest. Committee to Protect Journalists condemns this arrest and asks for his immediate release.

      LINK: https://cpj.org/2022/08/jordanian-journalist-adnan-al-rousan-arrested-over-critical-columns-posted-on-facebook/

      TOPIC: Freedom of the press

      DATE: 18 August 2022

      COUNTRY: Jordan

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Estonia's Battle Against a Deluge of DDoS Attacks

      TITLE: Estonia battles a series of DDoS attacks during August

      CONTENT: According to Infosecurity magazine, Estonian public authorities and businesses have been the subject of increased large-scale distributed denial-of-service (DDoS) attacks in August. The Head of the incident response (CERT-EE) department, Tõnu Tammer, said that these attacks are a daily occurrence in Estonian cyberspace. Nevertheless, the Estonian Information System Authority (RIA) is highlighting that data confidentiality is not at risk, as attackers are not able to access or change the data. On August 18, Estonia faced the most extensive cyber-attack since 2007.

      Since the start of the invasion of Ukraine, Russian stated-backed cybercriminals are believed to be the main suspect for numerous cyberattacks on neighboring countries. This is why it is advised to Governments in Eastern Europe to heighten their alerts and ensure their cyber-defenses are as robust as they can be.

      EXCERPT: Estonian public authorities and businesses are facing a large number of DDoS attacks during the month of August 2022. Infosecurity magazine has talked about this issue with Tõnu Tammer, the Head of the CERT-EE department. Estonia is not the only Eastern European country at risk of potential cyber attacks since the start of the Russian invasion on Ukraine in February this year. Strengthening cyber-defenses of these actors is highly recommended.

      LINK: https://www.infosecurity-magazine.com/news-features/estonias-battle-against-a-deluge/

      TOPIC: Cyberconflict and warfare, Cybercrime

      TREND:

      PROCESS:

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Russian journalist gets a new fine for ‘discrediting’ the state’s military

      Maria Ovsyannikova, a Russian journalist, has been convicted by a Moscow court for ‘discrediting’ the Russian military. This is not her first fine, as she is well known for her famous protest against the invasion of Ukraine on live television, according to Euronews. In her Facebook posts, she often calls out the Russian authorities, saying ‘I go to the courts like I go to work.’ Ovsyannikova is just one among Russian citizens who pay fines or even serve prison time of up to 15 years if it is found out they spread the news about the Russian army or entities across borders that are considered to be ‘false.’

      You can watch the video of Ovsyannikova’s interruption of state TV news broadcast here.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. RSF is concerned by the appointment of Eddie Cheung as the head of Radio Television Hong Kong

      RSF dissaproves the decision Eddie Cheung’s appointment as the head of Radio Televison Hong Kong (RTHK). He was a former territory’s representative to the European Union, known for his involvement in a smear campaign against international media. He is filling the role of another political commissar, Patrick Li, who was also a bureaucrat without previous media experience, with a strong pro-Beijing commitment.

      While serving as the Special Representative for Hong Kong Economic and Trade Affairs to the EU, he signed about 58 public letters in which he accused some of major European media of ‘unfounded allegations’ on Hong Kong’s policies.

      RSF revealed the systematic censorship and information control by the Chinese regime in Mainland China and Hong Kong in their report titled The Great Leap Backwards of Journalism in China. The analysis showed that these actions pose a great threat to press freedom and democracy on a global level.

      While once being an example of well implemented press freedom, Hong Kong had a downfall from 80th in 2021 to 148th this year according to the RSF World Press Freedom Index.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Finland parliament’s website hit by DDoS launched by Russian hackers

      Yesterday, the external websites of the Finnish parliament were inaccessible for a couple of hours due to a distributed denial-of-service (DDoS) attack launched by pro-Russian hackers. They explained the reason for this attack as a response to Finland’s aspiration towards joining NATO. This hacker group called NoName057(16) took the responsibility for the attack on their Telegram channel.

      In the post, the hackers said that ‘We decided to pay a ‘friendly’ visit to neighboring Finland, whose authorities are so eager to join NATO.’ The DDoS attack happened on the same day US president Joe Biden signed ratification documents regarding Washington’s support for Finland and Sweden joining NATO.

