Iran hacks for influence. Brazilian PII up for auction. Prince Harry vs. Fleet Street. Electrical infrastructure cyber risk. Paying ransom. HildaCrypt developers say they’re going straight.N2K Networks
Riding herd on Mustang Panda. Drupalgeddon2 is out in the wild. VPN warnings and mitigations. Patch notes. An offer to share intelligence about Huawei. Presidential sites get low privacy grades.N2K Networks
Twitter and two-factor authentication. Privacy concerns. The US Senate Intelligence Committee reports on Russian troll farms. Turla is back with some new tricks.N2K Networks
Alleged DIA leaker. Europol cybergang study. Protecting the DIB. Chinese information operations.N2K Networks
Ransomware and a zero-day. A newly discovered espionage platform. FIN7’s new tricks. Beijing speaks and Apple listens. A visit to NSA’s Cybersecurity Directorate.N2K Networks
Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and security risks.N2K Networks
Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.N2K Networks
Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.N2K Networks
Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against terrorism.N2K Networks
Not every incident is necessarily an attack. Not everything that purrs is a kitten (sometimes it’s a bear that would like you to think it’s a kitten). ICS security notes.N2K Networks
More coordinated inauthenticity taken down. The Westphalian system and cyber conflict. VPNs and an AV company sustain incidents. Assange and extradition.N2K Networks
Criminal connections. The risky business of acquisition. Joker is back, and it’s not funny. Most dangerous celebrities. Notes from SecurityWeek’s ICS Cyber Security Conference.N2K Networks
Clouds are back after being out. Bitpaymer hits German manufacturer. Cross-plaform mobile malware. SecurityWeek’s 2019 ICS Cyber Security Conference.N2K Networks
Spearphishing the UN and NGOs. Clickware kicked out of app stores. ICS security notes. Close-reading the Turla false-flag reports. A good use for the dark web. Senators call for investigations.N2K Networks
Actionable intelligence, and the difficulty of cutting through noise. Extortion hits Johannesburg. Criminal-to-criminal markets. Who’s more vulnerable to phishing, the old or the young?N2K Networks
Fancy Bear paws at anti-doping agencies. Johannesburg says no to the Shadow Kill Hackers. Adwind jRAT’s new misdirection. US FCC versus Huawei, ZTE. Georgia hacked.N2K Networks
WhatsApp sues NSO Group over Pegasus distribution. Georgia continues its recovery, as does Johannesburg. Facebook stops more inauthentic action. A Bed, Bath, and Beyond breach.N2K Networks
Malware in nuclear plant business system, but not in control systems. Facebook versus inauthenticity and spyware. Twitter refuses political ads. NIST wants comments. Cyber risk a factor in credit ratings.N2K Networks
Cyber espionage. Russia tries Web autarky. The US will investigate TikTok. A bad keyboard app is out of Google Play but still in circulation. Crime comes to e-sports. Happy hundredth, GCHQ.N2K Networks
BlueKeep is exploited for cryptojacking. Ransomware hits Canadian provincial government. Pegasus lands in India. Magecart, GandCrab updates. US Cyber Command deploys to Montenegro.N2K Networks
Ransomware in Spain. Pegasus in India. TikTok on the Huawei highway? Booz Allen predicts! And good dogs sniff out bad data.N2K Networks
App developers had access to more Facebook Group data than intended. Election security and disinformation. DarkUniverse described. Millions lost to business email compromise.N2K Networks
US off-off-year elections go off OK, but don’t get cocky, kids. US charges three in Saudi spy case. Adware dropping apps removed from Google Play. Patch Confluence.N2K Networks
Warnings about Emotet and BlueKeep. Crooks test their stolen cards before the holiday shopping season. Amazon fixes Ring. Chinese security gear allegedly sold as made-in-USA.N2K Networks
Labour Party reports a cyberattack. What the Lazarus Group is up to. Platinum adds a quiet backdoor. Buran competes on price. PCI DSS compliance falling. Ahoy, Yantar.N2K Networks
