The CyberWire Daily Briefing 5.13.19

Cyber Attacks, Threats, and Vulnerabilities

Update: 4th US anti-virus company in secrets for sale as cyber-criminals sell source code (SC Magazine) Russian and English-speaking Fxmsp group hackers are trying to sell source code of anti-virus products obtained from a data breach of three US-based antivirus software vendors

Russia Is Targeting Europe’s Elections. So Are Far-Right Copycats. (New York Times) Digital fingerprints link pro-Russian and anti-European websites, part of an online ecosystem that is sowing discord ahead of European elections this month.

Sharepoint vulnerability exploited in the wild (AT&T Cybersecurity) AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604).

Microsoft SharePoint servers are under attack (ZDNet) Canadian and Saudi cybersecurity agencies warn of attacks that have been going on for at least two weeks.

Month Long Attack on Microsft SharePoint Servers (KoDDoS Blog) This comes from advisories from both the Canadian and Saudi Arabian cybersecurity agencies. The flaw the hackers are trying to exploit has been patched by Microsoft security updates in February, March, and April of this year and is known as CVE-2019-0604 in the Microsoft Security Update Guide.

Unsecured server exposes data for 85 percent of all Panama citizens (ZDNet) Server contained patient data, but no medical records were exposed --only personally identifiable information (PII).

New Intel firmware boot verification bypass enables low-level backdoors (CSO Online) By replacing a PC's SPI flash chip with one that contains rogue code, an attacker can can gain full, persistent access.

Source Code Discovery Sheds Light on the Business of Malware (Infosecurity Magazine) The uncovering of the Carbanak source code has been an eye-opener into the sophisticated factory-line product development techniques of malware

Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan (BleepingComputer) Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan.

FBI uncovers 'ElectricFish' malware linked to North Korea's Hidden Cobra group (Inquirer) Threat bypasses proxy servers' authentication procedures

‘Unhackable’ eyeDisk flash drive exposes passwords in clear text (ZDNet) The eyeDisk USB drive does not appear to meet its lofty security claims.

Alpine Linux Docker Images Shipped for 3 Years with Root Accounts Unlocked (Threatpost) Alpine Linux Docker images available via the Docker Hub contained a critical flaw allowing attackers to authenticate on systems using the root user and no password.

Cryptocurrency hacking now targets Electrum hot wallet users with DDoS botnets (Cryptonewsbytes) Crypto hot wallets continue to be targets of cryptocurrency hacking. In a recent incident, DDoS botnets targeted 152,000 users of popular Bitcoin wallet Electrum.

[Heads-Up] If This Is True It's A Disaster. Three Major US Antivirus Companies Breached? (KnowBe4) Ars Technica is getting me worried here. We were all at KB4-CON in Orlando the last few days, and during the conference word got to me that security researchers found out that high-profile hackers have breached three US AV companies and are selling the source code. The most annoying thing is that they have alerted the authorities, but no one has mentioned the actual vendors as of yet.

SHA-1 collision attacks are now actually practical and a looming danger (ZDNet) Research duo showcases first-ever SHA-1 chosen-prefix collision attack.

SMS Spammers Expose 80 Million Records Online (Infosecurity Magazine) Unprotected MongoDB instance found by researcher

Two years after WannaCry, a million computers remain at risk (TechCrunch) Two years ago today, a powerful ransomware began spreading across the world. WannaCry spread like wildfire, encrypting hundreds of thousands of computers in over 150 countries in a matter of hours. It was the first time that ransomware, a malware that encrypts a user’s files and demands crypt…

Sextortion mail from yourself? It doesn’t mean you’ve been hacked… (Naked Security) Here’s a 30-second video you can show your friends and family if they freak out after receiving a scam email apparently from themselves…

Be aware! A new sextortion campaign was found up in the wild and it is affecting millions! (CyberByte Blog) Not so long ago we have told you about a clever phishing technique that leverages Word attachments to infect victims via a sextortion campaign. Today we an

Airbnb Superhost’s creepy spycam sniffed out by sleuthing infosec pro (Naked Security) Why motion sensors in the bedrooms, she wondered? Why the extra light and weird wiring on the router?

Investigation In Baltimore City Ransomware Attack Continues (CBS Baltimore) A federal investigation continues in Baltimore into a ransomware attack on the city's servers.

