Attacks, Threats, and Vulnerabilities
New Moses Staff group targets Israeli organizations in destructive attacks (The Record by Recorded Future) A new hacking group named Moses Staff has attacked Israeli organizations, breached their networks, encrypted their data, but has then refused to negotiate ransom payments, in what security researchers are describing as politically-motivated destructive attacks.
Uncovering MosesStaff techniques: Ideology over Money (Check Point Research) Introduction In September 2021, the hacker group MosesStaff began targeting Israeli organizations, joining a wave of attacks which was started about a year ago by the Pay2Key and BlackShadow attack groups. Those actors operated mainly for political reasons in attempt to create noise in the media and damage the country’s image, demanding money and conducting... Click to Read More
FBI email targeted, hackers warn of 'sophisticated chain attack' (Spamhaus) Spamhaus Project on Saturday (local time) confirmed that emails have been sent from a Federal Bureau of Investigation (FBI) server
FBI Statement on Incident Involving Fake Emails (Federal Bureau of Investigation) The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account. This is an ongoing situation, and we are not able to provide any additional information at this time.
Official FBI email server hacked, used to send fake threat (The Record by Recorded Future) A group of unidentified hackers have compromised one of the FBI's email servers and have sent out a massive wave of spam emails containing a warning about a (fake) cyberattack that was allegedly taking place.
FBI’s Email System Compromised, Hackers Warn of Cyber Threat (Bloomberg Law) Hackers compromised the Federal Bureau of Investigation’s external email system on Saturday.
Hacker compromises FBI email and spams thousands (Computing) The email warned of a fake cyber campaign and pinned the blame on a specific security researcher
FBI probes cyber-attack emails sent from internal server (BBC News) The agency is investigating after thousands of messages were sent warning of a possible cyber-attack.
FBI email system compromised by hackers who sent fake cyberattack alert (Washington Post) Hackers compromised the Federal Bureau of Investigation’s external email system on Saturday, sending spam emails to potentially thousands of people and companies with a faked warning of a cyberattack.
Fake FBI emails about a sophisticated attack are part of 'ongoing situation,' agency says (KVVU Fox5Vegas) The FBI on Saturday said it was aware of reports that unauthorized emails were coming from a legitimate FBI email address to thousands of organizations about a purported cyber threat.
The FBI’s email system was hacked to send out fake cybersecurity warnings (The Verge) The phony emails reached over 100,000 inboxes.
FBI probes fake emails sent from internal server over possible cyber-attack (WION) Warning of a possible cyber-attack, thousands of fake email messages were sent from one of the servers of the Federal Bureau of Investigation (FBI). The agency has launched probe in the matter.
The incident on Saturday morning was a part of an "ongoing situation", the government agency said. It provided no further details.
FBI email servers were hacked to target a security researcher (Engadget) The FBI has confirmed that hackers used its servers to email fake warnings targeting a security researcher..
FBI was hit by a fake email cyberattack. Here’s what you need to know (Euronews) The growing number of cyberattacks since the COVID pandemic began has spared no major organisation - not even the FBI.
Cyber attack hits Office of Civil Defense Twitter account (INQUIRER.net) The Office of Civil Defense (OCD) said its Twitter account was the target of a cyberattack that churned out “unusual” tweets posted early Sunday.
Experts see North Korea connection in corrupted malware analysis tool (NK PRO) A North Korea-linked hacking group is likely behind an infected version of a popular software analysis tool, a cybersecurity research group has found, in the second DPRK attack against cybersecurity professionals uncovered this year. Slovakia-based ESET Research Labs (ESET) announced on Wednesday that it has discovered an infected installer for IDA Pro 7.5, a tool […]
North Korea conducted malware campaign against aerospace, other targets: report (NK PRO) North Korean hackers appear to have conducted a monthslong cyberespionage campaign using infected Word documents against high-value South Korean targets, including aerospace and aviation researchers, a cybersecurity firm has found. Cisco Systems’ cybersecurity division Talos Intelligence announced on Wednesday that it has identified malicious blogs operated since June by Kimsuky, a North Korea-based hacking group […]
Morocco reportedly hit by Iranian malicious cyber attack (North Africa Post) Iranian hacker group Lyceum has launched lately a cyber-attack against an internet service provider (ISP) in Morocco, according to the findings of Prevailion’s Adversarial Counterintelligence Team (PACT) and Accenture’s Cyber Threat (ACTI) group.