NAM hacked during US-China trade tensions. DDoS against British political parties. Pemex recovers from ransomware. Project Nightingale gets US Federal scrutiny. Patch notes.N2K Networks
PureLocker ransomware. APT33 update. Hong Kong and information war, in the courts and on PornHub. Facebook content takedowns. Alleged criminals prepare to face the court.N2K Networks
Pemex ransomware update. Spearphishing with spoofed government phishbait. Trojan two-fer. AntiFrigus ransomware avoids C-drive files. BLE bug. DataTribe’s annual Challenge.N2K Networks
Disney+ credentials hacked. Kudankulam reassurance. Chinese, Iranian documents leak. Iran and Venezuela restrict Internet access. Russia proposes Internet control treaty. Hacktivist notes.N2K Networks
Ransomware recovery in Louisiana. DPRK phishing for aerospace jobseekers? Cybercrime campaigns. Notes on current legal matters.N2K Networks
Louisiana works to recover from Monday’s ransomware attack. Gekko Group sustains a massive data exposure. US student charged with coding for ISIS.N2K Networks
Refined Kitten paws at ICS. Debunking BlueKeep rumors. FBI warns Detroit of cyber threats. The UN’s long deliberation over cybercrime. Cryptowars. 5G security and a 5G czar. Ransomware updates.N2K Networks
Sandworm in Google Play. Internet sovereignty. Bogus accounts on LInkedIn. Pupil becomes teacher. Six-year sentence for DDoS. Big bug bounty at Google. Ransomware updates. Pegasus inquest.N2K Networks
Arrest by algorithm. Dangers of data enrichment. Golden Falcon in Kazakhstan. FCC vs. Huawei and ZTE. Internet sovereignty. Chuckling Squad popped for Twitter caper. Other crime and punishment.N2K Networks
Potentially malicious SDKs draw cease-and-desist letters. Nursing homes get ransom demands. A look back at the Sony Pictures hack. CISA offers advice on safe online shopping.N2K Networks
Phishing, cryptojacking, and commodity malware. New supply chain security measures. And have you heard about this Black Friday thing?N2K Networks
ANSSI considering retaliation for ransomware attack. MixCloud breached. Imminent Monitor shut down.N2K Networks
Secondary Infektion may be back, and interested in UK elections. Quantum Dragon. FaceApp risks. PyXie RAT in the wild. An Ethereum developer is charged with helping North Korea evade sanctions.N2K Networks
Lazarus Group interested in thorium reactors? Disinformation by phishing. ZeroCleare wiper in the wild. NATO addresses cyber conflict. NotPetya litigation. Black market takedown.N2K Networks
Data center ransomware. Third-party breach hits telco customers. Buran and Buer on the black market. The Great Canon opens fire. Russia trolls Lithuania. Big bad BEC.N2K Networks
Facebook sues over ad fraud. Tampering with VPN connections. Russian disinformation in Lithuania.N2K Networks
Ocean Lotus versus car manufacturers. Ransomware versus dental practices. $5 million reward offered in Dridex case. Information operations and the UK’s general election.N2K Networks
Pensacola under cyberattack. Notes on ransomware. The US Justice Department IG report on Crossfire Hurricane. Who let the bots out?N2K Networks
Hacking in Iran? The Lazarus Group hires Trickbot. Election influence ops. Cryptowars updata. Ransomware in municipal and tribal governments. Patch Tuesday notes. Do it for State.N2K Networks
False flags and attack kit hijacking. Maze ransomware in Pensacola. China’s own OS. Crypto Wars update. TrickBot phishing. And Krampus spoils Christmas.N2K Networks
Phishing for credentials. Compromised Telegram accounts. Lateral movement. Crypto Wars updates. Data retention compliance. Iago did it for the lulz.N2K Networks
Iran says it stopped a cyber espionage campaign by China’s APT27. India closes the Internet in two states. Ransomware in Louisiana and New Jersey. National Security Letters.N2K Networks
Ransomware updates. Lazarus Group’s new Trojan. IoT insecurity. Exploiting older versions of WhatsApp. Mr. Assange’s extradition. Door kick in IP beef. Someone naughty’s still running XP.N2K Networks
