The Record reports that the Phorpiex botnet has shut down, and researchers at Cyjax have found that the botnet's proprietors are offering the source code for sale. If you're in the market, not that you would be, know that Phorpiex has a mixed reputation in the underworld. It's been profitable, with its spam module and ability to hijack cryptocurrency clipboards being consistent moneymakers. Phorpiex has also hired its botnet out for use by ransomware operators, among them Avaddon, a gang that's recently gone into occultation. On the other hand Phorpiex's own security has tended toward the slipshod, with other criminals able to either uninstall it or substitute their own payloads for those the proprietors intended.
Bangkok Airways disclosed that it's been the victim of an attack that compromised passengers' personal information, including name, "nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information." ZDNet reports that the LockBit ransomware gang has claimed responsibility and threatened to release information if their ransom demands aren't met.
Australian Federal Police have received extraordinary authorities for the enforcement of laws against cybercrime in the form of three new warrants covering network activity, data disruption, and account takeover. The authorities extend beyond investigation to disruption of criminal activity; ITNews says that the standard for issuing the warrants is that they be "reasonably necessary, and proportionate."
POLITICO reports that US national cyber director Inglis will approach fostering cyber resilience as an exercise in soft power.