Contents

• Google Registry launches new top-level domains—.zip and .mov—raising cybersecurity concerns
• FBI warns of malicious actors using deepfakes to facilitate Sextortion Schemes

Contents

• The White House publishes the 2023 National Cybersecurity Strategy
• Alibaba’s DAMO Vision Intelligence Lab releases publicly Text-to-Video Diffusion Model

Contents

• NIST publishes the AI Risk Management Framework
• Lawsuits commenced against Stability AI for intellectual property infringement

Contents

• President Biden signs an Executive Order to implement a new privacy framework with respect to “Signals” Intelligence

Contents

• New Text-to-Image AI Model allows users to produce pornographic and other controversial content
• CISA publishes a guide for post-quantum cryptography for critical infrastructure

Contents

• Internet critical infrastructure calls for attention; are undersea cables possible points of failure?
• The National Credit Union Board proposes cyber incident reporting rules

Contents

• Senate bill aims to implement export controls to protect personal data from unfriendly nations
• Attorneys serve an anonymous defendant using an NFT

Contents

• New Jersey federal court dismisses lawsuit against TD Bank that alleged its failure to protect against online theft
• Former employee of a major NFT marketplace charged with wire fraud and insider trading
• European Council and the European Parliament agree provisionally on an enhanced cybersecurity Directive

Contents

• The Ninth Circuit holds that data scraping of publicly available information does not implicate the CFAA

Contents

• Cyber Incident Reporting for Critical Infrastructure Act of 2022 signed into law

Contents

• The SEC proposes regulations on Cybersecurity Risk Management for Investment Advisers and Companies
• FBI, NSA, and CISA issue Joint Cybersecurity Advisory alert with respect to State-sponsored Cyber Attacks on Cleared Defense Contractor Networks

Contents

• The Office of Management and Budget publishes Memorandum to set forth a federal Zero Trust Architecture strategy
• Just-passed Virginia House Bill aims to require mandatory cybersecurity and data breach incident reporting from all state and local government bodies

Contents

• The open source software community and government agencies rush to contain a novel Log4j 2 vulnerability
• The U.S. Cyberspace Solarium Commission releases white paper focusing on countering disinformation

Contents

• Law enforcement agencies announce the arrest of ransomware suspects and asset forfeiture action
• Compromised Google Cloud Platform used by threat actors to mine cryptocurrency at others’ expense

Contents

• Police arrest suspect for de-pixelating pornographic videos using AI technology
• U.S. House Members introduce The Justice Against Malicious Algorithms Act

Contents

• U.S. Department of Justice charges individuals for violating federal export regulations relating to computer hacking
• Treasury’s Office of Foreign Assets Control publishes updated advisory on ransomware payments

Contents

• TD Bank sued by a customer for failure to protect against online theft
• Senator Warner introduced legislation to bolster cyber breach notification

Contents

• Threat Actors conduct a series of Supply Chain attacks against Kaseya VSA software to spread ransomware to thousands of businesses
• NSO Group’s Pegasus spyware allegedly used against non-criminal civilians and journalists worldwide

Contents

• U.S. Supreme Court limits the scope of criminal violation under the Computer Fraud and Abuse Act
• President Biden signs Executive Order to increase information sharing
• The Ransomware Task Force issues a comprehensive strategic framework against ransomware

Contents

• Virginia adopts the Consumer Data Protection Act
• Pennsylvania woman charged with deep fakes cyberbullying

Contents

• President Biden orders multiple U.S. Supply Chain Reviews
• The SolarWinds hack: SUNSPOT, SUNBURST, and a compromised Office 365 account
• Hacker Attempted to Control Florida Water Treatment Plant

Contents

• DeFi: High yield and unregulated crypto securities market
• Microsoft uses Copyright and Trademark Law to combat botnet

Contents

• New Measure of Cyber Power Published: The Belfer National Cyber Power Index 2020
• Ethereum Classic suffers a third 51% attack in August

Contents

• Police body cameras sold on eBay contain video footage
• Carnival reported ransomware attack and data breach in SEC filing
• Blackbaud paid a ransom to mitigate a data breach attack

Content

• Lawful Access to Encrypted Data Act

Contents

• Security researchers discover eBay is port scanning visitors’ computers
• A National Security Research Agenda for Cybersecurity and AI
• External actors motivated by monetary interests drive most breaches (Verizon’s 2020 Data Breach Investigations Report)