Russian Satellites, Cl0p, CISA, YouTube, ArcServ, EarlyRat, Aaran Leyland, & More – SWN #307
This week in the Security News, Dr. Doug talks: Russian Satellites, Cl0p, CISA, YouTube, ArcServ, EarlyRat, Aaran Leyland, and More on this edition of the Security Weekly News!
Doug White
- Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack
- CISA, NSA Share Guidance on Securing CI/CD Environments
- YouTube tests restricting ad blocker users to 3 video views
- Critical authentication bypass found in Arcserve backup system
- White House uses budget hammer to spur better cybersecurity in 2025 and beyond
- Hundreds of federal network devices fail new CISA security requirements
- Log4j bug exploited to push novel EarlyRat malware
- Cyberattack knocks out satellite communications for Russian military
Aaran Leyland
- Apple Objects to UK Bill That Would Break Encrypted Messaging
New online safety bill could force encrypted messaging apps like iMessage and WhatsApp to scan for child abuse material, but platforms warn about privacy implications.
Apple has joined more than 80 technology experts and organizations in an appeal to UK lawmakers to consider the broader privacy ramifications of pending legislation called the Online Safety Bill.
The legislation, moving its way through Parliament, is intended to force accountability for technology platforms used to distribute child abuse materials.
Platforms like iMessage and WhatsApp use end-to-end encryption (E2EE), which prevents anyone but the sender and recipient from viewing the contents of a message. E2EE also keeps law enforcement from identifying illicit materials.
In its current form, the Online Safety Bill allows, under some circumstances, the UK's communications regulator Ofcom to force platforms to scan messages for prohibited content.
