SolarWinds campaign hit US Attorneys’ offices. Lingering supply chain effects of the Transnet incident. Ransomware markets. – The CyberWire

Attacks, Threats, and Vulnerabilities

Pegasus: A cyber security expert explains how the zero-click spyware can hack phones without user interaction (BBC Science Focus Magazine) Dr Tim Stevens explains how Pegasus software can infiltrate a device – and whether it can be stopped.

Here’s 30 servers Russian intelligence uses to fling malware at the West, beams RiskIQ (Register) Biden-Putin summit went well, then

Cyber-attack hangover for South African ports (Fruitnet) Disruptions from a recent cyber-attack on South African ports expected to last for some time

Transnet cyber-attack hits supplies of auto parts (Automotive Logistics) The automotive sector in South Africa has been affected by the recent cyber-attack that disabled container port operations at state-owned port and rail services provider Transnet

Kaseya ‘Likely’ Got Ransomware Decryptor From REvil: Huntress CEO Kyle Hanslovan (CRN) Huntress CEO Kyle Hanslovan believes the most likely scenario is that the REvil cybercriminals or an affiliate “leaked it” to Kaseya.

Hackers leak full EA data after failed extortion attempt (The Record by Recorded Future) The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer.

Hackers dump stolen Electronic Arts data after extortion failure (Computing) The thieves failed to find a buyer, then failed at extorting EA

BlackMatter ransomware gang rises from the ashes of DarkSide, REvil (BleepingComputer) ​A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations.

DoppelPaymer Continues to Cause Grief Through Rebranding (Zscaler) DoppelPaymer rebrands as Grief ransomware. Weaponizes GDPR and switches from Bitcoin to Monero cryptocurrency.

‘It’s feasible to start a war’: how dangerous are ransomware hackers? (the Guardian) Secretive gangs are hacking the computers of governments, firms, even hospitals, and demanding huge sums. But if we pay these ransoms, are we creating a ticking time bomb?

All Access Pass: Five Trends with Initial Access Brokers (Kela) Victoria Kivilevich, Threat Intelligence Analyst

Some ransomware gangs lose interest in extortion sites (The Record by Recorded Future) According to data collected from the sites these groups operate, the practice that’s sometimes referred to as “double extortion” appears to be declining

Is this the end of the road for ransomware? (IT PRO) Hackers seem to have developed a conscience, but it’s unlikely they are gone for good

Security Researchers Issue New Windows 11 Warning (Forbes) Microsoft has confirmed the availability of the first Windows 11 beta version, but security researchers issue a timely warning

Several Malicious Typosquatted Python Libraries Found On PyPI Repository (The Hacker News) Researchers discover malicious Python libraries in the PyPI Repository aimed at stealing credit cards and injecting code.

Hackers shut down system for booking COVID-19 shots in Italy’s Lazio region (Reuters) Hackers have attacked and shut down the IT systems of the company that manages COVID-19 vaccination appointments for the Lazio region surrounding Rome, the regional government said on Sunday.

Security team finds Crimea manifesto buried in VBA Rat using double attack vectors (ZDNet) The Malwarebytes report said a new threat actor may be targeting Russian and pro-Russian individuals.

HTML smuggling is the latest cybercrime tactic you need to worry about (TechRepublic) It will be hard to catch these smugglers, as they’re abusing an essential element of web browsers that allow them to assemble code at endpoints, bypassing perimeter security.

Hospitals Still Use Pneumatic Tubes—and They Can Be Hacked (Wired) The tech may seem antiquated, but it poses very modern cybersecurity problems.

PwnedPiper vulnerabilities impact 80% of major hospitals in North America (The Record by Recorded Future) Details have been published today about a collection of nine vulnerabilities known as PwnedPiper that impact common a type of medical equipment that’s installed in roughly 80% of all major hospitals in North America.

Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system (Help Net Security) Armis researchers have unearthed nine critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system.