Crippling ransomware attacks targeting US cities on the rise (WFTS) Targeted ransomware attacks on local US government entities — cities, police stations and schools — are on the rise, costing localities millions as some pay off the perpetrators in an effort to untangle themselves and restore vital systems.

Early Findings: Review of State and Local Government Ransomware Attacks (Recorded Future) Allan Liska reports on various findings and trends to determine whether or not ransomware is on the rise in the state and local government sector.

Swatting Attacks Increase Security Concerns Across Silicon Valley (Wall Street Journal) Tech companies are spending more to protect their executives, as so-called swatting attacks point to growing animosity and vulnerability in Silicon Valley.

Indiana Pacers disclose security breach (ZDNet) Company behind Indiana Pacers and Indiana Fever said hackers breached employee accounts, stole personal data.

Security Patches, Mitigations, and Software Updates

Chrome browser pushes SameSite cookie security overhaul (Naked Security) Slowly but steadily, developers are being given the tools with which to tame the promiscuous and often insecure world of the browser cookie.

Google Wants to Change How Cookies Are Used (Decipher) Google I/O is a good place to announce a whole lot of new privacy features “coming soon.” It is also a good place to bury plans to change how Google will handle HTTP cookies in Chrome.

Cyber Trends

How scammers made ad fraud a billion-dollar criminal industry - CyberScoop (CyberScoop) Ad fraud is set to cost the industry as much as $44 billion annually by 2022. How did this number get so high and what are people doing to stop it?

Cyber Risks to Exceed Natural Disasters for Insurers: Scor CEO (Bloomberg) Re-insurer CEO Kessler says sector must build coverage system. ECB calls on financial firms to conduct cyber stress tests.

The Surprising Role Of Social Deviance In Viral News (Fast Company) A new study I completed at the Columbia University J-school says there is a strong relationship between the “social deviance” of the event or topic in a headline and the number of retweets it gets on Twitter.

Infographic: The future of cybersecurity budgeting (Techaeris) As data shows, most C-level execs (60%) believe they are safe from cyber threats and break-ins, and not investing enough into information security products and services.

This is how much money South Africans are losing to SIM-swap fraud (Business Tech) The number of reported SIM-swap fraud incidents in South Africa has doubled in the past year, according to cybersecurity experts from Kaspersky.

One third Indian firms face serious cyber attack risk : Study (The Indian Wire) While 69 per cent Indian and 63 per cent Australian companies are most at risk of cyber attack, 35 per cent of organisations in the region suffered at least one cyber security incident in the last 12 months, says a sector study. According to a recent study by leading IT analyst firm …

Researchers Are Liberating Thousands of Pages of Forgotten Hacking History From the Government (Vice) Using FOIA, they’ve already published NASA’s official report about the infamous WANK worm.

Marketplace

The Government Narrowed Its Tech Workforce Age Gap for the First Time in a Decade (Nextgov) But agencies efforts to recruit young talent still have a long way to go.

Women Know Cyber: 100 Fascinating Females Fighting Cybercrime (Cybercrime Magazine) An enlightening book for students, parents, educators, and the cybersecurity community.

Exclusive: Tech workers organize protest against Palantir on the GitHub coding platform (Fast Company) The protest action is designed to target employees where they live.

Rome cybersecurity firm awarded $93.6 million government contract (Oneida Dispatch) Assured Information Security (AIS) in Rome, N.Y., has been awarded a $93.6 million Indefinite Delivery/Indefinite Quantity (IDIQ) contract, which provides a funding mechanism for any federal government

Curv Crypto Wallet Gets $50 Million Worth of Insurance Coverage | BTC Wires (BTC Wires) Curv, a crypto securities company, has recently tied up with Munich Re, an insurance company to get coverage worth $50 million for its customers. A press release published by Curv on the 10th of May, 2019 announced this new development. The new insurance coverage is meant to account for all…

One year later: A cybersecurity commitment shared by more than 100 companies (Cybersecurity Tech Accord) Today, the Cybersecurity Tech Accord welcomes 16 new companies to its ranks, bringing the total number of signatories to 106 companies committed to improving the security of cyberspace.

Proofpoint Joins the National Cyber Security Alliance Board of Directors (Yahoo) Proofpoint, Inc., (PFPT), a leading cybersecurity and compliance company, today announced its National Cyber Security Alliance (NCSA) Board of Directors membership, demonstrating a continued commitment to safeguard organizations worldwide from sophisticated people-centric cyberattacks and prioritize

NI hails cyber jobs (Professional Security) NI hails cyber jobs Security Summit Belfast BBC Radio 4 In Business programme critical infrastructure

Retired Army Intelligence Specialist: Augusta Will Be Cybersecurity 'Epicenter' (Military.com) Augusta's burgeoning cyber industry puts the region on a collision course with companies looking for government contracts.

