Wednesday, July 18, 2018

Big Brother’s Blind Spot The Baffler - Nevis: secretive offshore haven refuses to clean up

Big brothers and thieves try to hang little thieves ...From Central Africa to Australia: Following the Kleptocrats' Money ...

Kill Me Now -Big Brother’s Blind Spot The Baffler

Never ever enter your surname into search boxes  ... Egosurfing 
Why Google Wants You to Google Yourself - TIME


GOOGLING MYSELF ON TRAK - YouTube

Random facts about me that may surprise you

I recently ran across a long-forgotten meme called “Random Facts About Yourself That May Surprise People” that I never got around to finishing or posting. I don’t know how surprising you’ll find the answers, much ... read more



Is Economics Incompatible With Humanities?


Economics, Morson and Schapiro say, has three systematic biases: it ignores the role of culture, it ignores the fact that “to understand people one must tell stories about them,” and it constantly touches on ethical questions beyond its ken. Culture, stories, and ethics are things that can’t be reduced to equations, and economics accordingly has difficulty with them. Morson and Schapiro’s solution is to use the study of the humanities, and particularly of realist fiction, to broaden perspectives and to reintroduce to economics those three missing factors. … Read More
UK hands Facebook the maximum fine over insufficient privacy and oversight in the Cambridge Analytica scandal.
The Verge

  Wall Street Journal, U.S. Government Revenues Drop in Wake of Tax Cuts:
Corporations taking advantage of new, lower tax rates reduced their payments to the federal government last month.
The Treasury Department on Thursday said government receipts fell 7% in June compared with the same month a year earlier, including a 33% drop in gross corporate taxes. Individual withheld and payroll taxes were down 5% from June 2017, while non-withheld individual taxes rose by 7%.

 

*Why is Germany siding with the tax havens against corporate transparency?



Tax rulings not legitimate, says justice collective Delano
‘Luxembourg’s contested tax rulings with Fiat and Engie may be legal but their legitimacy has been put in question by the country’s tax justice defenders.’

Nevis: how the world’s most secretive offshore haven refuses to clean up The Guardian

Malta accused of failing to enforce EU money-laundering rules Financial Times

Moneyval asked to investigate MFSA’s role in Pilatus Bank Times of Malta
‘Council of Europe’s monitoring body to conduct evaluation of jurisdiction’ 

Colombia’s new finance minister; an unapologetic Panama Papers star Colombia Reports

Is Hungary the New Tax Haven for International Companies? Hungary Today

For Ireland, multinational companies are a blessing and a curse MarketPlace
“This is very risky for Ireland … If you’re here for tax reasons, it means you’re relatively footloose, so if the tax changes, you’re more likely to be out of here.”

Swiss Bank to Settle U.S. Tax Probe finews
‘A dozen Swiss banks are still waiting to settle a U.S. criminal probe into help tax dodgers and cheats. One is poised to ink a settlement …’

Here’s How Ukraine’s Ousted Government Got Away With $40 Billion BuzzFeed

Latvia’s corruption scandal is getting even weirder Bloomberg

Australia: Tax crackdown to catch ‘residents of nowhere’ Australian Financial Review

Moldova Hopes ‘Golden Visa’ Program Will Bring in € 1.3 Billion OCCRP
Read our blogs on residency for sale, here and here.

Italian Police Arrest Panama Papers “Fixer” OCCRP
‘… allegedly a middleman in the creation of over 200 offshore front companies in Panama … linked to entities based in Samoa, the Bahamas, Anguilla, the British Virgin Islands, and Cyprus, according to local media.’

Another Russian Billionaire Is Suing His Swiss Art Dealer for Allegedly Inflating Prices and Pocketing the Extra Artnet
‘The dealer also used multiple offshore shell companies to acquire the paintings …Several of these offshore companies were set up by another local art dealer, Yves Bouvier, also known as the “Freeport King.”’

Jim Holt: Why Does The Universe Exist?


