The CyberWire is pleased to announce the launch of Creating Connections, our new newsletter focused on connecting women in the cybersecurity field across the globe! The inaugural issue is out, and we expect to publish it on the first Monday of every month. It's brought to you by women in the industry, and you're invited to join our league of cyber ladies and create lasting connections. Learn more or subscribe here.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
US Government attributes Taidoor RAT to China. Update on hacked UK-US trade documents. Pegasus used in Togo.
The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report on “Taidoor,” a remote access Trojan that Chinese intelligence services have deployed against collection targets since 2008. The FBI and the Department of Defense concurred in the analysis, and US Cyber Command has uploaded samples of Taidoor’s code to VirusTotal. It’s been used against government agencies, corporations, and think tanks, mostly ones with an interest in Taiwan. Both FireEye and CrowdStrike have tracked Taidoor for some time; the news in this Report is the formal attribution to the Chinese government and the urgency which the US Government attaches to defense against Taidoor.
Reuters reports that papers related to UK-US trade negotiations that were leaked to the Labour Party and others during the last British general election were taken from the email account of former Conservative trade minister Liam Fox. The theft has been widely attributed to Russian intelligence services. British foreign minister Dominic Raab last month said “Russian actors” had sought to interfere in the election “through the online amplification of illicitly acquired and leaked Government documents.” An investigation into how the documents were taken is still in progress.
NSO Group’s Pegasus spyware is said, by the University of Toronto’s Citizen Lab, to have been deployed against a Roman Catholic bishop and a priest who had advocated human rights reforms in the West African country, as well as against two members of the political opposition. Pegasus is said to have been installed through a WhatsApp exploit.
Today's issue includes events affecting Australia, Belarus, Canada, China, India, Japan, the Democratic People's Republic of Korea, New Zealand, Pakistan, Russia, Togo, the United Kingdom, and the United States.
Aerospace news worthy of attention.
If you're interested in space and communications (technology, policy, business, and operations), take a look at the latest issue of Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.
Leaders from the Navy, Government Accountability Office and Mandiant Security Validation took the virtual stage to discuss "Adopting a Proactive, Intelligence-Led Cyber Mission". Watch the on-demand webcast to join the discussion on how automated security validation, integrated with the latest threat intelligence and frontline expertise can validate the health of your infrastructure by testing against actual threats.