Iranian officials say they stopped “a very big” cyberattack, US News reports, but Tehran didn’t call out the nation responsible, or say what attack they were referring to. The New York Times independently reports that the breach and exposure of some fifteen-million Iranian bank debit cards followed last month's unrest in that country. The Times notes speculation that an unnamed nation-state adversary was behind the data theft.
Cybereason today outlined a new use for Trickbot: spreading Anchor malware against a select set of targets. SentinelLabs reported yesterday afternoon that the Trickbot (criminal) Enterprise is now supplying North Korea's Lazarus Group. Criminal groups have worked with state intelligence and security agencies before, but this transnational collaboration is relatively unusual. Trickbot has been adept at both code-injection and quiet harvesting of desktop credentials. Threatpost warns that banks especially should look to their defenses.
As the United Kingdom prepares for tomorrow’s election, Business Insider cites experts who see disinformation circulated via WhatsApp as a problem for voters.
The US Senate Judiciary Committee's hearings on encryption policy open today. Observers see the balance in the cryptowars tilting against end-to-end encryption. Facebook is hanging tough, but the Telegraph thinks the social network is now in a fight it will find it difficult to win.
The City of Pensacola confirmed yesterday that the cyberattack it sustained was indeed a ransomware incident, WEAR TV reports.
The Eastern Band of the Cherokee Nation also sustained a ransomware attack, according to the Charlotte Observer. One suspect is in custody.