Spain’s state-owned broadcaster TVE says that a portal they’d inadvertently left open was exploited last week by parties unknown to air an RT-produced interview with self-exiled Catalan separatist leader Carles Puigdemont. Reuters asked, and RT says they didn’t do it.
Fox-IT has been looking at an operation they call "Wocao," a China-based collection effort that’s prospecting energy, technology, and healthcare targets in at least ten countries. They’ve concluded “with medium confidence” that the group behind Wocao is APT20, a Beijing-controlled hacking crew that had been relatively quiet for the last few years.
Blackberry Cylance researchers announced the discovery of Russia-connected Zeppelin ransomware last week. Yesterday Morphisec offered some fresh insight into how Zeppelin is propagated: by leveraging the ConnectWise remote desktop application.
Germany's BSI security agency has issued a warning that criminals misrepresenting themselves as BSI operators are distributing Emotet malware in a spam campaign.
The US Congress is in a stern mood with respect to China and Russia. The Washington Post reports widespread skepticism on Capitol Hill that Beijing can be trusted to live up to the explicit security guarantees (still less the implicit ones) in any trade accords so far negotiated. And Reuters notes that an unusually stiff sanctions bill directed against Russia cleared the Senate Foreign Relations Committee yesterday.
Nathan Wyatt, a British subject accused of being part of the Dark Overlord gang, was extradited to the US and arraigned yesterday in a St. Louis Federal court on hacking-related charges. He entered a plea of not guilty.