Summary:
The information about the disruption was in an SEC filing. The company said it was involved in an investigation about the origination and scope of the problems.

Summary:
Lee newspapers were subjected to a ransomware and data exfiltration attack that impacted their ability to print papers. Their lender, Berkshire Hathaway, is helping out by waiving interest fees for March, while the papers struggle to resume publication and get ad revenue. Some of their backoffice function were also impacted.

Summary:
In recent remarks to the UN, the US deputy assistant secretary for international cybersecurity at the state department, named China and Iraq as cybersecurity threats, but made no mention of Russia. Many reports of devastating attacks on American businesses have been attributed to the "ransomware as a service" operation called LockBit. Experts have attributed the source of the malware to Russians, so the remarks are at sharp variance to previous US concerns.

Summary:
The DHS Assistant Secretary announced that while the agency re-evaluates the parts of its mission that deal with online information that is meant to harm the US, the state dealing with election interference have been put on leave. This move is aligned with Attorney General Pam Bondi's elimination of the FBI's Foreign Influence Task Force, which was formed in 2017 to address foreign election interference threats (see https://cyberscoop.com/doj-disbands-foreign-influence-task-force/)

Summary:
This blog describes Biden's EO 14144 which affects contractual requirements for software purchased for the Federal government. The new regulations require attestations and artifacts re security for review by the Cybersecurity and Infrastructure Security Agency (CISA). Although many of Biden's EOs were removed by the incoming administration, this one is still in effect.

Summary:
In order to "eliminate redundancies to create a more efficient, streamlined department" and "minimize government waste, abuse, reduce inflation, and promote American freedom and innovation", a spokesperson for DHS announced that the Critical Infrastructure Partnership Advisory Council (CIPAC) was terminated. The council had provided a protected forum to exchange information about cybersecurity intelligence. This unique public-private partnership maintained sensitive relationships, and without it, it is unclear how such trust can be maintained going forward.

Summary:
In one "fell swoop", some of the most talented cyber threat investigators were fired from CISA as part of a general cost-cutting measure that targets probationary employees in the US government. Hired under a program aimed at recruiting the best cybersecurity talent in the nation, the employees are thoroughly vetted and subject to a 3-year probationary term. About 130 of those employees were let go last month.

Summary:
The big news about crime and crypto currency from 2024 is that ransomware payments decreased significantly. The blockchain analysis firm Chainanalysis gave those numbers as part of their annual crypto crime report. They attribute the 35% drop to law enforcement and stubborn customers. Chainalysis' Jacqueline Burns Koven said the new figures indicated a "ransomware apocalypse" had been avoided.

That is small comfort to those victimized by recent attacks, like Lee Newspapers (see above) and the numerous businesses afflicted by "Medusa" (next item).

Summary:
A new ransomware attack, named Medusa has affected more than 300 organizations, according to CISA. The agency advises using good security practices. [Ed. Notably missing from the government announcement is any mention of information about the "Medusa actors". Normally such announcements come with a mention of China, North Korea, or Russia.

Summary:
Address space randomization can help protect software from intruders by making it hard to find where the software is actually located in the memory of a computer system, but the technique is more of a bandaid than a cure. An MIT group has developed a method for hiding addresses effectively by introducing a "masked address space" between virtual and physical memory. That layer re-maps code from random virtual addresses to fixed locations so that when the code runs the virtual address is not revealed. Because their remapping layer is between the two normal addressing layers in a computer, they use the term "Oreo" to describe the 3-layer combination.

Summary:

Summary:

Summary:
Apple's Advanced Data Protection offers end-to-end encryption for Cloud storage, as do the messaging apps WhatsApp, Signal and iMessage. The UK Home Office has demanded the right to access this data, and a hearing on the issue is underway. However, the proceedings are barred to reporters, something that Apple and the app companies object to. We may or may not hear more about this.

Summary:
The California Privacy Protection Agency (CPPA) regulates some aspects of collection of user data, and last November they adopted new data broker regulations under the Delete Act. They are now looking to enforce those regulations through legal action.

Although state data privacy laws are frequently ignored, California requires data brokers to register with the state or face fines of $200 per day, a requirement that could give its Delete Act some teeth. The state's privacy watchdog recently filed suit against National Public Data for failure to comply with the registration requirement. The Florida-based data broker is one of two such businesses targeted by CPPA. The other is Background Alert, a California company that also failed to register.

Summary:
The CPPA accused the car company Honda of violating state regulations by requiring too much personal data from customers, using online tools that obscured the right to opt-out of data collection, making it difficult to authorize agents to exercise privacy rights, and sharing data with ad tech companies without consumer protection. Honda agreed to change its business practices and to pay a $630+ fine.

Summary:
The chief executive for the cryptocurrency exchange Bybit approved a transfer of Ether cryptocurrency, but he had been hacked, and the assets were transferred to a North Korean hacker group, a fact that he learned about 30 minutes later. The Bybit people had put their trust in open source software for safeguarding their logins, but they had not realized that the software has been subtly hacked to give their credentials away. They were able to cover $1.5B loss and remain viable, but they got little sympathy from the security community. The theft was preventable, and the company was foolishly careless.

Summary:
The tension between US immigration authorities and local governments is a theme that has been developing such the new administration took control of the Federal government. Although Westchester County avoids working with ICE, their police records have been used to get information about where immigrants are driving their cars. This is because the police regularly use license plate scanners to gather information from parking lots and roadways.

Summary:
The EFF notes the passing of an AT&T engineer who realized that he had facilitated a massive NSA spying project, one that the American people were being mislead about. At the company's San Francisco office, he had installed optical splitters to copy all the communications data to a locked room. His moral compass led him to the EFF, and the EFF publicized the spying and filed lawsuits to stop it.