Steal first, encrypt later. Cobots at risk? Gangnam Industrial Style looks for industrial info. Rancor update. FISC takes FBI to the woodshed. Vlad the Updater.N2K Networks
TV program swap-out. Cyber espionage out of Beijing. US Congress in a mood to sanction. Emotet phishing spoofs Germany’s BSI. A Dark Overlord pleads not guilty.N2K Networks
Pegasus and Pakistan. What’s in Legion Loader. Threats to financial markets. Seasonal scams. What would Clippy do?N2K Networks
Taking down Thallium. Cloud Hopper: bigger (and worse) than thought. US tightens screws on the supply chain. The bite of winter and the scent of plums.N2K Networks
Escalation in the Gulf as a US air strike kills Iran’s Quds commander. Travelex and RavnAir continue their recovery from cyberattacks. Taiwan’s memes against misinformation.N2K Networks
Sequelae of the US Reaper strike against the Quds Force commander. Warnings of Iranian retaliation, with an emphasis on cyberspace. Espionage in Austria, and a second look at an LSE outage.N2K Networks
No more Iranian cyberattacks since the minor weekend vandalism, but the US Government advises all to look to their defenses. Fancy Bear is the usual suspect in Austria. A guilty plea by an insider threat.N2K Networks
No major Iranian cyberattacks against the US so far, as both sides appear interested in cooling off. The Cyber Solarium offers a preview of its coming report on US cyber strategy.N2K Networks
Cyber alert remains high as the US-Iranian confrontation cools. Information ops, wipers, and energy sector targeting.N2K Networks
Updates on US-Iranian tensions, and especially on hacktivism and possible power grid battlespace preparation. Researchers complain of preinstalled malware said to be in discount Android phones.N2K Networks
Cyber tensions and cyberwar. China’s influence ops against Taiwan apparently backfire. Maze gang goes for doxing. SIM swapping. FBI promises FISA Court it will do better.N2K Networks
Microsoft patches a vulnerability NSA disclosed. Fronting for APT40 in Hainan. Fancy Bear pawed at Burisma. The NSA Pensacola shooting and the debate over encryption.N2K Networks
Disclosure, patching, and warning. Norway takes on “out-of-control” data sharing by dating apps. Ransomware all-in on doxing. What to do about Huawei.N2K Networks
Curveball proofs-of-concept. CISA warns chemical industry. Military families harassed online. Phishing the UN. Fleeceware in the Play Store. Moscow says there was no Burisma hack.N2K Networks
Hacks, and rumors of hacks. Burisma incident under investigation. SharePoint exploitation. How to spark a run on a bank. WeLinkInfo taken down. Phishbait update.N2K Networks
RATs, backdoors, and a remote code execution zero-day. Hoods breach Mitsubishi Electric. Telnet credentials dumped.N2K Networks
The UN takes up a case of spyware; it’s linked to an extrajudicial killing. Glenn Greenwald indicted on hacking charges in Brazil. NetWire and StarsLord are back.N2K Networks
Phishing with a RAT in the Gulf. More on how Jeff Bezos was hacked. Microsoft discloses data exposure. Ransomware continues to dump data. Windows 7, already back from the great beyond.N2K Networks
PupyRAT is back. So is the Konni Group. Twitter storm over claims that MBS hacked Jeff Bezos. Anti-disinformaiton laws considered. Canada is ready to impose costs on cyber attackers.N2K Networks
A cyber espionage campaign is to use DNS hijacking. More observations on l’affaire Bezos. Operation Night Fury versus e-commerce hackers. Farewell to Clayton Christensen.N2K Networks
Huawei will play in UK infrastructure, at least a little. Citizen Lab on KINGDOM, a Pegasus operator. Avast and sale of user data. Happy Data Privacy Day.N2K Networks
Ransomware in industrial control systems. Phone hacks, proved and unproved. Britain’s compromise decision on Huawei. Wawa cards in the Joker’s Stash. CardPlanet boss pleads guilty.N2K Networks
Hacking the UN. Avast closes Jumpshot over privacy uproar. Facebook settles a biometric lawsuit. Data exposures, a LiveRamp compromise, and more newly aggressive ransomware.N2K Networks