Researcher Shows Windows Flaw More Serious After Microsoft Releases Incomplete Patch (SecurityWeek) A researcher has discovered that a Windows vulnerability for which Microsoft released a patch in August is more serious than initially believed.
'BotenaGo' Malware Targets Routers, IoT Devices with Over 30 Exploits (SecurityWeek) The Golang-based malware threat could potentially infect millions of routers and Internet of Things (IoT) devices.
Hackers Increasingly Using HTML Smuggling in Malware and Phishing Attacks (The Hacker News) Cybercriminals are increasingly using HTML smuggling in banking malware and targeted phishing attacks.
This Hackers-For-Hire Group Has Been Stealing Data In The Shadows Since 2015 (IndiaTimes) The profile of the newly discovered group was published by Trend Micro, an IT security company
Threat Thursday: SquirrelWaffle Takes a Bite Out of Victim's Bank Accounts (BlackBerry) The SquirrelWaffle loader is a relatively new piece of malware that has been delivered through malspam (malicious spam) campaigns. The malware loader has been seen distributing both the Qakbot banking Trojan and Cobalt Strike stagers.
Someone Snuck a Card Skimmer Into Costco to Steal Shopper Data (Wired) Plus: A Robinhood breach, NSO Group spyware, and more of the week's top security news.
Costco Discloses Data Breach After Finding Card Skimmer At One Of Its Stores (Forbes) E-skimming from compromised online stores are a more common way shoppers are targeted by fraudsters, but physical card skimmer remain a major problem... As some Canadian Costco members are learning.
Costco finds five card skimmers at four Chicago-area warehouses, warns customers of potential data breach (Fox Business) Costco customers at four of the retailer's Chicago-area warehouses may have had their payment information compromised after employees discovered five card-skimming devices during routine pin pad inspections at the end of August.
Costco discloses data breach after finding credit card skimmer (BleepingComputer) Costco Wholesale Corporation has warned customers in notification letters sent this month that their payment card information might have been stolen while recently shopping at one of its stores.
Costco customers complain of fraudulent charges before company confirms card skimming attack (ZDNet) Costco is offering victims 12 months of credit monitoring, a $1 million insurance reimbursement policy and ID theft recovery services.
Cyber attack turns off the taps at Barcelona's Damm brewery (Reuters) Spain's second biggest beer maker Damm halted output at its main brewery outside Barcelona after a cyber attack hit its computer systems earlier this week, a spokesperson said on Friday.
West Virginia Parkways Authority hit by cyber-attack (WSAZ) The West Virginia Parkways Authority was the victim of a cyber-attack Friday morning, according to Jeff Miller, executive director of the West Virginia Parkways Authority.
Parkways Authority reports cyber attack; Turnpike traffic not impacted (WV MetroNews) No indication that any customer data was breached.
California Community College Overrun With 'Fake Students, Bots': Whistleblower (Epoch Times) In the wake of the transition to online training due to the COVID-19 pandemic, California community colleges have ...
As Hackers Take Down Newfoundland’s Health Care System, Silence Descends (New York Times) The province has said little about a cyberattack that delayed or canceled medical procedures and leaked personal information.
Justice Minister Confirms Personal Information Was ‘Taken’ in Cyberattack (VOCM) The government is confirming that personal information of health care employees and patients is now in the han...
Security Patches, Mitigations, and Software Updates
Warning Issued For Millions Of Microsoft Windows 10, Windows 11 Users (Forbes) Microsoft has confirmed an urgent upgrade warning to all Windows users...
Microsoft alert as experts warn hackers can take over your computer (The US Sun) EXPERTS are warning that a vulnerability in Microsoft’s Windows software leaves users open to hackers who can take control over your computer. The “zero-day” flaw, named CVE-2021-…
Intel, AMD Patch High Severity Security Flaws (SecurityWeek) Chipmakers Intel and AMD release patches for multiple vulnerabilities in multiple products, including a series of high severity issues in software drivers.
Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client (SecurityWeek) Zoom ships multiple security bulletins calling special attention to a pair of “high-risk” bugs affecting its on-prem meeting connector software and the popular Keybase Client.
Digital Transformation and Workplace Evolution Driving Demand for PKI and Digital Certificates, finds 2021 Entrust Global PKI/IoT Trends Study (BusinessWire) Lack of ownership, resources, and skills continues to challenge PKI deployments
Ransomware attacks are getting more complex and even harder to prevent (VentureBeat) Ransomware attackers are making attacks more complex and costly by acting on potential targets’ weaknesses faster than enterprises can react.
Security-as-a-Service ist die Zukunft in der IT-Sicherheit (IT-Daily) Die Herausforderungen der IT-Abteilungen werden immer drastischer. Statt sich um die fortschreitende Digitalisierung kümmern zu können, nimmt der Kampf gegen Hacker immer mehr Raum...
Cyberattacks are surging. CT’s workforce isn’t keeping up (Connecticut Insider) A growing wave of cyberattacks is threatening governments, businesses and everyday residents. Across the globe, there is a critical shortage of skilled professionals to guard against these criminals.
Audubon Companies Invests in Cybersecurity Start-Up Armexa (BusinessWire) Audubon Companies announced today its strategic investment in a new start-up affiliate, Armexa, a next-generation industrial cybersecurity company.
Netography Raises $45 Million in Series A Funding, Led by Bessemer and SYN Ventures, to Secure the Atomized Network (Netography) Netography has announced it has raised $45 million in Series A funding led by Bessemer and SYN ventures .
Booz Allen Spins Out SnapAttack™ to Stand-Alone Company (Booz Allen Hamilton) Booz Allen Hamilton has completed a transaction to transfer all assets related to SnapAttack™.
Immersive Labs acquires Snap Labs to power cyber simulations with new depth and realism (Immersive Labs) Integrated offering to deliver hyper-realistic team exercises specific to customer environments for more relevant cyber knowledge, skills and judgment
Aqua Security Announces Strategic Investment from Capital One Ventures (Aqua) Aqua announces a strategic investment from Capital One Ventures, together with the appointment of Capital One’s Chief Information Security Officer, Chris Betz, to Aqua’s Executive Advisory Board.
Microsoft, Kyndryl ink global partnership (CRN Australia) Say it will bring “incremental multi-billion dollar revenue opportunities."
Toshiba confirms plans for three-way split (CRN Australia) To appease activist shareholders after its latest round of scandals.
Foxconn expects another half-year of chip shortage woes (CRN Australia) The Apple supplier is expecting Q4 revenue to drop up to 15 percent.
Security company faces backlash for waiting 12 months to disclose Palo Alto 0-day (ZDNet) Randori has faced a barrage of criticism for its decision to wait one year to publish a notice about a vulnerability it found in 2020.
Blacklisted Pegasus Spyware Firm Shunned by Wall Street, Too (Bloomberg) Wall Street traders are quoting NSO debt as low as 70 cents. CEO-de.signate reportedly quit after U.S. blacklisted firm.
CrowdStrike falls 4% as Morgan Stanley sets underweight rating (SeekingAlpha) CrowdStrike Holdings shares fell more than 4% Monday, as Morgan Stanley started its coverage of the network security technology provider with an underweight rating.
Darktrace non-executive cashes out shares worth over £9 million (Shares Magazine) Vanessa Colomar, non-executive director of cyber-security firm Darktrace (DARK) sold shares worth over £9 million, during a three-day period in early November.
Paul Mountford joins Protegrity as CEO (Help Net Security) Protegrity announced the appointment of Paul Mountford as the company’s new CEO to bring comprehensive experience and leadership to company.
NINJIO appoints Brett Wahlin to Board of Directors (Help Net Security) NINJIO announced the appointment of Brett Wahlin to their board of directors, advising on the development of cyber security solutions.
Exabeam Appoints Technology Finance Veteran Holly Grey as Chief Financial Officer (BusinessWire) Exabeam today announced the appointment of Holly Grey as CFO.
Products, Services, and Solutions
New infosec products of the week: November 12, 2021 (Help Net Security) The featured infosec products this week are from: ColorTokens, Huntsman Security, iStorage, ThreatQuotient and Tufin.
