Attacks, Threats, and Vulnerabilities
SolarWinds Attackers Launch New Wave Of Nobelium Attacks (Minerva Labs) Nobelium malware attacks are being carried out by the same Russian threat actor group responsible for the SolarWinds attack.
USAID Email Phishing Campaign Shows Supply Chain Threats Continue (eSecurityPlanet) Russian-connected cyberattacks continue, and even the meat industry is now a target, as the U.S. faces a growing cybersecurity threat.
Security Summit: SolarWinds attack was an attack on trust (ITWeb) The hack shows we can't think of security purely through the lens of our own risk, said Orange Cyberdefense’s Charl van der Walt at the ITWeb Security Summit this morning.
Threat Actors Use Mockups of Popular Apps to Spread Teabot and... (Bitdefender Labs) Spreading malware on Android devices is not easy, as the official store can usually (not always) prevent these types of apps from reaching users. But one of Android's greatest strengths, the ability to sideload apps from non-official sources, is also a weakness. Using a combination of tricks to...
Critical 0-day in Fancy Product Designer Under Active Attack (Wordfence) The vulnerability allows unauthenticated attackers to upload PHP files and achieve Code Execution even if Fancy Product Designer is disabled.
Media Statement: JBS USA Cybersecurity Attack (GlobeNewswire) On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems.
JBS USA and Pilgrim’s Announce Progress in Resolving Cyberattack (most recent update) (JBS Foods) Today, JBS USA and Pilgrim's announced significant progress in resolving the cyberattack that has impacted the company’s operations in North America and Australia. Operations in Mexico and the UK were not impacted and are conducting business as normal.
Significant progress made towards resolving cyber attack: JBS (The Examiner) Meat processing company JBS says the 'vast majority' of its beef plants will soon be operational again, following a cyber attack on its information systems.
Full impact still being assessed in JBS cyber-security attack (Beef Central) Time will be the factor that dictates the degree of impact that JBS and its customers sustain as a result of the weekend cyber security breach, which has temporarily disabled the company’s operations in Australia and North America. As JBS completes its second ‘lights out’ day across its Australian red meat processing operations following the crime's discovery over the weekend, the full extent of the impact is still being measured.
JBS: Cyber-attack hits world's largest meat supplier (BBC News) The ransomware attack may mean delays for some customers in the US, Canada and Australia, the firm says.
Cyber attack disrupts meatpacking giant JBS (Computing) The attackers are likely based in Russia, according to the White House
Cyber attack hits JBS meat works in Australia, North America (Reuters) Australian and North American units of the world's largest meat works were hit over the weekend by an organised cyber attack on its information systems, Brazil's JBS SA (JBSS3.SA) said in a statement.
U.S. says ransomware attack on meatpacker JBS likely from Russia (Reuters) Brazil's JBS SA (JBSS3.SA) told the U.S. government that a ransomware attack on the company that disrupted meat production in North America and Australia originated from a criminal organization likely based in Russia, the White House said on Tuesday.
JBS ransomware attack likely came from a Russian group, White House says (The Record by Recorded Future) A cyberattack that shut down some operations at JBS, a major meat processor with plants across Australia and the Americas, is believed to be a ransomware incident originating from a criminal organization based in Russia, the White House said Tuesday.
Russia in contact with U.S. over cyber attack on meatpacker JBS -Ifax (Reuters) Russia is in direct contact with the United States about a ransomware attack on Brazil's JBS SA , Interfax news agency cited Deputy Foreign Minister Sergei Ryabkov as saying on Wednesday.
U.S. says ransomware attack on meatpacker JBS likely from Russia; cattle slaughter resuming (CNBC) JBS, the world's largest meatpacker, said on Tuesday night it had made "significant progress in resolving the cyberattack.
Major meat producer JBS USA hit by cyberattack, likely from Russia (CNN) Major meat producer JBS USA suffered a cyberattack on Sunday.
Meat Producer Ransomware Attack Disrupts Global Production (SecurityWeek) A ransomware attack on JBS, the world’s largest meat company, is disrupting production around the world just weeks after a similar incident shut down a U.S. oil pipeline.
