Facebook has banned four ethnic militias in Myanmar, members of the "Northern Alliance," in a continuing effort to purge advocacy of violence from its platform. Some Myanmar officials were banned earlier for the same reason.
Cisco’s Talos research group has identified a targeted campaign against supporters of Tibetan independence (including the Tibetan government-in-exile) that installs the ExileRat remote access Trojan. The vector is a malicious PowerPoint file. The attack shares command-and-control infrastructure with the LuckyCat Android malware earlier used against Tibetan activists. The researchers think espionage, not criminal gain, is the goal. Talos doesn’t say as much, but signs point to China.
Check Point has found a new Linux backdoor, “SpeakUp,” which can run on several Linux distributions, and on the related MacOS. The Trojan, thought to be possibly the work of a Russian-speaking coder, is said to evade most current security products. Check Point thinks its current activity is a sign of much bigger campaigns to come.
Buzzfeed reports that some Members of Parliament in the UK have been hacked for phone and email contacts. Investigation is underway.
Bangladesh Bank is suing Manilla-based Rizal Commercial Banking Corporation (and others) for $81 million lost in a 2016 caper that abused the SWIFT transfer system, the Wall Street Journal reports. The Washington Post thinks recovery will be difficult. Consensus holds North Korea responsible for the theft.
The Nordic Page reports that Norway’s PST intelligence service has added Huawei to its threat list. Reuters quotes Chinese officials as calling the move “ridiculous.”