Reuters reports that among the governments calling out China for cyberespionage is Norway's, which yesterday publicly attributed a March 10 attack on parliamentary email systems to Beijing.
The US has said that China's Ministry of State Security contracted at least part of its exploitation of Microsoft Exchange Servers to criminal organizations. In many cases those gangs were permitted to profit directly from their activities, a White House statement charged. China this morning answered the widespread condemnation of its operations with denial and tu quoque accusations of American misconduct, the Washington Post reports.
Amazon Web Services told Motherboard that the cloud provider has revoked NSO Group's access to its infrastructure. NSO Group has categorically denied accusations of abuse reported by the Guardian and others.
A criminal organization that styles itself ZeroX is offering a terabyte of proprietary data stolen from Saudi Aramco. BleepingComputer says the gang claims the data include personal information on 14,254 employees, business documents, and engineering information. According to Saudi Aramco, ZeroX obtained the data from third-parties via exploitation of an unspecified zero-day. The attack did not involve ransomware, and does not appear to be an extortion play.
Cloudstar, which the Record describes as a managed service provider with many customers in the "mortgage, title insurance, real estate, legal, finance, and local government sectors," continues recovery from a ransomware attack detected Friday. The incident has interfered with real estate transactions, and the Record, betting on form, thinks recovery may be a matter of weeks as opposed to days.