How to prepare for a cybersecurity interview (Acumin) Just because there is a significant lack of cybersecurity professionals in the workplace currently, doesn’t mean you will automatically be offered every cybersecurity job you apply for, despite having the requisite hard skill set.

Symantec Needs Security at the Top (Wall Street Journal) The software maker announced new leadership in conjunction with a disappointing fourth-quarter earnings report. Following the news, Symantec’s market value fell 15%, erasing the stock’s gains for the year.

Symantec flags massive channel changes (CRN Australia) New interim CEO wants the channel to carry Symantec products further.

Symantec adds former IBM exec Borene (Washington Technology) Symantec adds former IBM public sector executive Andrew Borene to the cyber firm's national security group.

Former NGA director joins a pair of advisory boards (C4ISRNET) Although former National Geospatial-Intelligence Agency Director Robert Cardillo left the agency in February, his decision to join two organizations in the broader intelligence community signal his intention to stay involved in the national security community.

Consultant firm taps US army to bulk up cyber security pitch (Australian Financial Review) Aussie management consultancy Partners in Performance is the latest to target cyber security work, hiring the former head of electronic warfare of the US army.

Products, Services, and Solutions

New infosec products of the week: May 10, 2019 (Help Net Security) New infosec products of the week feature releases from the following vendors: D3 Security, Endace, MobileIron and NeuVector.

Perception Point Adds Business Email Compromise (BEC) Protection to Its Security Platform (PR Newswire) Perception Point, a leading cybersecurity firm preventing file and URL based attacks in email, cloud storage and ...

News: SIRP Partners with ZServices (SIRP) SIRP announces major partnership with Z Services, a leading cybersecurity SaaS provider in the MENA region, to deliver Security Orchestration, Automation and Response solution across the Middle East and North Africa (MENA)

HyTrust Launches Full-Scale Security Platform for VMware, AWS, Containers (eWEEK) HyTrust CloudControl 6.0 expands to include VMware vSphere and NSX, the AWS cloud and Kubernetes. The expanded platform addresses problems organizations currently face in trying to secure and ensure compliance of their hybrid, multi-cloud environments efficiently.

Cybersecurity: This is how Microsoft Defender ATP tackles password-stealing credential dumping attempts (ZDNet) Microsoft reckons Microsoft Defender is up to the task of detecting legit tools for credential dumping from lsass.exe memory.

Canada Enhances Public Safety With Gemalto Fingerprint Identification Solution (WebWire) A recent initiative undertaken by the Government of Canada and the Royal Canadian Mounted Police (RCMP) to advance public safety measures has led to the digitalization of biometric records across the country which will allow for faster and more accurate criminal and civil identity checks.

Technologies, Techniques, and Standards

G7 countries to simulate cross-border cyber attack next month - France (Thomson Reuters Foundation) G7 countries to simulate cross-border cyber attack next month - France

Is Access Control Permission a Possible Gateway for Hackers? (Infosecurity Magazine) If your devices and services have misconfigured settings, it could be a step up for an attacker

How military leaders got a clearer view of the cyber environment (Fifth Domain) Cyber Command's new integrated cyber center drastically improves the information sharing of cyber threats across the government.

Securing The Space Cloud: It’s Really Hard (Breaking Defense) "Security in space is different than security on Earth," says Jeb Linton of IBM Watson. "If you lose command and control for even five minutes, your satellite could be completely shut down."

When zero trust in government is a good thing (Fifth Domain) Federal agencies are increasingly looking to a specific framework to keep critical IT systems and data safe.

How We Collectively Can Improve Cyber Resilience (Dark Reading) Three steps you can take, based on Department of Homeland Security priorities.

Why Network Complexity Kills Security (Security Boulevard) The increasing complexity of networks is a growing concern for most enterprises. Networks have been built with a number of diverse network technologies, often starting with switches, routers, servers, and firewalls, all likely procured from different vendors at different times.

Closing the Security Gaps in Cloud Infrastructure Management (Redmondmag) A recent IDG survey unveiled a clear message on IT and security leaders’ challenges and strategies for managing server access: Cloud is changing where and how IT infrastructure is accessed and the traditional security methods aren’t keeping pace.

