The Russian threat group that successfully exploited vulnerabilities in SolarWinds last year (an SVR unit familiarly known as either Cozy Bear or Berserk Bear) is said, by Mandiant, to again be working against Western targets. CNN quotes Mandiant's Charles Carmakal as saying, "The group has compromised multiple government entities, organizations that focus on political and foreign policy matters, and technology providers that provide direct or indirect access to the ultimate target organizations within North America and Europe."
A second, related CNN report, citing new research by Microsoft, suggests that Russian government cyberespionage groups are enjoying satisfying (for them) levels of success against Western targets. Russia, with China running second, is "still comfortable leaning into nation-state attacks."
The Philippine Senate is the latest high-profile organization to find its website encumbered by distributed denial-of-service attacks, the Inquirer reports. "The Senate’s Electronic Data Processing-Management and Information System (EPD-MIS) bureau said it 'temporarily blocked access to the Senate website because of an ongoing distributed denial-of-service (DDoS) attack.'”
Observers continue to be astonished at the extent of this week's data breach at Twitch, evidently at the hands of a hacktivist. PC Gamer leads with a representative quotation: "This is as bad as it could possibly get." But maybe not. In an update the company posted yesterday, Twitch said that as far as they knew, no login credentials were stolen. And, since Twitch doesn't store paycard data, those weren't exposed either. If the data aren't there in the first place, they're not there to be stolen.