🛰️ #OSINT Update for 23 March 2026 (CET) 🛰️ 🇺🇸 United States — Domestic Security • ICE • Cyber Defence → President Trump tied a DHS funding deal to passage of a voter-registration bill and threatened to deploy ICE agents at airports if a budget deal stalls, raising the political temperature around DHS and immigration enforcement. → U.S. financial and critical-infrastructure sectors remain on elevated alert for possible Iran-linked cyber retaliation as the regional conflict persists. 🇩🇪 Germany — Intelligence • Surveillance Tech → Berlin pushed broader intelligence powers to counter hybrid threats, including proposals to expand BND surveillance capabilities and data-retention scope. → German debate over lawful-access and stronger operational powers for intelligence services intensified as security agencies argue current tools lag behind partner states. 🇬🇧 United Kingdom — Ukraine Support • Defence Tech → London and Kyiv advanced a joint drone-production and export push, with the UK positioning Ukraine’s drone and anti-drone expertise as part of wider defence cooperation. → British support messaging remained focused on sustaining Ukraine while Middle East escalation competes for political attention. 🇨🇦 Canada — Financial Oversight • Border Security → No verified new public Canadian regulatory, FINTRAC, or CBSA delta meeting novelty threshold in this scan window. 🇦🇺 Australia — AI Governance • Surveillance → No verified new federal or state deployment decision meeting novelty threshold in this scan window. 🇪🇺 European Union & Member States — Digital Identity Wallets • Chat Control • Cyber Sanctions → EU sanctions were imposed on two Chinese companies and one Iranian company over cyberattacks against member states, marking a concrete escalation in EU cyber enforcement. → EU leaders agreed deadlines to strengthen the single market and explicitly pushed for laws related to the digital euro to be finalised by end-2026. → No public trilogue breakthrough on Chat Control was confirmed in this scan window; the file remains blocked on encryption and scanning scope. 🇷🇺 Russia — Strike Ops • Military Posture • Energy → Russian drones struck Odesa, while attacks also hit Lviv and an energy facility in Volyn, causing outages affecting roughly 30,000 homes. → NATO reviewed eastern logistics and fuel resilience again as Russia’s strike pattern continued to stress civilian and energy infrastructure. → Russia continued benefiting from higher energy-price volatility linked to the wider regional war. 🇺🇦 Ukraine — Drones • Long-Range Strike • Defence Cooperation → Ukrainian drone activity remained active over occupied Crimea and inside Russia, with Russian air defences reporting multiple interceptions in Sevastopol and Stavropol. → Ukraine’s drone partnership with the UK moved into a more outward-looking phase, with joint export and third-country opportunities under discussion. → Kyiv continued to frame drone and anti-drone innovation as a strategic offset while wider geopolitical attention shifts toward Iran. 🇮🇱 Israel — Border Security • Gaza Access • Regional Escalation → Israel reopened the Rafah crossing on a limited basis to allow a small number of wounded Palestinians and family members to exit for treatment. → Israeli policy toward Gaza crossings remains tightly controlled even as ceasefire diplomacy and wider regional escalation continue to reshape access conditions. 🇵🇸 Palestine — Humanitarian Aid → Rafah reopened only partially for medical evacuations, underscoring continued external dependence for treatment access. → Gaza’s humanitarian situation remains constrained by limited crossing access, even with incremental movement on evacuations. 🇨🇳 China — Digital Governance • Cyber • Encryption → Beijing-linked strategic messaging on post-quantum cryptography accelerated, with Chinese experts projecting national standards within three years and prioritising finance and energy as early migration sectors. → China was directly hit by new EU cyber sanctions, adding pressure to an already tense technology and security environment with Europe. 🇯🇵 Japan — Encryption • Cyber Resilience → No verified new Cabinet, MOD, or regulatory delta meeting novelty threshold in this scan window. 🇰🇵 North Korea — Military Posture → North Korea fired multiple ballistic missiles during U.S.