France's national cyber authority ANSSI (Agence nationale de la sécurité des systèmes d'information) hasn't ruled out "neutralizing" the threat actors responsible for the November 15th ransomware attack on a major Rouen medical center, Bloomberg reports. ANSSI has authorities and capabilities regular law enforcement agencies lack. The attack has been widely attributed to the Russian gang TA505.
Reuters notes that Facebook, in the first "correction notice" of its kind, has marked a user's post with “Facebook is legally required to tell you that the Singapore government says this post has false information.”
MixCloud, the widely used music-streaming service, confirmed over the weekend that it had been breached, with information on some twenty-one-million users apparently for sale in a dark web souk. ZDNet reports that the data include "usernames, email addresses, hashed password strings, users' country of origin, registration dates, last login dates, and IP addresses." MixCLoud emphasized in its disclosure that it does not store full paycard information.
Much advice is circulating about the threats lurking in holiday shopping. USAToday offers a rogues' gallery of potentially backdoored consumer electronics, and ESET reviews safety advice for online shoppers: be wary of gift cards and special offers received by email. Electronic greeting cards are also being used as malware vectors—Bleeping Computer describes one ongoing Thanksgiving-themed campaign. And "Grinchbots" are said, by NBC News, to be scalping the best online deals. It's an international problem: Computing says that about seven-thousand victims of Cyber Monday credit card fraud are expected in the UK alone.