Voting machine woes. Router exploits trouble Brazil, Bitpoint alt-coin exchange investigates theft. Facebook fined $5 billion. Power failures probably unrelated to cyberattacks. Amazon Prime phishing.N2K Networks
GandCrab hoods may be back with new ransomware. Video-on issues. Broadcom-Symantec talks are off, for now. Treason or just business? Robo-calls. A decryptor for Ims0rry ransomware.N2K Networks
Telco data breach. Firmware supply chain problems. Hacking BLE. Census security. Continuity of operations. Decryptor for GandCrab, NSPM 13. Bulgaria’s tax hack.N2K Networks
TrickBot’s new tricks. Poisoning the ad supply chain. Clouds get schooled. Novel phishing tackle, but stale bait. Cyberwar powers. Election interference. FaceApp fears. Bad macro suspect arrested.N2K Networks
Following K3chang. Bulgaria’s tax agency breach. An alternative currency gets some incipient regulatory scrutiny. Why towns are hit with ransomware. A hair-care hack.N2K Networks
FSB contractor hacked. Pegasus now able to rummage clouds? Iranian cyber ops spike. Fraudulent student profiles. Judgement in Equifax FTC case. NSA hoarder gets nine years.N2K Networks
Venezuela blames power failure on exotic sabotage, again. Huawei may have built North Korea’s 3G wireless networks. Were record privacy fines high enough? Logic bombing the customer.N2K Networks
Lancaster University breached. Kazakhstan is testing out HTTPS interception. The UK postpones its decision on Huawei’s 5G gear. The FTC is requiring Facebook to set up a privacy committee.N2K Networks
News about Russian and Chinese government threat actors. Powerful crimeware active in Brazil. BlueKeep really needs to be patched. Messenger Kids issues. Dispatches from the cryptowars.N2K Networks
Winnti and other Chinese espionage activity. Volume I of the US Senate report on election meddling is out. Ransomware from Sabine, Louisiana, to Johannesburg, South Africa.N2K Networks
Bears sniff at Bellingcat. Magecart in spoofed domains. MyDoom is still active. Shipboard malware was Emotet. Hutchins sentenced. Digital assistants have big ears. Taxes owed on alt-coin gains.N2K Networks
Capital One sustains a major data breach. Phishing in LinkedIn. VxWorks patches and mitigations. Brute-forcing NAS credentials. LAPD doxed?N2K Networks
Capital One breach update. CISA warns of avionics CAN bus vulnerabilities. More attacks on local Louisiana governments. Change at the SEC. Cyber summer school for NATO, EU diplomats.N2K Networks
Capital One investigation update. Don’t give up on the cloud. Exposed databases and backdoors. Cybercrime as high-stakes poker. Phishing the financials. Bots on holiday.N2K Networks
Spearphishing utility companies. Bellingcat as gadfly, and target. Facebook takes down more coordinated inauthenticity. Card skimming. Tech regulation. Random acts of cruelty.N2K Networks
Ransomware attacks in Mexico and Germany. Wipers in criminal service. Supervising Siri and Alexa. Mass shooters find inspiration and online expression.N2K Networks
Fancy Bear is snuffling around corporate IoT devices. Machete takes its cuts at Venezuelan military targets. What Mr. Kim is buying. MegaCortex goes for automation. Vigilantes, misconfigurations, etc.N2K Networks
Another speculative execution flaw. LokiBot evolves. APT41 moonlights. Scammers exploit tragedies. Black Hat notes.N2K Networks
Hacking in the Gulf region. Vulnerability research into airliner avionics. Phishing and ransomware move to the cloud. EU data responsibilities. US bans five Chinese companies.N2K Networks
Voting machine security. Airliner firmware. Attribution and deterrence in cyberwar. Monitoring social media. Broadcom buys Symantec’s enterprise security business. Policing, privacy, and an IoT OS.N2K Networks
A look back at Black Hat and Def Con. Sometimes failures that look like accidents are accidents. Russia wants better content suppression from Google. Notes on intelligence services.N2K Networks
UN Security Council looks at North Korean cybercrime. Notes on PsiXBot and BITTER APT. The state of spearphishing. Election security. A final look back at Black Hat and Def Con.N2K Networks
Hacking the Czech Foreign Ministry. Microsoft patches new wormable bugs. More controversial human review of AI. Insecure links, exposed databases, and a California vanity plate.N2K Networks
Huawei accused of abetting domestic surveillance in Africa. Cyber gangs adapt and evolve. Prosecutors indicate they’ll add charges to “erratic.” Bluetana detects card skimmers.N2K Networks
ECB sustains an intrusion into a third-party-hosted service. Norman quietly mines Monero. MetaMorph appears in a stealthy phishing campaign. Information operations.N2K Networks