PwnedPiper critical bug set impacts major hospitals in North America (BleepingComputer) Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper.

PwnedPiper (Armis) Nine vulnerabilities in critical infrastructure used by 80% of major hospitals in North America.

UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild (The Hacker News) An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021.

Women allege that NSO spyware was used to steal and leak their private photos (NBC News) Female journalists and activists say they had their private photos shared on social media by governments seeking to intimidate and silence them.

Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers (The Hacker News) A new fake call center campaign, BazaCall, tricks victims into installing BazaLoader malware, which is designed to steal data and deploy ransomware.

Google Play Protect detects only 31% of Android stalkerware (Atlas VPN) Data presented by the Atlas VPN research team reveals that Android’s internal Google Play Protect service detects only 31% of stalkerware threats.

Identity Breach Report Finds New COVID-19 Cyber Vulnerabilities, Increase in Exposures for Energy & Telecom Sectors/Executives, and COVID Items for Sale on Dark Market According to Constella Intelligence (PR Newswire) Today, Constella Intelligence (“Constella”), a leader in Digital Risk Protection and Identity Threat Intelligence, released their 2021 Identity…

Chipotle’s marketing account hacked to send phishing emails (BleepingComputer) Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails luring recipients to malicious links.

NHS Highland Covid data breach was ‘human error’ (Strathspey Herald) Patients received information for other patients on the backs of their vaccination letters

Wealden council continues to face cyber-attack (Sussex Express) Wealden District Council continues to face a ‘sustained’ cyber-attack, councillors have heard. 

An app to track home health care aides has unintended effects (Marketplace) As states roll out their electronic visit verification apps, patients and home caregivers are facing hurdles.

Security Patches, Mitigations, and Software Updates

Google updates timeline for unpopular Privacy Sandbox, which will kill third-party cookies in Chrome by 2023 (Register) ‘The W3C doesn’t get to be the boss of anyone, the decisions are going to be made at each of the browsers’

Average data breach cost surpasses $4 million in 2021, record growth of 10% YoY (Atlas VPN) According to data presented by Atlas VPN, the average financial damages caused by a data breach grew around 10% year over year to $4.24 million in 2021. This is the highest increase in a single year since the start of the reporting period in 2015.

Malware business in India is thriving and Covid pandemic has a role to play (The New Indian Express) If the digital economy needed a shot in the arm, Covid pandemic provided just that.

Aussie orgs most likely to pay ransomware attackers: IDC (CRN Australia) As the rate of ransomware attacks continues to rise.


Israeli cybersecurity firm Riskified holds Wall Street IPO at $3.3B valuation (Times of Israel) Company’s share price soars 30% as trading begins on New York Stock Exchange; becomes 10th Israeli startup to hold US public offering this year

Finite State Raises $30M Series B to Secure the Connected Device Supply Chain (Finite State) Funding from Energize Ventures, Schneider Electric Ventures, and Merlin Ventures will help Finite State scale in response to increasing risk …

Telos Corporation Expands Into Touchless Fingerprinting Capability with Acquisition of Diamond Fortress Technologies – Telos Corporation (Telos Corporation) Telos® Corporation (NASDAQ: TLS), a leading provider of cyber, cloud and enterprise security solutions for the world’s most security-conscious organizations, announced today that it has acquired the assets of Diamond Fortress Technologies (DFT), including all patents, and will integrate the ONYX® touchless fingerprinting software with Telos’ IDTrust360® platform…. Read more

Leaseweb Global Acquires iWeb To Build Significant Market Share in Canada (BusinessWire) Leaseweb Global today announced the acquisition of iWeb, one of Canada’s foremost providers of cloud hosting, server hosting and hosted solutions.