      The Finnish parliament replied to this event with this statement: ‘A denial-of-service attack is directed against the Parliament’s external websites. […] The Parliament takes steps to limit the attack together with service providers and the Cybersecurity Center.’

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Since the fall of Kabul Afghanistan suffers from a serious lack of press freedom and women journalists are impacted the most

      Since the fall of Kabul and the creation of the Islamic Emirate of Afghanistan, the impact on media is unquestionable. During the past year, journalism in Afghanistan has been decimated. RSF secretary-general Christophe Deloire emphasizes: ‘Media and journalists are being subjected to iniquitous regulations that restrict media freedom and open the way to repression and persecution. The authorities must undertake to end the violence and harassment inflicted on media workers, and must allow them to do their job unmolested.’

      When it comes to the slaughtering of press freedom in Afghanistan, women journalists are subjected to it the most. According to RSF’s survey, in the past year, they disappeared in 11 of Afghanistan’s 34 provinces. Out of 2,756 women journalists and media workers who were employed in 2021, only 656 are working today. This downfall resulted in the percentage of 76.19% of women journalists who are no longer working in their homeland. Statistically, 84.6% of female media workers are working in the Kabul region, while recently women TV presenters were being made to cover their faces while presenting on camera. The excuses for harassing female workers are primarily accusations of ‘immorality or conduct contrary to society’s values.’

      The overall statistical report on press freedom in Afghanistan shows that both men and women have lost their jobs since the regime change. 7098 journalists are no longer employed which includes 54.52% of men. The number of media outlets also dropped, with 39.59% of them lost.

      This media situation is a reflection of Taliban governance, with the impact of the draconian regulations and the inability to respect Afghanistan’s press freedom law.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. RSF warns of violence against Iraqi reporters during protests

      Reporters Without Borders (RSF) is warning of and condemning the harassing of opposition media in Iraqi Kurdistan. RSF’s Middle East desk said that the brutality against journalists shows a complete refusal for toleration of political pluralism and a desire to suppress this popular protest.

      The violence is used as a tool for dispersing not only protesters, but also the journalists who cover it. RSF has gained the information from Metro Center, an NGO that defends journalists’ rights in Iraqi Kurdistan, that there are a total of 78 violations against 60 journalists, including searching, detaintment, prevention from covering protests, and equipment confiscation.

      These protests are called by the New Generation leader, Shaswar Abdalwahid in order to demand elections and to denounce “corruption, poverty and unemployment.” Consequently, out of the 26 journalists who were detained shortly, at least ten work for NRT, a TV channel owned by Abdalwahid.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Belarusian journalists face threats in a repressive regime

      Since Alexander Lukashenko’s controversial reelection in August 2020, Belarusian journalists have faced various threats, which forced them to adapt in order not to be silenced.

      RSF’s partner, the Belarusian Association of Journalists (BAJ), noted that around 400 journalists have fled to neighboring countries, such as Poland, Ukraine, and Lithuania. The ones who stayed in their homeland, face difficulties on a regular basis, using the encrypting messaging app Telegram as a main tool.

      Starting from 2020 the Belarusian authorities have changed certain laws to the extent of legally infringing freedom of the press. Living in this atmosphere, Belarusian journalists have been the subjects of around 500 arrests, fines, censorship, threats, searches, prison sentences, mistreatment, torture, and reprisals against loved ones, as RSF states. Even exiled journalists live in fear of being kidnapped, thus deciding to work anonymously.

      RSF is giving Belarus 153rd place out of 180 countries in their 2022 World Press Freedom Index.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. RSF welcomes a series of presidential pardons in Egypt with the warning about more than 20 journalists are still detained

      RSF is praising the release of seven prisoners in Egypt at the end of last month. Nevertheless, these releases come as a government’s part of a five-year ‘National Strategy for Human Rights’ started in September 2021. Its aim is to promote reforms that should result in an increase of freedoms for Egyptians, including press freedom. The United States is donating Egypt $1.3 billion in military aid each year and another $130 million is conditioned on respect and implementation of human rights, thus encouraging the Egyptian government to give presidential pardons.