Immuta Product Release Strengthens Snowflake Integration with Native Data Governance Capabilities (Immuta) Immuta’s latest product release offers joint customers a scalable way to manage Snowflake fine-grained access control BOSTON, November 15, 2021 – Immuta, the leader in universal cloud data access control, today announced new capabilities that strengthen its integration with Snowflake, the data cloud company, streamlining and enhancing the data governance experience for joint customers. With...
Lacework Strengthens Data-Driven Cloud Security Platform with Acquisition of Infrastructure as Code Company Soluble (PR Newswire) Lacework®, the data-driven security platform for the cloud, today announced the acquisition of Soluble, a scalable cloud infrastructure...
Data#3 expands managed security services with India-based SecurityHQ (CRN Australia) Adds security operations centre.
ESET to support SAFER, a new security group founded to help protect the research and education sector (CXOToday.com) ESET backs Senior Malware Researcher Marc-Étienne Léveillé as a founding member of the Security Assistance For Education & Research (SAFER) Trust Grou
BlackCloak Unveils New Deception Technology to Catch Cyberattacks Targeting Executives & High-Profile Individuals (BlackCloak) BlackCloak provides Concierge Cybersecurity for high-net-worth individuals and corporate executives to protect them from cyber crime, reputational risks, hacking and identity theft.
ShiftLeft Joins Palo Alto Networks Cortex XSOAR Marketplace (BusinessWire) ShiftLeft announced that ShiftLeft CORE is now available on the Palo Alto Networks Cortex XSOAR Marketplace
Cyren & KnowBe4 Partner to Help Enterprises Fight Phishing and Business Email Compromise (Yahoo Finance) Product integration partnership harmonizes Security Awareness Training and automated detection and remediationMCLEAN, VA / ACCESSWIRE / November 15, 2021 / Cyren (NASDAQ:CYRN), a provider of email security and threat intelligence solutions, today announced an alliance agreement with KnowBe4 (NASDAQ: KNBE), the provider of the world's largest security awareness training and simulated phishing platform. The alliance will give customers access to an integrated and automated offering to secure inbox
Technologies, Techniques, and Standards
Google, Adobe Announce New Open Source Security Tools (SecurityWeek) Google and Adobe release open source tools for continuous fuzzing and detecting living-off-the-land attacks.
How an MSSP fought off a major advanced persistent threat (Infocyte) Detecting and fighting an advanced persistent threat is no small feat. In this story, one MSSP fights off an APT with the help of our SOC.
What does your organisation look like through an attacker's eyes? (Computing) Javvad Malik of KnowBe4 talks about how to cultivate a little-used skill when it comes to cybersecurity: empathy with the attackers
How to fend off cybersecurity burnout (VentureBeat) Facing a talent shortage and increasingly active and sophisticated attackers, cybersecurity practitioners are stretched thin and overworked.
FTC shares ransomware defense tips for small US businesses (BleepingComputer) The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology.
Reservists Win Marine Corps “Capture The Flag” Cyber Games 2021 (DVIDS) Marine reservists assigned to 6th Communication Battalion, Force Headquarters Group, Marine Corps Forces Reserve win second straight Marine Corps “Capture the Flag” Cyber Games conducted Nov. 1-5, 2021.
Cloud misconfigurations continue to cause serious headaches (ITProPortal) Automation could provide a viable solution
Design and Innovation
Cryptocurrency faces a quantum computing problem (CNET) Two cutting-edge technologies that promise to revolutionize entire fields may be on a collision course.
The Man, the Myth, and the Metaverse (Wired) Mark Zuckerberg wants you to believe his metaverse is the final frontier. The misconception comes with over a century of warnings.
BT Inflame uses epidemiological modeling to help combat cyberattacks (Help Net Security) BT announced that it has developed an epidemiology-based cybersecurity prototype, "Inflame", to enable enterprises to detect cyber-attacks.
GAO says confusion over responsibilities has left schools vulnerable to cyber attacks (The Record by Recorded Future) Confusion over which government department or agency is responsible for protecting school networks against cyber attacks has left the nation’s K-12 institutions especially vulnerable to ransomware, according to a new report from the Government Accountability Office.
US Education Dept urged to boost K-12 schools' ransomware defenses (BleepingComputer) The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks.