Nozomi Networks Secures $100 Million Investment from Global Ecosystem of Customers and Technology Partners (Nozomi Networks) Pre-IPO round led by growth investor Triangle Peak Partners; Includes investments from commercial partners Honeywell Ventures, Keysight Technologies, and Telefónica Ventures; as well as investments representing customers such as Dubai Electricity and Water Authority’s Forward Investments; and investor Porsche Ventures

Ivanti Acquires RiskSense to Revolutionize the Patch Management Market and Help Customers Proactively Combat Cyber Threats and Ransomware Attacks (BusinessWire) Ivanti, the automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today announced it has acquired RiskSense

Army Selects 14 Companies for $2.4B National Cyber Range Support Contract (GovCon Wire) Looking for the latest GovCon News? Check out our story: 14 Companies Win Spots on $2.4B Army Cyber Range Support Contract. Click to read more!

Brazil Cyber Insurance Premiums Rise Amid Challenging Pricing Risk (Fitch Wire) Fitch Ratings-Rio de Janeiro/San Salvador/New York-30 July 2021: Brazil Property/Casualty (P/C) insurers that underwrite cyber coverage are seeing a rapid increase in direct written premium (DWP), with the growth of 2020 gaining momentum in 2021.

The cybersecurity jobs crisis is getting worse, and companies are making basic mistakes with hiring (ZDNet) Overworked cybersecurity employees are struggling to keep up with the challenges of the job, and employers are struggling to keep hold of them.

Meet Paragon: An American-Funded, Super-Secretive Israeli Surveillance Startup That ‘Hacks WhatsApp And Signal’ (Forbes) NSO has a new competitor, one cofounded by the former commander of Israel’s NSA equivalent, Unit 8200. It’s promising to only sell to democratic regimes.

‘Emergency meeting’: Israeli cyberarms firms scramble after NSO scandal (Haaretz) NSO, Candiru and others invited to emergency conference in Tel Aviv today in wake of Project Pegasus findings into misuse of Israeli-made spyware

A Tech Firm Has Blocked Some Governments From Using Its Spyware Over Misuse Claims (NPR) The Israeli firm is under scrutiny after reports its products were used by countries seeking to spy on dissidents and leaders.

‘Business only with governments’ (The Indian Express) P Chidambaram writes: The reaction of Mr Modi’s government to the Pegasus revelations stands in stark contrast to the reaction of a liberal democracy like France, a hard-wired democracy like Israel and a questionable democracy like Hungary.

US consultants lined up to run fund that owns Israeli spyware company NSO (the Guardian) Investors in talks to transfer management of Novalpina Capital to Berkeley Research Group, following dispute between fund’s co-founders

How London become 2021’s hub for hot new tech IPOs (Fortune) As London loosens its listing rules in hopes of becoming a tech company hub, here is a list of all the big 2021 London Stock Exchange IPOs this year

Akamai’s Commitment to Reliability (Akamai) For more than 20 years, Akamai has worked very hard to earn the trust and confidence of our customers and partners by developing services that can be relied upon to be available and secure at all times.

EY winner CyberGRX scales cybersecurity for business (Denver Business Journal) Back when Fred Kneip was working as the chief security officer at investment management firm Bridgewater Associates, he learned that other security folks were concerned with not being able to scale existing third-party security programs. It was a problem that kept them from effectively meeting an increasing demand for the business.

Trustwave Government Solutions Joins the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP) (Trustwave) Trustwave Government Solutions, the wholly-owned subsidiary of Trustwave Holdings, Inc., today announced it has joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP).

Cyren: Vendors Should Be Doing the Heavy Lifting in Sales and Support (Channel Futures) Cyren channel exec says vendors should be doing the heavy lifting for partners in sales and support as company kicks off channel recruitment campaign.

Tanium hires new public sector chief (Washington Technology) Cybersecurity company Tanium has hired a nearly two-decade technology sector veteran to chart its strategy for the public sector market.