–South Korea drills, reinforcing its posture of regular missile demonstrations tied to allied exercises. → Pyongyang also moved to convene a new assembly session to consider constitutional revision, a step analysts view as potentially formalising a harder line toward South Korea. 🇮🇷 Iran — Cyber • Regional Posture • Strategic Signalling → Iranian missile attacks and threats around the Strait of Hormuz sharply raised regional energy and shipping risk, pushing oil-supply fears higher. → An Iranian government-linked hacking unit’s website reappeared after FBI/DOJ domain seizures, following claims of responsibility for a March cyberattack on a U.S. medical device maker. → Iran also came under fresh EU cyber sanctions via action against an Iranian company tied to attacks on EU states. ================================================ 🏦 Banking & Financial Authorities — ECB • FinCEN • Supervisory Bodies → Market expectations shifted toward possible ECB rate hikes in April and June as inflation risks tied to Middle East energy disruption intensified. → The digital euro remains politically alive: Parliament’s earlier backing still frames the legislative path, while major banks continue lobbying over its liquidity and funding impact. → FinCEN remained in a heightened supervisory posture around crypto/kiosk risk, but no new public bulletin or rule finalisation was confirmed in this scan window. 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → No new public multi-agency advisory meeting novelty threshold was confirmed in this scan window. → Intelligence-relevant deltas this period were actor-specific: BND surveillance expansion, Mossad-adjacent border/security developments, and Iranian cyber-state activity. 🔍 Cyberattack → The clearest cyber delta in this window was the restoration of infrastructure tied to an Iranian government-linked hacking unit shortly after U.S. domain seizures, highlighting persistence and recovery capability after disruption. → EU cyber sanctions against Chinese and Iranian entities also marked a material state-level response to prior intrusion activity. ================================================ 📌 Forward Triggers → NATO consultations or posture changes following any cross-border airspace incursions or escalation linked to Russia/Ukraine operations. → Publication of Member-State EUDI Wallet conformity-assessment results and any regulator non-conformity actions. → EU trilogue outcome on Chat Control and whether the text adopts mandatory scanning or alternative mitigations. → Confirmed impact assessments on Russian fuel production and export volumes following continued Ukrainian strikes. → FinCEN supervisory escalations or rule-finalisation timelines affecting KYC requirements for kiosks and high-risk MSBs. → ECB sandbox telemetry that would alter pseudonymity or offline CBDC policy direction. → Israeli utility cyber-forensics reports that would prompt sectoral emergency advisories. → Further cyber escalation tied to the U.S.–Israel–Iran conflict, including infrastructure targeting or retaliatory disruption attempts. ================================================ 🛰️ End of report.

🛰️ #OSINT Update for 2 March 2026 (CET) 🛰️ 🇺🇸 United States — ICE • Biometric Data • Cyber Defence → DHS watchdog launched a privacy-focused audit examining biometric tracking practices involving ICE/OBIM (procedural escalation). [Source: FedScoop, 9 Feb 2026] → Ongoing scrutiny around DHS/ICE “Mobile Fortify” continues to expand in mainstream reporting, framing the tool as “match suggestion” rather than identity verification (high-confidence OSINT, continuing relevance). [Source: WIRED, 6 Feb 2026] → Western cybersecurity community is actively bracing for Iran-linked retaliation attempts following the US–Israel escalation, with critical infrastructure highlighted as a risk surface (high-confidence OSINT). [Source: BankInfoSecurity, 28 Feb 2026] 🇩🇪 Germany — Intelligence • Cyber • Legal Oversight → No verified new public court/regulator actions or BND disclosures meeting novelty threshold in this scan window. 🇬🇧 United Kingdom — Military Support • Middle East • Drones → UK PM stated Ukrainian experts will assist Gulf partners to counter Iranian drone threats amid US–Israel strikes on Iran; UK posture framed as defensive support (material delta). [Source: The Guardian, 2 Mar 2026] 🇨🇦 Canada — Crypto Oversight • Border Biometrics → No verified new FINTRAC/CBSA public releases meeting novelty threshold in this scan window. 