Security Digest

The Reckoning Begins

Prince Andrew arrested, Norway's elite in freefall over Epstein ties, Dell zero-day exploited by China since 2024, six Microsoft zero-days patched, Geneva peace talks stall, and Trump's Board of Peace convenes.

6 min read By FTRCRP

Threat Level: ELEVATED

🕵️ The Epstein Reckoning

Prince Andrew Arrested — First Senior Royal in 400 Years

The former Prince Andrew was arrested on February 19 — his 66th birthday — on suspicion of misconduct in public office. Thames Valley Police acted after evidence emerged that Andrew shared confidential government reports with Jeffrey Epstein while serving as UK trade envoy. Emails from the Epstein files show him forwarding reports on official visits to Hong Kong, Vietnam, and Singapore.

Andrew was released after 11 hours “under investigation” — neither charged nor exonerated. Misconduct in public office carries a maximum sentence of life imprisonment in the UK. He is the first senior British royal arrested in nearly 400 years. The arrest has amplified calls across the Atlantic for similar accountability measures.

Norway’s Political Elite in Freefall

The Epstein files are dismantling Norway’s diplomatic establishment:

  • Terje Rød-Larsen, architect of the Oslo Accords, was interrogated by Økokrim (Norway’s economic crime unit) this week. He faces charges of aiding and abetting gross corruption. Documents reveal Epstein’s involvement in the couple’s purchase of a luxury Oslo apartment for half market value — allegedly through coercion of the seller.

  • Mona Juul, Rød-Larsen’s wife and former ambassador to Jordan and Iraq, resigned her post and faces charges of aggravated corruption. Their children were listed in Epstein’s will for $5 million each.

  • Thorbjørn Jagland, former Prime Minister and Nobel Committee chairman (2009–2015), was charged with aggravated corruption on February 12. Three properties were searched after the Council of Europe waived his diplomatic immunity. Økokrim cited repeated stays at Epstein properties in New York, Paris, and Palm Beach between 2011 and 2018, with travel expenses for six adults covered by Epstein on at least one occasion.

  • Riksrevisjonen is considering a new investigation into the Ministry of Foreign Affairs’ funding of IPI (International Peace Institute), the think tank Rød-Larsen led for 15 years. The previous audit only covered 2007–2012.

  • The Nobel Institute confirmed that if Jagland received financial benefits from Epstein, it would constitute a violation of their ethical regulations. The committee is introducing new disclosure requirements and reviewing its archives.

Bloomberg reported this week on how Rød-Larsen became “Epstein’s top diplomatic fixer,” while questions about the integrity of the Oslo Accords themselves are now being raised internationally.

🛡 ITsec This Week

⚠️ ACTION REQUIRED: Dell RecoverPoint Zero-Day (CVE-2026-22769)

A hardcoded credential in Dell RecoverPoint for Virtual Machines (CVSS 10.0) has been actively exploited by Chinese state-linked group UNC6201 since mid-2024. The hard-coded “admin” account for Apache Tomcat Manager allowed attackers to upload web shells and execute commands as root. Mandiant documented deployment of SLAYSTYLE (web shell), BRICKSTORM, and a novel backdoor called GRIMBOLT.

CISA added this to the KEV catalog on February 18 with a three-day remediation deadline. If you run Dell RecoverPoint for VMs, patch to 6.0.3.1 HF1 immediately. A developer left admin credentials in the code. China had root for 18 months.

Microsoft Patches Six Actively Exploited Zero-Days

Microsoft’s February update addressed six zero-days under active exploitation, all added to CISA’s KEV catalog:

  • CVE-2026-21510: Windows SmartScreen bypass via malicious links/shortcuts
  • CVE-2026-21514: OLE mitigation bypass in Microsoft 365/Office
  • CVE-2026-21513: Internet Explorer security control bypass (yes, IE is still haunting us)
  • CVE-2026-21519: Windows Desktop Window Manager privilege escalation
  • CVE-2026-21533: Windows Remote Desktop Services escalation to SYSTEM

If you run Windows, prioritize these. Two security feature bypasses scored 8.8 CVSS.

Google Chrome Zero-Day (CVE-2026-2441)

CISA flagged an actively exploited use-after-free vulnerability in Chromium’s CSS component. Memory corruption leading to arbitrary code execution. Update Chrome/Chromium immediately.

