The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President Biden’s Executive Order 14028—Improving the Nation’s Cybersecurity.

The guidance refers to existing industry standards, tools, and recommended practices that were previously published by NIST in SP800-161 “Cybersecurity

The U.S. Department of State has announced a $10 million reward for “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”

The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.”

According to

In an action against what has been described as one of the largest hacker forums in the world, the U.S. Department of Justice (DOJ) announced on  April 12, 2022, that it has taken down RaidForums’ website and arrested its founder/administrator. According to DOJ, the domains seized were “Raidforums.com,” “Rf.ws,” and “Raid.lol.”

In its announcement,

The Department of State’s new Bureau of Cyberspace and Digital Policy (CDP) commenced operations on April 4, 2022. According to an announcement, the “CDP bureau will address the national security challenges, economic opportunities, and implications for U.S. values associated with cyberspace, digital technologies, and digital policy.”

The bureau consists of three policy units: International

In a win for global law enforcement, Germany’s Bundeskriminalamt (BKA) announced on April 5, 2022, that it had officially taken down the infrastructure of Hydra, a Russian-based, illegal dark-web marketplace that has allegedly facilitated more than $5 billion in Bitcoin transactions since its inception in 2015. In the process of shutting it down, German authorities

The U.S. Department of Justice (DOJ) unsealed indictments against four Russian government officials on March 24, 2022, alleging that they hacked into networks that controlled energy systems in the U.S. 

According to the DOJ, the attacks took place between 2012 and 2018, and included physical damage to infrastructure, as well as embedding malware for later

Okta, which markets itself as a “leading provider of identity” in the health care, public sector, energy, financial services, technology, travel and hospitality, and nonprofit industries, has notified some of its customers that data may have been accessed by cybercriminal group LAPSUS$. (Late breaking news—LAPSUS$ may be a teenager living in the U.K.). According to

The FBI’s Internet Computer Crime Center (IC3) is a portal for individuals and companies to report crimes and losses suffered over the Internet.

The FBI keeps track of such crimes to assist victims by providing information about criminal groups and to gather information on a national basis to locate and prosecute those responsible.

Each year,