Privitar expands Executive Leadership Team (Security News Desk UK) Privitar, announced the expansion of its executive leadership team with the appointments of Victoria Normark as Chief Technology Officer,

Products, Services, and Solutions

HackerOne Deploys Tray Embedded to Deliver 4x Faster Customer Integrations (Yahoo Finance), the leader in low-code general workflow automation, today announced that HackerOne, the world’s most trusted hacker-powered security platform, is using Tray Embedded to develop and deliver powerful customer integrations at scale. With Tray Embedded, HackerOne quadrupled its integration delivery speed to maximize developer efficiency and reduce integration maintenance burden. Armed with seamless integrations, HackerOne customers can spend less time context-s

XDR Provider ContraForce Joins Microsoft Intelligent Security Association (MSSP Alert) Extended detection & response (XDR) platform provider ContraForce joins Microsoft Intelligent Security Association (MISA) for ISVs & MSSPs.

8 Security Tools to be Unveiled at Black Hat USA (Dark Reading) Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.

ZeroFox’s external threat hunting capabilities give analysts complete access to raw threat intelligence (Help Net Security) ZeroFox released an external threat hunting capabilities within the ZeroFox platform, designed to provide real-time threat intelligence.

Fortinet Expands Security Services Offerings to Protect Digital (MarTech Series) Fortinet is redefining services by expanding its security services options which currently include FortiCare and FortiGuard with FortiTrust,

ZeroNorth Unveils Two Trial Program Options to Launch Customers’ Journey to True DevSecOps (ZeroNorth) AppSec Risk Visualization and AppSec Quick Start Trial Programs Provide Customers with Powerful Options for Progressing DevSecOps Boston, August 2, 2021 –– ZeroNorth, the only company …

Technologies, Techniques, and Standards

CISA launches US federal vulnerability disclosure platform (Help Net Security) Bug hunters who want to help the US federal government secure their online assets can visit the new vulnerability disclosure policy platform.

CISA Announces New Vulnerability Disclosure Policy (VDP) Platform (CISA) Last fall, we issued the final version of Binding Operational Directive (BOD 20-01), which was issued in support of the Office of Management and Budget M-20-32, “Improving Vulnerability Identification, Management, and Remediation”. This Directive reflects CISA’s commitment to strengthening cybersecurity and resilience for federal civilian agencies by requiring agencies to establish policies enabling the public to contribute and report vulnerability disclosures. Recognizing that policies alone are not sufficient, we also announced plans to launch a vulnerability disclosure platform service in the near future. Today, the future arrived.   

A Cloud You Can Trust (IEEE Spectrum) How to ensure that cloud computing’s problems—data breaches, leaks, service outages—don’t obscure its virtues

Cyber Warfare Begins With Military Precision (SIGNAL Magazine) The small business sector must seize the day and immediately begin taking the steps necessary to implement tools for cyber resilience and cyber readiness.

Aaron Portnoy – ‘There’s no silver bullet for ransomware or supply chain attacks’ (The Daily Swig) ‘We don’t have the luxury of starting over’, offensive security specialist warns in wide-ranging interview INTERVIEW Aaron Portnoy confesses to periodic bouts of imposter syndrome, despite having carv

Decryptor released for Prometheus ransomware victims (The Record by Recorded Future) Taiwanese security firm CyCraft has released a free application that can help victims of the Prometheus ransomware recover and decrypt some of their files.

Microsoft says Zero Trust security adoption is booming (Windows Central) Microsoft’s Zero Trust Adoption Report shows that more organizations are implementing the security strategy.

6 ways to protect your pharma company from cyberattacks (VentureBeat) What is the way forward for pharma cybersecurity in 2021? This pointed analysis shows the way, and offers six key recommendations.

Cyber career field discusses new training baseline (U.S. Air Force) The 81st Training Support Squadron hosted the Cyber Operations Specialty Training and Requirements Team conference at Keesler Air Force Base, July 19-23.

US, France partner for bilateral training exercise, Cyber Fort III (U.S. Cyber Command) Cyber Fort III, recently held on Fort George G. Meade, Md., was a bilateral, hands-on-keyboard exercise between U.S Cyber Command and France

Council Post: Deterring Death By 1,000 Cuts: Turning The Tide In Cyber Warfare (Forbes) The time is now to gear up and battle our adversaries as if the overall strength of our nation depends on it — because it does.