Meat-packing Giant JBS USA Shuts Down Systems Following Cyberattack (SecurityWeek) JBS USA, the US subsidiary of the world's largest meat processing company, said Monday that some operations were shut down following a cyberattack that affected its North American and Australian IT network.
Food giant JBS Foods shuts down production after cyberattack (BleepingComputer) JBS Foods, a leading food company and the largest meat producer globally, was forced to shut down production at multiple sites worldwide following a cyberattack.
Pilgrim’s affected by cyber attack on parent company (KLTV) A cyber attack will affect operations at the Pilgrim’s plant in Nacogdoches, the chicken producer announced.
The latest cyber attack victim is the world's largest meat supplier (Fortune) The cyber attack is only the latest to hit a major commodities company
Ransomware Attack on Meat Processor Shows How Hackers Wreak Real-World Havoc (Wall Street Journal) An apparent ransomware attack on meat processor JBS is the latest incident showing how hacks of major companies can ripple across the world.
Meat Buyers Scramble After Cyberattack Hobbles JBS (Wall Street Journal) Some of the biggest U.S. meat-processing plants curtailed operations after the attack, potentially delaying business with meat buyers, cattle feedlots and other suppliers.
Latest cyberattack on meatpacking business points to long-term concerns for the industry (KSN-TV) JBS is a meatpacker that was hit by a cyberattack this week.
A ransomware attack hits another massive, crucial industry: meat (Vox) JBS Foods, the world’s largest meat producer, has gone partially offline.
First fossil fuels, now meat: Cyber attackers hobble factory farming giant (Input) JBS says no customer or employee data has been compromised — but meat production shifts have been canceled at some facilities.
The Cybersecurity 202: The meat industry is the latest to be thrown into chaos by ransomware (Washington Post) A ransomware attack against the world’s largest meat processor is giving a taste of the chaos hackers could cook up with a concerted hack against the agricultural and food sector.
Realtek Critical Wi-Fi Vulnerabilities Discovered (VDOO) A comprehensive analysis revealing two new critical vulnerabilities discovered in a popular Realtek Wi Fi module by Vdoo’s automated product security platform, including a demonstration of the exploitation.
Database of 'Pirate Site Haven' DDoS-Guard is Reportedly Up For Sale (TorrentFreak) The database of DDoS-Guard, a bulletproof hosting service utilized by many pirate sites, is reportedly up for sale on a hacking forum.
Cybercrime forum advertises alleged database, source code from Russian firm that helped Parler (CyberScoop) A seller on a popular cybercrime forum appears to be offering up source code and a database they say belongs to DDoS-Guard, the Russia-based hosting site that helped right-leaning social media company Parler get back online after Amazon Web Services banished it.
Front-runners draining $280 million per month from crypto transactions (CyberNews) Front-runners are abusing traders by draining hundreds of millions from crypto transactions on decentralized exchanges.
Siemens PLCs New Security Flaws Uncovered (softpedia) Siemens released updates to fix PCLs serious vulnerabilities
Siemens PLC vulnerability is cyber-attackers’ ‘holy grail’ (Drives and Controls Magazine) Cyber-researchers have found a vulnerability in Siemens’ Simatic S7-1200 and S7-1500 PLCs that could give attackers read and write access anywhere on the...
Huawei LTE USB Stick E3372: From File Overwrite to Code Execution (Trustwave) In today's world, more and more devices are connected to the Internet for on-the-go connectivity. Huawei has a mobile broadband service that allows Internet connectivity via cellular networks by using a small USB dongle. The device itself – Huawei LTE USB Stick E3372 – looks like a USB thumb drive and comes with software to install on macOS called HiLink.
Trustwave Security Advisories (Trustwave) When Trustwave SpiderLabs experts discover new vulnerabilities, we follow our established published advisories in accordance with our disclosure policy. Subscribe for real-time updates.
Battle for the Galaxy: 6 Million Gamers Hit by Data Leak (Infosecurity Magazine) 1.5TB of data exposed, including users’ email addresses, IP addresses, Facebook data, and more.