      RSF notes that despite these releases, around 20 journalists are still in jail. Some of them are the bloggers “Mohamed Oxygen” and Alaa Abdel Fattah, a freelance photographer Alia Awad, and four Al Jazeera journalists – Rabie El-Sheikh, Ahmed El-Nagdy, Bahaa Ed-Din Ibrahim, and Hesham Abdel Aziz. Fattah and several of his fellow detainees were even considering ‘group suicide’ as they were not on the list of pardoned prisoners.

      Al-Manassa, an independent Egyptian news website, has been inaccessible in Egypt since last month, while more than 500 other websites have been blocked from online access since 2017, which includes the RSF.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Five years since the launching of the U.S. Press Freedom Tracker

      Five years ago, on this day, the United States have launched the U.S. Press Freedom Tracker, a joint project of the Press Foundation and the Committee to Protect Journalists.

      In six years of documentation, this database for press freedom violations in the United States has documented nearly 1000 assaults of journalists and 300 arrests od detainments, above 50 border stops and 250 reports of damaged equipment. More than 100 analyses regarding press freedom issues were published.

      This year, the site went through a major redesign. It has new data visualization capabilities and increased speeds for downloading data. The Traker gives both live view of aggression against the media while capturing trends over time. That is how the Tracker can give information that by the time the former president Trump was banned from Twitter, he posted 2520 tweets degrading journalists and the media.

      With Tracker as a press freedom watchdog, state of press freedom in the U.S. will be monitored and served more easily in the future.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Iraqi journalists were attacked by security while covering Baghdad protests

      On July 30, three journalists who work for the privately owned Al-Mayadeen news broadcaster were attacked and injured during protests in Baghdad’sn Green Zone by supporters of Iraqi Shiite cleric Muqtada al-Sadr, according to Committee to Protect Journalists (CPJ) information.

      Flash-bang grenades were thrown by the security forces and they hit Al-Mayadeen’s videographer Zaid Khaled Jomaa and Baghdad bureau chief and reporter Abdulah Badran. The third victim of the attacks was videographer Abdullah Saad who was shoved to the ground by riot police officers, being left with injured leg and ankle.

      CPJ’s Middle East and North Africa senior researcher, Justin Shilad, alarms that Iraqi authorities must protect journalists that are covering protest and allow them to report about political situation in Iraq freely and safely. He also noted that Iraqi journalists are doing essential work in life threatening circumstances in order to inform the public, thus authorities need to provide them work without fear.

      CPJ has received information that the three journalists often face risks when they report and Iraqi security forces regularly fail to differentiate protesters from journalists. The Iraqi Ministry of Interior had no comment on CPJ’s email.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Several Taiwanese government websites hit with cyberattack on the eve of Pelosi’s visit

      A couple of hours before U.S. House Speaker, Nancy Pelosi was expected to visit Taiwan, several Taiwanese government websites were down.

      This cyberattack was reported shortly before Pelosi’s plan to visit Taiwan, with its controversial relations with China, claiming it as its own. Therefore, the Chinese government threatened to act if the visit happens.

      On Tuesday evening, the official websites of Taiwan’s government and its presidential office were blocked from use. It was confirmed by the office spokesperson that the president’s site was hit by an overseas malware attack. It was restored after 20 minutes.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Man with rifle arrested near Iranian-American journalist’s home

      An Iranian-American journalist and women's rights activist, Masih Alinejad, was a potential target to a man who was found near her home in New York with a loaded rifle. Fortunately, he was arrested and Alinejad expressed her shock to learn what happened.

      She is known for promoting videos of women violating Iran’s head covering law to her millions of social media followers. It was said that the same journalist was a target of a Tehran-backed kidnapping plot last year. What she had to say about this to Reuters was: ‘What the Iranian regime did, first trying to kidnap me and now sending someone here trying to kill me, it's a pattern. It's a continuation of their way of oppressing dissidents inside and outside Iran...I'm not scared of them and I'm going to continue my fight against gender apartheid. Because I didn't do anything wrong, I'm not a criminal, my crime is just giving voice to voiceless people.’

