The D.N.C. Didn't Get Hacked in 2020. Here's Why.

A devastating email breach of the D.N.C. roiled Democrats in the final months of 2016. An unassuming security official made it his mission to prevent a recurrence.


US Soldiers Expose Nuclear Weapons Secrets Via Flashcard Apps - bellingcat

For US soldiers tasked with the custody of nuclear weapons in Europe, the stakes are high. Security protocols are lengthy, detailed and need to be known by heart. To simplify this process, some service members have been using publicly visible flashcard learning apps - inadvertently revealing a multitude of sensitive security protocols about US nuclear weapons and the bases at which they are stored.


Breaking down NOBELIUM's latest early-stage toolset - Microsoft Security

In this blog, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. These tools have been observed being used in the wild as early as February 2021 attempting to gain a foothold on a variety of sensitive diplomatic and government entities.

Microsoft Security

Cyberattack hits world's largest meat supplier

The world's largest beef supplier has been hit with a ransomware attack, threatening some of the U.S. meat supply. The hack came less than four weeks after a similar one by Russian criminals against Colonial Pipeline, a major U.S. fuel supplier, prompted Colonial to shut down pipeline activity for five days and led to shortages at some gas stations.

NBC News

NobleBaron | New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs

In late May, 2021, Microsoft and Volexity released public reports detailing recent Nobelium activity. Nobelium is suspected to be the new face of APT29 (aka The Dukes). We track this activity under the name 'NobleBaron'. This campaign employs a convoluted multi-stage infection chain, five to six layers deep.


Cyber attack shuts down global meat processing giant JBS

The world's largest meat processing company, JBS Foods, has fallen victim to cyber attacks that have shut down production around the world, including in Australia.


The FBI will feed hacked passwords directly into Have I Been Pwned | The Record by Recorded Future

Australian security researcher Troy Hunt announced today that he granted the US Federal Bureau of Investigation a direct line to upload new content into Have I Been Pwned, a website that indexes data from security breaches. The HIBP creator said that when the FBI discovers password collections during their investigations, they will upload the data into a section of the site called Pwned Passwords.

The Record by Recorded Future

Colonial hack exposed government's light-touch oversight of pipeline cybersecurity

Three times over the last year, Colonial Pipeline and the Transportation Security Administration discussed scheduling a voluntary, in-depth cybersecurity review - an assessment the federal agency began doing in late 2018 to strengthen the digital defenses of oil and natural gas pipeline companies, according to a company official and an industry official familiar with the matter.

Washington Post

N.Y. Reps. Yvette Clarke and Richie Torres call for $600M in cybersecurity funding

The Colonial Pipeline hack shows the need for a nationwide boost in cybersecurity, say two New York City members of Congress who are calling for millions of dollars toward that end. Reps. Yvette Clarke (D-N.Y.) and Ritchie Torres (D-N.Y.), representing Brooklyn and the Bronx respectively, urged President Biden on Thursday to add $100 million to his massive infrastructure proposal for cybersecurity training for workers.


Researcher details a WebKit flaw, which can lead to a RCE exploit, that remains unpatched by Apple despite the availability of an open source fix for 3 weeks

Dan Goodin / Ars Technica: Researcher details a WebKit flaw, which can lead to a RCE exploit, that remains unpatched by Apple despite the availability of an open source fix for 3 weeks