The Winnti Group is interested in Hong Kong protestors. The UK, the US, and the EU all look for a cooperative way forward into 5G. DDoS for hire hits an independent Serbian media outlet. Ransomware may have hit a US defense contractor. EvilCorp is back. TN2K Networks
More on EKANS, the ransomware with an ICS kicker. Shipping company customer-facing IT disrupted in cyber incident. Coronavirus as phishbait. Election security, new DoD rules, and insider threats.N2K Networks
Buggy app delays count in Iowa Democratic caucus. US county election sites ill-prepared against influence ops. Twitter fixes API exploited by fake accounts. NIST on ransomware.N2K Networks
Update on the Iowa Democrats’ bad app. DDoS warning for state election sites. DDoS trends. New ransomware tracked. Tehran spoofing emails? Nintendo hacker pleads guilty.N2K Networks
Iowa caucus problems induced by buggy counting and reporting app. Bitbucket repositories used to spread malware. Gamaredon active again against Ukraine. Charming Kitten’s phishing.N2K Networks
Chinese cyber espionage in Malaysia and Japan. Android Bluetooth bug. Google expels suspect apps from the Play store. More Iowa caucus finger-pointing. US preps indictments of Chinese nationals.N2K Networks
US indicts PLA officers in Equifax hack. Pyongyang shows pariah states how it’s done. DDoS in Iran. Updates on Democratic Party caucus IT issues. Likud has a buggy app, too.N2K Networks
Pyongyang’s guide to hacking on behalf of rogue regimes. RATs in the supply chain? Data exposures and data breaches. Securing elections (and caucuses, too).N2K Networks
Facebook takes down coordinated inauthenticity. US says it’s got the goods on Huawei. EU will leave facial recognition policy up to member states. Patch Tuesday. Counting on the caucus.N2K Networks
Internecine phishing in the Palestinian Territories. What could Iran do in cyberspace? US Census 2020 and cybersecurity. Mobile voting. How to make bigger money in sextortion.N2K Networks
Huawei gets a RICO prosecution. Details on DPRK Hidden Cobra Trojans. Google takes down Chrome malvertising network. Run DNC. Hacker madness. Happy St. Valentine’s Day.N2K Networks
Fox Kitten campaign linked to Iran. LokiBot’s new clothes. Unsigned firmware. Iowa Democratic caucus post-mortem. SoftBank and the GRU. Hacker madness.N2K Networks
Ransomware hits US natural gas pipeline facility. DRBControl’s espionage campaign. Firmware signing. No bill of attainder against Huawei. A mistrial in the Vault 7 case?N2K Networks
UK, US blame Russia for 2019 Georgia hacks. Senator Sanders thinks Russian bots could impersonate supporters. Mr. Assange’s extradition. MGM Resorts breach. Ms Winner wants a pardon.N2K Networks
DISA data breach. More complaint against alleged GUR operations in Georgia. Trolls move from creation to curation. The UK deals with high-risk 5G vendors.N2K Networks
Reactions to allegations in Georgia’s October cyber incidents. Commodification of spamming kit. Satellite vulnerabilities. Election security. FISA reauthorization? Mr. Assange’s extradition. RSAC 2020.N2K Networks
Cloud Snooper is out and about. US states’ contracts with Chinese vendors. Voatz receives more scrutiny. Facebook’s troll hunt--no joy this time. Notes from RSAC 2020.N2K Networks
Chrome zero-day patched. Ransomware against infrastructure. Notes from RSAC 2020. Julian Assange’s extradition hearing.N2K Networks
RSAC 2020. Naming and shaming. Kitty espionage update. Wi-Fi crypto flaw. Impersonating the DNC. Ransomware gets more aggressive. When is removing a GPS tracker theft?N2K Networks
South Carolina primary affords the next test of US election security. Cerberus evolves. Bot-driven fraud. FCC to fine wireless carriers for location data handling. FISA changes.N2K Networks
Super Tuesday eve primary jitters. DoppelPaymer hits an aerospace supplier. WordPress plugins exploited in the wild. Vote for the catphish.N2K Networks
Vault 7, again, as Beijing names and shames. Schulte case goes to jury. Maersk to cut incident response jobs. The Cyberspace Solarium’s election security preview. Advice for intel collection.N2K Networks