Data Breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed in Mobile Game Database Leak (WizCase) WizCase’s security team has found a major breach in popular mobile game Battle for the Galaxy’s database. This leak exposed users’ email addresses, IP addresses, Facebook data, and more to potential attack. The leaked data numbers in the millions and was accessible to anyone who possessed the link. There was no need for a ...
Exclusive: Alibaba’s Huge Browser Business Is Harvesting The ‘Private’ Web Activity Of Millions Of Android And iPhone Users (Forbes) UC Browser, one of the biggest web browsing apps in the world thanks to huge user bases in Asia, claims to respect user privacy. But it has been harvesting its users’ website visits via its UC Browser app, even when incognito mode is turned on, researchers warn.
OnlyScams: New GreatHorn Phishing Data Shows a Surge in X-Rated Attacks (GreatHorn) Phishers exploit human nature, taking advantage of individuals, combining social psychology, technical systems, security subjects and politics. Call it what you will: business email compromise (BEC), phishing, spearphishing or whaling, all email-based cyberattacks have one thing in common: they use social psychology. The goal of the email attacker is to put the user off balance, […]
Threat Spotlight: Post-delivery email threats (Journey Notes) Barracuda researchers recently looked at approximately 3,500 organizations to better understand threat patterns and response practices.
Swedish Public Health Agency Says Disease Database Targeted in Cyberattacks (SecurityWeek) The Swedish Public Health Agency (Folkhälsomyndigheten) is currently investigating several attempts to hack into SmiNet, a database that stores reports of infectious diseases, including COVID-19 cases.
Scripps begins notifying more than 147,000 people of ransomware records breach (San Diego Union-Tribune) Health system says data thieves did not penetrate main Epic records system
Notice of Privacy Incident (Sturdy Memorial Hospital) Sturdy Memorial Hospital (“Sturdy”) is committed to protecting the confidentiality and security of the information we maintain. We recently identified and addressed a data security incident that involved some patient information.
Report: Colombian Financial Credit Provider Leaks Customers Personal Information (Website Planet) Company name and location: Credinet.co / Sistecredito, based in Colombia Size: Around 100 MB of data, totaling 143,876 records Data Storage
Security Patches, Mitigations, and Software Updates
Siemens Patches Critical Security Flaw in Certain Products (BankInfoSecurity) Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary
Siemens SIMATIC S7-1200 and S7-1500 CPU Families (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SIMATIC S7-1200 and S7-1500 CPU Families
Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer\
2.
Hillrom Medical Device Management (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.9
ATTENTION: Exploitable remotely
Vendor: Hillrom
Equipment: Welch Allyn medical device management tools
Vulnerabilities: Out-of-Bounds Write, Out-of-Bounds Read
Trends
Group-IB research: Jolly Roger's Patrons (Group-IB) The report exposes financial crime network of online pirates in developing countries
Cryptomining malware up, financial malware down in Q1 2021, Kaspersky finds (TechRepublic) Bitcoin prices rocketed in early 2021, and so did the number of cybercriminals distributing malware to force infected devices to mine them, with numbers quadrupling from February to March alone.
Process sensor issues continue to be ignored and are placing the country at extreme risk (Control Global) In preparing for my keynotes and panel sessions next week, July 8-9 (follow-on blog), I found a recent NERC Lessons Learned event of a combined cycle power plant in Florida that suffered significant load oscillations.
Top 10 security misperceptions (IT-Online) The Sophos Rapid Response team has compiled a list of the most commonly held security misperceptions they’ve encountered in the last 12 months while neutralizing and investigating cyberattacks in a wide range of organizations. These are the top 10 misperceptions, together with a Sophos counterpoint dispelling each of them based on incident responders’ experience and […]
Reflections in the wake of RSA 2021: Cyber resiliency (Security Magazine) The first RSA Conference took place 30 years ago. It was conceived by the then-CEO Jim Bidzos, and consisted of roughly 50 people in a room discussing cryptography – the focus area of that first assembly. By the turn of the millennium, the conference expanded internationally, reaching audiences in Europe, China, Singapore and Abu Dhabi. Ten years later in 2011, the RSA Conference boasted an impressive 18,500 attendees in the United States alone.
