Record GDPR fine. Movements in the cyber underworld. FBI found to have overstepped surveillance authorities.
The EU fines Meta for transatlantic data transfers. FIN7 returns, bearing Cl0p ransomware. Python Package Index temporarily suspends new registrations due to a spike in malicious activity. Typosquatting and TurkoRAT. UNC3944 uses SIM swapping to gain access to Azure admin accounts. A Turla retrospective. Rick Howard tackles workforce development. Our guest is Andrew Peterson of Fastly to discuss the intricate challenges of secure software development. And the FBI was found overstepping its surveillance authorities.
Selected reading.
Meta Fined $1.3 Billion Over Data Transfers to U.S. (Wall Street Journal)
Meta fined record $1.3 billion and ordered to stop sending European user data to US (AP News)
Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks (The Hacker News)
Researchers tie FIN7 cybercrime family to Clop ransomware (The Record)
Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware (Security Affairs)
PyPI new user and new project registrations temporarily suspended. (Python)
PyPI repository restored after temporarily suspending new activity (Computing)
RATs found hiding in the NPM attic (ReversingLabs)
Legitimate looking npm packages found hosting TurkoRat infostealer (CSO Online)
Mozilla Explains: SIM swapping (Mozilla)
The Underground History of Russia’s Most Ingenious Hacker Group (WIRED)
Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia’s Federal Security Service (US Department of Justice)
Hunting Russian Intelligence “Snake” Malware (CISA)
FBI misused intelligence database in 278,000 searches, court says (Reuters)
FBI misused controversial surveillance tool to investigate Jan. 6 protesters (The Record)
FBI broke rules in scouring foreign intelligence on Jan. 6 riot, racial justice protests, court says (AP News)