The BBC's Russian-language service reported late Friday that Sitek, a Moscow-based IT firm, had been successfully hacked. The company's website was defaced with a leering Yoba face, and the attackers claimed to have stolen some seven-and-a-half terabytes of data. Sitek is generally thought to be an FSB contractor. Among the information the attackers obtained and shared with hacktivist group Digital Revolution were screenshots of the target company's internal interface. The Sitek projects exposed included social media monitoring solutions and TOR deanonymization tools.
CBS News and others report that Microsoft has observed a "spike" in Iranian cyberattacks since nuclear non-proliferation agreements collapsed. FireEye warned last week that APT34, also known as Helix Kitten, is undertaking a large catphishing campaign via LinkedIn. Its apparent goal is espionage directed against the financial and energy sectors. Government agencies are also targeted.
The Financial Times reports that the controversial lawful intercept shop NSO Group is offering a new version of its Pegasus spyware that can access private messages held in major cloud services, including those provided by Apple, Amazon, Google, and Facebook. BGR says Pegasus costs "millions of dollars," effectively pricing it out of the range of any but government customers.
Former NSA contractor Hal Martin was sentenced to nine years imprisonment on Friday for theft of classified information. As ZDNet observes, the government did not establish that Martin was the source of the ShadowBrokers' leaks.
The Federal Trade Commission says Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.