What Is It Like to Be a Man Phil Christman in The Hedgehog  Review:

At the time my wife and I were beginning to date, I owned a broken bed. The box spring had a biggish crack on one side, which caused you to feel like you were being gradually swallowed in the night—an effect seriously exacerbated by the presence of a second person. I had not bothered to buy pillows when I moved to Milwaukee, reasoning that old pants stuffed in a pillowcase could not possibly feel that different. I did, however, have a desk, which I had carried from the Salvation Army, a mile and a half, on my shoulders, in August. I should mention here that I have never been what anyone would consider macho. It simply hadn’t occurred to me that I was allowed to live any other way.
Millennials





I toured Lennar’s Amazon smart home — here’s what it’s like Inman (Clive). Clive: “My take: ‘Alexa, show me a dystopian vision of exurban sprawl where the surveillance state knows my every move, even at home; and while you’re at it, explain to me what’s going on with the landscaping in front of my garage preventing its presumable intended use by vehicles.'”


Tuesday, July 17, 2018

Lost Soul: Trump - Famous for the Wrong Reasons

For as long as history remembers Donald Trump, it will be a day that will live in infamy. ...

Trump-Putin summit: US president under fire over poll meddling comments
BBC 
There has been a barrage of criticism in the US after President Donald Trump
defended Russia over claims of interference in the 2016 elections. At a summit with Russian President ..



'Putin's poodle': newspapers declare Trump a traitor after Helsinki summit | US news | The Guardian



Here Are Five Ways the Trump Administration Could Be the Death of FDR’s New Deal AlterNet. Is it churlish to point out that the gutting of many of these programs long predated Trump– and had bipartisan support?
TRUMP’S BREXIT BLAST I told May how to do Brexit but she wrecked it — the US trade deal is off, says Donald Trump The Sun. The deck: “In a world-exclusive interview with The Sun, the US President said Theresa May had ignored his advice by opting for a soft Brexit strategy.” Moi: Must be read to be believed.
The Helsinki Summit story has eaten the world, so I’ll just have to go with it. I’ve broken the links into sections. About the Helsinki presser:
Transcript: Trump And Putin’s Joint Press Conference NPR. This seems to be the most problematic passage:
TRUMP: So let me just say that we have two thoughts. You have groups that are wondering why the FBI never took the server. Why haven’t they taken the server? Why was the FBI told to leave the office of the Democratic National Committee?
I’ve been wondering that. I’ve been asking that for months and months and I’ve been tweeting it out and calling it out on social media. Where is the server? I want to know where is the server and what is the server saying?
With that being said, all I can do is ask the question.
My people came to me, Dan Coates, came to me and some others they said they think it’s Russia. I have President Putin. He just said it’s not Russia.
I will say this: I don’t see any reason why it would be. But I really do want to see the server but I have, I have confidence in both parties.
I really believe that this will probably go on for a while but I don’t think it can go on without finding out what happened to the server. What happened to the servers of the Pakistani gentleman that worked on the DNC?
Where are those servers? They’re missing. Where are they? What happened to Hillary Clinton’s emails? 33,000 emails gone, just gone. I think in Russia they wouldn’t be gone so easily.
I think it’s a disgrace that we can’t get Hillary Clinton’s thirty three thousand e-mails.
I have great confidence in my intelligence people but I will tell you that President Putin was extremely strong and powerful in his denial today and what he did is an incredible offer.
He offered to have the people working on the case come and work with their investigators, with respect to the 12 people. I think that’s an incredible offer. Ok? Thank you.
I find myself musing that “incredible” is a word of many meanings, though no doubt puffery is intended.
Trump refuses to blame Putin over election meddling FT. “Mr Putin encouraged Mr Mueller to send an extradition request….” One hasn’t already been sent? If only for form’s sake? Odd.
#NeverTrump Goes to War John Robb, Global Guerillas. “[Mueller’s] indictment put Trump on the on the horns of a dilemma. He could either support the national security establishment’s conclusion and diminish his electoral legitimacy or he could disparage the legitimacy of the US national security establishment while standing next to Putin. He chose the second course…. The #NeverTrump network will claim it is the primary protector of the United States against an illegitimate President. In online collaboration with the #resistance, disavowal of Trump will become a public litmus test.” If Robb is correct, Trump is in trouble. It doesn’t matter what the Democrats do before the midterms (and maybe not after) but Republicans like to get stuff done. The wee problem is that the Republican base — who the Republicans genuinely fear — either doesn’t care about the national security globalizers or sees them as enemies. That’s a hard circle to square.
Republicans to watch:
In rebuke to Trump, senators may vote to side with US intel community CNN. So that would clarify where the real power lies, wouldn’t it? Note that Cornyn isn’t on the list.
* * *
About the Meuller investigation:
A Spirited, Substantive Debate on the Trump-Putin Summit, Russia, and U.S. Politics Glenn Greenwald, The Intercept. Transcripts here and here. Both parts are very good.
Trump’s Stupid ‘Where Is the DNC Server?’ Conspiracy Theory, Explained Vox. Here is a sample: “It is widely believed that CrowdStrike, a cybersecurity firm hired by the DNC to respond to the hack, gave an identical image of some of the servers to the FBI, which experts I’ve spoken to say would be more useful than giving the FBI a physical server itself.” Notice how much work “identical” is doing?
* * *
Related stories:
The Justice Department just charged a Russian national with trying to infiltrate the NRA Vox. Given that the Russian national communicated with her handler through Twitter DM (!), the alleged offenses began in 2015 under the Obama administration, and the organization infiltrated was the NRA, it’s hard to see this as anything other than (a) dogpiling on Helsinki and (b) midterms related, since the NRA may become an issue there.
Mueller Indictment Adds Urgency to Securing 2018 Midterm Elections WSJ. No mention, of course, of hand-marked paper ballots, hand-counted in public, which would mean the DHS wouldn’t need to participate in the balloting process at all.
* * *
Unrelated incidents:

NBP Neue Privat Bank (Category 1 Swiss Bank) Reported Ready to Settle with U.S. Prosecutors 

Finews reports that U.S. federal prosecutors have offered NBP Neue Privat Bank, Zurich, a nonprosecution agreement for payment of $5 million.  Peter Hody, Swiss Bank to Settle U.S. Tax Probe (Finews.com 7/13/18), here.

Chronicle of Higher Education, Want to Kill Tenure? Be Careful What You Wish For:
The trustee hadn’t said a word for an hour as the board of the small Midwestern liberal-arts college debated ways to turn around its flagging fortunes. But during a lull in the conversation, he finally spoke up. As David Strauss recalls, "He looked at everybody as if we’d all been fools, and said, ‘Well, the solution is easy. Get rid of tenure.’"

Government Pushes the Envelope on the Meaning of Willfulness in FBAR Willful Civil Penalty 

A colleague called my attention to the Government's motion and brief for summary judgment in Kimble v. United States (CFC Dkt. no. 17-421 T), here.  The case is an FBAR willful civil penalty refund suit.  In the brief, the Government makes bold claims about the standard for what it must prove to establish a persons liability for the FBAR willful civil penalty.  The docket entries are here.  Mrs. Kimble has not yet filed a response.  I offer the following based on the Government's brief.

Skripal 2.0 Cold War From Anthrax to Novichok


Why I Stand With Julian Assange American Conservative



“Democracies erode slowly, in barely visible steps” these days, Steven Levitsky and Daniel Ziblatt write in How Democracies Diecautioning Americans not to be complacent merely because there aren’t tanks in the streets. They rot from the inside thanks to demagogic leaders who “subvert the very process that brought them to power.”
I truly believe that today’s hearing is just another victory notch in Putin’s 
belt and another milestone in our enemies’ campaign to tear America apart.
From FBI agent Peter Strzok’s statement before Congress
Politico










The Life Of Charles De Gaulle





There’s No Returning To A Golden Age Of American Democracy That Never Existed



FUNERAL OF YOUTH | ABCtales

Media Dragon: Black Money, Anthrax, Vault 7: While the Iron Is Hot



Trump and Putin: inside the muddled American policy on Russia FT






Skripal 2.0: It’s High Time for the British Government to Explain Itself – Here’s 10 Easy Questions to Help Them OutThe Blog Mire

CEO Pay 

Government wants people to dob in phoenixes to new hotline


Australian economy losing billions due to companies deliberately going broke, PwC finds

EU law enforcement and Google take on terrorist propaganda in latest Europol Referral Action Days






The Hill July 13, 2018

A bipartisan pair of senators are calling on the Justice Department to investigate whether Russian intelligence services posed as an Islamic extremist hacker group that sought to harass U.S. military families.