      Tehran has dismissed all allegations of involvement in the kidnapping.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. UNICEF’s new analysis: ‘Protecting Children in Cyberconflicts’

      In this rapid analysis, UNICEF made 5 important questions: How are AI technologies and the use of cyber operations changing the nature of conflict? Who are the actors in cyberconflict? What types of risks do offensive cyber operations pose to children? What legal and other provisions exist to protect children from harm caused by cyberconflict and where are the gaps? What should organizations working for and with children do to strengthen protections in cyberconflict? The ones we will focus on in this update are the last three questions. Firstly, it is important to focus on question number 3 - What types of risks do offensive cyber operations pose to children? As UNICEF experts highlighted the most important ones are:

      Behavioral surveillance, profiling, and targeting of children during conflict operations. Behavioral engineering as a potential pathway to child recruitment into and use by armed forces and non-state armed groups. Information operations and their impact on children. Health and biotech sectors. Education sector (‘Large-scale, multi-vector attacks could increasingly infect myriad layers of schools’ digital systems…’). Critical industrial control systems in urban environments. Cyber threats to humanitarian datasets and services critical to child well-being and protection.

      Question number 4 focuses on - What legal and other provisions exist to protect children from harm caused by cyberconflict and where are the gaps? UNICEF notes that attributing responsibility for child rights violations while protecting sensitive information from digital manipulation and theft is crucial. ‘Many analysts would argue that the combination of IHL, international criminal law, human rights law, and child rights law are adequate to address the emerging issues posed by cyberconflict and the technology it involves. Nevertheless, several key challenges persist.’

      Question number 5 - What should organizations working for and with children do to strengthen protection in cyberconflict? It is necessary to engage with normative policy development processes. UNICEF sees OEWG (Open-Ended Working Group) as an important platform for dialogue for States to develop norms to strengthen children's rights protection from cyber attacks. It is important to further strengthen understanding of the potential risks to children of cyberconflict as well. What also is an obligation of States is the reinforcement of normative and legal frameworks to strengthen child protection during cyberconflict and translating them into action. The last two that were mentioned were the strengthening of monitoring and investigation mechanisms and defining corporate responsibility in cyberconflict.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Australian reporter left Afghanistan after Taliban forced her to withdraw reports on forced marriages

      Lynne O’Donnell, an Australian journalist for Foreign Policy Magazine, said this week that the Taliban threatened to put her in jail if she did not withdraw stories criticizing the organization.

      She spent several years in Afghanistan as a resident correspondent before the U.S. retreated her from the country last year. She then returned within the last week to report on the Taliban practices of forced marriages with teenage girls.

      After writing some tweets and articles about the topic, Taliban officials started to pressure O’Donnell, influencing what she wrote. She stated that the tweets written on Tuesday were made by the Taliban: ‘l apologize for 3 or 4 reports written by me accusing the present authorities of forcefully marrying teenage girls and using teenage girls as sexual slaves by Taliban commanders. This was a premeditated attempt at character assassination and an affront to Afghan culture.’

      The concerned journalist left Afghanistan after these happenings, claiming it was inevitable: “If I did not, they said, they’d send me to jail. At one point, they surrounded me and demanded I accompany them to prison. Throughout, a man with a gun was never far away.”

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

  4. Jul 2022
    1. Saudi prince’s meeting with Macron despite Khashoggi murder and imprisonment of 27 journalists

      The meeting between the French president Emmanuel Macron and Saudi Crown Prince Mohammed bin Salman is supposed to be held tomorrow in Paris on 28 July. What seems to be the concern of RSF (Reporters Without Borders) is that 4 years passed since journalist Jamal Khashoggi was murdered. 27 journalists and bloggers are currently detained in Saudi Arabia, thus RSF asks Macron to negotiate with Mohammed bin Salman to release them.