🇦🇺 Australia — AI Governance • Surveillance → No verified new federal/state deployment authorisations or audit decisions meeting novelty threshold in this scan window. 🇪🇺 European Union & Member States — Energy Security • Sanctions Pressure → Hungary ordered heightened security at energy sites and claimed Ukraine is plotting disruption; escalatory political signalling around Druzhba disruption remains active (material delta). [Source: Associated Press (AP), 25 Feb 2026] 🇷🇺 Russia — Energy • Strike Ops • De-dollarisation → Russian oil flows faced measurable disruption after a Ukrainian drone strike hit a key Transneft pumping station; Transneft reportedly cut pipeline intake by ~250k bpd (material delta with export implications). [Source: Reuters, 24 Feb 2026] → February strike tempo against Ukraine reached a three-year peak in missiles/drones per compiled reporting, sustaining pressure on Ukrainian energy resilience (evolving trend, quantified). [Source: Reuters, 26 Feb 2026; The Moscow Times citing AFP analysis, 1 Mar 2026] 🇺🇦 Ukraine — Drones • Long-Range Strike • Energy Resilience → Ukraine absorbed a large-scale overnight Russian missile/drone attack (420 drones / 39 missiles per reporting) with energy and rail infrastructure among targets (material delta). [Source: Reuters, 26 Feb 2026] → Ukraine continues to demonstrate deep-strike capability against Russian military-industrial assets, including reporting around a long-range strike on a facility linked to Iskander/Bulava production (material delta). [Source: Business Insider, 26 Feb 2026] 🇮🇱 Israel — Gaza Crossings • Humanitarian Controls • Cyber → Israel closed all crossings into Gaza, including those used for aid workers and medical evacuation, citing security context amid the Iran escalation (material delta). [Source: Reuters, 28 Feb 2026] → Aid groups petitioned Israel’s Supreme Court over new rules that could effectively bar multiple international NGOs from operating in Gaza/Palestinian territories (procedural + operational delta). [Source: Associated Press (AP), 25 Feb 2026] 🇵🇸 Palestine — Humanitarian Aid • Access Constraints → UN reporting and NGO activity indicate intensified operational stress due to crossing closures and regulatory constraints on aid groups; medical evacuation flows remain a key chokepoint (evolving constraint). [Source: Reuters, 28 Feb 2026; OCHA Situation Report No. 68, 11–18 Feb window] 🇨🇳 China — Digital ID • Surveillance • Censorship → No verified new national-level policy issuance meeting novelty threshold in this scan window; existing digital governance integration continues. 🇯🇵 Japan — Encryption • Cyber Resilience → No verified new Cabinet/MOD releases meeting novelty threshold in this scan window. 🇰🇵 North Korea — Military Posture → No verified launch events or confirmed deployment shifts meeting novelty threshold in this scan window. 🇮🇷 Iran — Cyber • Escalation • Regional Posture → Wave of cyber operations hit Iranian apps/websites following US–Israeli strikes; reporting also notes major connectivity disruption inside Iran during the incident window (material delta). [Source: Reuters, 1 Mar 2026] → Concurrent reporting tracks MuddyWater campaign evolution targeting MENA organisations with fresh tooling (background risk trend relevant to escalation context). [Source: The Hacker News, 23 Feb 2026; Dark Reading, 23 Feb 2026] ================================================ 🏦 Banking & Financial Authorities — ECB • FinCEN • Supervisory Bodies → ECB reiterated design framing around legislative dependency and the role of a digital euro in payments resilience; latest briefings emphasised “where we stand” and ongoing preparations (procedural delta). [Source: ECB speech (Cipollone), 19 Feb 2026; ECB presentation, 18 Feb 2026 (PDF)] → FinCEN published a whistleblower bulletin soliciting tips on fraud-related AML and sanctions violations (procedural delta). [Source: FinCEN Whistleblower Bulletin, 13 Feb 2026] 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → No new public multi-agency advisory in this scan window meeting novelty threshold; cross-domain activity is being driven primarily by Iran escalation and Ukraine strike/counterstrike tempo. 