Election security--a look back at Super Tuesday. Cyberspace Solarium preview. Rapid Alert System engaged in EU. Cyber capability building in Ukraine. Cloud backups as attack surface.N2K Networks
Credential stuffing attacks and data breaches. Coronavirus-themed phishbait is an international problem. Super Tuesday security post mortems. Huawei agonistes.N2K Networks
Misconfigured databases, again. Vulnerable subdomains. Dark web search engines. Troll farming. An update on the crypto wars.N2K Networks
Coronavirus misinformation, phishbait, and disinformation. Ransomware’s growing reach. How criminals’ desire for glory works against their desire to escape apprehension.N2K Networks
Caution in the Play store. EU power consortium’s business systems hacked. Cablegate--a look back. Schulte trial ends in minor convictions, but a hung jury on major counts. The cyber underworld.N2K Networks
The Cyberspace Solarium reports. Coronavirus scams and coronavirus realities. Notes on March’s Patch Tuesday.N2K Networks
The return of Turla. Data exposure incidents disclosed. Beijing accuses Taipei of waging cyberwarfare against the PRC. Coronavirus disinformation.N2K Networks
COVID-19 as both incentive for remote work and phishbait. Offshored trolling. A list of “digital predators.” US Senate doesn’t extend domestic surveillance authority.N2K Networks
COVID-19’s effects on cyberspace: disinformation, espionage, data theft, fraud, and extortion. Also far greater remote working.N2K Networks
Cyberattack on US HHS probably a minor probe. Disinformation about COVID-19 continues to serve as both phishbait and disruption. US prosecutors move to stop prosecution Concord Management.N2K Networks
Coronavirus phishing. Money mule recruiting. Remote work and behavioral baselining. HHS incident seems to have been...an incident. Advice from NIST, and from Dame Vera Lynne.N2K Networks
EU suspects Russia of disinformation. TrickBot’s latest module is a brute. Parallax RAT and the MaaS black market. Pandemic hacking trends. What to do with time on your hands.N2K Networks
CISA on running critical sectors during an emergency. Disinformation, phishbait, and rumor. What’s Fancy Bear up to these days? Distinguishing altruism from self-interest.N2K Networks
Coronavirus fraud booms; prosecutors are taking note. Stolen data on the dark net. Software updates affected by pandemic. A new Mirai variant is out. A DDoS that wasn’t.N2K Networks
Active ICS threats. TrickBot and TrickMo. RCE vulnerability in Windows. Google ejects click-fraud malware infested apps from Play. Attackers hit WHO, hospitals, and biomedical research.N2K Networks
APT41 is back from its Lunar New Year break. Commodity attack tools for states and gangs. Russia takes down a domestic carding crew. Restricting misinformation.N2K Networks
Advice on secure telework. Magecart infestations. DNS hijacking with a COVID-19 twist and an info-stealer hook. Patch notes. The US 5G security strategy.N2K Networks
Some notes on cyber gangland. South Koren APT using zero days against North Koreans? USB attacks. Telework challenges. CMMC remains on schedule.N2K Networks
Updates on the cyber ramifications of the coronavirus pandemic. Saudi surveillance program. Ransomware developments. Lost USB attacks are in progress.N2K Networks
More data breaches. DPRK spearphishing. DoJ IG sees problems in FISA warrant processes. Houseparty updates. Huawei sanctions. And notes about the pandemic.N2K Networks
WHO email accounts prospected. Mandrake versus Android users. Vollgar versus MS-SQL servers. Ransomware and hospitals. Notes on the effects of COVID-19, and a disinformation campaign.N2K Networks
Cybersecurity notes during the pandemic emergency. Twitter bots. Ransomware attack on a biotech firm. WHO updates. And how are the cyber gangs doing these days?N2K Networks
COVID-19 updates: crime, propaganda, and craziness. (Also telework.) BGP hijacking. DarkHotel sighting. Apps behaving badly. And a risk of sim-swapping.N2K Networks
Trends in COVID-19-themed cybercrime. Social media seek to inhibit the misinformation pandemic. Corp[dot] off the market. BEC in cloud services. Investment notes. Big big fraud.N2K Networks