Study Finds Data Breaches Cost Affected Companies - in Higher Interest Rates (PR Newswire) A recent study published by the American Accounting Association finds that there is a very real cost for companies that can't protect their...
Consumer threats jumped by 83% in 2020, recent findings reveal (Atlas VPN) According to Atlas VPN analysis, consumer threats jumped by 82.84% in 2020. The most concerning fact is that a few extremely dangerous and multi-purpose malware types sky-rocketed to never-before-seen heights.
Survey: 48% of Businesses Don’t Use a User Verification Policy for Pas (PRWeb) 48% of organizations don’t have a user verification policy in place for incoming calls to IT service desks, according to Specops Software, the leading provider
Cybersecurity Threatscape 2020 (Positive Technologies) The number of unique incidents grew by 51 percent compared to 2019. Seven out of ten attacks were targeted. Medical and government institutions were the most tempting targets for attackers. The number of malware attacks grows every year. 2020 saw an increase in such attacks by 54 percent compared to 2019. Ransomware was used in 45 percent of all malware-related attacks on organizations. Instead of performing mass attacks, ransomware operators started to deliberately choose their targets.
Marketplace
Cybersecurity M&A Roundup: 36 Deals Announced in May 2021 (SecurityWeek) Tens of cybersecurity mergers and acquisitions were announced in May 2021, including by Forcepoint, Imperva, Accenture, Cisco, HelpSystems, Splunk, Twilio, and Zscaler.
Microsoft acquires ReFirm Labs to enhance IoT security (Microsoft Security) Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of the intelligent edge has accelerated the number of these cloud-connected devices that contain multiple specialized sub-processors each with its own firmware layer and often a custom operating system.
Coalfire Acquires Denim Group to Transform (Coalfire.com) Becoming #1 application security provider supporting top cloud service providers
Exabeam Lands $200M Investment, Replaces CEO (SecurityWeek) Late-state SIEM startup adds a new chief executive and banks a $200 million “growth round” investment at a $2.5 billion valuation.
Accenture Federal Services to Acquire Novetta and Bring More Advanced AI, Cyber, and Cloud Capabilities to Client Missions (BusinessWire) Accenture entered into an agreement to acquire Novetta, an advanced analytics company serving U.S. federal organizations.
Vetro Raises $12M As Broadband Industry Sees ‘Unprecedented’ Investment (Crunchbase News) Vetro, which develops software to help internet providers manage their network, announced its first round of funding — a $12 million growth investment led by Resolve Growth Partners.
oak9 Secures $5.9 Million Seed Round to Launch Infrastructure-as-Code Security Platform (BusinessWire) oak9 launched its infrastructure as code security platform today, backed by a seed round of $5.9 million led by Menlo Ventures, accompanied by Hyde Pa
Redacted comes out of stealth with $60M in funding and a new take on fighting cybercrime (TechCrunch) The cybersecurity industry has no shortage of technology to fight against network intruders, app corrupters, email hackers and other cyber criminals. Today a startup called Redacted is coming out of stealth with a different approach to tackling that malicious activity: It applies threat intelligenc…
Sectra's year-end report 2020/2021: Increased profitability and record-breaking order bookings (PR Newswire) International medical imaging IT and cybersecurity company Sectra (STO: SECT B) helps customers provide patients with the best possible care...
Zerodium acquiring zero-days in Pidgin, an IM client popular with cybercriminals (The Record by Recorded Future) Exploit broker Zerodium announced plans today to pay up to $100,000 for zero-days in Pidgin, a multi-protocol instant messaging desktop client and a popular IM tool used in cybercriminal circles.
Cyber Defense Magazine Names Arcserve a Global InfoSec Award Winner During RSA Conference 2021 (GlobeNewswire) Arcserve UDP Cloud Direct wins the “Most Innovative Cloud Backup” award.
