UK has no idea if it's selling spyware to evil regimes

Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

Oracle has been sued by Plexada System Integrators in Nigeria for alleged breach of contract and failure to pay millions of dollars said to be owed for assisting with a Lagos State Government IT contract.

Plexada is seeking almost $56 million in denied revenue, damages, and legal costs for work that occurred from 2015 through 2020.

A partner at Plexada, filed a statement with the Lagos State High Court describing the dispute. The document, provided to The Register, accuses Oracle of retaliating against Plexada and trying to ruin the firm's business for seeking to be paid.

The world's governments are eager to let someone else handle their IT headaches, according to a recent Gartner report, which found a healthy appetite for "anything-as-a-service" (XaaS) platforms to cut the costs of bureaucracy.

These trends will push government IT spending to $565 billion in 2022, up 5 percent from last year, the analyst house claims. Gartner believes the majority of new government IT investments will be on service platforms by 2026.

"The pandemic sped up public-sector adoption of cloud solutions and the XaaS model for accelerated legacy modernization and new service implementations," Gartner analyst Daniel Snyder said in a release. "Fifty-four percent of government CIOs responding to the 2022 Gartner CIO survey indicated that they expect to allocate additional funding to cloud platforms in 2022, while 35 percent will decrease investments in legacy infrastructure and datacenter technologies."

The new head of Israel's National Cyber Directorate (INCD) has announced the nation intends to build a "Cyber-Dome" – a national defense system to fend off digital attacks.

Gaby Portnoy, director general of INCD, revealed plans for Cyber-Dome on Tuesday, delivering his first public speech since his appointment to the role in February. Portnoy is a 31-year veteran of the Israeli Defense Forces, which he exited as a brigadier general after also serving as head of operations for the Intelligence Corps, and leading visual intelligence team Unit 9900.

"The Cyber-Dome will elevate national cyber security by implementing new mechanisms in the national cyber perimeter, reducing the harm from cyber attacks at scale," Portnoy told a conference in Tel Aviv. "The Cyber-Dome will also provide tools and services to elevate the protection of the national assets as a whole. The Dome is a new big data, AI, overall approach to proactive defense. It will synchronize nation-level real-time detection, analysis, and mitigation of threats."

Google has reportedly asked the US Federal Election Commission for its blessing to exempt political campaign solicitations from spam filtering.

The elections watchdog declined to confirm receiving the supposed Google filing, obtained by Axios, though a spokesperson said the FEC can be expected to publish an advisory opinion upon review if Google made such a submission.

Google did not immediately respond to a request for comment. If the web giant's alleged plan gets approved, political campaign emails that aren't deemed malicious or illegal will arrive in Gmail users' inboxes with a notice asking recipients to approve continued delivery.

Updated The latest version of OpenSSL v3, a widely used open-source library for secure networking using the Transport Layer Security (TLS) protocol, contains a memory corruption vulnerability that imperils x64 systems with Intel's Advanced Vector Extensions 512 (AVX512).

OpenSSL 3.0.4 was released on June 21 to address a command-injection vulnerability (CVE-2022-2068) that was not fully addressed with a previous patch (CVE-2022-1292).

But this release itself needs further fixing. OpenSSL 3.0.4 "is susceptible to remote memory corruption which can be triggered trivially by an attacker," according to security researcher Guido Vranken. We're imagining two devices establishing a secure connection between themselves using OpenSSL and this flaw being exploited to run arbitrary malicious code on one of them.

The two US senators behind a proposed law to bring order to cryptocurrency finance have published their legislation to Microsoft's GitHub to obtain input from the unruly public.

The bill, known as the Responsible Financial Innovation Act, was introduced by Senators Cynthia Lummis (R-WY) and Kirsten Gillibrand (D-NY) on June 7 to create a regulatory framework governing digital assets, cryptocurrencies, and blockchain technology.

It has been welcomed by the Stellar Development Foundation and cryptocurrency trade group the Chamber of Digital Commerce, a sign that the legislation doesn't ask much of those it would regulate.

Blockchain venture Harmony offers bridge services for transferring crypto coins across different blockchains, but something has gone badly wrong.

The Horizon Ethereum Bridge, one of the firm's ostensibly secure bridges, was compromised on Thursday, resulting in the loss of 85,867 ETH tokens optimistically worth more than $100 million, the organization said via Twitter.

"Our secure bridges offer cross-chain transfers with Ethereum, Binance and three other chains," the cryptocurrency entity explained on its website. Not so, it seems.

American lawmakers held a hearing on Tuesday to discuss a proposed federal information privacy bill that many want yet few believe will be approved in its current form.

The hearing, dubbed "Protecting America's Consumers: Bipartisan Legislation to Strengthen Data Privacy and Security," was overseen by the House Subcommittee on Consumer Protection and Commerce of the Committee on Energy and Commerce.

Therein, legislators and various concerned parties opined on the American Data Privacy and Protection Act (ADPPA) [PDF], proposed by Senator Roger Wicker (R-MS) and Representatives Frank Pallone (D-NJ) and Cathy McMorris Rodgers (R-WA).

A decentralized autonomous organization (DAO) called Inverse Finance has been robbed of cryptocurrency somehow exchangeable for $1.2 million, just two months after being taken for $15.6 million.

"Inverse Finance’s Frontier money market was subject to an oracle price manipulation incident that resulted in a net loss of $5.83 million in DOLA with the attacker earning a total of $1.2 million," the organization said on Thursday in a post attributed to its Head of Growth "Patb."

And Inverse Finance would like its funds back. Enumerating the steps the DAO intends to take in response to the incident, Patb said, "First, we encourage the person(s) behind this incident to return the funds to the Inverse Finance DAO in return for a generous bounty."