Odido: 6.2 Million Dutch Telecom Users Exposed

The Netherlands’ largest mobile operator disclosed that attackers accessed personal data of 6.2 million customers through its CRM system — names, addresses, phone numbers, dates of birth, bank accounts, and ID document details. The breach, detected February 7–8, used social engineering to compromise employee access. CEO Søren Abildgaard confirmed the data hasn’t been published yet, but warned it could surface. Former customers from the past two years are also affected.

Advantest Semiconductor Hit by Ransomware

Advantest Corporation, which builds test equipment for Intel, Samsung, and TSMC, detected a ransomware intrusion on February 15. Systems were isolated and the investigation is ongoing. No group has claimed responsibility yet, and whether customer or employee data was exfiltrated remains unclear.

Breach Roundup

  • Conpet (Romania): National oil pipeline operator breached by Qilin ransomware. 1TB+ exfiltrated — internal documents, passports, financial data.
  • Senegal Government: National identification department compromised, citizen identity data accessed.
  • BridgePay (US): Payment platform ransomware attack. FBI and Secret Service forensic teams investigating. No card data compromised per initial findings.

🌍 World Watch

Geneva Peace Talks End Without Breakthrough

The third round of US-brokered Russia-Ukraine peace talks concluded in Geneva on February 18 after just two hours on the second day. Moscow called them “difficult but businesslike.” Kyiv accused Russia of stalling. The core deadlock remains territory: Russia demands Ukraine cede the remaining 20% of Donetsk it hasn’t captured. Zelensky stated Russia is “trying to drag out negotiations that could already have reached the final stage.” New rounds are expected, but no date set. Meanwhile, Russia is preparing massive strikes targeting Ukrainian energy infrastructure.

USS Ford Sails Toward Iran — Trump: “10 to 15 Days”

The USS Gerald R. Ford, the world’s largest aircraft carrier, is transiting the Mediterranean to join the Abraham Lincoln strike group in the Middle East. Trump stated that Iran has “10 to 15 days” to reach a nuclear deal before facing “bad things.” A second round of indirect US-Iran talks in Geneva, mediated by Oman, concluded with what Iran called “good progress” — Tehran agreed to draft a written proposal. But the diplomatic window is narrow, and the military buildup signals escalation readiness.

Trump’s Board of Peace Convenes

Trump’s Board of Peace held its inaugural meeting on February 19 to address Gaza reconstruction. Member states pledged $7 billion, with the US committing $10 billion. Five nations (Albania, Indonesia, Kazakhstan, Kosovo, Morocco) offered troops for a 20,000-strong International Stabilization Force. Egypt and Jordan will train 12,000 police. But the $17 billion in pledges covers barely a quarter of the estimated $70 billion needed to rebuild. Hamas has proposed verifiable weapons “storage” rather than the disarmament demanded by the US and Israel. Gaza’s cumulative death toll exceeds 72,000.

Quick Hits

  • Russia energy strikes: Russia preparing new massive strikes targeting Ukrainian energy sector ahead of next talks round.
  • Iran drills: Iran conducting military exercises amid USS Ford transit, demonstrating retaliatory capability.
  • Sudan: Humanitarian crisis deepens. Civil war death toll exceeds 150,000 with famine conditions spreading.

📊 Week in Numbers

  • 400 years since a senior British royal was last arrested
  • 10.0 CVSS score for Dell RecoverPoint zero-day
  • 18 months China had root access via hardcoded credentials
  • 6.2M Dutch telecom customers exposed in Odido breach
  • 6 actively exploited Microsoft zero-days patched
  • $17B pledged for Gaza reconstruction (of $70B needed)
  • 3 Norwegian political figures now charged over Epstein ties

🔎 What to Watch Next Week

  • Prince Andrew investigation: will formal charges follow?
  • Jagland and Rød-Larsen/Juul: Økokrim next steps after interrogations
  • Riksrevisjonen decision on expanding IPI funding audit
  • Dell RecoverPoint: CISA deadline February 21 — watch for exploitation surge
  • USS Ford Mediterranean transit — arrival timeline and Iran response
  • Russia-Ukraine: next round of Geneva talks (date TBD)
  • Advantest ransomware: group attribution and data exfiltration status

FTRCRP | Future Trust & Responsible Computing Practice Curated by Lara & SCR1B3 · Reviewed by Mr0