Secret Double Octopus Named "Best in Class" for Enterprise Passwordless Authentication in New Aite Group Matrix Report (PR Newswire) Secret Double Octopus, pioneer of Passwordless Enterprise Authentication, today announced its achievement of a "Best-in Class" ranking in a new...
Bionic Recognized as a Gartner 2021 Cool Vendor in DevSecOps (PR Newswire) Bionic, the application intelligence company, announced today that it has been named in the Gartner 2021 Cool Vendors in DevSecOps report....
Canada’s Community of Digital Identity Leaders Grows to Over 100 Members (BusinessWire) The DIACC Canada’s Community of Digital Identity Leaders Grows to Over 100 Members
Deloitte Hires Amy Chaput and Monica McEwen (WashingtonExec) Amy Chaput and Monica McEwen have joined Deloitte’s Government & Public Services consulting practice, serving as leaders in the Deloitte Analytics and
Shift5 Announces Appointment of Joe Lea as the New President (PR Newswire) Shift5, the leader in fleet cyber security and operational intelligence, is excited to announce that Joe Lea has joined the executive team as...
Ermetic Appoints Toby Buschini Vice President of Worldwide Sales (BusinessWire) Ermetic will triple headcount worldwide this year and open new customer support offices in Boston and the California Bay Area.
Zerto Announces Senior Leadership Promotions as It Builds for Further Growth and Product Innovation (Zerto) Avi Raichel to Become Chief Operating Officer with Deepak Verma Promoted to VP, Product Management
Products, Services, and Solutions
WatchGuard Unveils New Endpoint Security Product Family Within WatchGuard Cloud, Just One Year After Panda Acquisition (WatchGuard Technologies) WatchGuard Cloud is now the MSP management interface of choice for security delivery
Verve Industrial and 1898 & Co. Create Partnership for ICS Risk Management (Verve Industrial) Verve Industrial partners with 1898 & Co. to deliver cyber security solutions to customers in the industrial controls space.
TrustArc and PKWARE Streamline Data Discovery and Privacy Compliance with the DG Discovery Solution (CIO Applications) Organizations who require privacy information and data discovery throughout their organization...
PRESS RELEASE: BOLL Becomes Certified Distributor Of Fudo Security In The DACH Region. (Fudo Security) Swiss IT security distributor BOLL has signed a comprehensive distribution agreement with Fudo Security. This partnership delivers Zero Trust Network Security powered by intelligent Privileged Access Management to Switzerland and the entire DACH region. With immediate effect, BOLL is a certified distributor for Fudo Security’s PAM offering in Germany, Austria, and Switzerland. Fudo PAM is …
Jumio biometrics to secure Klever crypto wallets (Biometric Update) Jumio chosen by cryptocurrency wallet Klever to provide biometric identity verification for fast, automated user onboarding compliant with KYC, AML regulations.
Cisco announces new service enhancement around XDR and SASE in support of its customers (TahawulTech) Cisco announces a new service enhancement around XDR and SASE in support of its security customers.
Huawei highlights updated cybersecurity framework at GISEC 2021 (Intelligent CIO Middle East) Huawei, a global provider of information and communications technology (ICT) infrastructure and smart devices, is at GISEC 2021 from May 31 to June 2, where it’s showcasing its capabilities in smart government, cloud and 5G, all built around a robust cybersecurity foundation. Huawei regional executives are also contributing to various plenary sessions during the event […]
Huawei gets some 5G wins, calls for talks with US (Light Reading) On the global 5G battlefront, it's been a good news week for Huawei – perhaps that's why it still thinks it can get the US to drop its bans.
Check Point Software Offers HealthCare Information Security and Privacy Practitioner Course by ISC(2) - Check Point Software (Check Point Software) Learning & Training Dedicated health care industry related education program for partners and IT professionals to be rolled out
IBM to Create Cybersecurity Center for U.S. Federal Clients (MarketWatch) By Dave Sebastian International Business Machines Corp. said it is creating a cybersecurity center for U.S. federal clients in light of current and future...
