A devastating email breach of the D.N.C. roiled Democrats in the final months of 2016. An unassuming security official made it his mission to prevent a recurrence.
For US soldiers tasked with the custody of nuclear weapons in Europe, the stakes are high. Security protocols are lengthy, detailed and need to be known by heart. To simplify this process, some service members have been using publicly visible flashcard learning apps - inadvertently revealing a multitude of sensitive security protocols about US nuclear weapons and the bases at which they are stored.
In this blog, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. These tools have been observed being used in the wild as early as February 2021 attempting to gain a foothold on a variety of sensitive diplomatic and government entities.
The world's largest beef supplier has been hit with a ransomware attack, threatening some of the U.S. meat supply. The hack came less than four weeks after a similar one by Russian criminals against Colonial Pipeline, a major U.S. fuel supplier, prompted Colonial to shut down pipeline activity for five days and led to shortages at some gas stations.
In late May, 2021, Microsoft and Volexity released public reports detailing recent Nobelium activity. Nobelium is suspected to be the new face of APT29 (aka The Dukes). We track this activity under the name 'NobleBaron'. This campaign employs a convoluted multi-stage infection chain, five to six layers deep.
The world's largest meat processing company, JBS Foods, has fallen victim to cyber attacks that have shut down production around the world, including in Australia.
Australian security researcher Troy Hunt announced today that he granted the US Federal Bureau of Investigation a direct line to upload new content into Have I Been Pwned, a website that indexes data from security breaches. The HIBP creator said that when the FBI discovers password collections during their investigations, they will upload the data into a section of the site called Pwned Passwords.
Three times over the last year, Colonial Pipeline and the Transportation Security Administration discussed scheduling a voluntary, in-depth cybersecurity review - an assessment the federal agency began doing in late 2018 to strengthen the digital defenses of oil and natural gas pipeline companies, according to a company official and an industry official familiar with the matter.
The Colonial Pipeline hack shows the need for a nationwide boost in cybersecurity, say two New York City members of Congress who are calling for millions of dollars toward that end. Reps. Yvette Clarke (D-N.Y.) and Ritchie Torres (D-N.Y.), representing Brooklyn and the Bronx respectively, urged President Biden on Thursday to add $100 million to his massive infrastructure proposal for cybersecurity training for workers.
Dan Goodin / Ars Technica: Researcher details a WebKit flaw, which can lead to a RCE exploit, that remains unpatched by Apple despite the availability of an open source fix for 3 weeks