The Belarusian Cyber Partisans seem to seriously intend the overthrow of President Lukashenka's government, and MIT Technology Review reports signs that the Partisans may have help from inside the regime itself.
US President Biden met industry leaders yesterday to formalize some cybersecurity national priorities. Among the measures announced were a cooperative program between industry and the National Institute of Standards and Technology (NIST) to bolster the security of the technology supply chain, and the formal extension of the Industrial Control Systems Cybersecurity Initiative to natural gas pipelines. Participants from industry committed to initiatives ranging from coupling insurance coverage to compliance with certain basic security standards, to investment in cyber workforce development, to committing resources to cybersecurity technology.
Zscaler has released a report on scams and adware campaigns that accompanied the recent Tokyo Olympics. The conclusions are instructive because they illustrate the way in which high-profile events in sport and other cultural domains draw the attention of cybercriminals.
Digital Shadows looks at the ShinyHunters, the criminal group that claimed to have compromised data held by AT&T (claims AT&T denies) and notes their shift toward extortion and their here-today-gone-tomorrow mode of operation. Whatever turns out to be the case with the claimed AT&T attack, the ShinyHunters will probably recede temporarily, then reappear with refined technique.
Cequence finds that bot operators, like legitimate users, are finding virtual private networks (VPN) useful in obscuring their origin and infrastructure. VPN services that don't limit the number of connections are proving valuable in mounting high-volume attacks.