Hope that Russian authorities were cracking down on ransomware gangs has proved to be a false dawn: FBI deputy director Paul Abbate yesterday told the Intelligence and National Security Summit what o'clock it was. The Bureau sees no evidence of Russian cooperation or unilateral action against the cybergangs. The Washington Post quotes Abbate as saying the criminal groups are still “operating in the permissive environment that they've created there.”
McAfee this morning published a study of Operation Harvest, a cyberespionage campaign the researchers believe to be operated by a Chinese threat group, either APT27 (also known as Emissary Panda) or APT41 (Wicked Panda, or Winnti), perhaps both. It's a complex and long-running effort marked by "multiple privilege escalation and persistence techniques ... and presence in the network."
INKY reports finding a new phishing campaign prompted by the recent US infrastructure bill. The hoods send a bogus email purporting to be from the US Department of Transportation. The phishbait says, essentially, that since a trillion bucks and change is about to flow from the Government to those savvy enough to position themselves for it, you too, recipient, should ring the bell on that gravy train.
As vaccine mandates are planned and brought into effect, the criminal market for bogus vaccine passports has surged with the new, policy-driven demand, Check Point reports.
The US Department of Justice has reached a "deferred prosecution agreement" with three former intelligence and military personnel who provided services to the UAE that violated export and computer abuse laws.