US government ransomware advice to K-12 schools is "vastly outdated" (The State of Security) The US Government Accountability Office has warned that security guidance given to schools by the Department of Education is out-of-date.
How school districts became a top — and lucrative — target for cybercriminals (Newsday) Cyberattacks against school systems — such as the recent one in Manhasset — are becoming more aggressive and damaging, exposing personal information and costing taxpayers big bucks to repair school technology, and, in some cases, pay ransoms to retrieve stolen data, experts say.
Brandywine students attend cybersecurity summit in Washington, D.C. (Penn State University) Penn State Brandywine students who are members of the Information Sciences and Technology/Security Risk Analysis Club recently attended a cybersecurity conference in Washington, D.C., using the opportunity to expand both their knowledge of the field and their networking skills.
Legislation, Policy, and Regulation
Putin Masses Troops to Tell NATO to Stay Out of Ukraine (Bloomberg) Russia military buildup sparks U.S. fears of Ukraine invasion. Kremlin tactics fuel tensions with West as disputes multiply.
Putin Is Not Happy About U.S. and NATO Naval Activity in the Black Sea (The National Interest) Russian defense minister Sergei Shoigu told reporters earlier this month that U.S. and NATO guided-missile ships are attempting to “test” local Russian forces in the Black Sea region.
US Actions in Ukraine Backfiring as Risk of Russian Invasion Grows, Analysts Say (Military.com) The Pentagon brass could be missing the signal Moscow is sending on what it's willing to fight over.
Israeli intel has advanced surveillance capabilities, but also a reason to use cyber firm NSO (Haaretz) Cyberwarfare in the Middle East is all about deniability. Just look at Israel and Iran's shadow war
China regulator proposes cybersecurity review for some Hong Kong IPOs (Reuters) China's cyberspace regulator on Sunday proposed requiring companies pursuing share listings in Hong Kong to apply for cybersecurity inspections if they handle data that concerns national security.
New cybersecurity probe rules apply to Hong Kong IPOs, complicating options (South China Morning Post) A draft regulation from the Cyberspace Administration of China clarifies rules for listing in Hong Kong, while separating them from the foreign IPO requirements.
News: The issue of digital sovereignty a matter of national sovereignty: INSA (Addis Standard) The director of Information Network Security Agency (INSA), Shumete Gizaw (PhD) said that Ethiopia’s commitment to develop its own social media network platform is intended to show that it is an independent country in the technology sector. “The issue of digital sovereignty has ...
EU joins the Paris Call for Trust and Security in Cyberspace, President von der Leyen announced at Paris Peace Forum (European Commission) Speaking at the Paris Peace Forum on 11 November, President of the European Commission Ursula von der Leyen announced that the European Union joined the Paris Call for Trust and Security in Cyberspace, alongside its 27 Member States.
US, EU Join French President’s Call for Trust and Security in Cyberspace (Nextgov.com) The move is one of several recent actions the Biden administration has taken integrating cybersecurity into broader trade and national security issues.
Trudeau calls for clearing cyberspace of hate, disinformation at peace forum (Todayville Calgary) Hate speech, disinformation and online extremism can’t be allowed to prevent people from enjoying the freedom that cyberspace offers, Prime Minister Justin Trudeau said Thursday at a…
We must ensure that cyberspace does not become 'Wild West' (Baltic Times) Estonian President Alar Karis took part in a panel discussion at the Paris Peace Forum on Friday on the rules of the internet, n...
With Canada set to announce 5G networks policy, what will it do about Huawei? (CBC) Security experts say Canada must act to restrict Huawei's involvement in its 5G infrastructure, if only to stay in the good graces of allies.
Canada has no choice but to bar Huawei from 5G mobile networks, security experts say (The Province) Concerns flow from the fact China's National Intelligence Law says Chinese organizations and citizens shall support, assist and co-operate with state…
The US closes Huawei loophole, will no longer grant exceptions for ISPs (Ars Technica) The "Secure Equipment Act of 2021" restricts the FCC from approving ban exemptions.
US President Joe Biden tightens restrictions on Huawei and ZTE (BBC News) A new law stops companies judged to be a security threat receiving telecoms equipment licences.