🔍 Cyberattack → Iran-linked cyber activity and counter-operations became a visible escalation track following kinetic strikes, with heightened expectation of retaliatory attempts against US/Israel-aligned targets (evolving risk). [Source: Reuters, 1 Mar 2026; Check Point research briefing, 1 Mar 2026] ================================================ 📌 Forward Triggers → NATO consultations or posture changes following any cross-border airspace incursions or escalation linked to Russia/Ukraine operations. → Publication of Member-State EUDI Wallet conformity-assessment results and any regulator non-conformity actions. → EU trilogue outcome on Chat Control and whether the text adopts mandatory scanning or alternative mitigations. → Confirmed impact assessments on Russian fuel production and export volumes following continued Ukrainian strikes. → FinCEN supervisory escalations or rule-finalisation timelines affecting KYC requirements for kiosks and high-risk MSBs. → ECB sandbox telemetry that would alter pseudonymity or offline CBDC policy direction. → Israeli utility cyber-forensics reports that would prompt sectoral emergency advisories. → Further cyber escalation tied to the US–Israel–Iran conflict, including hack-and-leak operations and critical-infrastructure targeting. ================================================ 🛰️ End of report.

IRAN #OSINT SPECIAL REPORT — 28 Feb 2026 Tehran Focus | Israel + US Actions Confidence key: High / Medium / Low Executive Snapshot → Israel announced a pre-emptive strike on Iran. Explosions reported in Tehran and additional urban centres. Confidence: High → Operation described as coordinated with the United States. Planning reportedly ongoing for months. Confidence: High → US leadership publicly framed the operation as significant military action. Confidence: High → Civilian panic dynamics reported inside Iran (fuel queues, closures, movement away from affected zones). Confidence: Medium–High Situation Report — Tehran → Multiple explosion reports in the capital following Israeli announcement. Smoke observed over parts of the city. Confidence: High → Civil disruptions reported: school closures, increased traffic movement, fuel demand spikes. Confidence: Medium–High → Elevated likelihood of regime internal security surge (checkpoints, arrests, information control) based on prior protest repression patterns. Confidence: Medium Assessment: Tehran enters a high-volatility window (24–72h). Civil stability stress combined with external kinetic activity increases unpredictability. Actions — Israel → Declared pre-emptive action against Iranian targets. → Civil defence posture raised domestically (alerts, preparedness measures). → Senior Israeli officials confirm operational coordination with the US. Assessment: This marks overt escalation beyond grey-zone engagement patterns. Strategic signalling suggests deterrence-through-force doctrine. Actions — United States → US participation reported alongside Israeli strikes. → Public messaging frames the operation as deliberate and coordinated. → Political narrative positioning indicates intent beyond symbolic retaliation. Assessment: US posture signals alignment rather than distance. Regional actors will interpret this as joint responsibility. Immediate Risk Outlook (Next 24–72 Hours) → Iranian retaliation vectors: missile/drone launches toward Israeli territory. Confidence: Medium–High → Potential targeting of US bases in neighbouring states. Confidence: Medium–High → Tehran internal crackdown surge likely (internet throttling, curfews, rapid detentions). Confidence: Medium → Economic shock indicators: liquidity pressure, fuel supply stress, panic buying. Confidence: Medium Watchlist Indicators → Confirmed strike targets in/around Tehran (military, air defence, IRGC-linked infrastructure). → Official emergency decrees or nationwide security announcements. → Verified attacks on US regional assets. → Maritime escalation signals in Gulf corridors. → Confirmed communications blackouts. Strategic Assessment → Escalation ladder crossed. → Coordination between Israel and US removes ambiguity about alignment. → Tehran stability risk elevated significantly. → Regional spillover probability materially increased. This is no longer proxy shadow play. It is direct state-on-state kinetic signalling. End of report.