Preparing For A Cyberattack—In Four Steps (OPEN MINDS) Cyberattacks—an attempt by hackers to damage, destroy, or hold hostage a computer network, system, or data—have come to health and human service organizations.

The Empty Promise of Data Moats (Andreessen Horowitz) Data has long been lauded as a competitive moat for companies, and that narrative’s been further hyped with the recent wave of AI startups. Network effects have been similarly promoted as a defensi…

SWIFT Responds to India Cyber Threat With New Paper (Regulation Asia) SWIFT has published a new paper to help financial institutions in India improve their monitoring of anomalous and potentially fraudulent transactions.

Shared SIEM helps 3 UK local governments avoid outsourcing security (CSO Online) A single SIEM serves three UK councils, allowing for solution consolidation that saves costs while improving efficiency and regulatory compliance.

Why GE consolidated its identity and access management infrastructure (CSO Online) A multi-year effort to centralize GE's IAM functionality has resulted in significant cost savings, improved onboarding and better ability to meet regulatory requirements.

A Hacking Methodology Explainer (Secjuice Infosec Writers Guild) In this explainer I will attempt to explain hacking methodology in simple terms, because it can often be difficult for infosec outsiders to understand even the most commonly used terms.

Design and Innovation

Rattled by Cyberattacks, Hospitals Push Device Makers to Improve Security (Wall Street Journal) U.S. hospitals are pressing medical-device makers to improve cyber defenses of their internet-connected infusion pumps, biopsy imaging tables and other health-care products as reports of attacks rise.

Tech Companies Are Deleting Evidence of War Crimes (The Atlantic) Algorithms that take down “terrorist” videos could hamstring efforts to bring human-rights abusers to justice.

Amazon mistakenly told some sellers that it's now blocking ads with 'religious content' (CNBC) The incident is the latest example of Amazon marketplace sellers getting caught in the crossfire as the company has struggled to manage the sprawling growth of the third-party marketplace, which now accounts for more than half of the company's e-commerce volume.

Research and Development

Cryptanalysis of He’s quantum private comparison protocol and a new protocol (International Journal of Quantum Information) Recently, He proposed a novel quantum private comparison protocol without a third party (G. P. He, Int. J. Quantum Inf.15(2) (2016) 1750014). This paper points out that two security loopholes in He’s protocol are existent. And a new QPC protocol which can avoid these loopholes is proposed without the help of a third party in this paper.

Ultra-secure virtual money capable of transfer across the Solar System proposed by University of Cambridge researcher (Computing) The idea, dubbed S-money was inspired by quantum theory and relativity, according to Cambridge University's Professor Adrian Kent

An AI Pioneer Explains the Evolution of Neural Networks (WIRED) Google's Geoff Hinton was a pioneer in researching the neural networks that now underlie much of artificial intelligence. He persevered when few others agreed.

Academia

Virginia Tech launches search for vice president and executive director of Innovation Campus (Virginia Tech) Julia Ross, the Paul and Dorothea Torgersen Dean of Engineering, will chair the search committee.

Judicial Academy organises training programme on ‘Cyber Law’ (Kashmir Reader) Jammu and Kashmir State Judicial Academy (JKSJA) organized one-day training programme on ‘Cyber Law’ for the Advocates of Jammu and Samba districts h

Legislation, Policy and Regulation

Israel Bombed Cyber Hackers (That Is Historic, For Many Reasons) (The National Interest) Should nation-states start kinetic conflicts over cyber battles?

IDF air strike against Hamas hackers shocks infosec world (Daily Swig) When is it legitimate for a nation-state to respond to a cyber-attack with the use of force?

We are on the verge of a no-win AI arms race, warns NGO (C4ISRNET) A report from nongovernmental organization Pax warns that gains from AI-enabled weapons will be nasty, brutish and short-lived.

China is helping Venezuela 'shut down internet,' Sen. Marco Rubio says (American Military News) China has becoming increasingly involved in the Venezuela conflict and has helped the country in its cyber operations, according to Sen. Marco Rubio.

Spies will target new 5G network, cabinet told (Times) The government has been warned the new broadband and 5G network technologies about to be introduced across Ireland will be targeted by foreign intelligence services and could pose a significant...

UK has concerns about 'significant and widespread' Chinese cyber... (Reuters) Britain has a strong relationship with China but has expressed concerns about it...