ISIS claims Kabul massacre. Huawei gets a temporary break. Texas governments hit by ransomware. Hy-Vee warns of point-of-sale attack.N2K Networks
Chinese information operations on Twitter and Facebook. iOS jailbreak released. Adult websites leak information.N2K Networks
China criticizes Twitter and Facebook. Silence expands internationally. A popular Ruby library was backdoored.N2K Networks
North Korean and Chinese cyber espionage. Updates on Texas ransomware. Steam zero-day released.N2K Networks
Google takes down YouTube influence operation. Cryptomining in a nuclear plant. Spyware in the Google Play Store.N2K Networks
BioWatch info potentially exposed. Scammers indicted. Ukrainian cryptojacking exposed sensitive data. Social engineering notes. Boo birds and lawsuits. Data use and privacy. Low-earth orbit hack.N2K Networks
Hostinger resets passwords after an intrusion. Social media fraud. Notes on RATs and ransomware. Free decryptor for Syrk. Hedge funds go bananas.N2K Networks
LYCEUM active against Middle Eastern energy-sector targets. LinkedIn used to recruit spies. Autonomous car expert indicted. Imperva exposure. VPN software patches. AI writes.N2K Networks
Cyberattacks and intelligence trade-offs. TrickBot’s new interests. Fancy Bear versus machine learning. Facebook looks for more ad transparency. Retadup take-down.N2K Networks
Watering hole for iPhones. Dental record service hit with ransomware. Huawei reportedly under investigation for IP theft. “erratic” faces cryptojacking charges. Farewell to a Bletchley Wren.N2K Networks
Stuxnet’s story. Watering hole was designed to attract China’s Muslim minority. USBAnywhere affects some Supermicro servers. Twitter’s CEO has his Twitter stream hijacked.N2K Networks
Ransomware, Bitcoin, underwriters, and the bandit economy. OTA provisioning could lead to subtle phishing. Alleged spammers indicted. ZAO flashes and flickers out, for now.N2K Networks
Scraped data found gurgling around in an unsecured third-party database. Ransomware and election security. Spy in your pocket? (Probably not.) Guilty plea in the Satori case.N2K Networks
China hacks to track. Turning the enemy’s weapons against them? Notes from the Billington CyberSecurity Summit. Anti-trust investigations for Facebook and, probably, Google.N2K Networks
BEC attack pulls millions from car parts company. Wikipedia DDoS. NERC and FERC on grid hacking. Trolling Pyongyang. Mike Hammer goes to the DMV.N2K Networks
US National Security Advisor to be replaced. Stealth Falcon’s new backdoor. DDoS, social engineering investigations proceed. Exfiltrating an agent. Patch Tuesday notes.N2K Networks
Cobalt Dickens, coming to a university library near you. UNICEF data exposure. Election security notes. Operation reWired arrests 281 alleged BEC scammers.N2K Networks
The StingRays that were n DC. Old-school file formats and attack code. Ransomware becomes spyware. Joker apps ejected from the Play store. Multifaceted deterrence. Advice on BEC.N2K Networks
CRASHOVERRIDE tried to be worse than it was. InnfiRAT scouts for wallets. Simjacker exploited in the Middle East. SINET 16 are out. Pentesting scope. Back up your files, Mayor.N2K Networks
Espionage and counter-espionage in at least three of the FIve Eyes. New sanctions against North Korea. Password managers and flashlights.N2K Networks
More updates on the Royal Canadian Mounted Police counterintelligence case. Australian elections and China’s interests. ISIS howls to the lone wolves. Ed Snowden would prefer Paris to Moscow.N2K Networks
Tortoiseshell threat-actor active in the Middle East. Simjacker less dangerous than thought? Decentralizing cyber attack. The Ortis affair. Mr. Snowden’s book deal.N2K Networks
Notes from the CISA Summit. New DDoS vector reported. Medical images exposed online. Huawei and US sanctions. Engaging ISIS in cyberspace.N2K Networks
Coordinated inauthenticity in five countries draws action from Twitter. Cryptomining continues. Huawei fights its ban in US Federal court. Notes from CISA’s Cybersecurity Summit.N2K Networks
YouTube account hijacking. Facebook finds more apps misusing data. Cyber deterrence in the Gulf region. Huawei’s CFO continues to fight extradition from Canada to the US. Pentesting blues.N2K Networks
Utility phishing. Google wins on the right to be forgotten. Transatlantic data transfer. Responsible state behavior in cyberspace. Huawei and 5G. Permanent Record, temporarily phishbait.N2K Networks
Notes on Tortoiseshell. Fancy Bear snuffles around embassies and foreign ministries. Poison Carp targets Tibetan groups. GandCrab unretires. And Chameleon’s curious spam.N2K Networks