      It is worrying that the prince of Saudi Arabia is engaging in international relations promoting truth and justice. The involvement of Mohammed bin Salman in Khashoggi’s murder has been confirmed by the UN special rapporteur Agnès Callamard and a CIA report in 2021.

      RSF put the Saudi Arabian prince on their list of predators of press freedom, due to waves of arrests of journalists starting from his appointment in 2017 and his brutal response to the freedom of speech.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Frequent violence against media in Greece

      In the past three years, there were 11 attacks against Greek journalists and media accused of spreading government propaganda. The latest attack was on a building in Athens that houses Real FM news radio and the weekly RealNews on 13 July. An anarchist group calling themselves ‘Thousands of Night Suns’ confirmed the involvement on 20 July, dedicating this attack to two anarchist activists, and blaming Real for supporting political propaganda.

      It is crucial that the Greek government speeds up the implementation of the interministerial memo on journalists’ safety and the European Commission’s September 2021 recommendations. Despite what Greek Prime Minister Kyriakos Mitsotakis says about the need for conviction of perpetrators, most attacks on press freedom remain unpunished.

      Journalists in Greece are not exposed only to violent attacks of this kind, being a target of organised crime. That is why Greece is placed the lowest in RSF’s 2022 World Press Freedom Index out of all EU countries, being 108th out of 180.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Intensification of cyberwar between Iran and Israel

      Three of Iran's state-owned biggest steel companies stopped working after facing cyberattacks in late June. These biggest steel companies were attacked by a hacking group who admitted it on social media as a response to ‘the aggression of the Islamic Republic.’

      After that, Israel’s defense secretary ordered an investigation into the leaked video which showed the damage to the steel plants. This incident was soon followed by the Israeli Security Agency’s statement (Shin Bet) that a May cyber operation by Iran was set to be out of the cyber domain . With these two incidents, it is clear that the cyber conflict between these two countries has become more public in the previous 2 years.

      Israel and Iran shifted to a public forum and their objective has changed from defense targets to violating critical infrastructure and civilian lives. With larger public exposure, the greater the risks of extending beyond cyberspace with the influence of other areas of this conflict as well.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Yurii Shchyhol warns of a new ongoing World Cyber War

      Yurii Shchyhol, the head of the Ukrainian State Service of Special Communications and Information Protection, warns there might be an ongoing World Cyber War since the start of Russia’s invasion. Russian cyberespionage and cyberattacks since 24 February weren’t targeted only at Ukraine. Their intervention has been recorded in 42 countries across six continents, mostly from NATO and countries which supported Ukraine during this period.

      Shchyhol has stated for Politico that the world has been awakened and that countries are more willing to intensely cooperate with each other on these issues. He also advised: ‘But what we need are not further sanctions and further efforts to curb cyberattacks, we also need for global security companies to leave the market of the Russian Federation. Only then can we ensure the victory will be ours, especially in cyberspace.’

      In this interview, it was said that there is strong assistance from the U.S. Cyber Command and the National Security Agency as all of Russia's attacks are ‘an ongoing, continuous war, including the war in cyberspace.’ What Shchyhol also warns us is that despite the two-month stagnation of Russian cyber attacks, what they’re doing is just a part of their tactic in order to collect resources for another attack - which will likely be on a global level.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Russian journalists’ union close to being disbanded

      The Russian prosecutor’s office brought on a 350-page complaint against the independent Journalists’ and Media Workers’ Union (JMWU), to disband it. The union learned about the complaint on 13 July. The complaint proposes that some of the employees are foreign agents while some were accused of systematically harming the state and society with their actions.

      The reasons behind the complaint are mainly due to the fact that the JMWU publicly opposed the war in Ukraine, defended Russian journalists who were prosecuted, and criticized media censorship in their country. They also signed the ‘Perugia Declaration for Ukraine’, which confirmed their support for Ukrainian journalists.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. India's Supreme court ordered releasing of a journalist over a controversial tweet

      An Indian journalist, Mohammed Zubair, has been given the release on bail over the accusations of a “highly provocative” tweet in 2018, by India's Supreme Court. The tweet was supposedly aimed at straining ties between Hindus and Muslims. Regardless of the accusations, the tweet itself had no evidence of causing harm to the religious sentiment of Hindus.