Nextgov July 12, 2018
Two House Republicans are working on legislation that would expand the Homeland Security Department’s authority to deny contracts to companies that pose cybersecurity supply chain threats while the Trump administration is pushing an even more expansive proposal.

FCW July 12, 2018
Election system security issues are still critical, but 2018 election infrastructure threats aren't as 'robust' as in 2016, a top Homeland Security official told Congress. Russian online disinformation and network scanning activities continue ahead of the upcoming U.S. midterm elections in November.

CyberScoop July 12, 2018
Amid ongoing reports of foreign digital meddling in domestic elections, U.S. lawmakers are butting heads with the nation’s largest voting technology companies.

Wired July 11, 2018
A congressional hearing Wednesday on the Meltdown and Spectre chip vulnerabilities had all the technobabble and painful misunderstanding you'd expect.

Nextgov July 10, 2018
The Russian anti-virus company Kaspersky Lab is racing against time, trying to get a U.S. appeals court to pause a governmenwide ban on its products before a portion of it is implemented next week. The Defense Department, General Services Administration and NASA set July 16 as the deadline in a Federal Register notice for all new procurements to contain language officially barring contractors and subcontractors from allowing Kaspersky products to touch any government systems.

FCW July 10, 2018
The Justice Department said it jumped the gun with a June press release that linked recent bank loan fraud cases to the 2015 cyber heist of federal employee data from the Office of Personnel Management, which is generally attributed to the Chinese government. In a letter to Sen. Mark Warner (D-Va.), Assistant Attorney General Stephen Boyd said the press release jumped to a "premature conclusion" when it said data from the OPM breach was used by fraudsters who applied for and opened bogus loans at the Langley Federal Credit Union. In mid-June, Karvia Cross pleaded guilty in Virginia to one count of identity theft and conspiracy to commit bank fraud in 2015 and 2016, according to the June press release from the U.S. Attorney's Office for the Eastern District of Virginia.


ADMINISTRATION

The New York Times July 13, 2018
The special counsel investigating Russian interference in the 2016 election indicted 12 Russian intelligence officers on Friday in the hacking of the Democratic National Committee and the Clinton presidential campaign. The indictment came just three days before President Trump is planning to meet with President Vladimir V. Putin of Russia in Helsinki, Finland.

The U.S. Coast Guard Academy is now offering an academic program in cyber systems, its first new major in a quarter century. The program beginning this fall reflects the maritime service’s evolution toward conducting operations in cyberspace as it does at sea and by air, said Capt. =operating systems, software design and intelligence.

AP July 13, 2018
Warning lights about cyber threats to U.S. national security are “blinking red” and the digital attempts to undermine America are occurring daily, not just at election time, the nation’s top intelligence official said Friday. Russia has been the most aggressive foreign actor, but cyber threats also are coming from China, Iran and North Korea as well as criminal networks and individual hackers, said National Intelligence Director Dan Coats.

Nextgov July 12, 2018
The General Services Administration is inviting ethical hackers to break into the sign-on portal for citizens applying for government jobs and accessing federal programs. The agency on Wednesday added Login.gov to its sweeping public bug bounty program, offering anyone who discovers a security gap within the site potentially thousands of dollars in prize money.

Fifth Domain July 12, 2018
The Army recently commissioned its first two officers as part of a new pilot program to attract cyber talent from the private sector and bring them into the military ranks. As part of the pilot, mandated by Congress and stood up by the Army in late 2017, accepted applicants will enter service as first lieutenants.