Design and Innovation

Resilience Calls for a Cyber Hippocratic Oath (PR Newswire) Ransomware and broader cyber risks threaten the wellbeing of every organization regardless of size, industry, or geography. Some experts…

Cheltenham’s GCHQ to get a massive, cyber-oriented tech startup campus right next door (TechCrunch) The development is projected to add 12,000 new jobs, 2 million square feet of offices and 3,700 new homes.

The Privacy Battle That Apple Isn’t Fighting (Wired) California has begun enforcing a browser-level privacy setting, but you still can’t find that option in Safari or iOS.

Deepfakes Are Becoming the Hot New Corporate Training Tool (Wired) Coronavirus restrictions make it harder and more expensive to shoot videos. So some companies are turning to synthetic media instead.

Research and Development

The Future of Cybersecurity Is the Quantum Random Number Generator (IEEE Spectrum) Truly random numbers will provide an unbreakable tool set for cryptography

Preparing for the Post-Quantum Migration: A Race to Save the Internet (JD Supra) Most people don’t know, or care to know, about cryptography. Without cryptography, the internet privacy that we all rely on for transmitting virtually…

Security firm claiming quantum breakthrough scrubs links to Russia (The Telegraph) Any Russian links would be likely to raise concerns among Western security services who see quantum as a critical technology


University of Tulsa establishes School of Cyber Studies (KTUL) The University of Tulsa is establishing a School of Cyber Studies to house undergraduate and graduate programs. The School of Cyber Studies will be housed in TU’s College of Engineering and Natural Science. “The School of Cyber Studies comprises the best of what TU has to offer: remarkable faculty, state-of-the-art facilities, novel research and campus-wide collaboration.

Graduates of new Hawkeye Community College program could help thwart rising cyber attacks (Waterloo Cedar Falls Courier) Cybersecurity degree being launched this fall in response to projected growth in information technology jobs and an increasing need for the services graduates could provide.

UW researchers join three national artificial intelligence institutes (University of Wisconsin Madison) The institutes, funded by a new federal program to broaden access to AI to solve complex societal problems, will promote sustainable food systems and advanced wireless networks.

Legislation, Policy, and Regulation

Cuba Needs a Free Internet (Foreign Policy) The United States can play a key role in supporting online liberty.

Cybersecurity: All EU member states commit to build a quantum communication infrastructure (EU Reporter) With the latest signature by Ireland of the political declaration to boost European capabilities in quantum technologies, cybersecurity and industrial competitiveness, all Member States have now committed to work together, along with the European Commission and the European Space Agency, to build the EuroQCI, a secure quantum communication infrastructure that will span the whole EU. […]

Chinese Communist Party Called Out For Cyber Attacks (Mind Matters) The Center for Strategic and International Studies has a list of Chinese-linked instances of economic cyberespionage that dates back to 2000.

China ‘propped the doors open’ for criminals in Microsoft hack, Australian spy agency boss says (the Guardian) Rachel Noble said the Chinese government’s actions ‘crossed a line’ as she spoke at an inquiry on proposed cyber laws

China built the world’s largest facial recognition system. Now, it’s getting camera-shy. (Washington Post) Guo Bing, a law professor in the Chinese city of Hangzhou, liked the zoo enough to purchase an annual pass. But he didn’t like it nearly enough to let the zoo take a high-resolution scan of his face.

China’s Tech Crackdown Could Backfire Badly (Wall Street Journal) When a government comes to believe it can snap its fingers and create—or destroy—whole industries at will, things can easily go awry.

SEC Chairman Gensler tightens restrictions on Chinese companies after cybersecurity crackdown in China | ZDNet (ZDNet) Gary Gensler said the SEC will seek disclosures from Chinese companies that notify investors about shell companies and the potential government action.

