Check Point reports that a Chinese threat group, APT31, cloned a leaked US Equation Group tool and has now used it for several years.
Silver Sparrow, described last week by researchers at Red Canary infesting devices with Apple’s new M1 chips as well as some using Intel processors, remains baffling. Although Malwarebytes researchers found the malware on some thirty-thousand endpoints, Ars Technica says Silver Sparrow has no apparent payload. The binaries don’t seem to do anything (they’re being called “bystander binaries”) and may simply be placeholders.
Breaches of vendors in the software supply chain continue to flow through third parties. The Accellion FTA compromise has now affected Kroger, and the Wall Street Journal describes the ways Accellion’s troubles have afflicted its customers. StateScoop has an account of how a ransomware attack (by “Cuba RANSOMWARE,” a gang that illustrates its dumpsite with heroic images of Fidel and Che) has affected customers of Automatic Funds Transfer Services (AFTS). Many AFTS customers are US state and local governments.
Clubhouse appears to be experiencing the sorts of security issues that accompany rapid growth, especially when the growing company has strong business links to companies in China. Bloomberg reports that the app’s chats have been breached; a Guardian op-ed summarizes causes for concern.
Sequoia Capital has, Axios reports, disclosed a data breach that may have affected some of the personal and financial data the venture capital firm holds. Sequoia says it’s notified affected individuals and has, so far, found no signs of the data’s abuse.