Ars Technica July 11, 2018
In May, a hacker perusing vulnerable systems with the Shodan search engine found a Netgear router with a known vulnerability—and came away with the contents of a US Air Force captain's computer. The purloined files from the captain—the officer in charge (OIC) of the 432d Aircraft Maintenance Squadron's MQ-9 Reaper Aircraft Maintenance Unit (AMU)at Creech Air Force Base, Nevada—included export-controlled information regarding Reaper drone maintenance. The hacker took the documents to a Dark Web marketplace, where he planned on selling them for a few hundred dollars. And it's there that analysts from Recorded Future, an information security threat intelligence company, discovered them.

FCW July 10, 2018
For years, security experts have warned of an impending cyber Pearl Harbor: an attack so big and bold that it cripples U.S. infrastructure and demands a military response. However, in interviews with former White House and executive branch officials as well as members of Congress and staffers involved in cyber policy, many expressed more concern about the potential for a Cyber Gulf of Tonkin: a misunderstanding or misattribution around an event that precipitates or is used as a justification for war.

In closed-door meetings last March, U.S. transportation regulators and others grappled with questions about whether police should have the power to disable self-driving cars and whether an automatic alert that a robo-taxi had been in a wreck could violate an occupant's privacy, a report released on Tuesday showed.

Fifth Domain July 10, 2018
Georgia will open a 330,000 square foot cybersecurity facility in Augusta July 10, the first of two buildings that will make up the Georgia Cyber Center, and build on the investment in the region from Army Cyber Command. When complete, the facility will be home to cybersecurity research, training and operations.

CyberScoop July 9, 2018
ackers have launched distributed denial-of-service attacks against at least two municipal-level Democratic campaigns in 2018, according to two people familiar with the matter. These incidents, which occurred as the campaigns were focused on primary elections, were publicly unknown prior to this report. The malicious cyber-activity did not appear random, sources told CyberScoop.

CyberScoop July 9, 2018
The State Department’s top cybersecurity official says he is “optimistic” the United States can strike a deal at the United Nations on norms for government behavior in cyberspace with multiple countries, including China and Russia, two of Washington’s biggest adversaries in the domain.

The Washington Post July 7, 2018
Metro officials say they plan to focus on improving security throughout the transit system after a classified inspector general’s report concluded that the agency remains vulnerable to hacks and attacks that could imperil safety and day-to-day operations.


INDUSTRY

CNBC July 13, 2018
Cybersecurity stocks present a compelling short-term bet for investors ahead of the 2018 midterm elections, Goldman Sachs advised clients Thursday. Pointing to an expected uptick in security spending in the run-up to November, analyst Arjun Menon told clients that the select group of stocks are likely to see upside in the months to come.

Ars Technica July 12, 2018
Google’s Chrome browser is undergoing a major architectural change to enable a protection designed to blunt the threat of attacks related to the Spectre vulnerability in computer processors. If left unchecked by browsers or operating systems, such attacks may allow hackers to pluck passwords or other sensitive data out of computer memory when targets visit malicious sites. .

CNBC July 12, 2018
It would be hard to walk into to a major business and walk away with all its sensitive information. But sometimes that's not the case when it comes to online networks. Q6 Cyber, a cybersecurity firm that specializes in monitoring the dark web, showed CNBC a forum post in Russian where the cybercriminal was offering access to a New York City law firm’s network and files, and was willing to send screenshots as evidence he had broken in. The price for the access was $3,500. That law firm was not alone, says Eli Dominitz the founder and CEO of Q6, which is based on Hollywood, Florida. Q6 has found similar information from law firms in Beverly Hills and other locations across the country for sale. They would not name any of the law firms. “If you're a law firm that's involved in major transactions, [mergers & acquisitions] of publicly traded companies, you're going to have a lot of sensitive information, inside information before it becomes publicly available,” Dominitz said. “If I'm able to access that, I can trade around that and manipulate stocks and make a lot of money. We've seen that kind of activity by very sophisticated cybercriminals.”