New Program Addresses the Growing Demand for Security Awareness Professionals to Protect Organizational Information Assets from Human Error with a Focus on a Security-Aware Culture (PR Newswire) H Layer Credentialing, a wholly owned business unit of Professional Testing, Inc., announced the launch of its new third party, vendor-neutral,...
Broadcom Pioneers Adaptive Protection to Maximize Endpoint Security (Broadcom Inc.) Self-adaptive, ML-based endpoint security solution delivers superior protection with automated policy configuration and no end-user productivity loss
NortonLifeLock Unveils Norton Crypto (NortonLifeLock) New Feature Enables a Safe and Easy Way to Mine Cryptocurrency NortonLifeLock (NASDAQ: NLOK), a global leader in consumer Cyber Safety, today announced the launch of Norton™ Crypto, a new feature designed to enable consumers to safely and easily mine cryptocurrency through its trusted Norton™ 360 platform. Starting tomorrow, select Norton 360 customers in Norton’s early adopter program will be invited to mine for Ethereum.
CybelAngel Joins SecurityScorecard’s Integrate360 Marketplace to Help Customers Better Manage Their Risk Portfolio (BusinessWire) CybelAngel announces its addition to SecurityScorecard’s Integrate360 Marketplace providing customers with view of exposed documents and credentials.
Cobalt Launches Public API, Continues Modernization of Pentesting (PRWeb) Cobalt, the Pentest as a Service (PtaaS) company that’s modernizing the traditional pentesting model, today announced the launch of its public API. The Cobalt
Axio Announces Strategic Partnership with Impact Business Technology (BusinessWire) Axio, a leading cyber risk management Software-as-a-Service company, today announced their latest strategic partnership with Impact Business Technolog
Technologies, Techniques, and Standards
How to Negotiate with Ransomware Hackers (The New Yorker) Kurtis Minder finds the cat-and-mouse energy of outsmarting criminal syndicates deeply satisfying.
Businesses take advantage of real time cyber intelligence (iTnews) But many still learning how to make best use of it.
Research and Development
European-led consortium investigates quantum cryptography (ComputerWeekly.com) The arms race to a quantum internet is under way – the European Commission is looking at secure critical national infrastructure and member state comms.
Academia
Space Coast Impact: Universities are working to combat growing cybercrime (Florida News Times) By Eric Wright Few weeks are without news articles detailing breaches in corporate and government cybersecurity networks. As technology advances and cyberterrorists become bold to disrupt society, the threat of cyberattacks on financial, political, military and infrastructure systems can increase. And many of the attacks that affect Americans on a daily basis aren’t on a …
Illinois, IBM creating $200M Institute on emerging technology (University Business Magazine) The Discovery Accelerator will allow university students and industry researchers to work on complex global solutions with AI, quantum technology and cloud computing.
Legislation, Policy, and Regulation
How Denmark became the NSA's listening post in Europe (France 24) Sunday's revelations that Danish spies helped the US National Security Agency (NSA) monitor European leaders highlighted the pivotal role that the Scandinavian country has played for US intelligence…
China In Eurasia Briefing: Is Eastern Europe's Love Affair With China Coming To An End? (RadioFreeEurope/RadioLiberty) The EU investment deal is on ice, vaccine diplomacy in Central Asia, Beijing’s view of Belarus, the end of the 17+1, and Serbia’s drone program.
China and Russia’s Dangerous Convergence (Foreign Affairs) On March 23, Chinese Foreign Minister Wang Yi and his Russian counterpart, Sergey Lavrov, sat down for an auspiciously timed meeting. The high-level talks came just a day after an unusually heated public exchange between senior U.S. and Chinese officials in Anchorage, Alaska, and in sharp contrast, the Chinese and Russian foreign ministers struck an amicable tone.
The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow (Security Boulevard) In the past few months, we’ve faced massive attacks with SolarWinds and the HAFNIUM attacks targeting Microsoft Exchange, followed by the unprecedented ransomware attack by DarkSide that crippled US critical infrastructure.
Colonial Pipeline fallout: Thwarting ransomware attacks requires collective defense (Compliance Week) President Biden's executive order on cyber-security largely applies to federal agencies. But its core message-that the public and private sectors must collectively defend against increasingly malicious ransomware attacks-should not be lost on companies.
