Russia's Sandworm caught snarfing credentials, data from American and Brit orgs
An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft. Sandworm, the offensive cyber operations group that works for the Russian Military Intelligence Unit 74455 (GRU), has previously been linked to attacks on water facilities in the US and EU, the 2018 Winter Olympics, NotPetya, and various other destructive attacks. READ MORE...
US woman faces years in federal prison for running laptop farm for N Korean IT workers
A 48-year-old woman from Arizona has pleaded guilty to charges related to a criminal scheme which saw North Korean IT workers employed remotely by hundreds of US companies. Christian Marie Chapman, of Litchfield Park, Arizona, is said to have helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. Chapman was arrested in May 2024, and charged for helping in a sophisticated fraud scheme. READ MORE...
"Largest data breach in US history": Three more lawsuits try to stop DOGE
The US DOGE Service's access to the private data of ordinary Americans and federal employees is being challenged in several lawsuits filed this week. Three new complaints seek court orders that would stop the data access and require the deletion of unlawfully accessed data. Two of the complaints also seek financial damages for individuals whose data was accessed. The legal team includes lawyers from the Electronic Frontier Foundation, the State Democracy Defenders Fund, and two law firms. READ MORE...
Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job
Tools typically employed by Chinese cyberespionage groups have been used in a recent ransomware attack, likely by an individual hacker, Symantec notes in a fresh report. The toolset includes a legitimate Toshiba executable deployed on the victims' systems to sideload a malicious DLL that deploys a heavily obfuscated payload containing the PlugX (aka Korplug) backdoor. According to Symantec, the custom backdoor was previously linked to Mustang Panda (aka Earth Preta), a Chinese espionage group. READ MORE...
North Korea targets crypto developers via NPM supply chain attack
North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets. Carrying out a financially motivated string of attacks isn't the news here - North Korea's primary objective has long been to siphon money from enemy economies. The fresh finding is a JavaScript implant that hides itself in GitHub repositories and node package manager (NPM) packages typically used by crypto devs. READ MORE...
Feds Sanction Russian Hosting Provider for Supporting LockBit Attacks
The US government has joined Australia and the UK in sanctioning a Russia-based bulletproof hosting (BPH) services provider and two of its administrators for the company's role in supporting LockBit ransomware attacks. The move is a continuation of a barrage of law-enforcement actions against the Russia-based cybercriminal organization. The latest sanctions against Zservers are a continuation of multinational law-enforcement actions aimed at putting LockBit permanently out of commission. READ MORE...
The UK's secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance
The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users' private data. This revelation deeply concerns me - it is a blatant overreach that threatens privacy, security and civil liberties. I have been using Apple devices and services since 2006 and I trust the company. Apple has built its reputation on user privacy and is unlikely to comply. READ MORE...
Schneier on Security: DOGE as a National Cyberattack
In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history-not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. In any case, breaches of other critical government systems are likely to follow unless federal employees stand firm on the protocols protecting national security. READ MORE...
- ...in 1923, US Air Force officer and record-setting test pilot Chuck Yeager, the first human to break the sound barrier, is born in Myra, WV.
- ...in 1950, musician and former Genesis lead singer Peter Gabriel ("Solsbury Hill", "Sledgehammer") is born in Surrey, England.
- ...in 1954, Furman University shooting guard Frank Selvy becomes the only NCAA Division I basketball player ever to score 100 points in a single game.
- ...in 2004, astronomers announce the discovery of the universe's largest known diamond: a white dwarf star, named "Lucy" for the Beatles song "Lucy in the Sky with Diamonds".