Lazarus Group in India. Suspected Chinese APT uses fake Narrator. Fleeceware. DNI testimony. TalkTalk hacker charged in US. Yahoo breach compensation. Chameleon spam campaign.N2K Networks
Supply chain hacks versus Airbus. Phishing around Google Cloud. Masad Clipper and Stealer on the criminal-to-criminal market. Quick zero-day exploitation. DoorDash hack. Inside JTF Ares.N2K Networks
Industrial firms disclose cyber incidents. US DHS to check airliner cybersecurity. RCMP security case update. Bulletproof host taken down. Gnosticplayers. Royal phish.N2K Networks
Piling on sanctions. The disinformation-as-a-service black market. Technological sovereignty through R&D investment? Ransomware continues to rise. NSA’s new Cybersecurity Directorate.N2K Networks
A new threat group, Avivore, is called out in the Airbus hack. Ransomware and VPN exploit warnings. EU tells Facebook to take down some content, everywhere. Spearphishing ANU. SandCat’s bad opsec.N2K Networks
Android vulnerability exploited in the wild. Careless spycraft. The Eye on the Nile. A new Chinese threat actor. A spoiling attack in the CryptoWars. Take election interference, please.N2K Networks
Iran hacks for influence. Brazilian PII up for auction. Prince Harry vs. Fleet Street. Electrical infrastructure cyber risk. Paying ransom. HildaCrypt developers say they’re going straight.N2K Networks
Riding herd on Mustang Panda. Drupalgeddon2 is out in the wild. VPN warnings and mitigations. Patch notes. An offer to share intelligence about Huawei. Presidential sites get low privacy grades.N2K Networks
Twitter and two-factor authentication. Privacy concerns. The US Senate Intelligence Committee reports on Russian troll farms. Turla is back with some new tricks.N2K Networks
Alleged DIA leaker. Europol cybergang study. Protecting the DIB. Chinese information operations.N2K Networks
Ransomware and a zero-day. A newly discovered espionage platform. FIN7’s new tricks. Beijing speaks and Apple listens. A visit to NSA’s Cybersecurity Directorate.N2K Networks
Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and security risks.N2K Networks
Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.N2K Networks
Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.N2K Networks
Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against terrorism.N2K Networks
Not every incident is necessarily an attack. Not everything that purrs is a kitten (sometimes it’s a bear that would like you to think it’s a kitten). ICS security notes.N2K Networks
More coordinated inauthenticity taken down. The Westphalian system and cyber conflict. VPNs and an AV company sustain incidents. Assange and extradition.N2K Networks
Criminal connections. The risky business of acquisition. Joker is back, and it’s not funny. Most dangerous celebrities. Notes from SecurityWeek’s ICS Cyber Security Conference.N2K Networks
Clouds are back after being out. Bitpaymer hits German manufacturer. Cross-plaform mobile malware. SecurityWeek’s 2019 ICS Cyber Security Conference.N2K Networks
Spearphishing the UN and NGOs. Clickware kicked out of app stores. ICS security notes. Close-reading the Turla false-flag reports. A good use for the dark web. Senators call for investigations.N2K Networks
Actionable intelligence, and the difficulty of cutting through noise. Extortion hits Johannesburg. Criminal-to-criminal markets. Who’s more vulnerable to phishing, the old or the young?N2K Networks
Fancy Bear paws at anti-doping agencies. Johannesburg says no to the Shadow Kill Hackers. Adwind jRAT’s new misdirection. US FCC versus Huawei, ZTE. Georgia hacked.N2K Networks
WhatsApp sues NSO Group over Pegasus distribution. Georgia continues its recovery, as does Johannesburg. Facebook stops more inauthentic action. A Bed, Bath, and Beyond breach.N2K Networks
Malware in nuclear plant business system, but not in control systems. Facebook versus inauthenticity and spyware. Twitter refuses political ads. NIST wants comments. Cyber risk a factor in credit ratings.N2K Networks
Cyber espionage. Russia tries Web autarky. The US will investigate TikTok. A bad keyboard app is out of Google Play but still in circulation. Crime comes to e-sports. Happy hundredth, GCHQ.N2K Networks
BlueKeep is exploited for cryptojacking. Ransomware hits Canadian provincial government. Pegasus lands in India. Magecart, GandCrab updates. US Cyber Command deploys to Montenegro.N2K Networks
Ransomware in Spain. Pegasus in India. TikTok on the Huawei highway? Booz Allen predicts! And good dogs sniff out bad data.N2K Networks