Sino-Indian border skirmishing appears to have been accompanied by Chinese distributed denial-of-service attacks against Indian targets. TimesNow says the attacks are thought to emanate from Chengdu, headquarters of PLA Unit 61398.
InvisiMole, a cyberespionage group discovered in 2018 but active at least since 2013, is known to have operated against Eastern European military and diplomatic targets, including targets in Russia and Ukraine. The group appears to collaborate with Gamaredon. ESET researchers report finding that InvisiMole has used Gamaredon’s .NET downloader (MSIL/Pterodo). Only a small subset of Gamaredon's victims were prospected by InvisiMole, which suggests that the stealthier, more sophisticated InvisiMole makes highly selective use of noisy Gamaredon's target list. It also uses EternalBlue and BlueKeep exploits for lateral movements once it's in the targeted enterprises. Gamaredon has been linked to Russia; InvisiMole has hitherto been more elusive.
Reuters reports that Awake Security has found a massive spyware infestation among Chrome extensions, about thirty-two-million downloads' worth.
Check Point describes a phishing campaign directed toward acquiring Microsoft Office 365 credentials; it made heavy use of redirection.
Anyone still persuaded that cybercriminals have trimmed their attacks out of public-spirited responsibility during the COVID-19 pandemic will be disillusioned by a Digital Shadows study of criminal forums. There's more criminal-to-criminal business than the underworld can handle, and the gangs are scrambling to find moderators who can keep up with demand.
Zoom, hearing the customers speak, has decided to reverse itself: the company will henceforth offer end-to-end encryption to all users of its remote conferencing service.