The Internet has gone down throughout much of Myanmar, CyberScoop reports. The reasons for the outage are unclear, but the overwhelming likelihood is that the outage is a deliberate takedown by the junta military leaders installed in a coup d’état over the weekend.
ESET researchers outline a recently discovered software supply chain attack (“Operation NightScout”) that’s inflicting surveillance malware on gamers using NoxPlayer, a product used mostly to play mobile games on PCs. Three distinct malware strains are delivered in the form of maliciously crafted software updates. The campaign shows no signs of monetization, which leads ESET to conclude that the point is espionage.
NCC Group reports finding evidence that the recently discovered SonicWall zero-day is now being actively exploited in the wild.
Microsoft has been tracking the emails sent by the criminal infrastructure represented by “StrangeU” and “RandomU,” which Redmond says is “robust enough to seem legitimate to many mail providers, while flexible enough to allow the dynamic generation of new domain names and remain evasive.” The infrastructure seems to be filling the criminal-to-criminal market gap that the Nekurs botnet takedown temporarily opened.
The cyberespionage campaign associated with the software supply chain for SolarWinds’ Orion platform remains under investigation, with post-mortems turning to fixes and might-have-beens. A Security Boulevard piece sketches an outline of third-party security programs, FCW reports that prospective Homeland Security Secretary Mayorkas promised to review upgrades of the Department’s Einstein system, and Pro Publica wonders why the US Government shelved the “in-toto” system it paid for.