WASHINGTON – On May 28, pursuant to court orders issued in the Eastern District of Virginia, the United States seized two command-and-control (C2) and malware distribution domains used in recent spear-phishing activity that mimicked email communications from the U.S. Agency for International Development (USAID). This malicious activity was the subject of a May 27 Microsoft…
Category: Of Note
Babuk re-organizes as Payload Bin, offers its first leak
At the end of April, threat actors known as Babuk indicated that they were closing up shop and switching to a different model: Babuk changes direction, we no longer encrypt information on networks, we will get to you and take your data, we will notify you about it if you do not get in touch…
US soldiers accidentally leak nuclear secrets via study apps — report
Alex Berry reports: Troops on US bases in Europe housing nuclear weapons have been using publicly accessible online flashcard apps to remember long and complex security protocols, the investigative website Bellingcat revealed on Friday. The military personnel turned to sites such as Quizlet, Chegg Prep and Cram to memorize codes, jargon and even the status of nuclear…
Russian SolarWinds hackers launch email attack on government agencies
Nobelium launched the attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft. Guardian staff and agencies report: The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted phishing assault on US and foreign government agencies and thinktanks this…
Russia’s FSB reports ‘unprecedented’ hacking campaign aimed at government agencies
Reuters reports: Foreign hackers compromised Russian federal agencies in a digital espionage campaign that Russian officials described as unprecedented in scope and sophistication. The little-noticed report – published this month by Russia’s FSB security service and Rostelecom-Solar, the cybersecurity arm of telecoms company Rostelecom (RTKM.MM) – provides an unusually detailed look at a purportedly state-backed cyber spying…
One Employee’s Accidental Email Leads To A Significant Data Breach Ruling in Federal Appeals Court
Jeffrey Csercsevits of Fisher Phillips writes: A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no indication of misuse or external disclosure. In McMorris v. Carlos Lopez & Associates, LLC, the 2nd Circuit Court of…