U.S. SEC says Chinese IPO hopefuls must provide additional risk disclosures (Reuters) The U.S. securities regulator will not allow Chinese companies to raise money in the United States unless they fully explain their legal structures and disclose the risk of Beijing interfering in their businesses, the agency said on Friday, confirming an exclusive report…

Pegasus spyware political fallout: What’s up with this phone surveillance tech (CNET) Activists and researchers discover that the software has been used to target the phones of activists, journalists and executives. Governments aren’t happy.

48 Advocacy Groups Call on the FTC to Ban Amazon Surveillance (Motherboard) The open letter uses Amazon as a case study to argue that corporate surveillance technologies cause immense harm and fall under the FTC’s authority to ban.

Senators Urge Commerce Dept, NIST to Build Cyber Efforts (MeriTalk) Sens. Maria Cantwell, D-Wash., chair of the Senate Commerce, Science, and Transportation Committee, and Roger Wicker, R-Miss., want the Department of Commerce (DOC), including the National Institute of Standards and Technology (NIST), to take additional actions to address cybersecurity threats.

Sen. Ossoff pushes for full funding for U.S. Army Cyber Command Headquarters (WXFG) U.S. Senator Jon Ossoff is urging his colleagues in the Senate to fully fund the U.S. Army Cyber Command in the National Defense Authorization Act.

Huawei to America: You’re not taking cyber-security seriously until you let China vouch for us (Register) Slams Biden’s Executive Order on improving infosec, calls for multilateral trust framework

Council Post: The US Needs A Stronger Commitment To Cybersecurity (Forbes) An effective cybersecurity strategy has to be a strategic public-private undertaking on a global scale.

Here’s how the White House wants to reform cybersecurity management for agencies (Federal News Network) The White House wants to change how it employs the law that oversees agency cybersecurity efforts, while Congress is also eyeing reform legislation.

The Cybersecurity 202: The government’s facing a severe shortage of cyber workers when it needs them the most (Washington Post) The government is struggling to hire cybersecurity workers at the same time it is facing an unprecedented slate of hacking threats.

US’ nomination of Huawei case prosecutor to key China export post sends a tough signal: experts (Global Times) The future US policy toward China may become increasingly tough, after Biden Administration’s Huawei case prosecutor was nominated to a key China export post, experts said.

Governor Larry Hogan – Official Website for the Governor of Maryland (Governor of Maryland) Groundbreaking Agreement with UMBC to Establish Maryland Institute for Innovative Computing, Deploy Cyber Rapid Response Teams Issues Orders Creating Chief Privacy Officer, Chief Data Officer New Data Analyst Partnership With NSA to Advise Maryland on Data Practices and Policies

Maryland is launching these 5 cyber initiatives to better secure state data ( Baltimore) Maryland is adding chief data officer and chief privacy officer roles in state government. Those were among the announcements from Gov. Larry Hogan at Thursday’s Annapolis Cybersecurity Summit.

Litigation, Investigation, and Law Enforcement

He is known as Nigeria’s ‘super cop.’ The FBI says he supported a cybercrime ring. (Washington Post) He is famous in Nigeria for catching notorious criminals — killers, kidnappers, bank robbers and Boko Haram extremists. Years of high-profile arrests won him acclaim and an enduring nickname: “super cop.”

Six Indicted in International Scheme to Defraud Qatari School Founder and then Launder over $1 Million in Illicit Proceeds (US Attorney for the Central District of California) A federal grand jury indictment unsealed this week alleges an elaborate scheme to steal more than $1.1 million from a businessperson attempting to finance the construction of a school for children in Qatar – and the subsequent laundering of illicit proceeds through bank accounts around the world.

A New Map Shows the Inescapable Creep of Surveillance (Wired) The Atlas of Surveillance shows which tech law enforcement agencies across the country have acquired. It’s a sobering look at the present-day panopticon.