Huawei Heads South (Foreign Affairs) The battle over 5G comes to Latin America.

US anxiety over Huawei a sequel of the Yellow Peril (South China Morning Post) In the years leading up to the end of the cold war, opinion polls revealed more Americans feared the ascendant economy of Japan – their ally – than the Soviet Union. The same is happening now to Huawei as its products become superior.

FTC renews call for single federal privacy law (Naked Security) It also wants to be the country’s data-privacy police: commissioners called for more resources and ability to impose penalties.

Friend portability is the must-have Facebook regulation (TechCrunch) Choice for consumers compels fair treatment by corporations. When people can easily move to a competitor, it creates a natural market dynamic coercing a business to act right. When we can’t, other regulations just leave us trapped with a pig in a fresh coat of lipstick. That’s why as th…

Zuckerberg says breaking up Facebook “isn’t going to help” (TechCrunch) With the look of someone betrayed, Facebook’s CEO has fired back at co-founder Chris Hughes and his brutal NYT op-ed calling for regulators to split up Facebook, Instagram, and WhatsApp. “When I read what he wrote, my main reaction was that what he’s proposing that we do isn&#8217…

Chris Hughes Is Right: We Should Dismantle Facebook (WIRED) The former Facebook employee says the government should break up the company and then comprehensively regulate it. The only problem: It might not be enough.

Opinion | Breaking Up Facebook Is Not the Answer (New York Times) Dismantling our company won’t fix what’s wrong with social media.

A Big Choice for Big Tech (Foreign Affairs) Don't break up digital giants that monopolize online markets; force them to share their data with their competitors instead.

IRS Needs to Improve Oversight of Third-Party Cybersecurity Practices (Government Accountability Office) Third-party providers, such as paid tax return preparers and tax preparation software providers, greatly impact IRS’s administration of the tax system.

FEC again delays Defending Digital Campaigns decision (POLITICO) ElectricFish reeled in — Cybersecurity Tech Accord plots second year

May 9, 2019 open meeting - FEC.gov (FEC.gov) Agenda and related material for the Federal Election Commission's May 9, 2019 open meeting

To counter China, Pentagon wants to create patriotic investors (Defense News) The Pentagon wants to play matchmaker between investors and companies looking for cash.

Lawmakers offer measure requiring cyber, IT training for House (TheHill) Lawmakers on Friday introduced a resolution to require members and employees of the House of Representatives to undergo annual cybersecurity and information technology training.

A better way for Cyber Command to get the tools it needs? (Fifth Domain) U.S. Cyber Command is reconsidering how it buys and develops the tools cyber warriors need.

To counter China, Pentagon wants to create patriotic investors (Defense News) The Pentagon wants to play matchmaker between investors and companies looking for cash.

Ellen Lord: DoD Aims to Bring Together Investors, Companies via ‘Trusted Capital Marketplace’ (Executive Gov) Ellen Lord, undersecretary for acquisition and sustainment at the Department of Defense, said she ap

Department of Defense Press Briefing by Under Secretary of Defense Lor (U.S. DEPARTMENT OF DEFENSE) LT. COL. MIKE ANDREWS: Okay. Good morning, ladies and gentlemen. Thank you for joining us today. This morning, Under Secretary of Defense Ellen Lord will provide an update on the department's

NGA’s new deputy director is a familiar face (C4ISRNET) A leader that's no stranger to the National Geospatial-Intelligence Agency has been named to replace current Deputy Director Justin Poole, who announced in April that he would resign June 11.

Marines expand their reach to take up global counterterror cyber mission (Fifth Domain) In their support of Special Operations Command globally, the Marine Corps Forces Cyberspace Command is responsible for thwarting terrorist activity online.

Admiral censured in 'Fat Leonard' scandal to be named director of Congress' new cybersecurity commission (Task & Purpose) Sure, why not.

EAC Welcomes New Testing & Certification Director Jerome Lovato (U.S. Election Assistance Commission blog) Yesterday, the EAC appointed Jerome Lovato as its new Testing & Certification Director.

Litigation, Investigation, and Enforcement

Indictment Alleges Who Hacked Anthem, but Not Why (WIRED) For years, China was rumored to be behind the health insurance company's massive data breach, but now the Justice Department is noticeably silent on the hackers' motives and affiliation.