Financial Times July 12, 2018
The Chinese hacking group nicknamed “Red Apollo” last year launched one of the largest ever sustained global cyber espionage campaigns. Rather than attacking companies directly, it targeted cloud service providers, attempting to use their networks to spread spying tools to a wide number of companies. It was the latest warning sign of the risks posed by so-called supply chain attacks, according to PwC, the professional services company, which tracked the campaign. Known as Operation Cloud Hopper, the attack targeted a small number of managed IT service providers, giving it the potential to spread malware to all the clients using these outsourcing companies to run their computer networks. Companies in 15 countries, including the UK, France, Switzerland, US, Canada, Australia and Japan were targeted. This indirect approach demonstrates a new level of maturity in cyber espionage, and is increasingly common. Symantec, the cyber security company, says in a recent report it saw a 200 per cent increase in supply chain attacks in 2017 compared with the previous year. National governments are increasingly concerned about the trend.

CyberScoop July 11, 2018
ew York-based L3 Technologies announced on Wednesday that it is acquiring Azimuth Security and Linchpin labs, two cybersecurity companies that specialize in selling exploits to governments. The deal was for a combined price of about $200 million, L3 said. L3 is a contractor that provides communication, electronic, aerospace and sensor systems to military, homeland security and commercial clients. The company said that the acquisitions will strengthen its cybersecurity, intelligence and surveillance capabilities. Based in Australia, Azimuth says on its website that it provides security assessments and penetration testing on software services. Linchpin Labs, also based in Australia with offices in the U.S., the United Kingdom and Canada, describes itself as a “custom software development company” that serves corporate and government clients.

The Wall Street Journal July 11, 2018
Broadcom Inc. agreed to buy software company CA Technologies for $18.9 billion, a surprise move that would take the chip-making giant in a new direction. Broadcom is to pay $44.50 a share in cash for CA, formerly known as Computer Associates, Broadcom said late Wednesday. CA shares closed at $37.21 Wednesday, so the price represents a 20% premium.

CyberScoop July 11, 2018
Israeli industrial and critical infrastructure cybersecurity company Radiflow has announced that it took in an $18 million investment, led by the Singapore-based multibillion dollar engineering giant ST Engineering. Boasting of doubling sales of its threat detection tools in the last year, Radiflow has over 50 worldwide customers. The company collaborates with partners, including U.S. cybersecurity firms Palo Alto Networks and RSA. ST Engineering will also enter into a partnership with Radiflow that will include access to the Israeli firm’s defensive tools. Radiflow’s customers include critical infrastructure operators in power generation, electricity supply and water facilities. Earlier this year, the company released a case study on a cryptocurrency miner attack against a water facility.

Ars Technica July 10, 2018
Criminals recently stole code-signing certificates from router and camera maker D-Link and another Taiwanese company and used them to pass off malware that steals passwords and backdoors PCs, a researcher said Monday. The certificates were used to cryptographically verify that legitimate software was issued by D-Link and Changing Information Technology. Microsoft Windows, Apple’s macOS, and most other operating systems rely on the cryptographic signatures produced by such certificates to help users ensure that executable files attached to emails or downloaded on websites were developed by trusted companies rather than malicious actors masquerading as those trusted companies.

AT&T is pulling out its wallet again. The company said Tuesday it has signed a deal to acquire AlienVault, a software security company based in San Mateo, California, that specializes in detecting threats. The buyout will expand AT&T's security services to small and medium-sized companies. "AlienVault's expertise in threat intelligence will improve our ability to help organizations detect and respond to cybersecurity attacks," Thaddeus Arroyo, CEO of AT&T Business, said in a statement. "The current threat landscape has shifted this from a luxury for some, to a requirement for all." The deal comes amid continuing concerns over cyberattacks, with corporate giants from Yahoo to Equifax suffering devastating breaches that exposed people's personal information over the past several years.

The Hill July 9, 2018
Timehop, the application that resurfaces old photos and posts on Facebook, on Sunday revealed that hackers had compromised the personal data of millions of its users. The attackers, according to a preliminary investigation of the breach, stole roughly 21 million email addresses and names from Timehop during an attack last Wednesday, which took place on the Fourth of July. From those affected users, the hackers also gained access to roughly 4.7 million phone numbers, the company wrote in a Sunday blog post.