White House Spurns Intel Plan to Boost Chip Production in China (Bloomberg) Chipmaker had pitched China investment as way to ease shortage. Administration seeks to reduce dependence on foreign suppliers.
The White House allegedly challenged Intel’s plans to increase chip production in China (The Verge) Intel says it will consider "other solutions."
US and Israel announce joint task force on cybersecurity (TheHill) The U.S. Treasury Department announced on Sunday that it would work with the Israeli Ministry of Finance to address ransomware and cybersecurity issues.
US announces partnership with Israel to combat ransomware (Times of Israel) Agreement reached during visit of deputy treasury secretary to yield info-sharing on financial sector, joint training and exercises on cybersecurity
Israel, US establish bilateral task force to support fintech innovation and cybersecurity (Israel Defense) Announcement made during Deputy Secretary of Treasury, Wally Adeyemo, in Israel. Reps from US Dept. of Treasury will attend Israel Defense’s Cybertech Tel Aviv conference this coming January
Cyber, Broadband Win Big In Bipartisan Infrastructure Bill (Meritalk) After more than two months of angling and dealmaking, the House of Representatives voted to approve the $1 trillion Infrastructure Investment and Jobs Act – also known as the Bipartisan Infrastructure Framework – on November 5, sending the bill along with its $2 billion in cyber funding and $65 billion in broadband appropriations to President Biden’s desk for final approval.
Cyber leaders' methods evolve for a new era (Air Force Times) Leaders of NSA's cybersecurity directorate and Coast Guard Cyber Command speak to ways cyber leadership is adapting to defeat today's top vulnerabilities.
New cyber talent system, years in the making, goes into effect at DHS (FCW) Agency officials estimate that around 1,000 of its 1,500 cyber vacancies could fit into the new scheme.
Litigation, Investigation, and Law Enforcement
US seeks extradition of alleged ransomware money launderer (CNN) A Russian man accused of laundering money in connection with ransomware that hackers have used to disrupt multiple US hospitals has been detained in the Netherlands at the request of the FBI, according to his lawyer.
WSJ News Exclusive | U.S. Accuses Russian of Money Laundering for Ryuk Ransomware Gang (Wall Street Journal) The Nov. 2 arrest was the first in connection with the Ryuk group, which gained notoriety for attacks targeting U.S. hospitals, and took in more than $100 million in ransom payments last year.
Netherlands Detains Russian Sought By U.S. Over 'Ryuk' Ransomware (RadioFreeEurope/RadioLiberty) A Russian national sought by the United States for allegedly laundering cryptocurrency tied to a notorious ransomware gang has been detained in the Netherlands, according to his lawyer.
Russia's Dubnikov 'Practically Kidnapped' by FBI in Mexico, Sent to Amsterdam - Attorney (Sputnik) The FBI has practically kidnapped Russian citizen Denis Dubnikov, who was arrested in the Netherlands, his lawyer Arkady Bukh told Sputnik.
US detains crypto-exchange exec for helping Ryuk ransomware gang launder profits (The Record by Recorded Future) A Russian national and the co-founder of two cryptocurrency exchanges was arrested at the request of US law enforcement on accusations of helping the Ryuk ransomware gang launder funds obtained from extorting US companies.
Transavia airline fined for weak security practices that led to data breach (The Record by Recorded Future) The Dutch Data Protection Agency has levied a €400,000 ($455,000) fine today against Transavia, a Dutch airline that operates low-cost routes across Europe, for a security breach that allowed a hacker to steal the personal details of more than 83,000 passengers.
Contract lawyers face a growing invasion of surveillance programs that monitor their work (Washington Post) The attorneys worry that if law firms, traditionally the defenders of workers’ rights, are turning to the programs, why wouldn’t every other business?
Surveillance firm pays $1 million fine after 'spy van' scandal (BleepingComputer) The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca.
Loss of client information to cyber-attacks (Law Gazette) While cyber-attacks on healthcare organisations and financial institutions have become commonplace, a recent trend of attacks on professional services firms is particularly concerning.
Who is ‘Andrew’—the US Spy who Hacked Booking.com? (Security Boulevard) Huge hotel reservations site Booking.com was breached.com. And the perp was the NSA, or one of the U.S. intelligence agencies—so says a new book.