US Indicts Chinese Man for Anthem Breach (Infosecurity Magazine) US Indicts Chinese Man for Anthem Breach. Motives remain a mystery and individual is unlikely to be extradited

Russian spies found guilty of Montenegro coup attempt (AL Jazeera) Court found 14 people intended to take over parliament, assassinate PM to set up pro-Russia, anti-NATO leadership.

Justice Department seeks removal of Huawei’s lead defense lawyer (Washington Post) The department asserts that the former deputy attorney general has a conflict of interest in the fraud and sanctions violation case against the Chinese tech giant.

Analysis | The Cybersecurity 202: Trump administration raises pressure on China with more hacking indictments (Washington Post) Indictments for Anthem breach hackers are the fourth round in 18 months.

Maria Butina Says She Was 'Building Peace.' That's Not How The Feds See It (NPR) The Russian agent gave an interview to NPR from the detention center where she has been in custody since last summer. She denies being a spy or taking part in election interference.

Why is WannaCry hacking 'hero' Marcus Hutchins facing a criminal sentence, rather than fighting cyber crime? (The Telegraph) On this day in 2017, one of the worst cyber attacks in history raged.

Ecuador will give Julian Assange’s embassy computers and files to the US (EL PAÍS) Judicial authorities greenlight search of a room used by the WikiLeaks founder during his seven-year stay in the diplomatic headquarters in London

Sweden reopens rape case against Julian Assange (the Guardian) Lawyer for woman involved in allegations from 2010 has asked for investigation to resume

Chelsea Manning will risk return to jail over new subpoena (the Guardian) Manning said she would not comply with a subpoena to testify about her interactions with Julian Assange

‘There was no attempted coup’: FBI’s former top lawyer defends Russia probe (Washington Post) James Baker said he made sure the bureau followed the law.

Roger Stone asks court to toss out evidence, saying Russian hacking of Democrats in 2016 is ‘assumption’ (Washington Post) Stone claims court-approved search warrants illegally relied on unproven assumptions.

Facebook sues analytics firm Rankwave over data misuse (TechCrunch) Facebook might have another Cambridge Analytica on its hands. In a late Friday news dump, Facebook revealed that today it filed a lawsuit alleging South Korean analytics firm Rankwave abused its developer platform’s data, and has refused to cooperate with a mandatory compliance audit and requ…

ICO Calls Out HMRC for Illegal Biometric Data Collection (Infosecurity Magazine) Tax office must delete all Voice ID data obtained without consent

Human rights groups to ask Israeli court for revoke of NSO Group’s export license (CyberScoop) Human rights advocates plan to file a petition Tuesday in Israeli court to revoke mobile spyware vendor NSO Group's export license.

Amnesty is supporting legal action to stop NSO Group's chilling spy web (Amnesty) The Israeli company has been linked to attacks on Ahmed Mansoor, Jamal Khashoggi, Mexican journalists and Amnesty staff

Analysis | The Cybersecurity 202: Federal agencies are spending millions to hack into locked phones (Washington Post) Agencies have spent $2.6 million in two years on iPhone hacking tools

Only 0.25% of Reported Data Breaches Have Led to Fines Since GDPR (Infosecurity Magazine) The ICO has handed out just 29 monetary punishments since May 25 2018

US Firm Accuses Huawei of Enlisting Chinese Professor to Obtain Its Tech (Epoch Times) A U.S. startup company is accusing Chinese telecommunications gear provider Huawei of enlisting a Chinese university professor working ...

Counterfeit hard drive gang smashed by Chinese police (CRN Australia) Chinese Police seize fake HPE and IBM disks.

Hackers allegedly stole $2.4 million in cryptocurrency in a six-month SIM hijacking spree (CyberScoop) Nine people were charged with crimes related to stealing more than $2.4 million in cryptocurrency by hijacking victims’ mobile phone numbers, the U.S. Department of Justice said Thursday.

Nine Charged in Alleged SIM Swapping Ring (KrebsOnSecurity) Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target’s phone number and diverting all texts and phone calls to the attacker’s mobile device.

Software update crashes police ankle monitors in the Netherlands (ZDNet) Borked update prevents ankle monitors from sending data back to police control rooms.

2 men charged in multi-state cyber porn sting (Eagle-Tribune) Men in New Jersey and Pennsylvania face online child pornography charges after being arrested in undercover sting operations run by Newbury and Salisbury police.

SharePoint bug exploited in the wild. Did Fxmsp pwn a fourth security firm? Major G7 cyber exercise planned. Vetting VCs.

Bring your own context.