      When he was granted bail, the court said that keeping Zubair in custody had no legal power. As a vocal critic of Indian Prime Minister Narendra Modi, Zubair and his colleagues accused the federal government of giving the police orders in silencing journalists and critics undermining the freedom of the press and speech.

      In this atmosphere, it is important to note that India is ranked 150th on the 180-country World Press Freedom Index.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Myanmar freelancer sentenced to three-years of jail by the state military court

      Nyein Nyein Aye, a Myanmar freelancer and journalist, was sentenced to a three-year prison sentence for the spread of ‘false news.’ She was also accused of causing fear and agitating crimes against a government employee. While Nyein worked for various media outlets, one of them: Mizzima News, was banned by the junta.

      Daniel Bastard, the head of RSF’s Asia-Pacific desk implied that this arrest is followed by the big wave of arrests of journalists after the February 2021 coup. He also noted that these sentences behind closed doors by military courts are similar to a factory production line. RSF’s press freedom barometer shows that she is the 24th journalist to receive a prison sentence out of the 67 media workers currently held in Myanmar’s prisons.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Biden’s message at the Arab summit on freedom of the press and democratic rights

      U.S. president Joe Biden said in his speech at the Arab summit in Saudi Arabia that the United States will keep its close partnership with the Middle East while urging leaders who attended the summit to advance human rights as a powerful source of economic and social changes. With that being said, freedom of the press and democratic rights are highlighted. He urged the necessity of releasing journalists.

      Biden sent a message to the leaders saying: ‘Accountable, accountable institutions that are free from corruption and act transparently and respect the rule of law are the best way to deliver growth, respond to people's needs, and I believe ensure justice.’

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Pakistani reporters are being harassed by the government army

      Since Shehbaz Sharif took over as a Pakistani prime minister in April, there have been a dozen reports of army-related agencies harassing the media, as RSF cautioned. Critical journalists have been a target of a major army campaign to intimidate their work, parallelly destabilizing Pakistan’s democracy.

      This serious decline in press freedom was bolstered with the latest case on 9 July when BOL news anchor, Sami Ibrahim, got attacked by three people. The next day, he posted a YouTube video, saying that the attack was planned to prevent him from filming the scene, and the attackers later left in a vehicle with clear signs of being state-owned.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Cyberwar games: Cyber Europe 2022

      One of the largest cyber crisis simulations organised by The European Union Agency for Cybersecurity (ENISA) has just been completed. With over 800 cybersecurity experts from 29 European countries and the European Free Trade Area (EFTA), it involved specialists from EU agencies and institutions as well.

      This year, the exercises involved a scenario of a simulated attack on European healthcare infrastructure and they tested how participants’ respond to incidents in coordination with EU institutions. They involve the ability of close work with CERT-EU and ENISA in order to reinforce the resilience of the healthcare sector against cyber attacks in the EU with complex business continuity and crisis management situations.

      These lessons will be published in ENISA’s ‘after-action report.’

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Costa Rica's public health system hit by Hive ransomware

      The Costa Rican Social Security Fund (CCSS), i.e. Costa Rica’s public health service was hit by Hive ransomware and forced to shut its systems down. The ransomware was deployed on at least 30 out of 1,500 government servers, CCSS told local media.

      Cybersecurity experts suggested that Hive might be working with Conti to help Conti rebrand.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Italian police thwart Eurovision cyberattack by pro-Russian hacker groups

      Italian police thwarted hacker attacks by pro-Russian hacker groups Killnet and Legion during the 10 May semi-final and 14 May final of the Eurovision Song Contest (ESC) in Turin, Italy. Russia was excluded from the competition due to what it calls its special military operation in Ukraine, while Ukraine went on to win the contest.

      Killnet denied the attack on ESC, but then declared cyberwar on 10 countries in the same Telegram post. In a separate video, the group stated that these 10 countries are ‘the US, the UK, Germany, Italy, Latvia, Romania, Lithuania, Estonia, Poland, and Ukraine.’