Vice Motherboard July 9, 2018
It just keeps happening. A hacker has targeted a company selling Android spyware marketed to monitor children, employees, and previously romantic partners. This data breach is the latest in an ever increasing list of vigilante hackers focusing on the consumer spyware industry, some parts of which have been linked to illegal stalking and spying by abusive partners.


INTERNATIONAL

Ars Technica July 13, 2018
In what appears to be a case of highly focused social engineering against a small group of iPhone users, malicious actors managed to get 13 iPhones registered on their rogue mobile device management (MDM) servers and then pushed out applications that allowed the hackers to track the locations of the phones and read victims' SMS messages.

Financial Times July 12, 2018
When the authorities closed down cyber attack website Webstresser and arrested its administrators in April, it was the culmination of a complex international investigation. Operation Power Off was led by the Dutch police and the UK’s National Crime Agency, supported by Europol and a dozen other law enforcement agencies around the world. It was the latest example of increased global co-operation between police forces, as law enforcement agencies search for better ways to counter cyber crime.

CyberScoop July 10, 2018
In the run-up to Cambodia’s general election on July 29, a hacking group tied to China has been breaking into multiple organizations that share a connection to either the country’s main opposition party, voting process or human rights movement, according to new research and additional analysis provided by U.S. cybersecurity firm FireEye. The findings — made possible through a glaring operational security mistake where hackers left their attack servers exposed on the open internet — help illustrate how governments are leaning on cyber-espionage capabilities to learn about foreign elections. FireEye collected this intelligence by directly accessing the attack servers, which weren’t protected with a password. The firm was able to identify breaches through established lines of communication that existed between the servers and victims.

EURACTIV July 10, 2018
A legal proposal to overhaul the EU’s cybersecurity rules passed a major hurdle on Tuesday (10 July) as the European Parliament’s Industry Committee (ITRE) approved a plan to create a voluntary system for certifying the security level of technology products. The bill sharpens measures in a European Commission proposal from last September to set up the first EU-wide labelling scheme to measure cybersecurity standards of items sold in EU countries. Angelika Niebler, the German centre-right MEP who authored the committee’s report, said after the vote that the legislation would “increase consumers’ trust in internet-connected products and IT solutions”.

Reuters July 9, 2018
Mexico’s financial authorities on Friday warned local banks to be on alert for potential cyber attacks and to strengthen security systems, activating protocols established in the wake of recent bank hacks. Mexico’s central bank, Finance Ministry and banking regulator said in a statement that the measure is preventative, and that the country’s financial system is functioning normally. The statement did not detail the reason behind the alert. Mexican authorities on Thursday had detected the threat of a potential cyber attack to occur the next day, said a financial official with knowledge of the matter who requested anonymity because he was not authorized to speak with the press. In May, the central bank said a cyber attack had tapped into payment system connections at five entities, sucking out around 300 million pesos ($15.33 million). Mexico’s attorney general along with financial authorities and associations formed an “Immediate Response Group,” meant to coordinate fast alerts on information security incidents.

The Sydney Morning Herald July 6, 2018
China-based hackers have successfully infiltrated the IT systems at the Australian National University, potentially compromising the home of Australia's leading national security college and key defence research projects. Federal government cyber security officials have been working with the university since detecting the cyber attack, assessing the scale of any information theft and who in China could be responsible for it.

TECHNOLOGY

Financial Times July 12, 2018
Connecting buyers with sellers via the internet — the so-called “platform” economy — has enabled companies such as Amazon, eBay, Uber and Airbnb to build vast global businesses. Now cyber criminals are using the same technique, and even the same platforms, to buy and sell their tools. Surrey University criminologist Michael McGuire estimates that more than $1.5tn in profits a year are acquired, laundered, spent and reinvested by cyber criminals through “platform criminality”.

Ars Technica
July 10, 2018
When the Spectre and Meltdown attacks were disclosed earlier this year, the expectation was that these attacks would be the first of many, as researchers took a closer look at the way that the speculative execution in modern processors could be used to leak sensitive information and undermine the security of software running on those processors.