Deep Instinct sees a new capability in TrickBot: email credential harvesting. They're tracking TrickBooster, a new module that's able to infect email accounts, use them to send spam, and then delete the spam from the "sent" email box. There's potential in such an approach for what Barracuda calls, in a new report, "lateral phishing." This technique uses hijacked accounts to send malicious spam to its victims, counting on their familiarity with the apparent sender to induce them to open the email.
Researchers at Confiant have found that a Hong Kong actor is trafficking in malvertising that effectively poisons the online advertising supply chain. The actor, "fiber-ads" or "ClickFollow," is engaged in familiar kinds of ad fraud. Their activity also poses a risk of directing victims to landing pages that infect visitors with malware or at least unwanted programs.
NBC News tweets that Senator Schumer (Democrat of New York) has asked the US Federal Trade Commission to open an investigation into FaceApp. At issue is what the Senator characterizes as FaceApp's requirement that users give it "full and irrevocable access" to their images and associated data. He sees the Russian-developed app as posing a threat to both privacy and national security.
Microsoft says it's detected a lot of state-directed cyberattacks over the past year, most of them originating from Russia, Iran, and North Korea. Redmond hints darkly that much of the activity represents an assault on democratic process. USA TODAY sees the warning as a sales pitch for election security tools.