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. OEWG agrees on modalities of stakeholder participation

      The OEWG reached agreement to apply modalities for the participation of stakeholders as proposed by the Chair on 20 April, through a silent procedure. NGOs both with and without ECOSOC status should inform the OEWG Secretariat of their interest to participate. If no state raises an objection to the Chair, NGOs will be invited to participate as observers in the formal sessions, make oral statements during a dedicated stakeholder session, and submit written inputs to be posted on the OEWG’s website. The modalities will be read out at the OEWG’s third substantive session for the formal record.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Five Eyes authorities issue warning against Russia-backed cyberattacks on critical infrastructure

      We’ve reported before that US authorities have been warning against imminent cyberattacks from Russia. This time, it’s the cybersecurity authorities from the Five Eyes – Australia, Canada, New Zealand, the UK, plus the USA – who are warning of the risk that cyberattacks are being planned against critical infrastructures in Ukraine and beyond.

      The warning comes in a joint cybersecurity advisory, which refers to US intelligence that the Russian government may be exploring options for potential cyberattacks.

      The advisory also notes that cybercrime groups that have recently publicly pledged support for the Russian government ‘have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government or the Russian people.’ The same threat exists for countries and organisations helping Ukraine.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. DDoS attack takes Israeli government websites down

      Several government websites in Israel – including the websites of the ministries of interior, defence, and justice – were unavailable for over an hour on 14 March. The incident was caused by a distributed denial of service (DDoS) attack against a communications provider, according to the country’s National Cyber Directorate. Access to the affected websites was restored later in the day.

      No statements were made regarding attribution of the attack, although some media sources pointed to a possible Iranian involvement.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Digital Security Lab launching

      Reporters Without Borders (RWB) is an international non-profit public interest organization in France which has defended the promotion of freedom of information since 1985.

      On 18 July, RWB will present its newly founded Digital Security Lab: a digital forensic laboratory that will help combat the threats of online surveillance. Based in Berlin, the Digital Security Lab is designed to analyze the devices of journalists who suspect they are under any digital surveillance. Journalists are a target of many threats that can affect their devices or personal social accounts for malicious reasons. This requires a rigorous and united response, and that is why any journalist will be able to contact the Digital Security Lab if they suspect they are the target of digital espionage because of their work.

      Journalists often receive sophisticated phishing messages, and Digital Security Lab experts will search for clues with the analysis of suspicious messages to find out if they are for sent spying purposes. The team will also examine installed programmes and will check for other data traces that might offer traces about previous activities and spying technologies.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Turkish court jails 16 Kurdish journalists over alleged terrorist links

      A Turkish court has jailed 16 Kurdish journalists for "belonging to a terrorist organisation" and their close cooperation with the pro-Kurdish Peoples’ Democratic Party (HDP) in Diyarbarkir. They were also accused of spreading terrorist propaganda and since 2016 several hundred HDP members have already been detained. Nazim Bilgin, the president of the Journalists' Association of Turkey warns that: "We are living in the darkest days of our country as far as press freedom is concerned." It is also alarming that Turkey has jailed more reporters than most other countries in the previous decade, according to the Committee to Protect Journalists.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL

    1. Relatives of Al Jazeera reporter Shireen Abu Akleh accused the U.S. of trying to erase Israel’s responsibility for her death

      Relatives of Al Jazeera reporter Shireen Abu Akleh, who was killed while covering an Israeli raid in the occupied West Bank in May, showed their deep disappointment in President Joe Biden in a letter released over his administration’s response to her death.

      They accused the U.S. of trying to deny Israel’s responsibility for her death, saying in an official statement that Israeli fire most likely killed her but that the May 11 shooting in the West Bank was an accident. The family sent a request to Biden for meeting with them when he visits the region, which The White House declined to comment on, alongside with the matters of the letter.

      Palestinian eyewitnesses who claimed they saw she was shot by Israeli forces gained support from a reconstruction made by The Associated Press, investigations by CNN, New York Times, and The Washington Post as well as monitoring by the U.N. human rights office.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL