The CyberWire Daily Briefing, 11.22.19

Cyber Attacks, Threats, and Vulnerabilities

Cyber Threat Assessment: Rise of the Rest (The Aspen Institute) One of the most pronounced trends in recent years is the democratization and spread of cyber capabilities—the rise and maturation of high-level threats from the developing world and …

US Cyber Command Calling Out North Korean Hackers (CPO Magazine) U.S. Cyber Command uploaded a total of 7 new malware samples used by North Korean hackers to draw attention to tactics used to steal state secrets, conduct corporate espionage and find backdoors into the nation’s critical infrastructure.

Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon (WeLiveSecurity) ESET researchers have discovered DePriMon, a new downloader with a novel, not previously seen in the wild installation technique

Popular Apps on Google Play Store Remain Unpatched (Threatpost) Check Point researchers found that hundreds of marquee Android mobile apps still contain vulnerabilities that allow remote code-execution even if users update.

Emergent Android banking Trojan shows app overlay attacks are still effective (CSO Online) By taking code from another Android Trojan, Anubis, the Ginp malware has enhanced itself and has begun targeting banks.

Gnip Banking Trojan Shows Ongoing, Aggressive Development (Threatpost) The mobile malware, which incorporates Anubis source code, could evolve into a fully fledged spyware in the future.

New Android Threat: Facebook, WeChat Apps Have Failed To Patch Known Security Risks (Forbes) A "shock" new report claims security failures have led to billions of unpatched installs of famous apps from Google Play Store, putting Android users at risk.

Linux Webmin Servers Under Attack by Roboto P2P Botnet (Threatpost) A newly-discovered peer-to-peer (P2P) botnet has been found targeting a remote code execution vulnerability in Webmin Linux servers.

1.2 Billion Records Found Exposed Online in a Single Server (Wired) Here's the next jumbo data leak, complete with Facebook, Twitter, and LinkedIn profiles.

Targeted cyber attacks on Aus legal sector in Q3 likely launched by organised criminal groups (Australasian Lawyer) Cyber security firm detected three targeted attacks in July and September

The new Phoenix Keylogger tries to stop more than 80 security products to avoid detection (Mash Viral) Advertisement Screenshot of the Phoenix Keylogger logo, as it appears in an online ad. Image via HackForums A new keylogger called Phoenix that began selling in piracy forums during the summer has now been linked to more than 10,000 infections, Cybereason researchers said in a report today. Advertisement Released in July at HackForums, Phoenix Keylogger …

‘More than a keylogger’ – Phoenix wows small-time cybercrooks and raises security concerns (The Daily Swig) Off-the-shelf malware targeted nearly 10,000 victims over four-month period

New SectopRAT Trojan creates hidden second desktop to control browser sessions (ZDNet) The Trojan makes sure the second desktop is hidden from sight.

A Former Fox News Executive Divides Americans Using Russian Tactics (New York Times) An investigation found that several sites owned by Ken LaCorte push inflammatory items — stories, petitions and the occasional conspiracy theory — to the public.

A Fake News Case Study (Nisos) The tools are inexpensive, anyone with a laptop and a social media account can be successful. The incentives are great, in both financial terms and as measured by outcomes.

Are LinkedIn's 21m fake accounts the work of spies? (The Telegraph) LinkedIn said that it removed more than 21m fake accounts in the first half of 2019, amid mounting evidence that the business-focused social network has become a battleground for duelling spies.

Russia's ‘Sandworm’ Hackers Also Targeted Android Phones (Wired) The Kremlin's uniquely dangerous hacker group has been trying new tricks.

Hackers use fake software updates in two recent malware schemes (ConsumerAffairs) Tech security company Zscaler has discovered two hacking campaigns designed to trick users into downloading malware. The two malware campaigns “deliver

This fake software update tries to download malware onto your PC even when you click 'later' (ZDNet) Cyber crooks are using hacked websites to fool visitors into downloading trojan malware that can take over their PCs.

Flashpoint - Mail Services an Emerging Vector for Financial Fraud (Flashpoint) Flashpoint analysts have identified numerous discussions on closed and invite-only online communities where threat actors advertise methods and paid services that are earmarked for fraud.

Voice messages and ZIP files could be your biggest security worries (TechRadar) Mimecast analyzed 207bn emails to compile its latest Threat Intelligence Report

Millions of Sites Exposed by Flaw in Jetpack WordPress Plugin (BleepingComputer) Admins and owners of WordPress websites are urged to immediately apply the Jetpack 7.9.1 critical security update to prevent potential attacks that could abuse a vulnerability present since Jetpack 5.1.

Lenovo System Interface Foundation - DLL Preloading and Potential Abuses (CVE-2019-6189) (SafeBreach) Lenovo System Interface Foundation - DLL Preloading and Potential Abuses (CVE-2019-6189) November 21st, 2019 Peleg Hadar Security Researcher, SafeBreach Labs Introduction SafeBreach Labs disco…

RiskIQ Releases 2019 Black Friday E-commerce Blacklist Threat Report (West) Critical Threat and Consumer Intel for This Year’s Black Friday and Cyber Monday

RiskIQ 2019 Black Friday e-Commerce Blacklist (RiskIQ) Critical Threat and Consumer Intel for This Year’s Black Friday and Cyber Monday

Holiday Shopping Exposes Web Security Risks (TALA Security) Modern website architecture creates opportunities for attackers. We have reviewed the top 1,000 websites and provide in our report our revealing insights, observations and data including how...

Scammers try a new way to steal online shoppers’ payment-card data (Ars Technica) Skimmers host fraudulent third-party processor that looks just like the real thing.

Official Monero site delivers malicious cash-grabbing wallet (Naked Security) If you downloaded the Monero command line wallet recently, check it before using it.

Louisiana was hit by Ryuk, triggering another cyber-emergency (Ars Technica) From Nunavut to Campeche, ransomware rolls along.

Bank of Hawaii warns customers of phishing scam (Honolulu Star-Advertiser) Bank of Hawaii issued a warning today of fraudulent telephone calls being made to customers and nonbank customers. The scammers are spoofing the bank’s real Bank of Hawaii Call Center number (1-888-643-3888), which appears on recipients’ Caller ID.

Security lapse exposes personal data of 6,500 Singapore accountants (ZDNet) Singapore Accountancy Commission sent email messages to multiple parties attached with a folder containing personal data of 6,541 accountants, in a security lapse that was uncovered months later when it conducted a review as recommended by the government.

French hospital hit by ransomware attack (BBC News) The University Hospital Centre in Rouen says it will not pay the ransom and has taken steps to contain the attack.

Infection Hits French Hospital Like It’s 2017 As Ransomware Cripples 6,000 Computers (Forbes) The Rouen University Hospital-Charles Nicolle in the north of France has fallen victim to a ransomware attack with consequences reminiscent of the WannaCry attack that hit U. K. National Health Service (NHS) hospitals in 2017.

Frappé par une cyberattaque massive, le CHU de Rouen forcé de tourner sans ordinateurs (Le Monde) Le centre hospitalier, qui compte près de 2 500 lits d’accueil, se remet progressivement de la paralysie informatique provoquée par un virus de type rançongiciel.

Bon sang! French hospital contracts 6,000 PC-locking ransomware infection (Register) Good news? They're not paying the ransom

French Hospital had 6000 Computers Locked Down by Ransomware (TechNadu) A hospital in Northern France is trying to disinfect 6000 of their computers from a ransomware worm, and they will need at least another week to do so.

Robocall Scams Exist Because They Work—One Woman’s Story Shows How (Wall Street Journal) A caller impersonating an FBI agent persuaded Nina Belis to drain close to $340,000 from her bank accounts. He made use of new technology, psychological tricks and a knowledge of the banking system, and experts say the threats are proliferating.

VENAFI MEDIA ALERT: Four Mistakes That Can Plague PKI Administrators (BusinessWire) Very small teams of PKI experts manage thousands of TLS keys and certificates and small mistakes can have disastrous results.

Check if you have been affected by the Macy's data breach (Newsweek) Personal information such as names, addresses, and payment card information has potentially been accessed by hackers.

Security Patches, Mitigations, and Software Updates

Magento Urges Users to Apply Security Update for RCE Bug (BleepingComputer) Magento's security team urged users to install the latest released security update to protect their stores from exploitation attempts trying to abuse a recently reported remote code execution (RCE) vulnerability.

Lenovo System Interface Foundation Vulnerabilities - US (Lenovo) Lenovo System Interface Foundation Vulnerabilities

uBlock Origin Now Blocks Sneaky First-Party Trackers in Firefox (BleepingComputer) uBlock Origin on Firefox can now block first-party tracking scripts that attempt to bypass filters and rules by utilizing DNS CNAME records to load scripts from a third-party domain.

Twitter will finally let users disable SMS as default 2FA method (ZDNet) And it only took Twitter's CEO getting hacked to happen.

WhatsApp users urged to update their app immediately over spying fears (The Independent) India’s Computer Emergency Response Team warns of 'high' severity of spyware threat

Iranian Americans Struggle to Reach Family Amid Internet Blackout (Wired) As Iran's countrywide internet shutdown approaches a full week, Iranian Americans are increasingly desperate to connect with friends and relatives.

Cyber Trends

WhiteHat Security Research Reveals that 75% of Developers Worry about the Security of their Applications, Yet Half Their Teams Lack a Dedicated Security Expert (BusinessWire) WhiteHat Security today released the results of its

Payment Card Fraud Losses Reach $27.85 Billion (PR Newswire) Fraud losses worldwide reached $27.85 billion in 2018 and are projected to rise to $35.67 billion in five years and $40.63 billion in 10 years...

Do third-party users follow security best practices and policies? (Help Net Security) Many organizations fall short of effectively managing access for third-party users, exposing them to vulnerabilities, breaches and other security risks.

Driving collaboration between security and IT ops teams is a major challenge (Help Net Security) Disconnect between security and IT ops teams leave businesses vulnerable to disruption, even with increased spending on IT security and management tools.

Cyber risk increases at all layers of the corporate network (Help Net Security) Cyber risk increases at an alarming pace. The popularity of cloud and DevOps will continue to drive agility while endangering organizations.

Inadequate data sanitization puts enterprises at risk of breaches and compliance failures (Help Net Security) Inadequate data sanitization knowledge and policies mean global enterprises are putting their organizations at risk of security and compliance breakdowns.

Finance and insurance firms invest the most on cyber security (Mortgage Introducer) David Smith said that Uinsure is one of the firms that has invested in this area.

Here are the safest gadgets for privacy according to Mozilla (WXYZ) Mozilla has released its annual holiday ranking of the best gadgets with privacy and security features.

Five Things To Know About Smart Speakers For The Holidays (Avast) Millions will receive Alexa, Google Home, and Apple smart speakers this holiday season. Use our tips to help them get launched safely.

Marketplace

Influencer marketing comes to cybersecurity (Axios) A Lenovo product got paid promotion on social media, in a move that roiled the cybersecurity world.

How Old-School Hackers Are Enabling the Next Generation of Offensive Security Professionals (Security Intelligence) Despite hackers' successes, we're still being mistaken for criminals in hoodies — a misconception that has helped keep the skills gap, especially when it comes to offensive security, as wide as ever.

Hillhouse Capital Co-leads $14M Series C Round In Chinese Cyber Security Start-up ThreatBook (China Money Network) Beijing-based security threat intelligence company ThreatBook has raised about RMB100 million (US$14 million) in a series C round of financing led by Hillhouse Capital and Xinglu Investment.

Optiv confirms 'temporary' UK closure and turns attention to M&A (CRN) Security giant says it is still committed to European expansion

Microsoft granted license to export 'mass-market' software to Huawei (CNBC) Microsoft said on Thursday it had been granted a license from the U.S. government to export software to Huawei Technologies Co Ltd.

Xerox fires back at HP with threat of hostile takeover (CRN) Vendor said it is 'confused' by HP's rejection of its opening bid last week

Google will pay $1.5 million for the most severe Android exploits (Ars Technica) Big bump coincides with investments Google has poured into securing its Pixel phone.

Report: Cisco to restructure several businesses, name new CTO in latest shakeup (Silicon Valley Business Journal) Amid fierce competition from companies like Arista Networks, Dell and Hewlett Packard Enterprise, Cisco is set to merge its enterprise and data center networking units and expand its cloud business to offer server products.

Juniper Networks' chief marketing officer uses data to focus the company's marketing efforts (Silicon Valley Business Journal) CMO Mike Marcellin is building data-driven marketing tools to level up business growth, combining a broad perspective with deep insights.

Lockheed to Help DoD Establish National Cyber Range Under $93M Contract (GovCon Wire) Lockheed Martin (NYSE: LMT) has secured a two-year, $93M contract to create a national cyber range t

Jacobs' ATN Unit Wins DOD's Cyber Training Academy Contract (Yahoo) Jacobs Engineering Group (JEC) is set to support the Department of Defense's critical mission through leadership and innovation.

These Maryland cyber startups got $1M contracts at an Air Force pitch day (Technical.ly Baltimore) Enveil and ReFirm Labs will each work to adapt cybersecurity technology to use cases for the armed forces branch.

Melbourne's Cyber Risk brings BlackBerry Cylance to Reece Group (CRN Australia) Brought in cloud-based solution to replace expiring Symantec antivirus.

Why BlackBerry Should Make A Bid On MobileIron (Seeking Alpha) BlackBerry’s ESS business needs a boost. Cylance integration and Spark will probably serve the company well. MobileIron could fast track the process and provide BlackBerry with thousands of new clients, positive free cash flow and valuable IP. The recent drop in MobileIron’s stock price could be the right opportunity. The company is now fairly valued.

US cybersecurity firm posts £1m loss for Belfast operation after surge in wage bill (The Irish News) THE Northern Ireland division of US cybersecurity firm Proofpoint lost £1million last year on the back of a significant increase in salary costs, a new report produced by the company has shown.

Automox Appoints Christopher Hass As Director of Information Security and Research (Yahoo) Automox, the cloud-native cyber hygiene platform provider, today announced the appointment of Christopher Hass as director of information security and research. In this role, Hass will lead the development of security policies and procedures to strengthen business application protection, act as the

Cybersecurity Association of Maryland, Inc. Elects 2020 Board of Directors (Cybersecurity Association of Maryland) The Cybersecurity Association of Maryland Inc (CAMI) has elected its 2020 Executive Committee and Board of Directors with Gregg Smith, President & CEO of Attila Security, serving a one-year term as Board Chairman effective January 1, 2020...

Secureworks Welcomes Maureen Perrelli as Chief Channel Officer (BusinessWire) Maureen Perrelli joins Secureworks as Chief Channel Officer

Darktrace triples Chicago footprint with 10,290-SF lease (RE Journals) CBRE recently represented Darktrace, a leading cyber AI defense firm, in a 10,293-square-foot lease at 333 N. Michigan Avenue in Chicago. The move marks a significant expansion for the company, which opened its Chicago office in 2018 with just 2,858 square feet the building. Darktrace will now occupy a full floor at the property beginning in the second quarter of next year.

Products, Services, and Solutions

HITRUST CSF® Brings Clarity to Security Requirements as Countdown to California's New Privacy Protection Act Looms (EIN) Support for California Consumer Privacy Act (CCPA) standards in HITRUST CSF to help businesses better identify and remediate gaps in CCPA-specific security and privacy controls

STEALTHbits Technologies Offers a Practical Approach to Managing Privileged Access with STEALTHbits Privileged Activity Manager (SbPAM) Version 1.3 (STEALTHbits) STEALTHbits Technologies, Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, today announced the release of STEALTHbits Privileged Activity Manager (SbPAM) 1.3, th...

Optiv and Veracode to Bolster Application Security at Development Stage with Software Assurance as-a-Service (Northwest Georgia News) Optiv Security, a security solutions integrator delivering end-to-end cybersecurity solutions, today announced it has partnered with Veracode to improve application security at the development level.

Juniper Mist Ties Together AI, Big Data To Proactively Fix Wireless Networks (CRN) 'We believe that AI can be expanded to help IT across the network, and that's why being part of Juniper was so important,' says Tom Wilburn, vice president of Mist sales at Juniper, who joined the company with the acqusition.

ICTSI implements BlackBerry Cylance solution for cybersecurity (Ship Technology) Philippines-based port operator International Container Terminal Services (ICTSI) has deployed BlackBerry Cylance technology to increase cybersecurity across its global network.

Indiana Secretary of State Connie Lawson and FireEye Partner in Preparation for 2020 U.S. Election (Yahoo) FireEye, Inc. (FEYE), the intelligence-led security company, today announced its participation within the State of Indiana’s election security initiative to establish voter confidence in 2020 and beyond. Through this partnership, FireEye will provide Indiana counties with internet traffic monitoring

Morphisec Protects You from the New PureLocker Ransomware (Morphisec) Morphisec blocks the new PureLocker ransomware that is attacking servers.

ReversingLabs Enhances Splunk Integration to Improve SOC Automation and Decision Making (West) Enhancements Enable Security Operations Teams to Accelerate SIEM Triage, Automate SOAR Playbooks, and Hunt Threats Continuously

Verisk Launches New Home Inspection Customer Collaboration Tool, OneXperience (Yahoo) Verisk (VRSK), a leading data analytics provider, announced today the launch of OneXperienceä, a new InsurTech solution that enables digital engagement between policyholders and their insurers during a critical underwriting step—the home inspection. Traditional home inspections, conducted after coverage

Unisys Launches CloudForte® for ServiceNow, a Solution to Help Clients Securely Modernize, Operate and Manage Critical Mission and Business Functions (PR Newswire) Unisys Corporation (NYSE: UIS) today announced at the Now at Work conference in Washington, D.C. the availability of Unisys CloudForte® for...

IBM Launches Open-Source Cyber Threat Response Platform (MSSP Alert) IBM launches Cloud Pak for Security, a cyber threat detection & response platform for managed security services providers (MSSPs) & other organizations.

Technologies, Techniques, and Standards

Emsisoft releases a new decryptor for Hakbit ransomware (Emsisoft | Security Blog) We just released a decryptor for the Hakbit ransomware strain.

Report: Defending against business email compromise attacks (Journey Notes) This recent report from Barracuda focuses on business email compromise attacks and the tactics cybercriminals use to make them so convincing.

CISA Invests in Cutting-Edge Election Security Auditing Tool Ahead of 2020 Elections (CISA) The Cybersecurity and Infrastructure Security Agency (CISA), is teaming up with election officials and their private sector partners to develop and pilot an open source post-election auditing tool ahead of the 2020 elections. The tool is being created by VotingWorks, a non-partisan, non-profit organization dedicated to building secure election technology.

From Thousands of Security Alerts to a Handful of Insights (Imperva) Understanding an attacker’s workflow and how Attack Analytics hunts them down

Forget combating cyber attacks, SMEs spending more time just to evaluate threats due to this reason (The Financial Express) Technology for MSMEs: The percentage of SMBs witnessing data breaches this year have also increased to 48 per cent from 46 per cent in 2018.

‘User education’ can prevent ransomware, Louisiana National Guard official says (StateScoop) “There’s always that one user who gets the email and wants to click on it,” said Maj. Alan Dunn. “That’s 85 to 90 percent of your battle.”

DOD Board Lays Out Ethical Principles for AI (FedTech) The Defense Innovation Board has offered guidance for how the Pentagon should use and govern artificial intelligence systems.

Design and Innovation

WSJ News Exclusive | Facebook Weighs Steps to Curb Narrowly-Targeted Political Ads (Wall Street Journal) Facebook is considering making changes to its political-advertising policy that could include preventing campaigns from targeting only very small groups of people, in an effort to spurn the spread of misinformation.

Tories launch spoof website claiming to show Labour manifesto (The Telegraph) A website claiming to reveal the Labour Party’s manifesto has been created by the Conservatives, with paid-for-ads of the page appearing at the top of Google search results for the opposition.

Google Policy Change Upends Online Plans for 2020 Campaigns (New York Times) The company said political ads would not be directed specifically to audiences based on their public voter records or political affiliations.

Google’s Updated Political Ads Policy Steps Up Pressure on Facebook (Infosecurity Magazine) Google’s Updated Political Ads Policy Steps Up Pressure on Facebook. Web giant limits targeting and bans deep fakes and political lying

YouTube is working to bring advertising to edgier content as demonetization woes grow (The Verge) YouTube CEO Susan Wojcicki says that more monetization opportunities are coming to creators who make edgy content.

Academia

SC State named a National Center of Academic Excellence in Cyber Defense Education (The Charleston Chronicle) South Carolina State University has been designated a National Center of Academic Excellence in Cyber Defense Education (CAE CDE) by the National Security Agency and the U.S. Department of Homeland Security.

Legislation, Policy and Regulation

What is ‘sovereignty’ in cyberspace? Depends who you ask (Fifth Domain) Nations still don't fully agree on where lines in cyberspace are, potentially posing challenges for cooperation.

A Sovereign Internet Will Not Combat Cybercrime (Decipher) The United Nations General Assembly will vote on a Russia- and China-backed resolution that claims to give governments tools to fight cybercrime. What it will actually do if it becomes a treaty, is allow governments to establish a sovereign Internet where they have full control of their country’s Internet and monitor all activities.

Cyber strategy bolsters allies, partners ahead of 2020 election (US Army) Cyber warfare is a team effort, said the U.S. Cyber Command executive director, as American and Montenegrin forces partnered to stop malicious cyber threats on Montenegrin networks this month.

Canada, U.S. must work together to fight cyber threats, conference told (IT World Canada) The public and private sectors in Canada and the U.S. have to work together to effectively fight cyber attacks,

In Cooperation on Cyber, the Children Must Lead (SIGNAL Magazine) Government, industry and academia must push for early education in cybersecurity.

U.S. approves first licenses for tech sales to Huawei (Washington Post) The Trump administration has begun issuing licenses to some companies allowing them to restart U.S. tech sales to Chinese telecom giant Huawei, according to people familiar with the matter.

Wary of China, Congress sets stage for 5G development without Huawei and ZTE (Pittsburgh Post-Gazette) A House panel led by Rep. Mike Doyle rolled out a package of bills that ban Chinese components without hurting rural telecom providers.

Senators ask Trump to suspend licensing for tech sales to Huawei (Washington Post) A bipartisan group of senators wants President Trump's administration to suspend its approval of U.S. technology sales to China’s Huawei, saying it poses risks to national security.

Opinion: Huawei and ZTE can't be trusted. It's up to the FCC to keep them in check (CNN) The conflict between the Trump administration and China will soon move to an unlikely arena: the Federal Communications Commission.

November 21, 2019, “Banking on Your Data: The Role of Big Data in Financial Services” (US House of Representatives, Committee on Financial Services) The Task Force on Financial Technology will hold a hearing entitled, “Banking on Your Data: The Role of Big Data in Financial Services,” on November 21, 2019 at 9:30 a.m. in Room 2128 of the Rayburn House Office Building.

FDX Managing Director Don Cardinal Testifies Before Congress on Big Data in Banking and Financial Data Security (PR Newswire) Today, Financial Data Exchange Managing Director Don Cardinal testified before the U.S. House Committee on Financial Services Task Force on...

What to Expect from Congress’ Cyber Strategy Brain Trust (Nextgov.com) The Cyberspace Solarium Commission aims to have policy recommendations ready to plug into the next defense authorization bill, Co-Chairman Rep. Mike Gallagher said.

DHS cyber official Jeanette Manfra to leave government (TechCrunch) After a decade in senior cybersecurity positions, Manfra is to depart for the private sector.

Virginia Approves 2020 Election Cybersecurity Standards (Government Technology) This year, the General Assembly passed HB 2178, calling for new, modern cybersecurity standards that must be met throughout the state before systems are allowed to access Virginia's election database.

Litigation, Investigation, and Enforcement

Tharoor-led Parliamentary panel decides to take up WhatsApp 'spying' issue (Business Standard) Headed by Shashi Tharoor, committee meet got off to a stormy start; the matter was put to vote

MPs ask government about spyware Pegasus, but get no clear answer (Telegraph India) Home and IT ministries state procedure, skirt specifics on spyware query

Pegasus attack: Israeli spyware firm NSO tracked down in Paris | World Exclusive (India Today) Israel-based cyber tech firm NSO Group, which was found missing from Israel has now been tracked down by India Today TV, in France.

Analysis | The Cybersecurity 202: Fiona Hill warns Republicans that claims of Ukraine interference could help Russia in 2020 (Washington Post) "Any alternative story that hasn’t been vetted by serious organizations just muddies the waters," one security expert says.

Court says police can’t force suspects to turn over passwords (TechCrunch) ACLU said it was "fundamental" that suspects have the right to "to avoid self-incrimination."

Amazon tells senators it isn't to blame for Capital One breach (CNET) Sens. Elizabeth Warren and Ron Wyden have called for an investigation of Amazon, which hosted a cloud server used by the banking giant.

Anonymous hacker gets a whopping six years in prison for some lame DDoS attacks (ZDNet) Many may call the six-year prison sentence too harsh while the operator of eight DDoS-for-hire services got only 13 months.

Terbium Labs: Mobile Payments Users Plan to Blame the Bank for Any Compromised Data | Payment Week (Payment Week) A potentially standoffish holiday season may be poised to come with new report.

Five-member gang of cyber fraudsters held in Hyderabad (The New Indian Express) The group cheated an eminent woman doctor from Hyderabad of over Rs 5 lakh after sending a message with a link to her mobile phone in October.

St. Petersburg councilman files defamation charges after media tied to ‘Putin’s chef’ accuse him of sexually harassing his students (Meduza) Boris Vishnevsky, a deputy in St. Petersburg’s Legislative Assembly and perhaps the city’s most prominent oppositionist, is suing Evgeny Prigozhin’s “Patriot” media group over a series of publications accusing him of sexually harassing his students.

Sandworm in Play. Info ops come full circle. LinkedIn sockpuppets. Ransomware in Rouen. Pegasus inquiry. Internet sovereignty.

Bring your own context.