A wave of destructive “Meow attacks” appears to use an automated tool to find and wipe exposed ElasticSearch and MongoDB instances. According to BleepingComputer, there are no ransom notes, no threats, no crowing, and no explanation for the attacks. One possible motive is that the attacks represent tough love from vigilantes pushing admins to secure their databases, but that’s speculation: “meowing” could represent anything from misdirection, to preparation for protection rackets, to the lulz.
TikTok remains the subject of close and fundamentally hostile scrutiny in several countries, especially in India and the US. In the US, POLITICO reports that the House version of the National Defense Authorization Act contains a provision that would ban TikTok from US Government systems. The Next Web discusses rumors that ByteDance might sell the social platform to a group of US investors in a move to sidestep security concerns.
The US Attorney for the Eastern District of Washington has secured an indictment against two Chinese nationals, Li Xiaoyu and Dong Jiazh, on eleven counts of hacking computer networks to obtain intellectual property. They are said to have cast a wide net, working against targets in eleven countries and at least twelve economic sectors.
Yahoo notes that Australian agencies (including the Australian Signals Directorate) welcomed "actions designed to hold malicious cyber actors to account."
The Wall Street Journal says the US State Department also ordered China's Houston consulate closed for its connection to espionage and influence operations. The consulate burned its papers last night, Click2Houston reports.