Supreme Court narrows scope of CFAA computer hacking law
The United States Supreme Court has ruled today in a 6-3 vote to overturn a hacking-related conviction for a Georgia police officer, and by doing so, it also narrowed down the scope of the US’ primary hacking law, the Computer Fraud and Abuse Act.
Backdoor malware found on the Myanmar president’s website, again
A cyber-espionage hacking group is believed to have hacked the website of the Myanmar president’s office and planted a backdoor trojan inside a localized Myanmar font package available for download on the site’s front page.
FBI: JBS ransomware attack was carried out by REvil
The US Federal Bureau of Investigation on Wednesday confirmed reports that the well-known cybercriminal group REvil (also known as Sodinokibi) is behind the ongoing ransomware attack targeting JBS, the world’s largest meatpacking company. “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice,” the FBI said in a statement.
US seizes two domains used by the SVR in recent hacking campaign
The US Department of Justice and the Federal Bureau of Investigation have seized two domains abused by Russian hacking group APT29 that have been used as part of a sprawling spear-phishing campaign that targeted government agencies, think tanks, consultants, and NGOs.
JBS ransomware attack likely came from a Russian group, White House says
A cyberattack that shut down some operations at JBS, a major meat processor with plants across Australia and the Americas, is believed to be a ransomware incident originating from a criminal organization based in Russia, the White House said Tuesday. JBS first disclosed details about the attack on Monday, calling it “an organized cybersecurity attack” that affected some of the servers supporting its IT systems in North America and Australia…
NSA spied on European politicians through Danish telecommunications hub
Denmark’s foreign secret service allowed the US National Security Agency to tap into a crucial internet and telecommunications hub in Denmark and spy on the communications of European politicians, a joint investigation by some of Europe’s biggest news agencies revealed on Sunday.
Countries are increasing their cyber response budgets — but spending still varies widely
Nations around the world don’t seem to agree on the appropriate amount of money to earmark for cyber defense and incident response, according to an analysis by The Record. But in recent years, almost every country examined has boosted its cyber spending. Through interviews with government officials, public records requests, and estimates from academic and government bodies, The Record was able to obtain a snapshot of the huge gap in spending between cybersecurity programs…
SVR cyberspies used iOS zero-day in recent phishing campaign
The Russian hacking group that breached software provider SolarWinds in an infamous supply chain attack last year has returned to its regular skullduggery and, for the past few months, has conducted a massive spear-phishing operation aimed at government agencies, think tanks, consultants, and NGOs.
The FBI will feed hacked passwords directly into Have I Been Pwned
Australian security researcher Troy Hunt announced today that he granted the US Federal Bureau of Investigation a direct line to upload new content into Have I Been Pwned, a website that indexes data from security breaches.
FBI says an APT breached a US municipal government via an unpatched Fortinet VPN
The Federal Bureau of Investigation said today that foreign hackers had breached the network of a local US municipal government after exploiting vulnerabilities in an unpatched Fortinet networking appliance.