At a glance.
- Albania explains its reasons for severing relations with Iran.
- Cashout scam targets forgotten crypto accounts.
- Next moves for Lapsus$?
- Cloud complexity and its effect on security.
- Operation In(ter)ception: social engineering by the Lazarus Group.
- Witchetty cyberespionage group: recent activity.
- C2C access for sale: high-end auction houses and "flea markets."
- Securonix describes an effective and carefully crafted cyberespionage campaign.
- Novel malware discovered targeting VMware SXi hypervisors.
- North Korean operators "weaponize" open-source software.
- Fast Company's WordPress hijacking incident.
- Deepfakes, and their evolution.
- Unrest in Iran finds expression in cyberspace.
- Developments in the Optus breach.
- Leaked LockBit 3.0 builder used in ransomware attacks.
- Meta takes down Russian disinformation networks.
- Gray-hat support for Iranian dissidents.
- SolarMarker info-stealer returns in watering hole campaign.
Albania explains its reasons for severing relations with Iran.
The Washington Post last weekend interviewed Albania's Prime Minister Edi Rama on his government's decision to sever diplomatic relations with Iran over Tehran's large-scale cyberattack against Albanian IT infrastructure. “Based on the investigation, the scale of the attack was such that the aim behind it was to completely destroy our infrastructure back to the full paper age, and at the same time, wipe out all our data,” Rama told the Post. “Our sense now is first, that they didn't succeed to destroy infrastructure. Services are back. Second, data. Yes, they took some but practically not of any particular relevance.” He characterized the cyberattacks as aggression, not as destructive, of course, as bombing, but of comparable intent, and comparably inadmissible under international norms. Background on Iran's cyber operations and Albania's response may be found in CyberWire Pro.