Pegasus survey in Spain. Recruitment of cyber talents for the United States Department of Defense. FDIC violation disclosure rules are taken into account.
In one look.
- Pegasus survey in Spain.
- Recruitment of cyber talents for the United States Department of Defense.
- FDIC violation disclosure rules are taken into account.
Spanish Prime Minister targeted by Pegasus spyware.
The Guardian reports During a press conference yesterday, the Spanish government revealed that the phones of Prime Minister Pedro Sánchez and Defense Minister Margarita Roble were infected with NSO Group’s controversial Pegasus surveillance software. Presidential Minister Félix Bolaños says phones were targeted last year and data extracted from devices, Security Week reports. Bolaños remarked, “We have no doubt that this is an unlawful and unauthorized intervention.” He clarified that the surveillance must have been conducted by an external party as there had been no judicial authorization for such surveillance. Politics Remarks that Sánchez is the first confirmed leader of a European country and NATO member to have been tracked using Pegasus. The incident will be investigated by the Audencia Nacional, and the phones of other government officials are being analyzed to determine if they may also have been tapped.
The disc by Recorded Future adds that the revelation follows reports that the phones of politicians and activists linked to Spain’s separatist movement in Catalonia were also infected with Pegasus, the surveillance the victims suspect was carried out by Spain’s National Intelligence Center, CNI. Reuters reports that Catalan President Pere Aragones, upon hearing about the Spanish Prime Minister’s infected phone, replied: “When mass surveillance is against the Catalan independence movement, we only hear silence and excuses. Today, everything is done in haste.
This is just the latest in a long list of surveillance incidents related to Pegasus spyware, but as always, NSO says the software is only sold to governments to help with criminal investigations. A company spokesperson said: “While we have not seen any information related to this alleged misuse and do not know the details of this specific case, NSO’s firm position on these matters is that the use of cyber tools to monitor politicians, dissidents, activists and journalists is a serious misuse of any technology and goes against the intended use of these critical tools.
Bits against bullets.
Pentagon officials say the war in Ukraine has demonstrated that the need for machine learning and artificial intelligence experts to support government defense efforts has never been more critical. “I like to say that the pieces can be as important as the bullets,” said Undersecretary of Defense Kathleen Hicks. Told Cable. Cutting-edge technology — like AI software used to interpret Russian radio communications, facial recognition technology to identify Russians in video footage, and custom drone weapons designed for use by Ukrainian forces — has been the key to Department of Defense (DoD) efforts during the war. The Pentagon’s National Security Commission on Artificial Intelligence, an initiative focused on assessing the changing technology landscape, says the United States needs to focus more on emerging technologies and working with the private sector to compete with opponents like China. For its part, the DoD tried. The Defense Innovation Unit was created in 2015, and last month the Pentagon named Craig Martell, a former head of machine learning at Lyft, as its first head of digital and artificial intelligence. Emsi job listing tracking researchers say 33% of defense industry job postings mention software development or data science skills, up from 91% since 2017, and the Pentagon has awarded multi-billion dollar contracts to companies like Lockheed Martin and Raytheon. However, experts say partnerships with Silicon Valley, which has historically drawn protests from employees reluctant to work on military contracts, will be needed to really keep up with innovation.
Should FDIC Violation Reporting Rules Be Extended to Other Industries?
In March, the U.S. Federal Deposit Insurance Corporation (FDIC), the Federal Reserve Board of Governors, and the Office of the Comptroller of the Currency issued a joint announcement establishing computer security incident notification requirements for organizations. FDIC-supervised banks and their service providers. The rule went into effect on May 1. In an editorial in National Interest, an expert argue that while the financial sector will benefit from the reporting rules, these information sharing requirements should be implemented across all sectors. Additionally, security analysts will need to have the necessary tools to support the increased burden that these requirements will entail.
Padraic O’Reilly, co-founder of cyber risk management firm, CyberSaint, wrote to highlight some things he thinks the US financial services industry should keep in mind when the regulations go into effect. First, how prepared are the banks and other relevant institutions for the rules?
“It is likely that smaller institutions are not fully prepared to meet this requirement. The shorter deadline, 36 hours, is an attempt to raise awareness of the situation by federal authorities across the sector. There is still some confusion in smaller institutions about what constitutes an event.In addition, forensic capacity is often not very strong.IT and IT security professionals must present management with options cost-effective ways to meet these requirements, ranging from better event logging and analysis to coordination among reporting managers.
And, second, what steps should they take to prepare for the new regulations?
“Banks should formally review the types of incidents covered in the proposal and review their current processes to assess any potential capacity shortfalls. This is really a tighter timeline on a 15-year requirement and an extension of what constitutes covered incidents. Small businesses should assess their current reporting processes, ensure they have the appropriate government contacts, and put in place procedures for filing reports. This will involve coordination between legal departments, computers and infosec (if they have such a function).”