For IT, cyber policy goals, dig beneath the numbers of Biden’s 2022 request (Federal News Network) The Biden administration is asking for a 2.4% increase and a 14% increase in federal IT and cybersecurity spending, respectively, in fiscal 2022.
DoD Budget Appears To Cut Cyber Offense, Beef Up Defenses (Breaking Defense) The single biggest reduction in proposed year-over-year cyber funding appears to be in overseas "hunt-forward" cyber operations, with a $284.4 million cut to $147.2 million in 2022 versus a requested $431.6 million last year.
U.S. agency not doing its job to halt tech to China's military -congressional report (Reuters) The U.S. Commerce Department is failing to do its part to protect national security and keep sensitive technology out of the hands of China's military, according to a U.S. congressional advisory report seen by Reuters.
Navy Information Operations Command Texas Change of Command (DVIDS) Navy Information Operations Command Texas holds Change of Command on 21 May 2021.
Litigation, Investigation, and Law Enforcement
U.S. seizes two domains used in cyberattacks that mimicked USAID communications (Reuters) The U.S. Justice Department said on Tuesday that it had seized two Internet domains that had been used in spear-phishing attacks that mimicked email communications from the U.S. Agency for International Development.
US seizes domains used by APT29 in recent USAID phishing attacks (BleepingComputer) The US Department of Justice has seized two Internet domains used in recent phishing attacks impersonating the U.S. Agency for International Development (USAID) to distribute malware and gain access to internal networks.
Justice Department Announces Court-Authorized Seizure of Domain Names Used in Furtherance of Spear-Phishing Campaign Posing as U.S. Agency for International Development (US Department of Justice) On May 28, 2021, pursuant to a court order, the United States seized two command-and-control (C2) and malware distribution domains used in recent spear-phishing activity that mimicked email communications from the U.S. Agency for International Development (USAID).
Rhode Island Woman Charged with Phishing Scheme (US Department of Justice) A Rhode Island woman was charged today with sending phishing emails to candidates for political office and others.
A Seattle man became self-radicalized and planned to fight and die for ISIS, federal attorneys say (Seattle Times) Before he could board a flight to Egypt, where he planned to attend an ISIS training camp in the Sinai desert, a 20-year-old Seattle man was arrested by federal agents at Seattle-Tacoma International Airport on Friday and charged with providing material support to a designated foreign terrorist organization, according to court records.
Inside The ‘World’s Largest’ Video Game Cheating Empire (Vice) The cheat-making group known as "Chicken Drumstick" made more than $70 million selling cheats for PUBG Mobile. This is the story of its rise and fall.
Finjan Owes $5.9M In Patent 'Fiasco,' Special Master Says (Law360) Finjan Inc. should foot a $5.9 million portion of Juniper Networks' legal bill, a special master has determined, after U.S. District Judge William Alsup said Finjan repeatedly "wasted everyone's time and energy" by flip-flopping on its patent infringement theory in an attempt to artificially boost damages.
Big Tech's Immunity To Get Tough Look At 3rd Circ. (Law360) A Third Circuit argument set for Wednesday in a Philadelphia-based journalist's suit over the unauthorized use of her image on the internet signals a possible turning point for the broad immunity enjoyed by online platforms that utilize third-party content, experts say.
Are Ransomware Attacks Impeding Criminal Prosecutions? (GovInfoSecurity) As more cities see their police departments targeted with ransomware attacks, some analysts are voicing concerns that the attacks, which could lead to inaccessible
Justices Won't Review Qatar's Immunity From Hacking Claims (Law360) The U.S. Supreme Court on Tuesday turned down a Republican fundraiser and admitted unregistered foreign lobbyist's petition asserting his right to sue Qatar over allegations that the government of the Middle Eastern country hacked him.
State Rolls Out Medical Pilot Program to Find Causes of ‘Havana Syndrome’ (Foreign Policy) U.S. still grappling with how to respond five years after first reports of suspected microwave attacks in Havana.