French agency confirms hacking of two journalists’ mobile phones (Hindustan Times) The hacking of the phones of Lénaïg Bredoux and Edwy Plenel, the two journalists from Mediapart, was earlier detected by Amnesty International’s security lab as part of the reporting by an international consortium of journalists on the targeting of 50,000 phone numbers around the world

Germany’s Constitutional Court Ponders Whether Government Users Of Zero-Day Surveillance Malware Have A Duty To Tell Software Developers About The Flaws (Techdirt.) As Techdirt has reported previously, the use of malware to spy on suspects — or even innocent citizens — has long been regarded as legitimate by the German authorities. The recent leak of thousands of telephone numbers that may or may not be victims…

Swalwell affair with Chinese spy compromises US intel: Breitbart editor (Fox News) A new Breitbart report revealed Rep. Eric Swalwell, D-Calif., had intimate relations with Chinese spy Fang Fang, and editor Alex Marlow expressed on “Tucker Carlson Tonight” the grave advantage China was given unto U.S. intelligence.

Belarusian nationals arrested over ATM black-box attacks (The Record by Recorded Future) Polish police officers have arrested this week two Belarusian nationals for stealing cash from ATMs using a technique known as a black-box attack.

Department of Justice Statement on SolarWinds Update (US Department of Justice) In a statement issued January 6, 2021, the Department of Justice acknowledged that the global SolarWinds incident involved intrusion into the Department’s Microsoft O365 email environment and that this activity constituted a major incident under the Federal Information Security Modernization Act (FISMA).

SolarWinds: Top US prosecutors hit by suspected Russian hack (BBC News) It is feared hackers may have accessed sensitive legal files during last year’s SolarWinds breach.

SolarWinds Attackers Accessed US Attorneys’ Office Emails (GovInfoSecurity) The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. Attorneys’ Offices in 15 states and

Justice Department Says Russians Hacked Federal Prosecutors (US News and World Report) The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year.

DOJ says SolarWinds hack impacted 27 state attorneys’ offices (The Record by Recorded Future) The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US Department of Justice, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices, the DOJ said in a statement on Friday afternoon.

TN to augment cyber crime wing with high tech equipment, personnel – ET CIO ( The Tamil Nadu government has decided to augment the state police’s cyber wing’s capability by providing them more modern gadgets and recruiting highl..

E.U. regulator hits Amazon with record $887 million fine for data protection violations (Washington Post) The e-commerce giant disputes the findings of Luxembourg’s data protection commission and says it will appeal.

Amazon Hit With Record EU Privacy Fine (Wall Street Journal) The fine, which Amazon disclosed Friday in a securities filing, was issued two weeks ago by Luxembourg’s privacy regulator and accompanied by an order to revise certain business practices that Amazon didn’t specify.

Zoom reaches $85 mln settlement over user privacy, ‘Zoombombing’ (Reuters) Zoom Video Communications Inc (ZM.O) agreed to pay $85 million and bolster its security practices to settle a lawsuit claiming it violated users’ privacy rights by sharing personal data with Facebook, Google and LinkedIn, and letting hackers disrupt Zoom meetings in a practice called Zoombombing.

Zoom agrees to pay subscribers $25 to put its security SNAFUs behind it (Register) Zoombombing class action offers US$85m in payments, meaning even free accounts get a few bucks

Russia opens case against WhatsApp for violating personal data law (Reuters) Russia on Friday launched administrative proceedings against Facebook’s (FB.O) WhatsApp for what it said was a failure to localise data of Russian users on Russian territory, the Interfax news agency reported.

Proofpoint Alleges Ex-Exec Took Trade Secrets To Abnormal Security (CRN) Proofpoint has sued a former high-ranking channel executive to prevent him from working for rival Abnormal Security and misusing confidential information he took from Proofpoint. 

‘Bro, who would stay?’ Texts from former Tanium employees surface as the $9 billion startup sues them and the firm that poached them. (Business Insider) Startup Wiz has poached employees from the $9 billion cybersecurity firm Tanium, and Tanium is suing them and digging up the former employees’ texts.