Summary:
Stung by a barrage of attacks against its state and private websites, Russia talked of relying on domestic software for protection. This shift seemed to be motivated by refusal of Western software providers to deal with Russia at all, rather than the thought that Russian could write better software.

Summary:
As more Russian websites were hacked to show pro-Ukrainian messages, Moscow accused the West of "militarizing" cyberspace and indicated that unspecified military responses ensure.

Summary:
There were so many security mechanisms built into the Australian digital driver's license system that you'd think it would take a world-class expert to find a flaw, let alone an exploitable flaw. But the anti-forgery mechanism in the app depended on a 4 digit PIN (so convenient!) and nothing else. A little searching on the device (no need to jailbreak!) would cough up the key, and the user could alter any information.

Summary:
Wouldn't it be nice if pointer errors, which are the root of so many exploitable software vulnerabilities, were impossible to exploit because the hardware prevented the access via the bad pointer? Of course it would, and the Apple M1 chip tries to do just that. But speculative execution undermines the pointer protection mechanism by allowing an attacker to guess the "pointer authentication code" and use it to bypass the protection. The hardware giveth and the hardware taketh away.

Summary:
US defense contractor L3Harris announced plans to acquire controversial surveillance technology by purchasing the Israeli firm NSO. Its tools have been used by governments around the world tracks the activities of mobile device user through surreptitiously introduced software. Senator Ron Wyden noted the danger of relying on foreign hacking tools, saying "If the US plans on using foreign-made surveillance technology, it might as well bcc the country that produces it on every intercept."

L3 and NSO apparently have "issues" yet to be resolved in the negotiations.

Summary:
The social media video sharing company TikTok has Chinese ties, and that concerns the US Defense Department. Although the Trump administration failed in its efforts to ban the app, last year the Biden administration issued a more general order regulating software produced by "foreign adversaries." To comply, TikTok is moving the data for US users to Oracle servers based in the US, and Oracle will audit the servers to check for anomalous activity.

Summary:
The Alphabet company Google has reported on hacking tools that were used to spy on both Apple and Android smartphones in Italy and Kazakhstan. The Italian software firm RCS is at the center of revelation, and it says that its software (named Hermit) complies with all applicable regulations. Google seemed upset that the software could be used on it Android operating system for mobile devices, and it has taken steps to secure the system against Hermit's means of entry.

Summary:
An anonymous hacker, "ChinaDan", last week posted an offer to sell the more than 23 terabytes (TB) of data for 10 Bitcoin, equivalent to about $200,000. The leak was unverified at the time of the Guardian publication, but other sources have said that the police database was installed without enabling a password for remote access.

Summary:
One of the post-quantum algorithms selected for consideration by the U.S. National Institute of Standards and Technology is the The Supersingular Isogeny Key Encapsulation (SIKE) algorithm. Unfortunately, the algorithm turned out to be pre-quantum unsafe. KU Leuven researchers used a single classical computer to break it in only one hour using a previously known attack. How had this escaped notice in prior vetting allegedly done by NSA?